[automerger] Fix probable prime confidence calculations. am: 91719e3c1b am: b2a687151e am: b56197f5fd am: 630facd786 am: 77321115ab am: 87804b8da9 am: 883aa9d8f8
am: 8221e0766e
Change-Id: I65459162d9af9e07fa7a5de294d7bd54375c5d0b
diff --git a/Android.bp b/Android.bp
new file mode 100644
index 0000000..8f1a364
--- /dev/null
+++ b/Android.bp
@@ -0,0 +1,150 @@
+//
+// Copyright (C) 2010 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+java_defaults {
+ name: "bouncycastle-errorprone-defaults",
+ errorprone: {
+ javacflags: [
+ "-Xep:MissingOverride:OFF", // Ignore missing @Override.
+ ],
+ },
+}
+
+// These cannot build in the PDK, because the PDK requires all libraries
+// compile against SDK versions.
+java_defaults {
+ name: "bouncycastle-defaults",
+ defaults: [
+ "bouncycastle-errorprone-defaults",
+ ],
+ host_supported: true,
+ hostdex: true,
+ target: {
+ android: {
+ product_variables: {
+ pdk: {
+ enabled: false,
+ },
+ },
+ },
+ },
+}
+
+// non-jarjar version to build okhttp-tests
+java_library_static {
+ name: "bouncycastle-unbundled",
+ defaults: ["bouncycastle-defaults"],
+
+ srcs: ["bcprov/src/main/java/**/*.java"],
+ exclude_srcs: [
+ "bcprov/src/main/java/org/bouncycastle/asn1/ocsp/**/*.java",
+ ],
+
+ sdk_version: "9",
+ java_version: "1.7",
+}
+
+java_library {
+ name: "bouncycastle",
+ defaults: ["bouncycastle-defaults"],
+
+ static_libs: ["bouncycastle-unbundled"],
+ no_framework_libs: true,
+ java_version: "1.7",
+
+ target: {
+ android: {
+ jarjar_rules: "jarjar-rules.txt",
+ },
+ },
+}
+
+// A guaranteed unstripped version of bouncycastle.
+// The build system may or may not strip the bouncycastle jar, but this one will
+// not be stripped. See b/24535627.
+java_library {
+ name: "bouncycastle-testdex",
+ defaults: ["bouncycastle-defaults"],
+
+ static_libs: ["bouncycastle-unbundled"],
+ no_framework_libs: true,
+ jarjar_rules: "jarjar-rules.txt",
+ java_version: "1.7",
+}
+
+// PKIX classes used for testing
+java_library_static {
+ name: "bouncycastle-bcpkix",
+ defaults: ["bouncycastle-defaults"],
+
+ static_libs: ["bouncycastle-bcpkix-unbundled"],
+ no_framework_libs: true,
+ java_version: "1.7",
+
+ target: {
+ android: {
+ jarjar_rules: "jarjar-rules.txt",
+ },
+ },
+}
+
+java_library_static {
+ name: "bouncycastle-bcpkix-unbundled",
+ defaults: [
+ "bouncycastle-defaults",
+ ],
+ libs: [ "bouncycastle-unbundled" ],
+ sdk_version: "9",
+ srcs: ["bcpkix/src/main/java/**/*.java"],
+ exclude_srcs: ["bcpkix/src/main/java/org/bouncycastle/cert/ocsp/**/*.java"],
+}
+
+
+// OCSP classes used for testing
+java_library_static {
+ name: "bouncycastle-ocsp",
+ defaults: ["bouncycastle-defaults"],
+
+ static_libs: ["bouncycastle-ocsp-unbundled"],
+ jarjar_rules: "jarjar-rules.txt",
+ java_version: "1.7",
+ no_framework_libs: true,
+}
+
+java_library_static {
+ name: "bouncycastle-ocsp-unbundled",
+ defaults: [
+ "bouncycastle-defaults",
+ ],
+ libs: [ "bouncycastle-unbundled",
+ "bouncycastle-bcpkix-unbundled" ],
+ sdk_version: "9",
+ srcs: [
+ "bcpkix/src/main/java/org/bouncycastle/cert/ocsp/**/*.java",
+ "bcprov/src/main/java/org/bouncycastle/asn1/ocsp/**/*.java",
+ ],
+}
+
+// For compatibilityy with old bouncycastle-host and bouncycastle-bcpkix-host names
+java_library_host {
+ name: "bouncycastle-host",
+ static_libs: ["bouncycastle"],
+}
+
+java_library_host {
+ name: "bouncycastle-bcpkix-host",
+ static_libs: ["bouncycastle-bcpkix"],
+}
diff --git a/Android.mk b/Android.mk
deleted file mode 100644
index d8b6763..0000000
--- a/Android.mk
+++ /dev/null
@@ -1,233 +0,0 @@
-#
-# Copyright (C) 2010 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-LOCAL_PATH := $(call my-dir)
-
-# All the files needed for OCSP testing
-all_bc_ocsp_files := $(call all-java-files-under,bcpkix/src/main/java/org/bouncycastle/cert/ocsp) \
- $(call all-java-files-under,bcprov/src/main/java/org/bouncycastle/asn1/ocsp)
-
-# used for bouncycastle-hostdex where we want everything for testing
-all_bcprov_src_files := $(filter-out \
- $(all_bc_ocsp_files), \
- $(call all-java-files-under,bcprov/src/main/java))
-
-# used for bouncycastle for target where we want to be sure to use OpenSSLDigest
-android_bcprov_src_files := $(filter-out \
- bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java, \
- $(all_bcprov_src_files))
-
-# used for bouncycastle-host where we can't use OpenSSLDigest
-ri_bcprov_src_files := $(filter-out \
- bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java \
- bcprov/src/main/java/org/bouncycastle/crypto/digests/OpenSSLDigest.java, \
- $(all_bcprov_src_files))
-
-# used for host tools, but OCSP is only for testing
-all_bcpkix_src_files := $(filter-out \
- $(all_bc_ocsp_files), \
- $(call all-java-files-under,bcpkix/src/main/java))
-
-# These cannot build in the PDK, because the PDK requires all libraries
-# compile against SDK versions. LOCAL_NO_STANDARD_LIBRARIES conflicts with
-# this requirement.
-ifneq ($(TARGET_BUILD_PDK),true)
-
- # non-jarjar version to build okhttp-tests
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-nojarjar
- LOCAL_MODULE_TAGS := optional
- LOCAL_SRC_FILES := $(android_bcprov_src_files)
- LOCAL_JAVA_LIBRARIES := core-oj core-libart conscrypt
- LOCAL_NO_STANDARD_LIBRARIES := true
- LOCAL_JAVA_LANGUAGE_VERSION := 1.7
- include $(BUILD_STATIC_JAVA_LIBRARY)
-
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle
- LOCAL_MODULE_TAGS := optional
- LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-nojarjar
- LOCAL_JAVA_LIBRARIES := core-oj core-libart conscrypt
- LOCAL_NO_STANDARD_LIBRARIES := true
- LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
- LOCAL_JAVA_LANGUAGE_VERSION := 1.7
- include $(BUILD_JAVA_LIBRARY)
-
- # A guaranteed unstripped version of bouncycastle.
- # The build system may or may not strip the bouncycastle jar, but this one will
- # not be stripped. See b/24535627.
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-testdex
- LOCAL_MODULE_TAGS := optional
- LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-nojarjar
- LOCAL_JAVA_LIBRARIES := core-oj core-libart conscrypt
- LOCAL_NO_STANDARD_LIBRARIES := true
- LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
- LOCAL_JAVA_LANGUAGE_VERSION := 1.7
- include $(BUILD_JAVA_LIBRARY)
-
- # unbundled bouncycastle jar
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-unbundled
- LOCAL_MODULE_TAGS := optional
- LOCAL_SDK_VERSION := 9
- LOCAL_SRC_FILES := $(ri_bcprov_src_files)
- include $(BUILD_STATIC_JAVA_LIBRARY)
-
- # PKIX classes used for testing
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-bcpkix-nojarjar
- LOCAL_MODULE_TAGS := optional
- LOCAL_SRC_FILES := $(all_bcpkix_src_files)
- LOCAL_NO_STANDARD_LIBRARIES := true
- LOCAL_JAVA_LIBRARIES := bouncycastle-nojarjar core-oj core-libart conscrypt
- include $(BUILD_STATIC_JAVA_LIBRARY)
-
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-bcpkix
- LOCAL_MODULE_TAGS := optional
- LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-bcpkix-nojarjar
- LOCAL_JAVA_LIBRARIES := core-oj core-libart conscrypt
- LOCAL_NO_STANDARD_LIBRARIES := true
- LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
- include $(BUILD_STATIC_JAVA_LIBRARY)
-
- # OCSP classes used for testing
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-ocsp
- LOCAL_MODULE_TAGS := optional
- LOCAL_SRC_FILES := $(all_bc_ocsp_files)
- LOCAL_JAVA_LIBRARIES := bouncycastle-nojarjar bouncycastle-bcpkix-nojarjar core-oj core-libart conscrypt
- LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
- LOCAL_JAVA_LANGUAGE_VERSION := 1.7
- LOCAL_NO_STANDARD_LIBRARIES := true
- include $(BUILD_STATIC_JAVA_LIBRARY)
-endif # TARGET_BUILD_PDK != true
-
-# This is used to generate a list of what is unused so it can be removed when bouncycastle is updated.
-# Based on "Finding dead code" example in ProGuard manual at http://proguard.sourceforge.net/
-.PHONY: bouncycastle-proguard-deadcode
-bouncycastle-proguard-deadcode: $(full_classes_compiled_jar) $(full_java_libs)
- $(PROGUARD) \
- -injars $(full_classes_compiled_jar) \
- -libraryjars "$(call normalize-path-list,$(addsuffix (!org/bouncycastle/**.class,!com/android/org/conscrypt/OpenSSLMessageDigest.class),$(full_java_libs)))" \
- -dontoptimize \
- -dontobfuscate \
- -dontpreverify \
- -ignorewarnings \
- -printusage \
- -keep class org.bouncycastle.jce.provider.BouncyCastleProvider "{ public protected *; }" \
- -keep class org.bouncycastle.jce.provider.symmetric.AESMappings "{ public protected *; }" \
- -keep class org.bouncycastle.asn1.ASN1TaggedObject "{ public protected *; }" \
- -keep class org.bouncycastle.asn1.x509.CertificateList "{ public protected *; }" \
- -keep class org.bouncycastle.crypto.AsymmetricBlockCipher "{ public protected *; }" \
- -keep class org.bouncycastle.x509.ExtendedPKIXBuilderParameters "{ public protected *; }" \
- `(find $(LOCAL_PATH) -name '*.java' | xargs grep '"org.bouncycastle' | egrep ' (put|add)' | sed -e 's/");//' -e 's/.*"//'; \
- find $(LOCAL_PATH) -name '*.java' | xargs grep ' addHMACAlgorithm' | sed 's/"org.bouncycastle/\norg.bouncycastle/g' | grep ^org.bouncycastle | sed 's/".*//'; \
- find . -name '*.java' | xargs grep 'import org.bouncycastle' | grep -v /bouncycastle/ | sed -e 's/.*:import //' -e 's/;//') \
- | sed -e 's/^/-keep class /' -e 's/$$/ { public protected \*; } /' | sort | uniq` \
- -keepclassmembers "class * { \
- static final % *; \
- static final java.lang.String *; \
- }" \
- -keepclassmembers "class * implements java.io.Serializable { \
- private static final java.io.ObjectStreamField[] serialPersistentFields; \
- private void writeObject(java.io.ObjectOutputStream); \
- private void readObject(java.io.ObjectInputStream); \
- java.lang.Object writeReplace(); \
- java.lang.Object readResolve(); \
- }" \
- -keepclassmembers "interface org.bouncycastle.crypto.paddings.BlockCipherPadding { \
- abstract public java.lang.String getPaddingName(); \
- }" \
- -keepclassmembers "class * implements org.bouncycastle.crypto.paddings.BlockCipherPadding { \
- public java.lang.String getPaddingName(); \
- }"
-
-# Conscrypt isn't built in the PDK or on non-linux OSes, so this cannot be built
-# because it has a dependency on conscrypt-hostdex.
-ifneq ($(TARGET_BUILD_PDK),true)
- ifeq ($(HOST_OS),linux)
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-hostdex-nojarjar
- LOCAL_MODULE_TAGS := optional
- LOCAL_SRC_FILES := $(all_bcprov_src_files)
- LOCAL_JAVA_LIBRARIES := conscrypt-hostdex
- include $(BUILD_HOST_DALVIK_STATIC_JAVA_LIBRARY)
-
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-hostdex
- LOCAL_MODULE_TAGS := optional
- LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-hostdex-nojarjar
- LOCAL_JAVA_LIBRARIES := conscrypt-hostdex
- LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
- LOCAL_JAVA_LANGUAGE_VERSION := 1.7
- include $(BUILD_HOST_DALVIK_JAVA_LIBRARY)
-
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-bcpkix-hostdex-nojarjar
- LOCAL_MODULE_TAGS := optional
- LOCAL_SRC_FILES := $(all_bcpkix_src_files)
- LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-hostdex-nojarjar
- include $(BUILD_HOST_DALVIK_STATIC_JAVA_LIBRARY)
-
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-bcpkix-hostdex
- LOCAL_MODULE_TAGS := optional
- LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-bcpkix-hostdex-nojarjar
- LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-hostdex-nojarjar
- LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
- include $(BUILD_HOST_DALVIK_STATIC_JAVA_LIBRARY)
-
- # OCSP classes used for testing
- include $(CLEAR_VARS)
- LOCAL_MODULE := bouncycastle-ocsp-hostdex
- LOCAL_MODULE_TAGS := optional
- LOCAL_SRC_FILES := $(all_bc_ocsp_files)
- LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-hostdex-nojarjar bouncycastle-bcpkix-hostdex-nojarjar
- LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
- include $(BUILD_HOST_DALVIK_STATIC_JAVA_LIBRARY)
- endif # ($(HOST_OS),linux)
-endif
-
-include $(CLEAR_VARS)
-LOCAL_MODULE := bouncycastle-host
-LOCAL_MODULE_TAGS := optional
-LOCAL_SRC_FILES := $(ri_bcprov_src_files)
-LOCAL_JAVA_LANGUAGE_VERSION := 1.7
-include $(BUILD_HOST_JAVA_LIBRARY)
-
-include $(CLEAR_VARS)
-LOCAL_MODULE := bouncycastle-bcpkix-host
-LOCAL_MODULE_TAGS := optional
-LOCAL_SRC_FILES := $(all_bcpkix_src_files)
-LOCAL_JAVA_LIBRARIES := bouncycastle-host
-LOCAL_JAVA_LANGUAGE_VERSION := 1.7
-include $(BUILD_HOST_JAVA_LIBRARY)
-
-# OCSP classes used for testing
-include $(CLEAR_VARS)
-LOCAL_MODULE := bouncycastle-ocsp-host
-LOCAL_MODULE_TAGS := optional
-LOCAL_SRC_FILES := $(all_bc_ocsp_files)
-LOCAL_JAVA_LIBRARIES := bouncycastle-host bouncycastle-bcpkix-host
-include $(BUILD_HOST_JAVA_LIBRARY)
-
-# Unset these so they don't linger in the next makefile
-all_bcprov_src_files :=
-android_bcprov_src_files :=
-ri_bcprov_src_files :=
-all_bcpkix_src_files :=
-all_bc_ocsp_files :=
diff --git a/README.android b/README.android
index 5a3e9b5..2b6c07f 100644
--- a/README.android
+++ b/README.android
@@ -2,8 +2,8 @@
---
The code in this directory is based on $BOUNCYCASTLE_VERSION in the
-file bouncycastle.version. See patches/README for more information on
-how the code differs from $BOUNCYCASTLE_VERSION.
+file bouncycastle.version. See the in-file change markers for more information
+on how the code differs from $BOUNCYCASTLE_VERSION.
Porting New Versions of Bouncy Castle.
--
@@ -21,257 +21,62 @@
md5sum bcpkix-jdk*-*.tar.gz
sha1sum bcpkix-jdk*-*.tar.gz
-2) Update the variables in bouncycastle.config and bouncycastle.version as appropriate.
- At the very least you will need to update the bouncycastle.version.
+2) Submit the code to the upstream-master branch:
-3) Run:
+ a) Create a new branch tracking upstream-master
- ./import_bouncycastle.sh import bcprov-jdk*-*.tar.gz
+ git checkout -b upgrade-to-xxx --track aosp/upstream-master
- Note the script expects to find the bcpkix-jdk*-*.tar.gz alongside the bcprov file.
+ b) Update the variables in bouncycastle.version.
-4) If there are any errors, then modify bouncycastle.config, bouncycastle.version
- and patches in patches/ as appropriate. You might want to use:
+ c) Expand the source from the .tar.gz files
- ./import_bouncycastle.sh regenerate patches/*.patch
+ d) Replace bc{prov,pkix}/src/main/java/org with the equivalent source
+ directory
- Repeat step 3.
+ e) Ensure any new files are added
-5) Cleanup before building with:
+ git add bc{prov,pkix}
- m -j16 clean-bouncycastle
+ f) Commit the change
-6) Build the bouncycastle target from the external/bouncycastle directory with:
+ git commit -a -m 'bouncycastle: Android tree with upstream code for version X.XX'
- mm -j16 snod && adb sync system
+ g) Get the change reviewed
- If there are build errors, then patches/*.mk or bouncycastle.config
- may need updating.
+ repo upload . -D upstream-master
-7) Run tests to make sure things are working:
+3) Merge the code into the master branch
- Some suggested tests by area:
- - java.security.AlgorithmParameterGenerator
- libcore/luni/src/test/java/libcore/java/security/OldAlgorithmParameterGeneratorTest.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParameterGeneratorTestDH.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParameterGeneratorTestDSA.java
- - java.security.AlgorithmParameters
- libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestDSA.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestAES.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestDH.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestDESede.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestDES.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestOAEP.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParameterGenerator1Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParameterGenerator2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParametersSpiTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParametersTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParametersTest.java
- - java.security.cert.CertPathBuilder
- libcore/luni/src/test/java/tests/targets/security/cert/CertPathBuilderTestPKIX.java
- - java.security.cert.CertPathValidator
- libcore/luni/src/test/java/tests/targets/security/cert/CertPathValidatorTestPKIX.java
- - java.security.cert.CertStore
- libcore/luni/src/test/java/tests/security/cert/CertStoreSpiTest.java
- libcore/luni/src/test/java/tests/security/cert/CertStore2Test.java
- libcore/luni/src/test/java/tests/security/cert/CertStore1Test.java
- libcore/luni/src/test/java/tests/security/cert/CertStoreExceptionTest.java
- - java.security.cert.Certificate
- libcore/luni/src/test/java/libcore/java/security/cert/X509CertificateTest.java
- libcore/luni/src/test/java/tests/api/javax/security/cert/X509CertificateTest.java
- libcore/luni/src/test/java/tests/security/cert/CertificateCertificateRepTest.java
- libcore/luni/src/test/java/tests/security/cert/CertificateTest.java
- libcore/luni/src/test/java/tests/security/cert/X509Certificate2Test.java
- libcore/luni/src/test/java/tests/targets/security/cert/CertificateTest.java
- - java.security.cert.CertificateFactory
- libcore/luni/src/test/java/libcore/java/security/cert/CertificateFactoryTest.java
- libcore/luni/src/test/java/tests/security/cert/CertificateFactory1Test.java
- libcore/luni/src/test/java/tests/security/cert/CertificateFactory2Test.java
- libcore/luni/src/test/java/tests/security/cert/CertificateFactory3Test.java
- libcore/luni/src/test/java/tests/security/cert/CertificateFactory4Test.java
- libcore/luni/src/test/java/tests/targets/security/cert/CertificateFactoryTestX509.java
- - java.security.cert.CertificateFactorySpi
- libcore/luni/src/test/java/tests/security/cert/CertificateFactorySpiTest.java
- - java.security.cert.CRL
- libcore/luni/src/test/java/libcore/java/security/cert/X509CRLSelectorTest.java
- libcore/luni/src/test/java/libcore/java/security/cert/X509CRLTest.java
- libcore/luni/src/test/java/tests/security/cert/CRLTest.java
- libcore/luni/src/test/java/tests/security/cert/X509CRL2Test.java
- libcore/luni/src/test/java/tests/security/cert/X509CRLEntryTest.java
- libcore/luni/src/test/java/tests/security/cert/X509CRLSelector2Test.java
- libcore/luni/src/test/java/tests/security/cert/X509CRLSelectorTest.java
- libcore/luni/src/test/java/tests/security/cert/X509CRLTest.java
- - javax.security.cert.Certificate
- libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateTest.java
- - java.security.CodeSigner
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/CodeSignerTest.java
- - javax.crypto.Cipher
- libcore/luni/src/test/java/libcore/javax/crypto/CipherTest.java
- libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
- libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/NullCipherTest.java
- - java.security.DigestInputStream
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/DigestInputStream2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/DigestInputStreamTest.java
- - java.security.DigestOutputStream
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/DigestOutputStreamTest.java
- - javax.crypto.spec.GCMParameterSpec
- libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/spec/GCMParameterSpecTest.java
- - java.security.GuardedObject
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/GuardedObjectTest.java
- - java.security.Identity
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/Identity2Test.java
- - java.security.IdentityScope
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/IdentityScope2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/IdentityScopeTest.java
- - javax.crypto.Key
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyTest.java
- - javax.crypto.KeyAgreement
- libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
- - java.security.KeyFactory
- libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyFactoryTestDH.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyFactoryTestDSA.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyFactoryTestRSA.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyFactory2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyFactoryTest.java
- - java.security.KeyFactorySpi
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyFactorySpiTest.java
- - javax.crypto.KeyGenerator
- libcore/luni/src/test/java/libcore/javax/crypto/KeyGeneratorTest.java
- libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorTest.java
- - javax.net.ssl.KeyManagerFactory
- libcore/luni/src/test/java/libcore/javax/net/ssl/KeyManagerFactoryTest.java
- - java.security.KeyPair
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairTest.java
- - java.security.KeyPairGenerator
- libcore/luni/src/test/java/libcore/java/security/KeyPairGeneratorTest.java
- libcore/luni/src/test/java/libcore/java/security/OldKeyPairGeneratorTestDH.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyPairGeneratorTestDH.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyPairGeneratorTestDSA.java
- libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyPairGeneratorTestRSA.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGenerator1Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGenerator2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGenerator3Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGenerator4Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGeneratorSpiTest.java
- libcore/luni/src/test/java/tests/security/interfaces/DSAKeyPairGeneratorTest.java
- - java.security.KeyRep
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyRepTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyRepTypeTest.java
- - java.security.KeyStore
- libcore/luni/src/test/java/libcore/java/security/KeyStoreTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSCallbackHandlerProtectionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSPasswordProtectionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSPrivateKeyEntryTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSSecretKeyEntryTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSTrustedCertificateEntryTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStore2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStore3Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStore4Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreBuilderTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStorePrivateKeyEntryTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreTest.java
- - java.security.KeyStoreSpi
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreSpiTest.java
- - javax.crypto.Mac
- libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java
- - java.security.MessageDigest
- libcore/luni/src/test/java/libcore/java/security/MessageDigestTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigest1Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigest2Test.java
- libcore/luni/src/test/java/tests/targets/security/MessageDigestTestMD2.java
- libcore/luni/src/test/java/tests/targets/security/MessageDigestTestMD5.java
- libcore/luni/src/test/java/tests/targets/security/MessageDigestTestSHA1.java
- libcore/luni/src/test/java/tests/targets/security/MessageDigestTestSHA256.java
- libcore/luni/src/test/java/tests/targets/security/MessageDigestTestSHA384.java
- libcore/luni/src/test/java/tests/targets/security/MessageDigestTestSHA512.java
- - java.security.MessageDigestSpi
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigestSpiTest.java
- - java.security.PrivateKey
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/PrivateKeyTest.java
- - java.security.PrivilegedAction
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/PrivilegedActionTest.java
- - java.security.Provider
- libcore/luni/src/test/java/libcore/java/security/ProviderTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/Provider2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/ProviderServiceTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/ProviderTest.java
- - java.security.PublicKey
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/PublicKeyTest.java
- - java.security.Security
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/Security2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SecurityTest.java
- - javax.net.ssl.SSLContext
- libcore/luni/src/test/java/libcore/javax/net/ssl/SSLContextTest.java
- - javax.crypto.SecretKeyFactory
- libcore/luni/src/test/java/libcore/javax/crypto/SecretKeyFactoryTest.java
- libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactoryTest.java
- - java.security.SecureRandom
- libcore/luni/src/test/java/libcore/java/security/SecureRandomTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SecureRandom2Test.java
- libcore/luni/src/test/java/tests/java/security/SecureRandomTest.java
- libcore/luni/src/test/java/tests/targets/security/SecureRandomTestSHA1PRNG.java
- - java.security.SecureRandomSpi
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SecureRandomSpiTest.java
- - java.security.Signature
- libcore/crypto/src/test/java/org/conscrypt/OpenSSLSignatureTest.java
- libcore/luni/src/test/java/libcore/java/security/SignatureTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/Signature2Test.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignatureTest.java
- libcore/luni/src/test/java/tests/targets/security/SignatureTestMD2withRSA.java
- - java.security.SignatureSpi
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignatureSpiTest.java
- - java.security.SignedObject
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignedObjectTest.java
- - java.security.Signer
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignerTest.java
- - java.security.Timestamp
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/TimestampTest.java
- - java.security.cert.TrustAnchor
- libcore/luni/src/test/java/tests/security/cert/TrustAnchorTest.java
- - javax.net.ssl.TrustManagerFactory
- libcore/luni/src/test/java/libcore/javax/net/ssl/TrustManagerFactoryTest.java
- - java.net.URLConnection
- libcore/luni/src/test/java/libcore/java/net/URLConnectionTest.java
- libcore/luni/src/test/java/org/apache/harmony/luni/tests/java/net/URLConnectionTest.java
- - javax.security.auth.x500.X500Principal
- libcore/luni/src/test/java/libcore/javax/net/ssl/DistinguishedNameParserTest.java
- libcore/luni/src/test/java/libcore/javax/security/auth/x500/X500PrincipalTest.java
- libcore/luni/src/test/java/tests/api/javax/security/auth/X500PrincipalTest.java
- - javax.net.ssl.SSLSocket and javax.net.ssl.SSLEngine (which touch on Cipher, MessageDigest, Signature)
- libcore/luni/src/test/java/libcore/javax/net/ssl/
- - Test Android additions to bouncycastle such as org.bouncycastle.crypto.digests.OpenSSLDigest and org.bouncycastle.jce.provider.CertBlacklist
- libcore/luni/src/test/java/com/android/org/bouncycastle/
- - Exception "tests"
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/DigestExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/GeneralSecurityExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/InvalidAlgorithmParameterExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/InvalidKeyExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/InvalidParameterExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyManagementExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/NoSuchAlgorithmExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/NoSuchProviderExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/ProviderExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignatureExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/UnrecoverableEntryExceptionTest.java
- libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/UnrecoverableKeyExceptionTest.java
- libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateEncodingExceptionTest.java
- libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateExceptionTest.java
- libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateExpiredExceptionTest.java
- libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateNotYetValidExceptionTest.java
- libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateParsingExceptionTest.java
- libcore/luni/src/test/java/tests/security/cert/CRLExceptionTest.java
- libcore/luni/src/test/java/tests/security/cert/CertificateEncodingException2Test.java
- libcore/luni/src/test/java/tests/security/cert/CertificateEncodingExceptionTest.java
- libcore/luni/src/test/java/tests/security/cert/CertificateException2Test.java
- libcore/luni/src/test/java/tests/security/cert/CertificateExceptionTest.java
- libcore/luni/src/test/java/tests/security/cert/CertificateExpiredExceptionTest.java
- libcore/luni/src/test/java/tests/security/cert/CertificateNotYetValidExceptionTest.java
- libcore/luni/src/test/java/tests/security/cert/CertificateParsingExceptionTest.java
+ a) Create a new branch
+ repo start merge-xxx
-8) Do a full build before checking in:
+ b) Merge the changes in
- m -j16
+ git fetch aosp upstream-master
+ git merge aosp/upstream-master
+
+ c) Resolve any conflicts. Some common cases:
+
+ * If upstream changed a file that's deleted locally, we probably don't
+ need it
+ * If upstream added a file to a directory we deleted, we probably don't
+ need it
+
+ d) Confirm all changes
+
+ git diff aosp/master
+
+ e) Run the tests, commonly at least
+
+ cts -m CtsLibcoreTestCases
+ cts -m CtsLibcoreFileIOTestCases
+ cts -m CtsLibcoreJsr166TestCases
+ cts -m CtsLibcoreOjTestCases
+ cts -m CtsLibcoreOkHttpTestCases
+ cts -m CtsLibcoreWycheproofBCTestCases
+
+ e) Get the change reviewed
+
+ repo upload .
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java
index 3119715..b3a39a9 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java
@@ -320,20 +320,22 @@
return HELPER.getAttributeCertificates(signedData.getCertificates());
}
- // BEGIN android-removed
- // /**
- // * Return any OtherRevocationInfo OtherRevInfo objects of the type indicated by otherRevocationInfoFormat in
- // * this SignedData structure.
- // *
- // * @param otherRevocationInfoFormat OID of the format type been looked for.
- // *
- // * @return a Store of ASN1Encodable objects representing any objects of otherRevocationInfoFormat found.
- // */
- // public Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat)
- // {
- // return HELPER.getOtherRevocationInfo(otherRevocationInfoFormat, signedData.getCRLs());
- // }
- // END android-removed
+ // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+ /*
+ /**
+ * Return any OtherRevocationInfo OtherRevInfo objects of the type indicated by otherRevocationInfoFormat in
+ * this SignedData structure.
+ *
+ * @param otherRevocationInfoFormat OID of the format type been looked for.
+ *
+ * @return a Store of ASN1Encodable objects representing any objects of otherRevocationInfoFormat found.
+ *
+ public Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat)
+ {
+ return HELPER.getOtherRevocationInfo(otherRevocationInfoFormat, signedData.getCRLs());
+ }
+ */
+ // END Android-removed: OtherRevocationInfoFormat isn't supported
/**
* Return the digest algorithm identifiers for the SignedData object
@@ -385,92 +387,94 @@
return contentInfo.getEncoded();
}
- // BEGIN android-removed
- // /**
- // * Verify all the SignerInformation objects and their associated counter signatures attached
- // * to this CMS SignedData object.
- // *
- // * @param verifierProvider a provider of SignerInformationVerifier objects.
- // * @return true if all verify, false otherwise.
- // * @throws CMSException if an exception occurs during the verification process.
- // */
- // public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider)
- // throws CMSException
- // {
- // return verifySignatures(verifierProvider, false);
- // }
- //
- // /**
- // * Verify all the SignerInformation objects and optionally their associated counter signatures attached
- // * to this CMS SignedData object.
- // *
- // * @param verifierProvider a provider of SignerInformationVerifier objects.
- // * @param ignoreCounterSignatures if true don't check counter signatures. If false check counter signatures as well.
- // * @return true if all verify, false otherwise.
- // * @throws CMSException if an exception occurs during the verification process.
- // */
- // public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures)
- // throws CMSException
- // {
- // Collection signers = this.getSignerInfos().getSigners();
- //
- // for (Iterator it = signers.iterator(); it.hasNext();)
- // {
- // SignerInformation signer = (SignerInformation)it.next();
- //
- // try
- // {
- // SignerInformationVerifier verifier = verifierProvider.get(signer.getSID());
- //
- // if (!signer.verify(verifier))
- // {
- // return false;
- // }
- //
- // if (!ignoreCounterSignatures)
- // {
- // Collection counterSigners = signer.getCounterSignatures().getSigners();
- //
- // for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
- // {
- // if (!verifyCounterSignature((SignerInformation)cIt.next(), verifierProvider))
- // {
- // return false;
- // }
- // }
- // }
- // }
- // catch (OperatorCreationException e)
- // {
- // throw new CMSException("failure in verifier provider: " + e.getMessage(), e);
- // }
- // }
- //
- // return true;
- // }
- //
- // private boolean verifyCounterSignature(SignerInformation counterSigner, SignerInformationVerifierProvider verifierProvider)
- // throws OperatorCreationException, CMSException
- // {
- // SignerInformationVerifier counterVerifier = verifierProvider.get(counterSigner.getSID());
- //
- // if (!counterSigner.verify(counterVerifier))
- // {
- // return false;
- // }
- //
- // Collection counterSigners = counterSigner.getCounterSignatures().getSigners();
- // for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
- // {
- // if (!verifyCounterSignature((SignerInformation)cIt.next(), verifierProvider))
- // {
- // return false;
- // }
- // }
- //
- // return true;
- // }
- // END android-removed
+ // BEGIN Android-removed: Unknown reason
+ /*
+ /**
+ * Verify all the SignerInformation objects and their associated counter signatures attached
+ * to this CMS SignedData object.
+ *
+ * @param verifierProvider a provider of SignerInformationVerifier objects.
+ * @return true if all verify, false otherwise.
+ * @throws CMSException if an exception occurs during the verification process.
+ *
+ public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider)
+ throws CMSException
+ {
+ return verifySignatures(verifierProvider, false);
+ }
+
+ /**
+ * Verify all the SignerInformation objects and optionally their associated counter signatures attached
+ * to this CMS SignedData object.
+ *
+ * @param verifierProvider a provider of SignerInformationVerifier objects.
+ * @param ignoreCounterSignatures if true don't check counter signatures. If false check counter signatures as well.
+ * @return true if all verify, false otherwise.
+ * @throws CMSException if an exception occurs during the verification process.
+ *
+ public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures)
+ throws CMSException
+ {
+ Collection signers = this.getSignerInfos().getSigners();
+
+ for (Iterator it = signers.iterator(); it.hasNext();)
+ {
+ SignerInformation signer = (SignerInformation)it.next();
+
+ try
+ {
+ SignerInformationVerifier verifier = verifierProvider.get(signer.getSID());
+
+ if (!signer.verify(verifier))
+ {
+ return false;
+ }
+
+ if (!ignoreCounterSignatures)
+ {
+ Collection counterSigners = signer.getCounterSignatures().getSigners();
+
+ for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
+ {
+ if (!verifyCounterSignature((SignerInformation)cIt.next(), verifierProvider))
+ {
+ return false;
+ }
+ }
+ }
+ }
+ catch (OperatorCreationException e)
+ {
+ throw new CMSException("failure in verifier provider: " + e.getMessage(), e);
+ }
+ }
+
+ return true;
+ }
+
+ private boolean verifyCounterSignature(SignerInformation counterSigner, SignerInformationVerifierProvider verifierProvider)
+ throws OperatorCreationException, CMSException
+ {
+ SignerInformationVerifier counterVerifier = verifierProvider.get(counterSigner.getSID());
+
+ if (!counterSigner.verify(counterVerifier))
+ {
+ return false;
+ }
+
+ Collection counterSigners = counterSigner.getCounterSignatures().getSigners();
+ for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
+ {
+ if (!verifyCounterSignature((SignerInformation)cIt.next(), verifierProvider))
+ {
+ return false;
+ }
+ }
+
+ return true;
+ }
+ */
+ // END Android-removed: Unknown reason
/**
* Replace the SignerInformation store associated with this
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java
index f180c09..86d4321 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java
@@ -12,10 +12,9 @@
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -41,21 +40,21 @@
public static final String DIGEST_SHA384 = NISTObjectIdentifiers.id_sha384.getId();
public static final String DIGEST_SHA512 = NISTObjectIdentifiers.id_sha512.getId();
public static final String DIGEST_MD5 = PKCSObjectIdentifiers.md5.getId();
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// public static final String DIGEST_GOST3411 = CryptoProObjectIdentifiers.gostR3411.getId();
// public static final String DIGEST_RIPEMD128 = TeleTrusTObjectIdentifiers.ripemd128.getId();
// public static final String DIGEST_RIPEMD160 = TeleTrusTObjectIdentifiers.ripemd160.getId();
// public static final String DIGEST_RIPEMD256 = TeleTrusTObjectIdentifiers.ripemd256.getId();
- // END android-removed
+ // END Android-removed: Unsupported algorithms
public static final String ENCRYPTION_RSA = PKCSObjectIdentifiers.rsaEncryption.getId();
public static final String ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1.getId();
public static final String ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1.getId();
public static final String ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS.getId();
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// public static final String ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94.getId();
// public static final String ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001.getId();
- // END android-removed
+ // END Android-removed: Unsupported algorithms
private static final String ENCRYPTION_ECDSA_WITH_SHA1 = X9ObjectIdentifiers.ecdsa_with_SHA1.getId();
private static final String ENCRYPTION_ECDSA_WITH_SHA224 = X9ObjectIdentifiers.ecdsa_with_SHA224.getId();
@@ -180,33 +179,35 @@
certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrStore));
}
- // BEGIN android-removed
- // /**
- // * Add a single instance of otherRevocationData to the CRL set to be included with the generated SignedData message.
- // *
- // * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
- // * @param otherRevocationInfo the otherRevocationInfo ASN.1 structure.
- // */
- // public void addOtherRevocationInfo(
- // ASN1ObjectIdentifier otherRevocationInfoFormat,
- // ASN1Encodable otherRevocationInfo)
- // {
- // crls.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, otherRevocationInfo)));
- // }
- //
- // /**
- // * Add a Store of otherRevocationData to the CRL set to be included with the generated SignedData message.
- // *
- // * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
- // * @param otherRevocationInfos a Store of otherRevocationInfo data to add.
- // */
- // public void addOtherRevocationInfo(
- // ASN1ObjectIdentifier otherRevocationInfoFormat,
- // Store otherRevocationInfos)
- // {
- // crls.addAll(CMSUtils.getOthersFromStore(otherRevocationInfoFormat, otherRevocationInfos));
- // }
- // END android-removed
+ // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+ /*
+ /**
+ * Add a single instance of otherRevocationData to the CRL set to be included with the generated SignedData message.
+ *
+ * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
+ * @param otherRevocationInfo the otherRevocationInfo ASN.1 structure.
+ *
+ public void addOtherRevocationInfo(
+ ASN1ObjectIdentifier otherRevocationInfoFormat,
+ ASN1Encodable otherRevocationInfo)
+ {
+ crls.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, otherRevocationInfo)));
+ }
+
+ /**
+ * Add a Store of otherRevocationData to the CRL set to be included with the generated SignedData message.
+ *
+ * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
+ * @param otherRevocationInfos a Store of otherRevocationInfo data to add.
+ *
+ public void addOtherRevocationInfo(
+ ASN1ObjectIdentifier otherRevocationInfoFormat,
+ Store otherRevocationInfos)
+ {
+ crls.addAll(CMSUtils.getOthersFromStore(otherRevocationInfoFormat, otherRevocationInfos));
+ }
+ */
+ // END Android-removed: OtherRevocationInfoFormat isn't supported
/**
* Add a store of pre-calculated signers to the generator.
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java
index 11a927c..34a5e5b 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java
@@ -13,10 +13,9 @@
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERNull;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
@@ -55,16 +54,16 @@
addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA");
addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA");
addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
// addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
addEntries(OIWObjectIdentifiers.md5WithRSA, "MD5", "RSA");
addEntries(OIWObjectIdentifiers.sha1WithRSA, "SHA1", "RSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
// addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA");
addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA");
addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA");
@@ -91,31 +90,33 @@
encryptionAlgs.put(PKCSObjectIdentifiers.rsaEncryption.getId(), "RSA");
encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA");
encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa.getId(), "RSA");
- // BEGIN android-removed
- // encryptionAlgs.put(CMSSignedDataGenerator.ENCRYPTION_RSA_PSS, "RSAandMGF1");
- // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94.getId(), "GOST3410");
- // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001.getId(), "ECGOST3410");
- // encryptionAlgs.put("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
- // encryptionAlgs.put("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
- // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001.getId(), "ECGOST3410");
- // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94.getId(), "GOST3410");
- //
- // digestAlgs.put(PKCSObjectIdentifiers.md2.getId(), "MD2");
- // digestAlgs.put(PKCSObjectIdentifiers.md4.getId(), "MD4");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ encryptionAlgs.put(CMSSignedDataGenerator.ENCRYPTION_RSA_PSS, "RSAandMGF1");
+ encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94.getId(), "GOST3410");
+ encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001.getId(), "ECGOST3410");
+ encryptionAlgs.put("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
+ encryptionAlgs.put("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
+ encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001.getId(), "ECGOST3410");
+ encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94.getId(), "GOST3410");
+
+ digestAlgs.put(PKCSObjectIdentifiers.md2.getId(), "MD2");
+ digestAlgs.put(PKCSObjectIdentifiers.md4.getId(), "MD4");
+ */
+ // END Android-removed: Unsupported algorithms
digestAlgs.put(PKCSObjectIdentifiers.md5.getId(), "MD5");
digestAlgs.put(OIWObjectIdentifiers.idSHA1.getId(), "SHA1");
digestAlgs.put(NISTObjectIdentifiers.id_sha224.getId(), "SHA224");
digestAlgs.put(NISTObjectIdentifiers.id_sha256.getId(), "SHA256");
digestAlgs.put(NISTObjectIdentifiers.id_sha384.getId(), "SHA384");
digestAlgs.put(NISTObjectIdentifiers.id_sha512.getId(), "SHA512");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd128.getId(), "RIPEMD128");
// digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd160.getId(), "RIPEMD160");
// digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd256.getId(), "RIPEMD256");
// digestAlgs.put(CryptoProObjectIdentifiers.gostR3411.getId(), "GOST3411");
// digestAlgs.put("1.3.6.1.4.1.5849.1.2.1", "GOST3411");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
digestAliases.put("SHA1", new String[] { "SHA-1" });
digestAliases.put("SHA224", new String[] { "SHA-224" });
@@ -229,35 +230,39 @@
return new CollectionStore(new ArrayList());
}
- // Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet)
- // {
- // if (crlSet != null)
- // {
- // List crlList = new ArrayList(crlSet.size());
- //
- // for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();)
- // {
- // ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
- //
- // if (obj instanceof ASN1TaggedObject)
- // {
- // ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj);
- //
- // if (tObj.getTagNo() == 1)
- // {
- // OtherRevocationInfoFormat other = OtherRevocationInfoFormat.getInstance(tObj, false);
- //
- // if (otherRevocationInfoFormat.equals(other.getInfoFormat()))
- // {
- // crlList.add(other.getInfo());
- // }
- // }
- // }
- // }
- //
- // return new CollectionStore(crlList);
- // }
- //
- // return new CollectionStore(new ArrayList());
- // }
+ // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+ /*
+ Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet)
+ {
+ if (crlSet != null)
+ {
+ List crlList = new ArrayList(crlSet.size());
+
+ for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();)
+ {
+ ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
+
+ if (obj instanceof ASN1TaggedObject)
+ {
+ ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj);
+
+ if (tObj.getTagNo() == 1)
+ {
+ OtherRevocationInfoFormat other = OtherRevocationInfoFormat.getInstance(tObj, false);
+
+ if (otherRevocationInfoFormat.equals(other.getInfoFormat()))
+ {
+ crlList.add(other.getInfo());
+ }
+ }
+ }
+ }
+
+ return new CollectionStore(crlList);
+ }
+
+ return new CollectionStore(new ArrayList());
+ }
+ */
+ // END Android-removed: OtherRevocationInfoFormat isn't supported
}
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java
index 0cd1f5f..11c58b7 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java
@@ -23,13 +23,12 @@
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
import org.bouncycastle.asn1.cms.ContentInfo;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
// import org.bouncycastle.asn1.ocsp.OCSPResponse;
// import org.bouncycastle.asn1.ocsp.OCSPResponseStatus;
// import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
// import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cert.X509AttributeCertificateHolder;
import org.bouncycastle.cert.X509CRLHolder;
@@ -49,12 +48,12 @@
{
des.add("DES");
des.add("DESEDE");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// des.add(OIWObjectIdentifiers.desCBC.getId());
// des.add(PKCSObjectIdentifiers.des_EDE3_CBC.getId());
// des.add(PKCSObjectIdentifiers.des_EDE3_CBC.getId());
// des.add(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId());
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
static boolean isDES(String algorithmID)
@@ -164,7 +163,7 @@
crls.add(c.toASN1Structure());
}
- // BEGIN android-removed
+ // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
// else if (rev instanceof OtherRevocationInfoFormat)
// {
// OtherRevocationInfoFormat infoFormat = OtherRevocationInfoFormat.getInstance(rev);
@@ -173,7 +172,7 @@
//
// crls.add(new DERTaggedObject(false, 1, infoFormat));
// }
- // END android-removed
+ // END Android-removed: OtherRevocationInfoFormat isn't supported
else if (rev instanceof ASN1TaggedObject)
{
crls.add(rev);
@@ -188,36 +187,39 @@
}
}
- // BEGIN android-removed
- // private static void validateInfoFormat(OtherRevocationInfoFormat infoFormat)
- // {
- // if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(infoFormat.getInfoFormat()))
- // {
- // OCSPResponse resp = OCSPResponse.getInstance(infoFormat.getInfo());
- //
- // if (resp.getResponseStatus().getValue().intValue() != OCSPResponseStatus.SUCCESSFUL)
- // {
- // throw new IllegalArgumentException("cannot add unsuccessful OCSP response to CMS SignedData");
- // }
- // }
- // }
- //
- // static Collection getOthersFromStore(ASN1ObjectIdentifier otherRevocationInfoFormat, Store otherRevocationInfos)
- // {
- // List others = new ArrayList();
- //
- // for (Iterator it = otherRevocationInfos.getMatches(null).iterator(); it.hasNext();)
- // {
- // ASN1Encodable info = (ASN1Encodable)it.next();
- // OtherRevocationInfoFormat infoFormat = new OtherRevocationInfoFormat(otherRevocationInfoFormat, info);
- // validateInfoFormat(infoFormat);
- //
- // others.add(new DERTaggedObject(false, 1, infoFormat));
- // }
- //
- // return others;
- // }
- // END android-removed
+ // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+ /*
+ private static void validateInfoFormat(OtherRevocationInfoFormat infoFormat)
+ {
+ if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(infoFormat.getInfoFormat()))
+ {
+ OCSPResponse resp = OCSPResponse.getInstance(infoFormat.getInfo());
+
+ if (resp.getResponseStatus().getValue().intValue() != OCSPResponseStatus.SUCCESSFUL)
+ {
+ throw new IllegalArgumentException("cannot add unsuccessful OCSP response to CMS SignedData");
+ }
+ }
+ }
+
+ static Collection getOthersFromStore(ASN1ObjectIdentifier otherRevocationInfoFormat, Store otherRevocationInfos)
+ {
+ List others = new ArrayList();
+
+ for (Iterator it = otherRevocationInfos.getMatches(null).iterator(); it.hasNext();)
+ {
+ ASN1Encodable info = (ASN1Encodable)it.next();
+ OtherRevocationInfoFormat infoFormat = new OtherRevocationInfoFormat(otherRevocationInfoFormat, info);
+
+ validateInfoFormat(infoFormat);
+
+ others.add(new DERTaggedObject(false, 1, infoFormat));
+ }
+
+ return others;
+ }
+ */
+ // END Android-removed: OtherRevocationInfoFormat isn't supported
static ASN1Set createBerSetFromList(List derObjects)
{
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java
index 2230c78..255efa5 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java
@@ -4,10 +4,9 @@
import java.util.Map;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
@@ -36,16 +35,16 @@
addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA");
addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA");
addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
// addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
addEntries(OIWObjectIdentifiers.md5WithRSA, "MD5", "RSA");
addEntries(OIWObjectIdentifiers.sha1WithRSA, "SHA1", "RSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
// addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA");
addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA");
addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA");
@@ -72,21 +71,21 @@
addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1", "PLAIN-ECDSA");
// addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA224, "SHA224", "PLAIN-ECDSA");
// addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA256, "SHA256", "PLAIN-ECDSA");
// addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA384, "SHA384", "PLAIN-ECDSA");
// addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA512, "SHA512", "PLAIN-ECDSA");
// addEntries(BSIObjectIdentifiers.ecdsa_plain_RIPEMD160, "RIPEMD160", "PLAIN-ECDSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
encryptionAlgs.put(X9ObjectIdentifiers.id_dsa, "DSA");
encryptionAlgs.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA");
encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa, "RSA");
encryptionAlgs.put(PKCSObjectIdentifiers.id_RSASSA_PSS, "RSAandMGF1");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94, "GOST3410");
// encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410");
// encryptionAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.6.2"), "ECGOST3410");
@@ -96,20 +95,20 @@
//
// digestAlgs.put(PKCSObjectIdentifiers.md2, "MD2");
// digestAlgs.put(PKCSObjectIdentifiers.md4, "MD4");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
digestAlgs.put(PKCSObjectIdentifiers.md5, "MD5");
digestAlgs.put(OIWObjectIdentifiers.idSHA1, "SHA1");
digestAlgs.put(NISTObjectIdentifiers.id_sha224, "SHA224");
digestAlgs.put(NISTObjectIdentifiers.id_sha256, "SHA256");
digestAlgs.put(NISTObjectIdentifiers.id_sha384, "SHA384");
digestAlgs.put(NISTObjectIdentifiers.id_sha512, "SHA512");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128");
// digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160");
// digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256");
// digestAlgs.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411");
// digestAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.2.1"), "GOST3411");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
/**
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
index 780d466..fb53743 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
@@ -16,27 +16,29 @@
static
{
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// RSA_PKCS1d5.add(PKCSObjectIdentifiers.md2WithRSAEncryption);
// RSA_PKCS1d5.add(PKCSObjectIdentifiers.md4WithRSAEncryption);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
RSA_PKCS1d5.add(PKCSObjectIdentifiers.md5WithRSAEncryption);
RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha1WithRSAEncryption);
+ // BEGIN Android-added: Add support for SHA-2 family signatures
RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha224WithRSAEncryption);
RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha256WithRSAEncryption);
RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha384WithRSAEncryption);
RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha512WithRSAEncryption);
- // BEGIN android-removed
+ // END Android-added: Add support for SHA-2 family signatures
+ // BEGIN Android-removed: Unsupported algorithms
// RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSAEncryption);
// RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSA);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
RSA_PKCS1d5.add(OIWObjectIdentifiers.md5WithRSA);
RSA_PKCS1d5.add(OIWObjectIdentifiers.sha1WithRSA);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
// RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
// RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
public AlgorithmIdentifier findEncryptionAlgorithm(AlgorithmIdentifier signatureAlgorithm)
diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java
index e369185..3607c9b 100644
--- a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java
@@ -5,11 +5,10 @@
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERNull;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -29,20 +28,20 @@
//
// digests
//
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestOids.put(OIWObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
// digestOids.put(OIWObjectIdentifiers.md4WithRSA, PKCSObjectIdentifiers.md4);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
digestOids.put(OIWObjectIdentifiers.sha1WithRSA, OIWObjectIdentifiers.idSHA1);
digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224);
digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
// digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
@@ -53,49 +52,45 @@
digestOids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, NISTObjectIdentifiers.id_sha512);
digestOids.put(X9ObjectIdentifiers.id_dsa_with_sha1, OIWObjectIdentifiers.idSHA1);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestOids.put(BSIObjectIdentifiers.ecdsa_plain_SHA1, OIWObjectIdentifiers.idSHA1);
// digestOids.put(BSIObjectIdentifiers.ecdsa_plain_SHA224, NISTObjectIdentifiers.id_sha224);
// digestOids.put(BSIObjectIdentifiers.ecdsa_plain_SHA256, NISTObjectIdentifiers.id_sha256);
// digestOids.put(BSIObjectIdentifiers.ecdsa_plain_SHA384, NISTObjectIdentifiers.id_sha384);
// digestOids.put(BSIObjectIdentifiers.ecdsa_plain_SHA512, NISTObjectIdentifiers.id_sha512);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
digestOids.put(NISTObjectIdentifiers.dsa_with_sha224, NISTObjectIdentifiers.id_sha224);
digestOids.put(NISTObjectIdentifiers.dsa_with_sha256, NISTObjectIdentifiers.id_sha256);
digestOids.put(NISTObjectIdentifiers.dsa_with_sha384, NISTObjectIdentifiers.id_sha384);
digestOids.put(NISTObjectIdentifiers.dsa_with_sha512, NISTObjectIdentifiers.id_sha512);
- // BEGIN android-removed
- // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
- // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
- // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
- //
- // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
- // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
- // digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
- // digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
- // digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
- // digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
- // digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
- // digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
- // digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
- // digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
- // digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
- // digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
- // digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
- // digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
- //
- // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
- // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
- // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
- //
- // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
- // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
- //
- // digestOids.put(BCObjectIdentifiers.sphincs256_with_SHA3_512, NISTObjectIdentifiers.id_sha3_512);
- // digestOids.put(BCObjectIdentifiers.sphincs256_with_SHA512, NISTObjectIdentifiers.id_sha512);
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
+ digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
+ digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
+ digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
+ digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
+ digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
+ digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
+ digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
+ digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
+ digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
+ digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
+ digestOids.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
+
+ digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
+ digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
+ digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
+
+ digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
+ digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
+
+ digestOids.put(BCObjectIdentifiers.sphincs256_with_SHA3_512, NISTObjectIdentifiers.id_sha3_512);
+ digestOids.put(BCObjectIdentifiers.sphincs256_with_SHA512, NISTObjectIdentifiers.id_sha512);
+ */
+ // END Android-removed: Unsupported algorithms
digestNameToOids.put("SHA-1", OIWObjectIdentifiers.idSHA1);
@@ -103,38 +98,40 @@
digestNameToOids.put("SHA-256", NISTObjectIdentifiers.id_sha256);
digestNameToOids.put("SHA-384", NISTObjectIdentifiers.id_sha384);
digestNameToOids.put("SHA-512", NISTObjectIdentifiers.id_sha512);
- // BEGIN android-removed
- // digestNameToOids.put("SHA-512-224", NISTObjectIdentifiers.id_sha512_224);
- // digestNameToOids.put("SHA-512-256", NISTObjectIdentifiers.id_sha512_256);
- //
- // digestNameToOids.put("SHA1", OIWObjectIdentifiers.idSHA1);
- // digestNameToOids.put("SHA224", NISTObjectIdentifiers.id_sha224);
- // digestNameToOids.put("SHA256", NISTObjectIdentifiers.id_sha256);
- // digestNameToOids.put("SHA384", NISTObjectIdentifiers.id_sha384);
- // digestNameToOids.put("SHA512", NISTObjectIdentifiers.id_sha512);
- // digestNameToOids.put("SHA512-224", NISTObjectIdentifiers.id_sha512_224);
- // digestNameToOids.put("SHA512-256", NISTObjectIdentifiers.id_sha512_256);
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ digestNameToOids.put("SHA-512-224", NISTObjectIdentifiers.id_sha512_224);
+ digestNameToOids.put("SHA-512-256", NISTObjectIdentifiers.id_sha512_256);
- // digestNameToOids.put("SHA3-224", NISTObjectIdentifiers.id_sha3_224);
- // digestNameToOids.put("SHA3-256", NISTObjectIdentifiers.id_sha3_256);
- // digestNameToOids.put("SHA3-384", NISTObjectIdentifiers.id_sha3_384);
- // digestNameToOids.put("SHA3-512", NISTObjectIdentifiers.id_sha3_512);
- //
- // digestNameToOids.put("SHAKE-128", NISTObjectIdentifiers.id_shake128);
- // digestNameToOids.put("SHAKE-256", NISTObjectIdentifiers.id_shake256);
- //
- // digestNameToOids.put("GOST3411", CryptoProObjectIdentifiers.gostR3411);
- //
- // digestNameToOids.put("MD2", PKCSObjectIdentifiers.md2);
- // digestNameToOids.put("MD4", PKCSObjectIdentifiers.md4);
- // END android-removed
+ digestNameToOids.put("SHA1", OIWObjectIdentifiers.idSHA1);
+ digestNameToOids.put("SHA224", NISTObjectIdentifiers.id_sha224);
+ digestNameToOids.put("SHA256", NISTObjectIdentifiers.id_sha256);
+ digestNameToOids.put("SHA384", NISTObjectIdentifiers.id_sha384);
+ digestNameToOids.put("SHA512", NISTObjectIdentifiers.id_sha512);
+ digestNameToOids.put("SHA512-224", NISTObjectIdentifiers.id_sha512_224);
+ digestNameToOids.put("SHA512-256", NISTObjectIdentifiers.id_sha512_256);
+
+ digestNameToOids.put("SHA3-224", NISTObjectIdentifiers.id_sha3_224);
+ digestNameToOids.put("SHA3-256", NISTObjectIdentifiers.id_sha3_256);
+ digestNameToOids.put("SHA3-384", NISTObjectIdentifiers.id_sha3_384);
+ digestNameToOids.put("SHA3-512", NISTObjectIdentifiers.id_sha3_512);
+
+ digestNameToOids.put("SHAKE-128", NISTObjectIdentifiers.id_shake128);
+ digestNameToOids.put("SHAKE-256", NISTObjectIdentifiers.id_shake256);
+
+ digestNameToOids.put("GOST3411", CryptoProObjectIdentifiers.gostR3411);
+
+ digestNameToOids.put("MD2", PKCSObjectIdentifiers.md2);
+ digestNameToOids.put("MD4", PKCSObjectIdentifiers.md4);
+ */
+ // END Android-removed: Unsupported algorithms
digestNameToOids.put("MD5", PKCSObjectIdentifiers.md5);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestNameToOids.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
// digestNameToOids.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
// digestNameToOids.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
public AlgorithmIdentifier find(AlgorithmIdentifier sigAlgId)
@@ -157,4 +154,4 @@
{
return new AlgorithmIdentifier((ASN1ObjectIdentifier)digestNameToOids.get(digAlgName), DERNull.INSTANCE);
}
-}
+}
\ No newline at end of file
diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java
index d1976af..1c80fb4 100644
--- a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java
@@ -9,13 +9,12 @@
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERNull;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
// import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -38,17 +37,17 @@
private static final ASN1ObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1;
private static final ASN1ObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1;
private static final ASN1ObjectIdentifier ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS;
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// private static final ASN1ObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94;
// private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001;
- // END android-removed
+ // END Android-removed: Unsupported algorithms
static
{
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
// algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
@@ -66,14 +65,14 @@
algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
// algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
// algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
// algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
// algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
// algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
@@ -87,27 +86,29 @@
algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
- // BEGIN android-removed
- // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- // algorithms.put("SHA1WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
- // algorithms.put("SHA224WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA224);
- // algorithms.put("SHA256WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA256);
- // algorithms.put("SHA384WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA384);
- // algorithms.put("SHA512WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA512);
- // algorithms.put("RIPEMD160WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
- // algorithms.put("SHA1WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
- // algorithms.put("SHA224WITHPCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
- // algorithms.put("SHA256WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
- // algorithms.put("SHA384WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
- // algorithms.put("SHA512WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
- // algorithms.put("SHA3-512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA3_512);
- // algorithms.put("SHA512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA512);
- // algorithms.put("SM3WITHSM2", GMObjectIdentifiers.sm2sign_with_sm3);
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ algorithms.put("SHA1WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
+ algorithms.put("SHA224WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA224);
+ algorithms.put("SHA256WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA256);
+ algorithms.put("SHA384WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA384);
+ algorithms.put("SHA512WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA512);
+ algorithms.put("RIPEMD160WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
+ algorithms.put("SHA1WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
+ algorithms.put("SHA224WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
+ algorithms.put("SHA256WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
+ algorithms.put("SHA384WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
+ algorithms.put("SHA512WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
+ algorithms.put("SHA3-512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA3_512);
+ algorithms.put("SHA512WITHSPHINCS256", BCObjectIdentifiers.sphincs256_with_SHA512);
+ algorithms.put("SM3WITHSM2", GMObjectIdentifiers.sm2sign_with_sm3);
+ */
+ // END Android-removed: Unsupported algorithms
//
// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
@@ -124,23 +125,26 @@
noParams.add(NISTObjectIdentifiers.dsa_with_sha384);
noParams.add(NISTObjectIdentifiers.dsa_with_sha512);
- // BEGIN Android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
//
// RFC 4491
//
- // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
- // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+ noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+ noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+
//
// SPHINCS-256
//
- // noParams.add(BCObjectIdentifiers.sphincs256_with_SHA512);
- // noParams.add(BCObjectIdentifiers.sphincs256_with_SHA3_512);
+ noParams.add(BCObjectIdentifiers.sphincs256_with_SHA512);
+ noParams.add(BCObjectIdentifiers.sphincs256_with_SHA3_512);
//
// SM2
//
- // noParams.add(GMObjectIdentifiers.sm2sign_with_sm3);
- // END android-removed
+ noParams.add(GMObjectIdentifiers.sm2sign_with_sm3);
+ */
+ // END Android-removed: Unsupported algorithms
//
// PKCS 1.5 encrypted algorithms
@@ -150,11 +154,11 @@
pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha256WithRSAEncryption);
pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha384WithRSAEncryption);
pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha512WithRSAEncryption);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
// pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
// pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
//
// explicit params
@@ -181,19 +185,19 @@
digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
// digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
// digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
// digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
// digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
// digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
private static AlgorithmIdentifier generate(String signatureAlgorithm)
@@ -256,4 +260,4 @@
{
return generate(sigAlgName);
}
-}
+}
\ No newline at end of file
diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java
index 74c0aa2..30d6e6f 100644
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java
+++ b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java
@@ -4,33 +4,29 @@
import java.util.HashMap;
import java.util.Map;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.crypto.ExtendedDigest;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.digests.GOST3411Digest;
// import org.bouncycastle.crypto.digests.MD2Digest;
// import org.bouncycastle.crypto.digests.MD4Digest;
-// END android-removed
import org.bouncycastle.crypto.digests.MD5Digest;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.digests.RIPEMD128Digest;
// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
// import org.bouncycastle.crypto.digests.RIPEMD256Digest;
-// END android-removed
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.SHA224Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.digests.SHA384Digest;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.digests.SHA3Digest;
-// END android-removed
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.operator.OperatorCreationException;
@@ -78,85 +74,87 @@
return new SHA512Digest();
}
});
- // BEGIN android-removed
- // table.put(NISTObjectIdentifiers.id_sha3_224, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new SHA3Digest(224);
- // }
- // });
- // table.put(NISTObjectIdentifiers.id_sha3_256, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new SHA3Digest(256);
- // }
- // });
- // table.put(NISTObjectIdentifiers.id_sha3_384, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new SHA3Digest(384);
- // }
- // });
- // table.put(NISTObjectIdentifiers.id_sha3_512, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new SHA3Digest(512);
- // }
- // });
- // table.put(PKCSObjectIdentifiers.md5, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new MD5Digest();
- // }
- // });
- // table.put(PKCSObjectIdentifiers.md4, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new MD4Digest();
- // }
- // });
- // table.put(PKCSObjectIdentifiers.md2, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new MD2Digest();
- // }
- // });
- // table.put(CryptoProObjectIdentifiers.gostR3411, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new GOST3411Digest();
- // }
- // });
- // table.put(TeleTrusTObjectIdentifiers.ripemd128, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new RIPEMD128Digest();
- // }
- // });
- // table.put(TeleTrusTObjectIdentifiers.ripemd160, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new RIPEMD160Digest();
- // }
- // });
- // table.put(TeleTrusTObjectIdentifiers.ripemd256, new BcDigestProvider()
- // {
- // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
- // {
- // return new RIPEMD256Digest();
- // }
- // });
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ table.put(NISTObjectIdentifiers.id_sha3_224, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new SHA3Digest(224);
+ }
+ });
+ table.put(NISTObjectIdentifiers.id_sha3_256, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new SHA3Digest(256);
+ }
+ });
+ table.put(NISTObjectIdentifiers.id_sha3_384, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new SHA3Digest(384);
+ }
+ });
+ table.put(NISTObjectIdentifiers.id_sha3_512, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new SHA3Digest(512);
+ }
+ });
+ table.put(PKCSObjectIdentifiers.md5, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new MD5Digest();
+ }
+ });
+ table.put(PKCSObjectIdentifiers.md4, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new MD4Digest();
+ }
+ });
+ table.put(PKCSObjectIdentifiers.md2, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new MD2Digest();
+ }
+ });
+ table.put(CryptoProObjectIdentifiers.gostR3411, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new GOST3411Digest();
+ }
+ });
+ table.put(TeleTrusTObjectIdentifiers.ripemd128, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new RIPEMD128Digest();
+ }
+ });
+ table.put(TeleTrusTObjectIdentifiers.ripemd160, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new RIPEMD160Digest();
+ }
+ });
+ table.put(TeleTrusTObjectIdentifiers.ripemd256, new BcDigestProvider()
+ {
+ public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
+ {
+ return new RIPEMD256Digest();
+ }
+ });
+ */
+ // END Android-removed: Unsupported algorithms
return Collections.unmodifiableMap(table);
}
diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorHelper.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorHelper.java
index 8ac72ea..a06792b 100644
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorHelper.java
+++ b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorHelper.java
@@ -25,11 +25,10 @@
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERNull;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
@@ -65,7 +64,7 @@
oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
// oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
// oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1WITHPLAIN-ECDSA");
@@ -79,12 +78,12 @@
// oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256WITHCVC-ECDSA");
// oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384WITHCVC-ECDSA");
// oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512WITHCVC-ECDSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java
index d883a73..0225e6e 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java
@@ -80,7 +80,7 @@
return (value != 0 ? TRUE : FALSE);
}
- // BEGIN android-added
+ // BEGIN Android-added: Unknown reason
/**
* return a ASN1Boolean from the passed in array.
*/
@@ -90,7 +90,7 @@
return (octets[0] != 0) ? TRUE : FALSE;
}
- // END android-added
+ // END Android-added: Unknown reason
/**
* return a Boolean from a tagged object.
*
@@ -117,9 +117,7 @@
}
}
- // BEGIN android-changed
- protected ASN1Boolean(
- // END android-changed
+ ASN1Boolean(
byte[] value)
{
if (value.length != 1)
@@ -145,10 +143,9 @@
* @deprecated use getInstance(boolean) method.
* @param value true or false.
*/
- // BEGIN android-changed
+ // Android-changed: Reduce visibility to protected
protected ASN1Boolean(
boolean value)
- // END android-changed
{
this.value = (value) ? TRUE_VALUE : FALSE_VALUE;
}
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java
index 0e2be64..6040676 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java
@@ -3,6 +3,7 @@
import java.io.IOException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
+// Android-added: Localization support
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
@@ -110,10 +111,9 @@
public ASN1GeneralizedTime(
Date time)
{
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
+ // Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
- // END android-changed
dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
@@ -131,11 +131,11 @@
Date time,
Locale locale)
{
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale);
+ // BEGIN Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale);
SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
dateF.setCalendar(Calendar.getInstance(Locale.US));
- // END android-changed
+ // END Android-changed: Use localized version
dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
@@ -260,17 +260,15 @@
{
if (hasFractionalSeconds())
{
- // BEGIN android-changed
- // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'");
+ // Android-changed: Use localized version
+ // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'");
dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'", Locale.US);
- // END android-changed
}
else
{
- // BEGIN android-changed
- // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
+ // Android-changed: Use localized version
+ // dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
- // END android-changed
}
dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
@@ -280,17 +278,15 @@
d = this.getTime();
if (hasFractionalSeconds())
{
- // BEGIN android-changed
- // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz");
+ // Android-changed: Use localized version
+ // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz");
dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz", Locale.US);
- // END android-changed
}
else
{
- // BEGIN android-changed
- // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+ // Android-changed: Use localized version
+ // dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US);
- // END android-changed
}
dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
@@ -299,17 +295,15 @@
{
if (hasFractionalSeconds())
{
- // BEGIN android-changed
+ // Android-changed: Use localized version
// dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS");
dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS", Locale.US);
- // END android-changed
}
else
{
- // BEGIN android-changed
- // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+ // Android-changed: Use localized version
+ // dateF = new SimpleDateFormat("yyyyMMddHHmmss");
dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
- // END android-changed
}
dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID()));
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java
index f1098e7..f39d120 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java
@@ -8,12 +8,6 @@
public abstract class ASN1Null
extends ASN1Primitive
{
- // BEGIN android-added
- /*package*/ ASN1Null()
- {
- }
-
- // END android-added
/**
* Return an instance of ASN.1 NULL from the passed in object.
* <p>
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
index 50b8a49..bdfec4f 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
@@ -155,13 +155,8 @@
}
}
- // BEGIN android-changed
- /*
- * Intern the identifier so there aren't hundreds of duplicates
- * (in practice).
- */
+ // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice.
this.identifier = objId.toString().intern();
- // END android-changed
this.body = Arrays.clone(bytes);
}
@@ -182,13 +177,8 @@
throw new IllegalArgumentException("string " + identifier + " not an OID");
}
- // BEGIN android-changed
- /*
- * Intern the identifier so there aren't hundreds of duplicates
- * (in practice).
- */
+ // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice.
this.identifier = identifier.intern();
- // END android-changed
}
/**
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java
index 41ce817..446af77 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java
@@ -3,6 +3,7 @@
import java.io.IOException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
+// Android-added: Localization support
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
@@ -124,10 +125,9 @@
public ASN1UTCTime(
Date time)
{
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'");
+ // Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'");
SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US);
- // END android-changed
dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
@@ -145,11 +145,11 @@
Date time,
Locale locale)
{
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale);
+ // BEGIN Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale);
SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US);
dateF.setCalendar(Calendar.getInstance(locale));
- // END android-changed
+ // END Android-changed: Use localized version
dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
@@ -172,10 +172,9 @@
public Date getDate()
throws ParseException
{
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz");
+ // Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz");
SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz", Locale.US);
- // END android-changed
return dateF.parse(getTime());
}
@@ -190,10 +189,9 @@
public Date getAdjustedDate()
throws ParseException
{
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+ // Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US);
- // END android-changed
dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java
index 7df2acf..3a86b1d 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java
@@ -15,9 +15,8 @@
/**
* @deprecated use DERNull.INSTANCE
*/
- // BEGIN android-changed
+ // Android-changed: Reduce visibility to protected.
protected DERNull()
- // END android-changed
{
}
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java b/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java
index 59e96e8..1fc8ab0 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java
@@ -8,9 +8,8 @@
class StreamUtil
{
- // BEGIN android-removed
+ // Android-removed: Check max memory at runtime
// private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory();
- // END android-removed
/**
* Find out possible longest length...
@@ -50,7 +49,7 @@
}
}
- // BEGIN android-changed
+ // BEGIN Android-changed: Check max memory at runtime
long maxMemory = Runtime.getRuntime().maxMemory();
if (maxMemory > Integer.MAX_VALUE)
{
@@ -58,7 +57,7 @@
}
return (int) maxMemory;
- // END android-changed
+ // END Android-changed: Check max memory at runtime
}
static int calculateBodyLength(
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java
index a4f3f3b..f43f9fb 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java
@@ -72,23 +72,25 @@
*/
public static final ASN1ObjectIdentifier bc_sig = bc.branch("2");
- // BEGIN android-removed
- // /**
- // * Sphincs-256
- // */
- // public static final ASN1ObjectIdentifier sphincs256 = bc_sig.branch("1");
- // public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512 = sphincs256.branch("1");
- // public static final ASN1ObjectIdentifier sphincs256_with_SHA512 = sphincs256.branch("2");
- // public static final ASN1ObjectIdentifier sphincs256_with_SHA3_512 = sphincs256.branch("3");
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ /**
+ * Sphincs-256
+ *
+ public static final ASN1ObjectIdentifier sphincs256 = bc_sig.branch("1");
+ public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512 = sphincs256.branch("1");
+ public static final ASN1ObjectIdentifier sphincs256_with_SHA512 = sphincs256.branch("2");
+ public static final ASN1ObjectIdentifier sphincs256_with_SHA3_512 = sphincs256.branch("3");
- // /**
- // * key_exchange(3) algorithms
- // */
- // public static final ASN1ObjectIdentifier bc_exch = bc.branch("3");
+ /**
+ * key_exchange(3) algorithms
+ *
+ public static final ASN1ObjectIdentifier bc_exch = bc.branch("3");
- // /**
- // * NewHope
- // */
- // public static final ASN1ObjectIdentifier newHope = bc_exch.branch("1");
- // END android-removed
+ /**
+ * NewHope
+ *
+ public static final ASN1ObjectIdentifier newHope = bc_exch.branch("1");
+ */
+ // END Android-removed: Unsupported algorithms
}
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java
index 1592c75..2e8e039 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java
@@ -28,9 +28,7 @@
*/
public class ContentInfo
extends ASN1Object
- // BEGIN android-removed
- // implements CMSObjectIdentifiers
- // END android-removed
+ implements CMSObjectIdentifiers
{
private ASN1ObjectIdentifier contentType;
private ASN1Encodable content;
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java
index ed9a6c0..a6f8d8f 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java
@@ -2,6 +2,7 @@
import java.text.ParseException;
import java.text.SimpleDateFormat;
+// Android-added: Localization support
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
@@ -71,10 +72,9 @@
Date time)
{
SimpleTimeZone tz = new SimpleTimeZone(0, "Z");
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+ // Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss");
SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
- // END android-changed
dateF.setTimeZone(tz);
@@ -105,11 +105,11 @@
Locale locale)
{
SimpleTimeZone tz = new SimpleTimeZone(0, "Z");
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
+ // BEGIN Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
dateF.setCalendar(Calendar.getInstance(locale));
- // END android-changed
+ // END Android-changed: Use localized version
dateF.setTimeZone(tz);
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
index 75df2aa..48d0320 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
@@ -13,12 +13,14 @@
static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1");
/** PKCS#1: 1.2.840.113549.1.1.1 */
static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1");
- // BEGIN android-removed
- // /** PKCS#1: 1.2.840.113549.1.1.2 */
- // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2");
- // /** PKCS#1: 1.2.840.113549.1.1.3 */
- // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3");
- // END android-removed
+ // BEGIN Android-removed: MD2 and MD4 are unsupported
+ /*
+ /** PKCS#1: 1.2.840.113549.1.1.2 *
+ static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2");
+ /** PKCS#1: 1.2.840.113549.1.1.3 *
+ static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3");
+ */
+ // END Android-removed: MD2 and MD4 are unsupported
/** PKCS#1: 1.2.840.113549.1.1.4 */
static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4");
/** PKCS#1: 1.2.840.113549.1.1.5 */
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java
index 20f6ea3..dcde303 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java
@@ -14,9 +14,9 @@
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.crypto.Digest;
-// BEGIN android-changed
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-changed
/**
* The AuthorityKeyIdentifier object.
@@ -108,9 +108,9 @@
public AuthorityKeyIdentifier(
SubjectPublicKeyInfo spki)
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // Digest digest = new SHA1Digest();
Digest digest = AndroidDigestFactory.getSHA1();
- // END android-changed
byte[] resBuf = new byte[digest.getDigestSize()];
byte[] bytes = spki.getPublicKeyData().getBytes();
@@ -129,9 +129,9 @@
GeneralNames name,
BigInteger serialNumber)
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // Digest digest = new SHA1Digest();
Digest digest = AndroidDigestFactory.getSHA1();
- // END android-changed
byte[] resBuf = new byte[digest.getDigestSize()];
byte[] bytes = spki.getPublicKeyData().getBytes();
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java
index 989de4c..a99dddf 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java
@@ -2,6 +2,7 @@
import java.text.ParseException;
import java.text.SimpleDateFormat;
+// Android-added: Localization support
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
@@ -52,10 +53,9 @@
Date time)
{
SimpleTimeZone tz = new SimpleTimeZone(0, "Z");
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+ // Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss");
SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
- // END android-changed
dateF.setTimeZone(tz);
@@ -86,8 +86,8 @@
Locale locale)
{
SimpleTimeZone tz = new SimpleTimeZone(0, "Z");
- // BEGIN android-changed
- // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
+ // BEGIN Android-changed: Use localized version
+ // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
dateF.setCalendar(Calendar.getInstance(locale));
// END android-changed
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java
index 0c372f7..fafb68f 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java
@@ -255,10 +255,10 @@
*/
public static final Hashtable SymbolLookUp = DefaultLookUp;
- // BEGIN android-changed
+ // BEGIN Android-changed: Use Boolean class constants instead of Boolean constructor
private static final Boolean TRUE = Boolean.TRUE;
private static final Boolean FALSE = Boolean.FALSE;
- // END android-changed
+ // END Android-changed: Use Boolean class constants instead of Boolean constructor
static
{
@@ -448,9 +448,7 @@
throw new IllegalArgumentException("cannot encode value");
}
}
- // BEGIN android-changed
- added.addElement(Boolean.valueOf(i != 0));
- // END android-changed
+ added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility
}
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java
index 454f322..b1b1416 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java
@@ -78,8 +78,10 @@
}
else
{
- // BEGIN android-added
- // copied from a newer version of BouncyCastle
+ // BEGIN Android-added: Unknown reason
+ // This was previously marked with the comment "copied from a newer version
+ // of BouncyCastle", but I couldn't find any evidence that it ever was included
+ // in any version of BC
if (c == '#' && buf.charAt(buf.length() - 1) == '=')
{
buf.append('\\');
@@ -88,7 +90,7 @@
{
buf.append('\\');
}
- // END android-added
+ // END Android-added: Unknown reason
buf.append(c);
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java
index 5abcca9..0fc8737 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java
@@ -4,15 +4,13 @@
import java.util.Vector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-// BEGIN android-removed
+// Android-removed: Unsupported curves
// import org.bouncycastle.asn1.anssi.ANSSINamedCurves;
// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.sec.SECNamedCurves;
-// BEGIN android-removed
+// Android-removed: Unsupported curves
// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
-// END android-removed
/**
* A general class that reads all X9.62 style EC curve tables.
@@ -41,17 +39,19 @@
ecP = NISTNamedCurves.getByName(name);
}
- // BEGIN android-removed
- // if (ecP == null)
- // {
- // ecP = TeleTrusTNamedCurves.getByName(name);
- // }
- //
- // if (ecP == null)
- // {
- // ecP = ANSSINamedCurves.getByName(name);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ if (ecP == null)
+ {
+ ecP = TeleTrusTNamedCurves.getByName(name);
+ }
+
+ if (ecP == null)
+ {
+ ecP = ANSSINamedCurves.getByName(name);
+ }
+ */
+ // END Android-removed: Unsupported curves
return ecP;
}
@@ -77,17 +77,19 @@
oid = NISTNamedCurves.getOID(name);
}
- // BEGIN android-removed
- // if (oid == null)
- // {
- // oid = TeleTrusTNamedCurves.getOID(name);
- // }
- //
- // if (oid == null)
- // {
- // oid = ANSSINamedCurves.getOID(name);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ if (oid == null)
+ {
+ oid = TeleTrusTNamedCurves.getOID(name);
+ }
+
+ if (oid == null)
+ {
+ oid = ANSSINamedCurves.getOID(name);
+ }
+ */
+ // END Android-removed: Unsupported curves
return oid;
}
@@ -109,24 +111,28 @@
name = SECNamedCurves.getName(oid);
}
- // BEGIN android-removed
- // if (name == null)
- // {
- // name = TeleTrusTNamedCurves.getName(oid);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ if (name == null)
+ {
+ name = TeleTrusTNamedCurves.getName(oid);
+ }
+ */
+ // END Android-removed: Unsupported curves
if (name == null)
{
name = X962NamedCurves.getName(oid);
}
- // BEGIN android-removed
- // if (name == null)
- // {
- // name = ECGOST3410NamedCurves.getName(oid);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ if (name == null)
+ {
+ name = ECGOST3410NamedCurves.getName(oid);
+ }
+ */
+ // END Android-removed: Unsupported curves
return name;
}
@@ -150,17 +156,19 @@
// NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup
- // BEGIN android-removed
- // if (ecP == null)
- // {
- // ecP = TeleTrusTNamedCurves.getByOID(oid);
- // }
- //
- // if (ecP == null)
- // {
- // ecP = ANSSINamedCurves.getByOID(oid);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ if (ecP == null)
+ {
+ ecP = TeleTrusTNamedCurves.getByOID(oid);
+ }
+
+ if (ecP == null)
+ {
+ ecP = ANSSINamedCurves.getByOID(oid);
+ }
+ */
+ // END Android-removed: Unsupported curves
return ecP;
}
@@ -177,10 +185,10 @@
addEnumeration(v, X962NamedCurves.getNames());
addEnumeration(v, SECNamedCurves.getNames());
addEnumeration(v, NISTNamedCurves.getNames());
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported curves
// addEnumeration(v, TeleTrusTNamedCurves.getNames());
// addEnumeration(v, ANSSINamedCurves.getNames());
- // END android-removed
+ // END Android-removed: Unsupported curves
return v.elements();
}
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactory.java
index cab9ca6..c8f0775 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactory.java
@@ -16,6 +16,9 @@
package org.bouncycastle.crypto.digests;
+import java.security.Security;
+import java.util.Locale;
+
import org.bouncycastle.crypto.Digest;
/**
@@ -23,65 +26,84 @@
* for libcore but fallback to BouncyCastle ones on the RI.
*/
public final class AndroidDigestFactory {
- private static final String OpenSSLFactoryClassName
- = AndroidDigestFactory.class.getName() + "OpenSSL";
- private static final String BouncyCastleFactoryClassName
- = AndroidDigestFactory.class.getName() + "BouncyCastle";
+ private static final AndroidDigestFactoryInterface CONSCRYPT;
+ private static final AndroidDigestFactoryInterface BC;
- private static final AndroidDigestFactoryInterface FACTORY;
static {
- Class factoryImplementationClass;
- try {
- factoryImplementationClass = Class.forName(OpenSSLFactoryClassName);
- // Double check for NativeCrypto in case we are running on RI for testing
- Class.forName("com.android.org.conscrypt.NativeCrypto");
- } catch (ClassNotFoundException e1) {
- try {
- factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName);
- } catch (ClassNotFoundException e2) {
- AssertionError e = new AssertionError("Failed to load "
- + "AndroidDigestFactoryInterface "
- + "implementation. Looked for "
- + OpenSSLFactoryClassName + " and "
- + BouncyCastleFactoryClassName);
- e.initCause(e1);
- throw e;
+ BC = new AndroidDigestFactoryBouncyCastle();
+ if (Security.getProvider("AndroidOpenSSL") != null) {
+ CONSCRYPT = new AndroidDigestFactoryOpenSSL();
+ } else {
+ if (System.getProperty("java.vendor", "").toLowerCase(Locale.US).contains("android")) {
+ throw new AssertionError("Provider AndroidOpenSSL must exist");
}
- }
- if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) {
- throw new AssertionError(factoryImplementationClass
- + "does not implement AndroidDigestFactoryInterface");
- }
- try {
- FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance();
- } catch (InstantiationException e) {
- throw new AssertionError(e);
- } catch (IllegalAccessException e) {
- throw new AssertionError(e);
+ CONSCRYPT = null;
}
}
public static Digest getMD5() {
- return FACTORY.getMD5();
+ if (CONSCRYPT != null) {
+ try {
+ return CONSCRYPT.getMD5();
+ } catch (Exception ignored) {
+ }
+ }
+
+ return BC.getMD5();
}
public static Digest getSHA1() {
- return FACTORY.getSHA1();
+ if (CONSCRYPT != null) {
+ try {
+ return CONSCRYPT.getSHA1();
+ } catch (Exception ignored) {
+ }
+ }
+
+ return BC.getSHA1();
}
public static Digest getSHA224() {
- return FACTORY.getSHA224();
+ if (CONSCRYPT != null) {
+ try {
+ return CONSCRYPT.getSHA224();
+ } catch (Exception ignored) {
+ }
+ }
+
+ return BC.getSHA224();
}
public static Digest getSHA256() {
- return FACTORY.getSHA256();
+ if (CONSCRYPT != null) {
+ try {
+ return CONSCRYPT.getSHA256();
+ } catch (Exception ignored) {
+ }
+ }
+
+ return BC.getSHA256();
}
public static Digest getSHA384() {
- return FACTORY.getSHA384();
+ if (CONSCRYPT != null) {
+ try {
+ return CONSCRYPT.getSHA384();
+ } catch (Exception ignored) {
+ }
+ }
+
+ return BC.getSHA384();
}
public static Digest getSHA512() {
- return FACTORY.getSHA512();
+ if (CONSCRYPT != null) {
+ try {
+ return CONSCRYPT.getSHA512();
+ } catch (Exception ignored) {
+ }
+ }
+
+ return BC.getSHA512();
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java
index e3c596d..2c23bed 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java
@@ -64,110 +64,112 @@
return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create();
}
- // BEGIN android-removed
- // /*
- // * curve25519
- // */
- // static X9ECParametersHolder curve25519 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = null;
- // ECCurve curve = configureCurve(new Curve25519());
- //
- // /*
- // * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
- // * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
- // *
- // * The Curve25519 paper doesn't say which of the two possible y values the base
- // * point has. The choice here is guided by language in the Ed25519 paper.
- // *
- // * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14)
- // */
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
- // + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
- //
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
- //
- // /*
- // * secp128r1
- // */
- // static X9ECParametersHolder secp128r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("000E0D4D696E6768756151750CC03A4473D03679");
- // ECCurve curve = configureCurve(new SecP128R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "161FF7528B899B2D0C28607CA52C5B86"
- // + "CF5AC8395BAFEB13C02DA292DDED7A83"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
- //
- // /*
- // * secp160k1
- // */
- // static X9ECParametersHolder secp160k1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = null;
- // GLVTypeBParameters glv = new GLVTypeBParameters(
- // new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16),
- // new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16),
- // new BigInteger[]{
- // new BigInteger("9162fbe73984472a0a9e", 16),
- // new BigInteger("-96341f1138933bc2f505", 16) },
- // new BigInteger[]{
- // new BigInteger("127971af8721782ecffa3", 16),
- // new BigInteger("9162fbe73984472a0a9e", 16) },
- // new BigInteger("9162fbe73984472a0a9d0590", 16),
- // new BigInteger("96341f1138933bc2f503fd44", 16),
- // 176);
- // ECCurve curve = configureCurveGLV(new SecP160K1Curve(), glv);
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"
- // + "938CF935318FDCED6BC28286531733C3F03C4FEE"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
- //
- // /*
- // * secp160r1
- // */
- // static X9ECParametersHolder secp160r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("1053CDE42C14D696E67687561517533BF3F83345");
- // ECCurve curve = configureCurve(new SecP160R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "4A96B5688EF573284664698968C38BB913CBFC82"
- // + "23A628553168947D59DCC912042351377AC5FB32"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
- //
- // /*
- // * secp160r2
- // */
- // static X9ECParametersHolder secp160r2 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("B99B99B099B323E02709A4D696E6768756151751");
- // ECCurve curve = configureCurve(new SecP160R2Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "52DCB034293A117E1F4FF11B30F7199D3144CE6D"
- // + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
- // END android-removed
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ /*
+ * curve25519
+ *
+ static X9ECParametersHolder curve25519 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = null;
+ ECCurve curve = configureCurve(new Curve25519());
+
+ /*
+ * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
+ * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
+ *
+ * The Curve25519 paper doesn't say which of the two possible y values the base
+ * point has. The choice here is guided by language in the Ed25519 paper.
+ *
+ * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14)
+ *
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
+ + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
+
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
+
+ /*
+ * secp128r1
+ *
+ static X9ECParametersHolder secp128r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("000E0D4D696E6768756151750CC03A4473D03679");
+ ECCurve curve = configureCurve(new SecP128R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "161FF7528B899B2D0C28607CA52C5B86"
+ + "CF5AC8395BAFEB13C02DA292DDED7A83"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
+
+ /*
+ * secp160k1
+ *
+ static X9ECParametersHolder secp160k1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = null;
+ GLVTypeBParameters glv = new GLVTypeBParameters(
+ new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16),
+ new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16),
+ new BigInteger[]{
+ new BigInteger("9162fbe73984472a0a9e", 16),
+ new BigInteger("-96341f1138933bc2f505", 16) },
+ new BigInteger[]{
+ new BigInteger("127971af8721782ecffa3", 16),
+ new BigInteger("9162fbe73984472a0a9e", 16) },
+ new BigInteger("9162fbe73984472a0a9d0590", 16),
+ new BigInteger("96341f1138933bc2f503fd44", 16),
+ 176);
+ ECCurve curve = configureCurveGLV(new SecP160K1Curve(), glv);
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"
+ + "938CF935318FDCED6BC28286531733C3F03C4FEE"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
+
+ /*
+ * secp160r1
+ *
+ static X9ECParametersHolder secp160r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("1053CDE42C14D696E67687561517533BF3F83345");
+ ECCurve curve = configureCurve(new SecP160R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "4A96B5688EF573284664698968C38BB913CBFC82"
+ + "23A628553168947D59DCC912042351377AC5FB32"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
+
+ /*
+ * secp160r2
+ *
+ static X9ECParametersHolder secp160r2 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("B99B99B099B323E02709A4D696E6768756151751");
+ ECCurve curve = configureCurve(new SecP160R2Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "52DCB034293A117E1F4FF11B30F7199D3144CE6D"
+ + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
+ */
+ // END Android-removed: Unsupported curves
/*
* secp192k1
@@ -333,295 +335,297 @@
}
};
- // BEGIN android-removed
- // /*
- // * sect113r1
- // */
- // static X9ECParametersHolder sect113r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("10E723AB14D696E6768756151756FEBF8FCB49A9");
- // ECCurve curve = configureCurve(new SecT113R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "009D73616F35F4AB1407D73562C10F"
- // + "00A52830277958EE84D1315ED31886"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ /*
+ * sect113r1
+ *
+ static X9ECParametersHolder sect113r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("10E723AB14D696E6768756151756FEBF8FCB49A9");
+ ECCurve curve = configureCurve(new SecT113R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "009D73616F35F4AB1407D73562C10F"
+ + "00A52830277958EE84D1315ED31886"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect113r2
- // */
- // static X9ECParametersHolder sect113r2 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("10C0FB15760860DEF1EEF4D696E676875615175D");
- // ECCurve curve = configureCurve(new SecT113R2Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "01A57A6A7B26CA5EF52FCDB8164797"
- // + "00B3ADC94ED1FE674C06E695BABA1D"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect113r2
+ *
+ static X9ECParametersHolder sect113r2 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("10C0FB15760860DEF1EEF4D696E676875615175D");
+ ECCurve curve = configureCurve(new SecT113R2Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "01A57A6A7B26CA5EF52FCDB8164797"
+ + "00B3ADC94ED1FE674C06E695BABA1D"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect131r1
- // */
- // static X9ECParametersHolder sect131r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("4D696E676875615175985BD3ADBADA21B43A97E2");
- // ECCurve curve = configureCurve(new SecT131R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "0081BAF91FDF9833C40F9C181343638399"
- // + "078C6E7EA38C001F73C8134B1B4EF9E150"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect131r1
+ *
+ static X9ECParametersHolder sect131r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("4D696E676875615175985BD3ADBADA21B43A97E2");
+ ECCurve curve = configureCurve(new SecT131R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "0081BAF91FDF9833C40F9C181343638399"
+ + "078C6E7EA38C001F73C8134B1B4EF9E150"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect131r2
- // */
- // static X9ECParametersHolder sect131r2 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("985BD3ADBAD4D696E676875615175A21B43A97E3");
- // ECCurve curve = configureCurve(new SecT131R2Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "0356DCD8F2F95031AD652D23951BB366A8"
- // + "0648F06D867940A5366D9E265DE9EB240F"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect131r2
+ *
+ static X9ECParametersHolder sect131r2 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("985BD3ADBAD4D696E676875615175A21B43A97E3");
+ ECCurve curve = configureCurve(new SecT131R2Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "0356DCD8F2F95031AD652D23951BB366A8"
+ + "0648F06D867940A5366D9E265DE9EB240F"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect163k1
- // */
- // static X9ECParametersHolder sect163k1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = null;
- // ECCurve curve = configureCurve(new SecT163K1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8"
- // + "0289070FB05D38FF58321F2E800536D538CCDAA3D9"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect163k1
+ *
+ static X9ECParametersHolder sect163k1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = null;
+ ECCurve curve = configureCurve(new SecT163K1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8"
+ + "0289070FB05D38FF58321F2E800536D538CCDAA3D9"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect163r1
- // */
- // static X9ECParametersHolder sect163r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("24B7B137C8A14D696E6768756151756FD0DA2E5C");
- // ECCurve curve = configureCurve(new SecT163R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "0369979697AB43897789566789567F787A7876A654"
- // + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect163r1
+ *
+ static X9ECParametersHolder sect163r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("24B7B137C8A14D696E6768756151756FD0DA2E5C");
+ ECCurve curve = configureCurve(new SecT163R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "0369979697AB43897789566789567F787A7876A654"
+ + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect163r2
- // */
- // static X9ECParametersHolder sect163r2 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("85E25BFE5C86226CDB12016F7553F9D0E693A268");
- // ECCurve curve = configureCurve(new SecT163R2Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "03F0EBA16286A2D57EA0991168D4994637E8343E36"
- // + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect163r2
+ *
+ static X9ECParametersHolder sect163r2 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("85E25BFE5C86226CDB12016F7553F9D0E693A268");
+ ECCurve curve = configureCurve(new SecT163R2Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "03F0EBA16286A2D57EA0991168D4994637E8343E36"
+ + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect193r1
- // */
- // static X9ECParametersHolder sect193r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("103FAEC74D696E676875615175777FC5B191EF30");
- // ECCurve curve = configureCurve(new SecT193R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1"
- // + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect193r1
+ *
+ static X9ECParametersHolder sect193r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("103FAEC74D696E676875615175777FC5B191EF30");
+ ECCurve curve = configureCurve(new SecT193R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1"
+ + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect193r2
- // */
- // static X9ECParametersHolder sect193r2 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("10B7B4D696E676875615175137C8A16FD0DA2211");
- // ECCurve curve = configureCurve(new SecT193R2Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"
- // + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect193r2
+ *
+ static X9ECParametersHolder sect193r2 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("10B7B4D696E676875615175137C8A16FD0DA2211");
+ ECCurve curve = configureCurve(new SecT193R2Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"
+ + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect233k1
- // */
- // static X9ECParametersHolder sect233k1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = null;
- // ECCurve curve = configureCurve(new SecT233K1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126"
- // + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect233k1
+ *
+ static X9ECParametersHolder sect233k1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = null;
+ ECCurve curve = configureCurve(new SecT233K1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126"
+ + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect233r1
- // */
- // static X9ECParametersHolder sect233r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3");
- // ECCurve curve = configureCurve(new SecT233R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B"
- // + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect233r1
+ *
+ static X9ECParametersHolder sect233r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3");
+ ECCurve curve = configureCurve(new SecT233R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B"
+ + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect239k1
- // */
- // static X9ECParametersHolder sect239k1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = null;
- // ECCurve curve = configureCurve(new SecT239K1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC"
- // + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect239k1
+ *
+ static X9ECParametersHolder sect239k1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = null;
+ ECCurve curve = configureCurve(new SecT239K1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC"
+ + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect283k1
- // */
- // static X9ECParametersHolder sect283k1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = null;
- // ECCurve curve = configureCurve(new SecT283K1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"
- // + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect283k1
+ *
+ static X9ECParametersHolder sect283k1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = null;
+ ECCurve curve = configureCurve(new SecT283K1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"
+ + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect283r1
- // */
- // static X9ECParametersHolder sect283r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE");
- // ECCurve curve = configureCurve(new SecT283R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"
- // + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect283r1
+ *
+ static X9ECParametersHolder sect283r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE");
+ ECCurve curve = configureCurve(new SecT283R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"
+ + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect409k1
- // */
- // static X9ECParametersHolder sect409k1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = null;
- // ECCurve curve = configureCurve(new SecT409K1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"
- // + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect409k1
+ *
+ static X9ECParametersHolder sect409k1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = null;
+ ECCurve curve = configureCurve(new SecT409K1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"
+ + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect409r1
- // */
- // static X9ECParametersHolder sect409r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B");
- // ECCurve curve = configureCurve(new SecT409R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"
- // + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect409r1
+ *
+ static X9ECParametersHolder sect409r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B");
+ ECCurve curve = configureCurve(new SecT409R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"
+ + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect571k1
- // */
- // static X9ECParametersHolder sect571k1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = null;
- // ECCurve curve = configureCurve(new SecT571K1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"
- // + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
+ /*
+ * sect571k1
+ *
+ static X9ECParametersHolder sect571k1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = null;
+ ECCurve curve = configureCurve(new SecT571K1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"
+ + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
- // /*
- // * sect571r1
- // */
- // static X9ECParametersHolder sect571r1 = new X9ECParametersHolder()
- // {
- // protected X9ECParameters createParameters()
- // {
- // byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310");
- // ECCurve curve = configureCurve(new SecT571R1Curve());
- // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
- // + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"
- // + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"));
- // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
- // }
- // };
- // END android-removed
+ /*
+ * sect571r1
+ *
+ static X9ECParametersHolder sect571r1 = new X9ECParametersHolder()
+ {
+ protected X9ECParameters createParameters()
+ {
+ byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310");
+ ECCurve curve = configureCurve(new SecT571R1Curve());
+ X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+ + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"
+ + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"));
+ return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+ }
+ };
+ */
+ // END Android-removed: Unsupported curves
static final Hashtable nameToCurve = new Hashtable();
@@ -662,21 +666,19 @@
static
{
- // BEGIN android-removed
- // defineCurve("curve25519", curve25519);
- // END android-removed
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ defineCurve("curve25519", curve25519);
// defineCurveWithOID("secp112r1", SECObjectIdentifiers.secp112r1, secp112r1);
// defineCurveWithOID("secp112r2", SECObjectIdentifiers.secp112r2, secp112r2);
- // BEGIN android-removed
- // defineCurveWithOID("secp128r1", SECObjectIdentifiers.secp128r1, secp128r1);
- // END android-removed
+ defineCurveWithOID("secp128r1", SECObjectIdentifiers.secp128r1, secp128r1);
// defineCurveWithOID("secp128r2", SECObjectIdentifiers.secp128r2, secp128r2);
- // BEGIN android-removed
- // defineCurveWithOID("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1);
- // defineCurveWithOID("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1);
- // defineCurveWithOID("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2);
- // END android-removed
+ defineCurveWithOID("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1);
+ defineCurveWithOID("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1);
+ defineCurveWithOID("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2);
+ */
+ // END Android-removed: Unsupported curves
defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1);
defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1);
defineCurveWithOID("secp224k1", SECObjectIdentifiers.secp224k1, secp224k1);
@@ -686,38 +688,40 @@
defineCurveWithOID("secp384r1", SECObjectIdentifiers.secp384r1, secp384r1);
defineCurveWithOID("secp521r1", SECObjectIdentifiers.secp521r1, secp521r1);
- // BEGIN android-removed
- // defineCurveWithOID("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1);
- // defineCurveWithOID("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2);
- // defineCurveWithOID("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1);
- // defineCurveWithOID("sect131r2", SECObjectIdentifiers.sect131r2, sect131r2);
- // defineCurveWithOID("sect163k1", SECObjectIdentifiers.sect163k1, sect163k1);
- // defineCurveWithOID("sect163r1", SECObjectIdentifiers.sect163r1, sect163r1);
- // defineCurveWithOID("sect163r2", SECObjectIdentifiers.sect163r2, sect163r2);
- // defineCurveWithOID("sect193r1", SECObjectIdentifiers.sect193r1, sect193r1);
- // defineCurveWithOID("sect193r2", SECObjectIdentifiers.sect193r2, sect193r2);
- // defineCurveWithOID("sect233k1", SECObjectIdentifiers.sect233k1, sect233k1);
- // defineCurveWithOID("sect233r1", SECObjectIdentifiers.sect233r1, sect233r1);
- // defineCurveWithOID("sect239k1", SECObjectIdentifiers.sect239k1, sect239k1);
- // defineCurveWithOID("sect283k1", SECObjectIdentifiers.sect283k1, sect283k1);
- // defineCurveWithOID("sect283r1", SECObjectIdentifiers.sect283r1, sect283r1);
- // defineCurveWithOID("sect409k1", SECObjectIdentifiers.sect409k1, sect409k1);
- // defineCurveWithOID("sect409r1", SECObjectIdentifiers.sect409r1, sect409r1);
- // defineCurveWithOID("sect571k1", SECObjectIdentifiers.sect571k1, sect571k1);
- // defineCurveWithOID("sect571r1", SECObjectIdentifiers.sect571r1, sect571r1);
+ // BEGIN Android-removed: Unsupported curves
+ /*
+ defineCurveWithOID("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1);
+ defineCurveWithOID("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2);
+ defineCurveWithOID("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1);
+ defineCurveWithOID("sect131r2", SECObjectIdentifiers.sect131r2, sect131r2);
+ defineCurveWithOID("sect163k1", SECObjectIdentifiers.sect163k1, sect163k1);
+ defineCurveWithOID("sect163r1", SECObjectIdentifiers.sect163r1, sect163r1);
+ defineCurveWithOID("sect163r2", SECObjectIdentifiers.sect163r2, sect163r2);
+ defineCurveWithOID("sect193r1", SECObjectIdentifiers.sect193r1, sect193r1);
+ defineCurveWithOID("sect193r2", SECObjectIdentifiers.sect193r2, sect193r2);
+ defineCurveWithOID("sect233k1", SECObjectIdentifiers.sect233k1, sect233k1);
+ defineCurveWithOID("sect233r1", SECObjectIdentifiers.sect233r1, sect233r1);
+ defineCurveWithOID("sect239k1", SECObjectIdentifiers.sect239k1, sect239k1);
+ defineCurveWithOID("sect283k1", SECObjectIdentifiers.sect283k1, sect283k1);
+ defineCurveWithOID("sect283r1", SECObjectIdentifiers.sect283r1, sect283r1);
+ defineCurveWithOID("sect409k1", SECObjectIdentifiers.sect409k1, sect409k1);
+ defineCurveWithOID("sect409r1", SECObjectIdentifiers.sect409r1, sect409r1);
+ defineCurveWithOID("sect571k1", SECObjectIdentifiers.sect571k1, sect571k1);
+ defineCurveWithOID("sect571r1", SECObjectIdentifiers.sect571r1, sect571r1);
- // defineCurveAlias("B-163", SECObjectIdentifiers.sect163r2);
- // defineCurveAlias("B-233", SECObjectIdentifiers.sect233r1);
- // defineCurveAlias("B-283", SECObjectIdentifiers.sect283r1);
- // defineCurveAlias("B-409", SECObjectIdentifiers.sect409r1);
- // defineCurveAlias("B-571", SECObjectIdentifiers.sect571r1);
+ defineCurveAlias("B-163", SECObjectIdentifiers.sect163r2);
+ defineCurveAlias("B-233", SECObjectIdentifiers.sect233r1);
+ defineCurveAlias("B-283", SECObjectIdentifiers.sect283r1);
+ defineCurveAlias("B-409", SECObjectIdentifiers.sect409r1);
+ defineCurveAlias("B-571", SECObjectIdentifiers.sect571r1);
- // defineCurveAlias("K-163", SECObjectIdentifiers.sect163k1);
- // defineCurveAlias("K-233", SECObjectIdentifiers.sect233k1);
- // defineCurveAlias("K-283", SECObjectIdentifiers.sect283k1);
- // defineCurveAlias("K-409", SECObjectIdentifiers.sect409k1);
- // defineCurveAlias("K-571", SECObjectIdentifiers.sect571k1);
- // END android-removed
+ defineCurveAlias("K-163", SECObjectIdentifiers.sect163k1);
+ defineCurveAlias("K-233", SECObjectIdentifiers.sect233k1);
+ defineCurveAlias("K-283", SECObjectIdentifiers.sect283k1);
+ defineCurveAlias("K-409", SECObjectIdentifiers.sect409k1);
+ defineCurveAlias("K-571", SECObjectIdentifiers.sect571k1);
+ */
+ // END Android-removed: Unsupported curves
defineCurveAlias("P-192", SECObjectIdentifiers.secp192r1);
defineCurveAlias("P-224", SECObjectIdentifiers.secp224r1);
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java
index b5505f4..8df1069 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java
@@ -7,13 +7,10 @@
import org.bouncycastle.crypto.DataLengthException;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
-// BEGIN android-changed
-import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-changed
import org.bouncycastle.crypto.params.ParametersWithRandom;
-// BEGIN android-removed
+// Android-changed: Use Android digests
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-remnoved
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
import org.bouncycastle.util.Arrays;
/**
@@ -32,10 +29,9 @@
public OAEPEncoding(
AsymmetricBlockCipher cipher)
{
- // BEGIN android-changed
- // Was: this(cipher, DigestFactory.createSHA1(), null);
+ // Android-changed: Use Android digests
+ // this(cipher, DigestFactory.createSHA1(), null);
this(cipher, AndroidDigestFactory.getSHA1(), null);
- // END android-changed
}
public OAEPEncoding(
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java
index b36ae58..e79557f 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java
@@ -390,12 +390,6 @@
{
badType = (type != 1);
}
- // BEGIN android-added
- if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey))
- {
- throw new InvalidCipherTextException("invalid block type " + type);
- }
- // END android-added
//
// find and extract the message block.
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java
index 7274bf9..652d8ac 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java
@@ -6,16 +6,13 @@
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.Wrapper;
-// BEGIN android-changed
-import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-changed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.crypto.params.ParametersWithRandom;
-// BEGIN android-removed
+// Android-changed: Use Android digests
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
import org.bouncycastle.util.Arrays;
/**
@@ -56,9 +53,9 @@
//
// checksum digest
//
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // Digest sha1 = DigestFactory.createSHA1();
Digest sha1 = AndroidDigestFactory.getSHA1();
- // END android-changed
byte[] digest = new byte[20];
/**
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java
index a0728b2..1075f22 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java
@@ -3,17 +3,15 @@
import java.math.BigInteger;
import java.security.SecureRandom;
-// BEGIN android-added
+// Android-added: Log long-running operation
import java.util.logging.Logger;
-// END android-added
import org.bouncycastle.math.ec.WNafUtil;
import org.bouncycastle.util.BigIntegers;
class DHParametersHelper
{
- // BEGIN android-added
+ // Android-added: Log long-running operation
private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName());
- // END android-added
private static final BigInteger ONE = BigInteger.valueOf(1);
private static final BigInteger TWO = BigInteger.valueOf(2);
@@ -25,20 +23,19 @@
*/
static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random)
{
- // BEGIN android-added
+ // BEGIN Android-added: Log long-running operation
logger.info("Generating safe primes. This may take a long time.");
long start = System.currentTimeMillis();
int tries = 0;
- // END android-added
+ // END Android-added: Log long-running operation
BigInteger p, q;
int qLength = size - 1;
int minWeight = size >>> 2;
for (;;)
{
- // BEGIN android-added
+ // Android-added: Log long-running operation
tries++;
- // END android-added
q = new BigInteger(qLength, 2, random);
// p <- 2q + 1
@@ -67,11 +64,11 @@
break;
}
- // BEGIN android-added
+ // BEGIN Android-added: Log long-running operation
long end = System.currentTimeMillis();
long duration = end - start;
logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms");
- // END android-added
+ // END Android-added: Log long-running operation
return new BigInteger[] { p, q };
}
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java
index cec79e0..961b367 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java
@@ -7,10 +7,9 @@
import org.bouncycastle.crypto.params.DSAParameterGenerationParameters;
import org.bouncycastle.crypto.params.DSAParameters;
import org.bouncycastle.crypto.params.DSAValidationParameters;
-// BEGIN android-changed
-// Was: import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-added
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.BigIntegers;
import org.bouncycastle.util.encoders.Hex;
@@ -34,9 +33,9 @@
public DSAParametersGenerator()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // this(DigestFactory.createSHA1());
this(AndroidDigestFactory.getSHA1());
- // END android-changed
}
public DSAParametersGenerator(Digest digest)
@@ -131,9 +130,9 @@
int n = (L - 1) / 160;
byte[] w = new byte[L / 8];
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // if (!(digest instanceof SHA1Digest))
if (!(digest.getAlgorithmName().equals("SHA-1")))
- // END android-changed
{
throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters");
}
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java
index e6ec53a..3e850c1 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java
@@ -3,13 +3,11 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.PBEParametersGenerator;
-// BEGIN android-changed
-import org.bouncycastle.crypto.digests.AndroidDigestFactory;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
-// BEGIN android-removed
+// Android-changed: Use Android digests
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
/**
* Generator for PBE derived keys and ivs as usd by OpenSSL.
@@ -21,9 +19,9 @@
public class OpenSSLPBEParametersGenerator
extends PBEParametersGenerator
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // private Digest digest = DigestFactory.createMD5();
private Digest digest = AndroidDigestFactory.getMD5();
- // END android-changed
/**
* Construct a OpenSSL Parameters generator.
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java
index 3089f8c..c45c84f 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java
@@ -4,15 +4,12 @@
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.Mac;
import org.bouncycastle.crypto.PBEParametersGenerator;
-// BEGIN android-changed
-import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-changed
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
-// BEGIN android-removed
+// Android-changed: Use Android digests
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
import org.bouncycastle.util.Arrays;
/**
@@ -34,9 +31,9 @@
*/
public PKCS5S2ParametersGenerator()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // this(DigestFactory.createSHA1());
this(AndroidDigestFactory.getSHA1());
- // END android-changed
}
public PKCS5S2ParametersGenerator(Digest digest)
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java
index 600a317..5868262 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java
@@ -36,29 +36,29 @@
{
blockLengths = new Hashtable();
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// blockLengths.put("GOST3411", Integers.valueOf(32));
//
// blockLengths.put("MD2", Integers.valueOf(16));
// blockLengths.put("MD4", Integers.valueOf(64));
- // END android-removed
+ // END Android-removed: Unsupported algorithms
blockLengths.put("MD5", Integers.valueOf(64));
-
- // BEGIN android-removed
+
+ // BEGIN Android-removed: Unsupported algorithms
// blockLengths.put("RIPEMD128", Integers.valueOf(64));
// blockLengths.put("RIPEMD160", Integers.valueOf(64));
- // END android-removed
+ // END Android-removed: Unsupported algorithms
blockLengths.put("SHA-1", Integers.valueOf(64));
blockLengths.put("SHA-224", Integers.valueOf(64));
blockLengths.put("SHA-256", Integers.valueOf(64));
blockLengths.put("SHA-384", Integers.valueOf(128));
blockLengths.put("SHA-512", Integers.valueOf(128));
-
- // BEGIN android-removed
+
+ // BEGIN Android-removed: Unsupported algorithms
// blockLengths.put("Tiger", Integers.valueOf(64));
// blockLengths.put("Whirlpool", Integers.valueOf(64));
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
private static int getByteLength(
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java
index 1ba5ebb..c6453a3 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java
@@ -24,11 +24,11 @@
implements AEADBlockCipher
{
private static final int BLOCK_SIZE = 16;
- // BEGIN android-added
+ // BEGIN Android-added: Max input size limitation from NIST.
// 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak
// plaintext and authentication key
private static final long MAX_INPUT_SIZE = 68719476704L;
- // END android-added
+ // END Android-added: Max input size limitation from NIST.
// not final due to a compiler bug
private BlockCipher cipher;
@@ -238,13 +238,13 @@
return totalData < macSize ? 0 : totalData - macSize;
}
- // BEGIN android-added
+ // BEGIN Android-added: Max input size limitation from NIST.
/** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */
private long getTotalInputSizeAfterNewInput(int newInputLen)
{
return totalLength + newInputLen + bufOff;
}
- // END android-added
+ // END Android-added: Max input size limitation from NIST.
public int getUpdateOutputSize(int len)
{
@@ -263,11 +263,11 @@
public void processAADByte(byte in)
{
checkStatus();
- // BEGIN android-added
+ // BEGIN Android-added: Max input size limitation from NIST.
if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
}
- // END android-added
+ // END Android-added: Max input size limitation from NIST.
atBlock[atBlockPos] = in;
if (++atBlockPos == BLOCK_SIZE)
{
@@ -280,11 +280,11 @@
public void processAADBytes(byte[] in, int inOff, int len)
{
- // BEGIN android-added
+ // BEGIN Android-added: Max input size limitation from NIST.
if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
}
- // END android-added
+ // END Android-added: Max input size limitation from NIST.
for (int i = 0; i < len; ++i)
{
atBlock[atBlockPos] = in[inOff + i];
@@ -323,12 +323,12 @@
throws DataLengthException
{
checkStatus();
- // BEGIN android-added
+ // BEGIN Android-added: Max input size limitation from NIST.
if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
}
- // END android-added
-
+ // END Android-added: Max input size limitation from NIST.
+
bufBlock[bufOff] = in;
if (++bufOff == bufBlock.length)
{
@@ -342,11 +342,11 @@
throws DataLengthException
{
checkStatus();
- // BEGIN android-added
+ // BEGIN Android-added: Max input size limitation from NIST.
if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
}
- // END android-added
+ // END Android-added: Max input size limitation from NIST.
if (in.length < (inOff + len))
{
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java
index a8ef959..45c8b57 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java
@@ -39,11 +39,11 @@
*/
static
{
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
// oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
// oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1);
oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224);
@@ -53,10 +53,17 @@
oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224);
oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256);
- // BEGIN android-removed
- // oidMap.put("MD2", PKCSObjectIdentifiers.md2);
- // oidMap.put("MD4", PKCSObjectIdentifiers.md4);
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ oidMap.put("SHA3-224", NISTObjectIdentifiers.id_sha3_224);
+ oidMap.put("SHA3-256", NISTObjectIdentifiers.id_sha3_256);
+ oidMap.put("SHA3-384", NISTObjectIdentifiers.id_sha3_384);
+ oidMap.put("SHA3-512", NISTObjectIdentifiers.id_sha3_512);
+
+ oidMap.put("MD2", PKCSObjectIdentifiers.md2);
+ oidMap.put("MD4", PKCSObjectIdentifiers.md4);
+ */
+ // END Android-removed: Unsupported algorithms
oidMap.put("MD5", PKCSObjectIdentifiers.md5);
}
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java
index 0175aa1..911f1da 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java
@@ -9,9 +9,8 @@
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.oiw.ElGamalParameter;
-// END android-removed
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.DHParameter;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -33,10 +32,9 @@
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECNamedDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.params.ElGamalParameters;
// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-// END android-removed
import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
/**
@@ -102,16 +100,18 @@
return new DHPrivateKeyParameters(derX.getValue(), dhParams);
}
- // BEGIN android-removed
- // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
- // {
- // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
- // ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
- //
- // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(
- // params.getP(), params.getG()));
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
+ {
+ ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
+ ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
+
+ return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(
+ params.getP(), params.getG()));
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa))
{
ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java
index 042c68e..8602887 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java
@@ -11,9 +11,8 @@
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DEROctetString;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithm
// import org.bouncycastle.asn1.oiw.ElGamalParameter;
-// END android-removed
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.DHParameter;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -40,10 +39,9 @@
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECNamedDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithm
// import org.bouncycastle.crypto.params.ElGamalParameters;
// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-// END android-removed
import org.bouncycastle.crypto.params.RSAKeyParameters;
/**
@@ -137,16 +135,18 @@
return new DHPublicKeyParameters(derY.getValue(), dhParams);
}
- // BEGIN android-removed
- // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
- // {
- // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
- // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
- //
- // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
- // params.getP(), params.getG()));
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
+ {
+ ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
+ ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
+
+ return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
+ params.getP(), params.getG()));
+ }
+ */
+ // END Android-removed: Unsupported algorithm
else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)
|| algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1))
{
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java
index 579b973..dcc963c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java
@@ -36,10 +36,10 @@
provider.addAttributes("KeyAgreement.DH", generalDhAttributes);
provider.addAlgorithm("KeyAgreement.DH", PREFIX + "KeyAgreementSpi");
provider.addAlgorithm("Alg.Alias.KeyAgreement.DIFFIEHELLMAN", "DH");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_ESDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF");
// provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_SSDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("KeyFactory.DH", PREFIX + "KeyFactorySpi");
provider.addAlgorithm("Alg.Alias.KeyFactory.DIFFIEHELLMAN", "DH");
@@ -51,22 +51,19 @@
provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi");
- // BEGIN android-removed
- // provider.addAlgorithm("Cipher.IES", PREFIX + "IESCipher$IES");
- // provider.addAlgorithm("Cipher.IESwithAES-CBC", PREFIX + "IESCipher$IESwithAES");
- // provider.addAlgorithm("Cipher.IESWITHAES-CBC", PREFIX + "IESCipher$IESwithAES");
- // provider.addAlgorithm("Cipher.IESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESede");
- //
- // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES");
- // provider.addAlgorithm("Cipher.DHIESwithAES-CBC", PREFIX + "IESCipher$IESwithAES");
- // provider.addAlgorithm("Cipher.DHIESWITHAES-CBC", PREFIX + "IESCipher$IESwithAES");
- // provider.addAlgorithm("Cipher.DHIESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESede");
- //
- // provider.addAlgorithm("Cipher.OLDDHIES", PREFIX + "IESCipher$OldIES");
- // provider.addAlgorithm("Cipher.OLDDHIESwithAES", PREFIX + "IESCipher$OldIESwithAES");
- // provider.addAlgorithm("Cipher.OLDDHIESWITHAES", PREFIX + "IESCipher$OldIESwithAES");
- // provider.addAlgorithm("Cipher.OLDDHIESWITHDESEDE", PREFIX + "IESCipher$OldIESwithDESede");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Cipher.IES", PREFIX + "IESCipher$IES");
+ provider.addAlgorithm("Cipher.IESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
+ provider.addAlgorithm("Cipher.IESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
+ provider.addAlgorithm("Cipher.IESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESedeCBC");
+
+ provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES");
+ provider.addAlgorithm("Cipher.DHIESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
+ provider.addAlgorithm("Cipher.DHIESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
+ provider.addAlgorithm("Cipher.DHIESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESedeCBC");
+ */
+ // END Android-removed: Unsupported algorithms
registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi());
registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi());
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
index 70ae120..44bf12e 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
@@ -27,52 +27,52 @@
provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi");
provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi");
- // BEGIN android-changed
+ // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
+ // provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA");
provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA");
- // END android-changed
+ provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA");
+ // END Android-changed: Change primary ID from DSA to SHA1withDSA
provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA");
provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA");
- // BEGIN android-removed
- // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
- // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
- // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
- // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256");
- // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384");
- // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512");
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
+ provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
+ provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
+ provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256");
+ provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384");
+ provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512");
- // provider.addAlgorithm("Signature.DDSA", PREFIX + "DSASigner$detDSA");
- // provider.addAlgorithm("Signature.SHA1WITHDDSA", PREFIX + "DSASigner$detDSA");
- // provider.addAlgorithm("Signature.SHA224WITHDDSA", PREFIX + "DSASigner$detDSA224");
- // provider.addAlgorithm("Signature.SHA256WITHDDSA", PREFIX + "DSASigner$detDSA256");
- // provider.addAlgorithm("Signature.SHA384WITHDDSA", PREFIX + "DSASigner$detDSA384");
- // provider.addAlgorithm("Signature.SHA512WITHDDSA", PREFIX + "DSASigner$detDSA512");
- // provider.addAlgorithm("Signature.SHA3-224WITHDDSA", PREFIX + "DSASigner$detDSASha3_224");
- // provider.addAlgorithm("Signature.SHA3-256WITHDDSA", PREFIX + "DSASigner$detDSASha3_256");
- // provider.addAlgorithm("Signature.SHA3-384WITHDDSA", PREFIX + "DSASigner$detDSASha3_384");
- // provider.addAlgorithm("Signature.SHA3-512WITHDDSA", PREFIX + "DSASigner$detDSASha3_512");
- // END android-removed
+ provider.addAlgorithm("Signature.DDSA", PREFIX + "DSASigner$detDSA");
+ provider.addAlgorithm("Signature.SHA1WITHDDSA", PREFIX + "DSASigner$detDSA");
+ provider.addAlgorithm("Signature.SHA224WITHDDSA", PREFIX + "DSASigner$detDSA224");
+ provider.addAlgorithm("Signature.SHA256WITHDDSA", PREFIX + "DSASigner$detDSA256");
+ provider.addAlgorithm("Signature.SHA384WITHDDSA", PREFIX + "DSASigner$detDSA384");
+ provider.addAlgorithm("Signature.SHA512WITHDDSA", PREFIX + "DSASigner$detDSA512");
+ provider.addAlgorithm("Signature.SHA3-224WITHDDSA", PREFIX + "DSASigner$detDSASha3_224");
+ provider.addAlgorithm("Signature.SHA3-256WITHDDSA", PREFIX + "DSASigner$detDSASha3_256");
+ provider.addAlgorithm("Signature.SHA3-384WITHDDSA", PREFIX + "DSASigner$detDSASha3_384");
+ provider.addAlgorithm("Signature.SHA3-512WITHDDSA", PREFIX + "DSASigner$detDSASha3_512");
+ */
+ // END Android-removed: Unsupported algorithms
addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224);
addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256);
- // BEGIN android-removed
- // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
- // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512);
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
+ addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512);
- // BEGIN android-added
- provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA");
- // END android-added
+ addSignatureAlgorithm(provider, "SHA3-224", "DSA", PREFIX + "DSASigner$dsaSha3_224", NISTObjectIdentifiers.id_dsa_with_sha3_224);
+ addSignatureAlgorithm(provider, "SHA3-256", "DSA", PREFIX + "DSASigner$dsaSha3_256", NISTObjectIdentifiers.id_dsa_with_sha3_256);
+ addSignatureAlgorithm(provider, "SHA3-384", "DSA", PREFIX + "DSASigner$dsaSha3_384", NISTObjectIdentifiers.id_dsa_with_sha3_384);
+ addSignatureAlgorithm(provider, "SHA3-512", "DSA", PREFIX + "DSASigner$dsaSha3_512", NISTObjectIdentifiers.id_dsa_with_sha3_512);
+ */
+ // END Android-removed: Unsupported algorithms
- // BEGIN android-removed
- // addSignatureAlgorithm(provider, "SHA3-224", "DSA", PREFIX + "DSASigner$dsaSha3_224", NISTObjectIdentifiers.id_dsa_with_sha3_224);
- // addSignatureAlgorithm(provider, "SHA3-256", "DSA", PREFIX + "DSASigner$dsaSha3_256", NISTObjectIdentifiers.id_dsa_with_sha3_256);
- // addSignatureAlgorithm(provider, "SHA3-384", "DSA", PREFIX + "DSASigner$dsaSha3_384", NISTObjectIdentifiers.id_dsa_with_sha3_384);
- // addSignatureAlgorithm(provider, "SHA3-512", "DSA", PREFIX + "DSASigner$dsaSha3_512", NISTObjectIdentifiers.id_dsa_with_sha3_512);
- // END android-removed
-
- // BEGIN android-changed
+ // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA");
provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA");
provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA");
@@ -82,19 +82,19 @@
provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA");
provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA");
provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA");
- // END android-changed
+ // END Android-changed: Change primary ID from DSA to SHA1withDSA
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi();
for (int i = 0; i != DSAUtil.dsaOids.length; i++)
{
- // BEGIN android-changed
+ // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA");
- // END android-changed
+ // END Android-changed: Change primary ID from DSA to SHA1withDSA
registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact);
registerOidAlgorithmParameterGenerator(provider, DSAUtil.dsaOids[i], "DSA");
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java
index 1c49da9..016b465 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java
@@ -3,20 +3,20 @@
import java.util.HashMap;
import java.util.Map;
-// BEGIN android-removed
+// BEGIN Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
// import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
// import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-// END android-removed
+// END Android-removed: Unsupported algorithms
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-// BEGIN android-removed
+// BEGIN Android-removed: Unsupported algorithms
// import org.bouncycastle.util.Properties;
-// END android-removed
+// END Android-removed: Unsupported algorithms
public class EC
{
@@ -43,146 +43,144 @@
provider.addAttributes("KeyAgreement.ECDH", generalEcAttributes);
provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH");
- // BEGIN android-removed
- // provider.addAttributes("KeyAgreement.ECDHC", generalEcAttributes);
- // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC");
- // provider.addAttributes("KeyAgreement.ECCDH", generalEcAttributes);
- // provider.addAlgorithm("KeyAgreement.ECCDH", PREFIX + "KeyAgreementSpi$DHC");
- //
- // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA1KDFAndSharedInfo");
- //
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA224KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA224KDFAndSharedInfo");
- //
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA256KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA256KDFAndSharedInfo");
- //
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA384KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA384KDFAndSharedInfo");
- //
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA512KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA512KDFAndSharedInfo");
- //
- // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
- //
- // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA1CKDF");
- // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA256CKDF");
- // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA384CKDF");
- // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA512CKDF");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAttributes("KeyAgreement.ECDHC", generalEcAttributes);
+ provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC");
+ provider.addAttributes("KeyAgreement.ECCDH", generalEcAttributes);
+ provider.addAlgorithm("KeyAgreement.ECCDH", PREFIX + "KeyAgreementSpi$DHC");
+
+ provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA1KDFAndSharedInfo");
+
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA224KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA224KDFAndSharedInfo");
+
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA256KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA256KDFAndSharedInfo");
+
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA384KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA384KDFAndSharedInfo");
+
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA512KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA512KDFAndSharedInfo");
+
+ provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
+
+ provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA1CKDF");
+ provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA256CKDF");
+ provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA384CKDF");
+ provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA512CKDF");
+ */
+ // END Android-removed: Unsupported algorithms
registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC());
- // BEGIN android-added
- // We were having this one in 1.52. As of 1.54 this one is under
- // if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv"))
- // below
- registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
- // END android-added
- // BEGIN android-removed
- // registerOid(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
- // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
- //
- // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC());
- // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC());
- //
- // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC());
- // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC());
- //
- // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC());
- // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC());
- //
- // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC());
- // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC());
- //
- // END android-removed
- // BEGIN android-removed
- // // Android comment: the registrations in this block are causing CTS tests to fail
- // // and don't seem to be implemented by bouncycastle (so looks like an bug in
- // // bouncycastle).
- // // TODO(20447540): check if this occurs in upstream bouncycastle and report accordingly
- // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC");
- //
- // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC");
- // END android-removed
- // BEGIN android-removed
- // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC");
- //
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC");
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC");
- //
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC");
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC");
- //
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC");
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC");
- //
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC");
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC");
- //
- // if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv"))
- // {
- // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV");
- //
- // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1CKDF");
- // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224CKDF");
- // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF");
- // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF");
- // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF");
- //
- // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA224KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA256KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA384KDFAndSharedInfo");
- // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA512KDFAndSharedInfo");
- //
- // registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
- // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC");
- //
- // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "EC");
- //
- // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "EC");
- //
- // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "EC");
- //
- // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
- // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "EC");
- //
- // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV");
- // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV");
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ registerOid(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
+ registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+
+ registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC());
+ registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC());
+
+ registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC());
+ registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC());
+
+ registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC());
+ registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC());
+
+ registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC());
+ registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC());
+
+ registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC");
+
+ registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC");
+ registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC");
+
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC");
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC");
+
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC");
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC");
+
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC");
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC");
+
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC");
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC");
+
+ if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv"))
+ {
+ provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV");
+
+ provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1CKDF");
+ provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224CKDF");
+ provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF");
+ provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF");
+ provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF");
+
+ provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA224KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA256KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA384KDFAndSharedInfo");
+ provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA512KDFAndSharedInfo");
+
+ */
+ // END Android-removed: Unsupported algorithms
+ registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC");
+
+ registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "EC");
+
+ registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "EC");
+
+ registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "EC");
+
+ registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+ registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "EC");
+
+ provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV");
+ provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV");
+ }
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC");
- // BEGIN android-removed
- // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA");
- // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH");
- // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA");
+ provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH");
+ provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC");
- // BEGIN android-removed
- // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA");
- // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH");
- // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH");
- // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC");
- // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH");
- //
- // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES");
- //
- // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
- // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
- // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
- // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
- //
- // provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA");
+ provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH");
+ provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH");
+ provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC");
+ provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH");
- // BEGIN android-changed
+ provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES");
+
+ provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
+ provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
+ provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
+ provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
+
+ provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA");
+ */
+ // END Android-removed: Unsupported algorithms
+
+ // BEGIN Android-changed: Change primary ID from ECDSA to SHA1withECDSA
provider.addAlgorithm("Signature.SHA1withECDSA", PREFIX + "SignatureSpi$ecDSA");
provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone");
@@ -193,60 +191,64 @@
provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "SHA1withECDSA");
provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "SHA1withECDSA");
provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "SHA1withECDSA");
- // END android-changed
- // BEGIN android-removed
- // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
- //
- // provider.addAlgorithm("Signature.ECDDSA", PREFIX + "SignatureSpi$ecDetDSA");
- // provider.addAlgorithm("Signature.SHA1WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA");
- // provider.addAlgorithm("Signature.SHA224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA224");
- // provider.addAlgorithm("Signature.SHA256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA256");
- // provider.addAlgorithm("Signature.SHA384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA384");
- // provider.addAlgorithm("Signature.SHA512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA512");
- // provider.addAlgorithm("Signature.SHA3-224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_224");
- // provider.addAlgorithm("Signature.SHA3-256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_256");
- // provider.addAlgorithm("Signature.SHA3-384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_384");
- // provider.addAlgorithm("Signature.SHA3-512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_512");
+ // END Android-changed: Change primary ID from ECDSA to SHA1withECDSA
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
- // provider.addAlgorithm("Alg.Alias.Signature.DETECDSA", "ECDDSA");
- // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDETECDSA", "SHA1WITHECDDSA");
- // provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHDETECDSA", "SHA224WITHECDDSA");
- // provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHDETECDSA", "SHA256WITHECDDSA");
- // provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHDETECDSA", "SHA384WITHECDDSA");
- // provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHDETECDSA", "SHA512WITHECDDSA");
- // END android-removed
+ provider.addAlgorithm("Signature.ECDDSA", PREFIX + "SignatureSpi$ecDetDSA");
+ provider.addAlgorithm("Signature.SHA1WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA");
+ provider.addAlgorithm("Signature.SHA224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA224");
+ provider.addAlgorithm("Signature.SHA256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA256");
+ provider.addAlgorithm("Signature.SHA384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA384");
+ provider.addAlgorithm("Signature.SHA512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA512");
+ provider.addAlgorithm("Signature.SHA3-224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_224");
+ provider.addAlgorithm("Signature.SHA3-256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_256");
+ provider.addAlgorithm("Signature.SHA3-384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_384");
+ provider.addAlgorithm("Signature.SHA3-512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_512");
+
+ provider.addAlgorithm("Alg.Alias.Signature.DETECDSA", "ECDDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDETECDSA", "SHA1WITHECDDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHDETECDSA", "SHA224WITHECDDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHDETECDSA", "SHA256WITHECDDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHDETECDSA", "SHA384WITHECDDSA");
+ provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHDETECDSA", "SHA512WITHECDDSA");
+ */
+ // END Android-removed: Unsupported algorithms
addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224);
addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256);
addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384);
addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512);
- // BEGIN android-removed
- // addSignatureAlgorithm(provider, "SHA3-224", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_224", NISTObjectIdentifiers.id_ecdsa_with_sha3_224);
- // addSignatureAlgorithm(provider, "SHA3-256", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_256", NISTObjectIdentifiers.id_ecdsa_with_sha3_256);
- // addSignatureAlgorithm(provider, "SHA3-384", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_384", NISTObjectIdentifiers.id_ecdsa_with_sha3_384);
- // addSignatureAlgorithm(provider, "SHA3-512", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_512", NISTObjectIdentifiers.id_ecdsa_with_sha3_512);
- //
- // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160);
- //
- // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR");
- // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224");
- // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256");
- // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384");
- // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512");
- //
- // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
- // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
- // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
- // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
- // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
- //
- // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
- // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224);
- // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256);
- // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384);
- // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512);
- // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ addSignatureAlgorithm(provider, "SHA3-224", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_224", NISTObjectIdentifiers.id_ecdsa_with_sha3_224);
+ addSignatureAlgorithm(provider, "SHA3-256", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_256", NISTObjectIdentifiers.id_ecdsa_with_sha3_256);
+ addSignatureAlgorithm(provider, "SHA3-384", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_384", NISTObjectIdentifiers.id_ecdsa_with_sha3_384);
+ addSignatureAlgorithm(provider, "SHA3-512", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_512", NISTObjectIdentifiers.id_ecdsa_with_sha3_512);
+
+ addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160);
+
+ provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR");
+ provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224");
+ provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256");
+ provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384");
+ provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512");
+
+ addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
+ addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
+ addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
+ addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
+ addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
+
+ addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
+ addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224);
+ addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256);
+ addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384);
+ addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512);
+ addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
+ */
+ // END Android-removed: Unsupported algorithms
}
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java
index 86026cc..4eb01a3 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java
@@ -7,9 +7,8 @@
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
@@ -40,48 +39,58 @@
provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP");
provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS");
- // BEGIN android-removed
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS");
- //
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS");
- //
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS");
+
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS");
+
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-224WITHRSAANDMGF1", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-256WITHRSAANDMGF1", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-384WITHRSAANDMGF1", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-512WITHRSAANDMGF1", "PSS");
+
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAttributes("Cipher.RSA", generalRsaAttributes);
provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding");
- // BEGIN android-changed
+ // Android-changed: Use an alias for RSA/RAW instead of a concrete implementation
provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA");
- // END android-changed
- // BEGIN android-removed
- // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
- // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.rsaEncryption, PREFIX + "CipherSpi$PKCS1v1_5Padding");
- // provider.addAlgorithm("Cipher", X509ObjectIdentifiers.id_ea_rsa, PREFIX + "CipherSpi$PKCS1v1_5Padding");
- // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly");
- // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly");
- // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding");
- // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding");
- // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
+ provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.rsaEncryption, PREFIX + "CipherSpi$PKCS1v1_5Padding");
+ provider.addAlgorithm("Cipher", X509ObjectIdentifiers.id_ea_rsa, PREFIX + "CipherSpi$PKCS1v1_5Padding");
+ provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly");
+ provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly");
+ provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding");
+ provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding");
+ provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA");
provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA");
- // BEGIN android-removed
- // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1");
- // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP");
- // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1");
+ provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP");
+ provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi");
provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi");
@@ -91,128 +100,145 @@
registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact);
registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact);
registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact);
- // BEGIN android-removed
- // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact);
- //
- // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA");
- // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA");
- // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP");
- // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS");
- //
- // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA");
- // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
- // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
- //
- // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA");
- // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS");
- //
- // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA");
- // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA");
- // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS");
- // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS");
- // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS");
- // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS");
- // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS");
- //
- // addPSSSignature(provider, "SHA224", PREFIX + "PSSSignatureSpi$SHA224withRSA");
- // addPSSSignature(provider, "SHA256", PREFIX + "PSSSignatureSpi$SHA256withRSA");
- // addPSSSignature(provider, "SHA384", PREFIX + "PSSSignatureSpi$SHA384withRSA");
- // addPSSSignature(provider, "SHA512", PREFIX + "PSSSignatureSpi$SHA512withRSA");
- // addPSSSignature(provider, "SHA512(224)", PREFIX + "PSSSignatureSpi$SHA512_224withRSA");
- // addPSSSignature(provider, "SHA512(256)", PREFIX + "PSSSignatureSpi$SHA512_256withRSA");
- //
- // addPSSSignature(provider, "SHA3-224", PREFIX + "PSSSignatureSpi$SHA3_224withRSA");
- // addPSSSignature(provider, "SHA3-256", PREFIX + "PSSSignatureSpi$SHA3_256withRSA");
- // addPSSSignature(provider, "SHA3-384", PREFIX + "PSSSignatureSpi$SHA3_384withRSA");
- // addPSSSignature(provider, "SHA3-512", PREFIX + "PSSSignatureSpi$SHA3_512withRSA");
- //
- // if (provider.hasAlgorithm("MessageDigest", "MD2"))
- // {
- // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption);
- // }
- //
- // if (provider.hasAlgorithm("MessageDigest", "MD4"))
- // {
- // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact);
+
+ registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA");
+ registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA");
+ registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP");
+ registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS");
+
+ provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA");
+ provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
+ provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
+
+ provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA");
+ provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS");
+
+ provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA");
+ provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA");
+ provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS");
+ provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS");
+ provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS");
+ provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS");
+ provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS");
+
+ addPSSSignature(provider, "SHA224", PREFIX + "PSSSignatureSpi$SHA224withRSA");
+ addPSSSignature(provider, "SHA256", PREFIX + "PSSSignatureSpi$SHA256withRSA");
+ addPSSSignature(provider, "SHA384", PREFIX + "PSSSignatureSpi$SHA384withRSA");
+ addPSSSignature(provider, "SHA512", PREFIX + "PSSSignatureSpi$SHA512withRSA");
+ addPSSSignature(provider, "SHA512(224)", PREFIX + "PSSSignatureSpi$SHA512_224withRSA");
+ addPSSSignature(provider, "SHA512(256)", PREFIX + "PSSSignatureSpi$SHA512_256withRSA");
+
+ addPSSSignature(provider, "SHA3-224", PREFIX + "PSSSignatureSpi$SHA3_224withRSA");
+ addPSSSignature(provider, "SHA3-256", PREFIX + "PSSSignatureSpi$SHA3_256withRSA");
+ addPSSSignature(provider, "SHA3-384", PREFIX + "PSSSignatureSpi$SHA3_384withRSA");
+ addPSSSignature(provider, "SHA3-512", PREFIX + "PSSSignatureSpi$SHA3_512withRSA");
+
+ if (provider.hasAlgorithm("MessageDigest", "MD2"))
+ {
+ addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption);
+ }
+
+ if (provider.hasAlgorithm("MessageDigest", "MD4"))
+ {
+ addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption);
+ }
+ */
+ // END Android-removed: Unsupported algorithms
if (provider.hasAlgorithm("MessageDigest", "MD5"))
{
addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption);
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// addISO9796Signature(provider, "MD5", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption");
- // END android-removed
}
if (provider.hasAlgorithm("MessageDigest", "SHA1"))
{
- // BEGIN android-removed
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS");
- //
- // addPSSSignature(provider, "SHA1", PREFIX + "PSSSignatureSpi$SHA1withRSA");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS");
+
+ addPSSSignature(provider, "SHA1", PREFIX + "PSSSignatureSpi$SHA1withRSA");
+ */
+ // END Android-removed: Unsupported algorithms
addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption);
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// addISO9796Signature(provider, "SHA1", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption");
- // END android-removed
provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addX931Signature(provider, "SHA1", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption");
- // END android-removed
}
addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption);
addDigestSignature(provider, "SHA256", PREFIX + "DigestSignatureSpi$SHA256", PKCSObjectIdentifiers.sha256WithRSAEncryption);
addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption);
addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption);
- // BEGIN android-removed
- // addDigestSignature(provider, "SHA512(224)", PREFIX + "DigestSignatureSpi$SHA512_224", PKCSObjectIdentifiers.sha512_224WithRSAEncryption);
- // addDigestSignature(provider, "SHA512(256)", PREFIX + "DigestSignatureSpi$SHA512_256", PKCSObjectIdentifiers.sha512_256WithRSAEncryption);
- //
- // addDigestSignature(provider, "SHA3-224", PREFIX + "DigestSignatureSpi$SHA3_224", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224);
- // addDigestSignature(provider, "SHA3-256", PREFIX + "DigestSignatureSpi$SHA3_256", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
- // addDigestSignature(provider, "SHA3-384", PREFIX + "DigestSignatureSpi$SHA3_384", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
- // addDigestSignature(provider, "SHA3-512", PREFIX + "DigestSignatureSpi$SHA3_512", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
- //
- // addISO9796Signature(provider, "SHA224", PREFIX + "ISOSignatureSpi$SHA224WithRSAEncryption");
- // addISO9796Signature(provider, "SHA256", PREFIX + "ISOSignatureSpi$SHA256WithRSAEncryption");
- // addISO9796Signature(provider, "SHA384", PREFIX + "ISOSignatureSpi$SHA384WithRSAEncryption");
- // addISO9796Signature(provider, "SHA512", PREFIX + "ISOSignatureSpi$SHA512WithRSAEncryption");
- // addISO9796Signature(provider, "SHA512(224)", PREFIX + "ISOSignatureSpi$SHA512_224WithRSAEncryption");
- // addISO9796Signature(provider, "SHA512(256)", PREFIX + "ISOSignatureSpi$SHA512_256WithRSAEncryption");
- //
- // addX931Signature(provider, "SHA224", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption");
- // addX931Signature(provider, "SHA256", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption");
- // addX931Signature(provider, "SHA384", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption");
- // addX931Signature(provider, "SHA512", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption");
- // addX931Signature(provider, "SHA512(224)", PREFIX + "X931SignatureSpi$SHA512_224WithRSAEncryption");
- // addX931Signature(provider, "SHA512(256)", PREFIX + "X931SignatureSpi$SHA512_256WithRSAEncryption");
- //
- // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128"))
- // {
- // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
- // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null);
- //
- // addX931Signature(provider, "RMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
- // addX931Signature(provider, "RIPEMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
- // }
- //
- // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160"))
- // {
- // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
- // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null);
- // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2");
- // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption");
- //
- // addX931Signature(provider, "RMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
- // addX931Signature(provider, "RIPEMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ addDigestSignature(provider, "SHA512(224)", PREFIX + "DigestSignatureSpi$SHA512_224", PKCSObjectIdentifiers.sha512_224WithRSAEncryption);
+ addDigestSignature(provider, "SHA512(256)", PREFIX + "DigestSignatureSpi$SHA512_256", PKCSObjectIdentifiers.sha512_256WithRSAEncryption);
+
+ addDigestSignature(provider, "SHA3-224", PREFIX + "DigestSignatureSpi$SHA3_224", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224);
+ addDigestSignature(provider, "SHA3-256", PREFIX + "DigestSignatureSpi$SHA3_256", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
+ addDigestSignature(provider, "SHA3-384", PREFIX + "DigestSignatureSpi$SHA3_384", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
+ addDigestSignature(provider, "SHA3-512", PREFIX + "DigestSignatureSpi$SHA3_512", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
+
+ addISO9796Signature(provider, "SHA224", PREFIX + "ISOSignatureSpi$SHA224WithRSAEncryption");
+ addISO9796Signature(provider, "SHA256", PREFIX + "ISOSignatureSpi$SHA256WithRSAEncryption");
+ addISO9796Signature(provider, "SHA384", PREFIX + "ISOSignatureSpi$SHA384WithRSAEncryption");
+ addISO9796Signature(provider, "SHA512", PREFIX + "ISOSignatureSpi$SHA512WithRSAEncryption");
+ addISO9796Signature(provider, "SHA512(224)", PREFIX + "ISOSignatureSpi$SHA512_224WithRSAEncryption");
+ addISO9796Signature(provider, "SHA512(256)", PREFIX + "ISOSignatureSpi$SHA512_256WithRSAEncryption");
+
+ addX931Signature(provider, "SHA224", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption");
+ addX931Signature(provider, "SHA256", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption");
+ addX931Signature(provider, "SHA384", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption");
+ addX931Signature(provider, "SHA512", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption");
+ addX931Signature(provider, "SHA512(224)", PREFIX + "X931SignatureSpi$SHA512_224WithRSAEncryption");
+ addX931Signature(provider, "SHA512(256)", PREFIX + "X931SignatureSpi$SHA512_256WithRSAEncryption");
+
+ if (provider.hasAlgorithm("MessageDigest", "RIPEMD128"))
+ {
+ addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+ addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null);
+
+ addX931Signature(provider, "RMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
+ addX931Signature(provider, "RIPEMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
+ }
+
+ if (provider.hasAlgorithm("MessageDigest", "RIPEMD160"))
+ {
+ addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+ addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null);
+ provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2");
+ provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption");
+
+ addX931Signature(provider, "RMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
+ addX931Signature(provider, "RIPEMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
+ }
+
+ if (provider.hasAlgorithm("MessageDigest", "RIPEMD256"))
+ {
+ addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+ addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null);
+ }
+
+ if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL"))
+ {
+ addISO9796Signature(provider, "Whirlpool", PREFIX + "ISOSignatureSpi$WhirlpoolWithRSAEncryption");
+ addISO9796Signature(provider, "WHIRLPOOL", PREFIX + "ISOSignatureSpi$WhirlpoolWithRSAEncryption");
+ addX931Signature(provider, "Whirlpool", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
+ addX931Signature(provider, "WHIRLPOOL", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
private void addDigestSignature(
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java
index a9fb6b2..12a9f6f 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java
@@ -18,10 +18,10 @@
public void configure(ConfigurableProvider provider)
{
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory");
// provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
//
// certificate factories.
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
index f5e8d0e..890674e 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
@@ -16,10 +16,9 @@
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.crypto.DerivationFunction;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithm
// import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
@@ -234,14 +233,16 @@
return bigIntToBytes(result);
}
- // BEGIN android-removed
- // public static class DHwithRFC2631KDF
- // extends KeyAgreementSpi
- // {
- // public DHwithRFC2631KDF()
- // {
- // super("DHwithRFC2631KDF", new DHKEKGenerator(DigestFactory.createSHA1()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ public static class DHwithRFC2631KDF
+ extends KeyAgreementSpi
+ {
+ public DHwithRFC2631KDF()
+ {
+ super("DHwithRFC2631KDF", new DHKEKGenerator(DigestFactory.createSHA1()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithm
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
index 6374419..0384b1c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
@@ -21,27 +21,15 @@
import org.bouncycastle.crypto.DSA;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.NullDigest;
-// BEGIN android-added
-import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-added
-// BEGIN android-removed
-// import org.bouncycastle.crypto.digests.SHA1Digest;
-// import org.bouncycastle.crypto.digests.SHA224Digest;
-// import org.bouncycastle.crypto.digests.SHA256Digest;
-// import org.bouncycastle.crypto.digests.SHA384Digest;
-// import org.bouncycastle.crypto.digests.SHA512Digest;
-// END android-removed
-// BEGIN android-added
+// Android-added: Check DSA keys when generated
import org.bouncycastle.crypto.params.DSAKeyParameters;
import org.bouncycastle.crypto.params.DSAParameters;
-// END android-added
import org.bouncycastle.crypto.params.ParametersWithRandom;
-// BEGIN android-removed
-// import org.bouncycastle.crypto.digests.SHA1Digest;
-// import org.bouncycastle.crypto.params.ParametersWithRandom;
+// Android-removed: Unsupported algorithm
// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// Android-changed: Use Android digests
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
import org.bouncycastle.util.Arrays;
public class DSASigner
@@ -83,13 +71,11 @@
PrivateKey privateKey)
throws InvalidKeyException
{
- CipherParameters param;
+ CipherParameters param = DSAUtil.generatePrivateKeyParameter(privateKey);
- param = DSAUtil.generatePrivateKeyParameter(privateKey);
- // BEGIN android-added
+ // Android-added: Check DSA keys when generated
DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters();
checkKey(dsaParam);
- // END android-added
if (random != null)
{
@@ -163,7 +149,7 @@
throw new UnsupportedOperationException("engineSetParameter unsupported");
}
- // BEGIN android-added
+ // BEGIN Android-added: Check DSA keys when generated
protected void checkKey(DSAParameters params) throws InvalidKeyException {
int valueL = params.getP().bitLength();
int valueN = params.getQ().bitLength();
@@ -184,7 +170,7 @@
}
}
- // END android-added
+ // END Android-added: Check DSA keys when generated
/**
* @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)">
*/
@@ -238,171 +224,180 @@
{
public stdDSA()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner());
super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner());
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class detDSA
- // extends DSASigner
- // {
- // public detDSA()
- // {
- // super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())));
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ static public class detDSA
+ extends DSASigner
+ {
+ public detDSA()
+ {
+ super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithm
static public class dsa224
extends DSASigner
{
public dsa224()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner());
super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner());
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class detDSA224
- // extends DSASigner
- // {
- // public detDSA224()
- // {
- // super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())));
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ static public class detDSA224
+ extends DSASigner
+ {
+ public detDSA224()
+ {
+ super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithm
static public class dsa256
extends DSASigner
{
public dsa256()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner());
super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner());
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class detDSA256
- // extends DSASigner
- // {
- // public detDSA256()
- // {
- // super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())));
- // }
- // }
- //
- // static public class dsa384
- // extends DSASigner
- // {
- // public dsa384()
- // {
- // super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner());
- // }
- // }
- //
- // static public class detDSA384
- // extends DSASigner
- // {
- // public detDSA384()
- // {
- // super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())));
- // }
- // }
- //
- // static public class dsa512
- // extends DSASigner
- // {
- // public dsa512()
- // {
- // super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner());
- // }
- // }
- //
- // static public class detDSA512
- // extends DSASigner
- // {
- // public detDSA512()
- // {
- // super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())));
- // }
- // }
- //
- // static public class dsaSha3_224
- // extends DSASigner
- // {
- // public dsaSha3_224()
- // {
- // super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner());
- // }
- // }
- //
- // static public class detDSASha3_224
- // extends DSASigner
- // {
- // public detDSASha3_224()
- // {
- // super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())));
- // }
- // }
- //
- // static public class dsaSha3_256
- // extends DSASigner
- // {
- // public dsaSha3_256()
- // {
- // super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner());
- // }
- // }
- //
- // static public class detDSASha3_256
- // extends DSASigner
- // {
- // public detDSASha3_256()
- // {
- // super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())));
- // }
- // }
- //
- // static public class dsaSha3_384
- // extends DSASigner
- // {
- // public dsaSha3_384()
- // {
- // super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner());
- // }
- // }
- //
- // static public class detDSASha3_384
- // extends DSASigner
- // {
- // public detDSASha3_384()
- // {
- // super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())));
- // }
- // }
- //
- // static public class dsaSha3_512
- // extends DSASigner
- // {
- // public dsaSha3_512()
- // {
- // super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner());
- // }
- // }
- //
- // static public class detDSASha3_512
- // extends DSASigner
- // {
- // public detDSASha3_512()
- // {
- // super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())));
- // }
- // }
- // END android-removed
+
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class detDSA256
+ extends DSASigner
+ {
+ public detDSA256()
+ {
+ super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())));
+ }
+ }
+
+ static public class dsa384
+ extends DSASigner
+ {
+ public dsa384()
+ {
+ super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner());
+ }
+ }
+
+ static public class detDSA384
+ extends DSASigner
+ {
+ public detDSA384()
+ {
+ super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())));
+ }
+ }
+
+ static public class dsa512
+ extends DSASigner
+ {
+ public dsa512()
+ {
+ super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner());
+ }
+ }
+
+ static public class detDSA512
+ extends DSASigner
+ {
+ public detDSA512()
+ {
+ super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())));
+ }
+ }
+
+ static public class dsaSha3_224
+ extends DSASigner
+ {
+ public dsaSha3_224()
+ {
+ super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner());
+ }
+ }
+
+ static public class detDSASha3_224
+ extends DSASigner
+ {
+ public detDSASha3_224()
+ {
+ super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())));
+ }
+ }
+
+ static public class dsaSha3_256
+ extends DSASigner
+ {
+ public dsaSha3_256()
+ {
+ super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner());
+ }
+ }
+
+ static public class detDSASha3_256
+ extends DSASigner
+ {
+ public detDSASha3_256()
+ {
+ super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())));
+ }
+ }
+
+ static public class dsaSha3_384
+ extends DSASigner
+ {
+ public dsaSha3_384()
+ {
+ super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner());
+ }
+ }
+
+ static public class detDSASha3_384
+ extends DSASigner
+ {
+ public detDSASha3_384()
+ {
+ super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())));
+ }
+ }
+
+ static public class dsaSha3_512
+ extends DSASigner
+ {
+ public dsaSha3_512()
+ {
+ super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner());
+ }
+ }
+
+ static public class detDSASha3_512
+ extends DSASigner
+ {
+ public detDSASha3_512()
+ {
+ super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
static public class noneDSA
extends DSASigner
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java
index 10bac46..d768ae6 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java
@@ -26,9 +26,8 @@
public static final ASN1ObjectIdentifier[] dsaOids =
{
X9ObjectIdentifiers.id_dsa,
- // BEGIN android-added
+ // Android-added: Add missing OID for DSA-with-SHA1
X9ObjectIdentifiers.id_dsa_with_sha1,
- // END android-added
OIWObjectIdentifiers.dsaWithSHA1
};
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
index 6e1eda2..dd28631 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
@@ -14,32 +14,32 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.DerivationFunction;
import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-// BEGIN android-removed
+// BEGIN Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
// import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
// import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-// END android-removed
+// END Android-removed: Unsupported algorithms
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-// BEGIN android-removed
+// BEGIN Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.params.MQVPrivateParameters;
// import org.bouncycastle.crypto.params.MQVPublicParameters;
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
+// END Android-removed: Unsupported algorithms
import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-// BEGIN android-removed
+// BEGIN Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.spec.MQVParameterSpec;
-// END android-removed
+// END Android-removed: Unsupported algorithms
import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
import org.bouncycastle.jce.interfaces.ECPrivateKey;
import org.bouncycastle.jce.interfaces.ECPublicKey;
-// BEGIN android-removed
+// BEGIN Android-removed: Unsupported algorithms
// import org.bouncycastle.jce.interfaces.MQVPrivateKey;
// import org.bouncycastle.jce.interfaces.MQVPublicKey;
-// END android-removed
+// END Android-removed: Unsupported algorithms
/**
* Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363
@@ -57,9 +57,8 @@
private ECDomainParameters parameters;
private BasicAgreement agreement;
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// private MQVParameterSpec mqvParameters;
- // END android-removed
private BigInteger result;
protected KeyAgreementSpi(
@@ -95,31 +94,33 @@
}
CipherParameters pubKey;
- // BEGIN android-removed
- // if (agreement instanceof ECMQVBasicAgreement)
- // {
- // if (!(key instanceof MQVPublicKey))
- // {
- // ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
- // ECUtils.generatePublicKeyParameter((PublicKey)key);
- // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
- // ECUtils.generatePublicKeyParameter(mqvParameters.getOtherPartyEphemeralKey());
- //
- // pubKey = new MQVPublicParameters(staticKey, ephemKey);
- // }
- // else
- // {
- // MQVPublicKey mqvPubKey = (MQVPublicKey)key;
- // ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
- // ECUtils.generatePublicKeyParameter(mqvPubKey.getStaticKey());
- // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
- // ECUtils.generatePublicKeyParameter(mqvPubKey.getEphemeralKey());
- //
- // pubKey = new MQVPublicParameters(staticKey, ephemKey);
- // }
- // }
- // else
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (agreement instanceof ECMQVBasicAgreement)
+ {
+ if (!(key instanceof MQVPublicKey))
+ {
+ ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
+ ECUtils.generatePublicKeyParameter((PublicKey)key);
+ ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
+ ECUtils.generatePublicKeyParameter(mqvParameters.getOtherPartyEphemeralKey());
+
+ pubKey = new MQVPublicParameters(staticKey, ephemKey);
+ }
+ else
+ {
+ MQVPublicKey mqvPubKey = (MQVPublicKey)key;
+ ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
+ ECUtils.generatePublicKeyParameter(mqvPubKey.getStaticKey());
+ ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
+ ECUtils.generatePublicKeyParameter(mqvPubKey.getEphemeralKey());
+
+ pubKey = new MQVPublicParameters(staticKey, ephemKey);
+ }
+ }
+ else
+ */
+ // END Android-removed: Unsupported algorithms
{
if (!(key instanceof PublicKey))
{
@@ -133,7 +134,9 @@
try
{
result = agreement.calculateAgreement(pubKey);
- } catch (final Exception e) {
+ }
+ catch (final Exception e)
+ {
throw new InvalidKeyException("calculation failed: " + e.getMessage())
{
public Throwable getCause()
@@ -142,6 +145,7 @@
}
};
}
+
return null;
}
@@ -151,9 +155,9 @@
SecureRandom random)
throws InvalidKeyException, InvalidAlgorithmParameterException
{
- // BEGIN android-changed
+ // Android-removed: Unsupported algorithms
+ // if (params != null && !(params instanceof MQVParameterSpec || params instanceof UserKeyingMaterialSpec))
if (params != null && !(params instanceof UserKeyingMaterialSpec))
- // END android-changed
{
throw new InvalidAlgorithmParameterException("No algorithm parameters supported");
}
@@ -163,7 +167,7 @@
protected void engineInit(
Key key,
- SecureRandom random)
+ SecureRandom random)
throws InvalidKeyException
{
initFromKey(key, null);
@@ -172,62 +176,64 @@
private void initFromKey(Key key, AlgorithmParameterSpec parameterSpec)
throws InvalidKeyException
{
- // BEGIN android-removed
- // if (agreement instanceof ECMQVBasicAgreement)
- // {
- // mqvParameters = null;
- // if (!(key instanceof MQVPrivateKey) && !(parameterSpec instanceof MQVParameterSpec))
- // {
- // throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
- // + getSimpleName(MQVParameterSpec.class) + " for initialisation");
- // }
- //
- // ECPrivateKeyParameters staticPrivKey;
- // ECPrivateKeyParameters ephemPrivKey;
- // ECPublicKeyParameters ephemPubKey;
- // if (key instanceof MQVPrivateKey)
- // {
- // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key;
- // staticPrivKey = (ECPrivateKeyParameters)
- // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey());
- // ephemPrivKey = (ECPrivateKeyParameters)
- // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey());
- //
- // ephemPubKey = null;
- // if (mqvPrivKey.getEphemeralPublicKey() != null)
- // {
- // ephemPubKey = (ECPublicKeyParameters)
- // ECUtils.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey());
- // }
- // }
- // else
- // {
- // MQVParameterSpec mqvParameterSpec = (MQVParameterSpec)parameterSpec;
- //
- // staticPrivKey = (ECPrivateKeyParameters)
- // ECUtil.generatePrivateKeyParameter((PrivateKey)key);
- // ephemPrivKey = (ECPrivateKeyParameters)
- // ECUtil.generatePrivateKeyParameter(mqvParameterSpec.getEphemeralPrivateKey());
- //
- // ephemPubKey = null;
- // if (mqvParameterSpec.getEphemeralPublicKey() != null)
- // {
- // ephemPubKey = (ECPublicKeyParameters)
- // ECUtils.generatePublicKeyParameter(mqvParameterSpec.getEphemeralPublicKey());
- // }
- // mqvParameters = mqvParameterSpec;
- // ukmParameters = mqvParameterSpec.getUserKeyingMaterial();
- // }
- //
- // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
- // this.parameters = staticPrivKey.getParameters();
- //
- // // TODO Validate that all the keys are using the same parameters?
- //
- // agreement.init(localParams);
- // }
- // else
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (agreement instanceof ECMQVBasicAgreement)
+ {
+ mqvParameters = null;
+ if (!(key instanceof MQVPrivateKey) && !(parameterSpec instanceof MQVParameterSpec))
+ {
+ throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
+ + getSimpleName(MQVParameterSpec.class) + " for initialisation");
+ }
+
+ ECPrivateKeyParameters staticPrivKey;
+ ECPrivateKeyParameters ephemPrivKey;
+ ECPublicKeyParameters ephemPubKey;
+ if (key instanceof MQVPrivateKey)
+ {
+ MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key;
+ staticPrivKey = (ECPrivateKeyParameters)
+ ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey());
+ ephemPrivKey = (ECPrivateKeyParameters)
+ ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey());
+
+ ephemPubKey = null;
+ if (mqvPrivKey.getEphemeralPublicKey() != null)
+ {
+ ephemPubKey = (ECPublicKeyParameters)
+ ECUtils.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey());
+ }
+ }
+ else
+ {
+ MQVParameterSpec mqvParameterSpec = (MQVParameterSpec)parameterSpec;
+
+ staticPrivKey = (ECPrivateKeyParameters)
+ ECUtil.generatePrivateKeyParameter((PrivateKey)key);
+ ephemPrivKey = (ECPrivateKeyParameters)
+ ECUtil.generatePrivateKeyParameter(mqvParameterSpec.getEphemeralPrivateKey());
+
+ ephemPubKey = null;
+ if (mqvParameterSpec.getEphemeralPublicKey() != null)
+ {
+ ephemPubKey = (ECPublicKeyParameters)
+ ECUtils.generatePublicKeyParameter(mqvParameterSpec.getEphemeralPublicKey());
+ }
+ mqvParameters = mqvParameterSpec;
+ ukmParameters = mqvParameterSpec.getUserKeyingMaterial();
+ }
+
+ MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
+ this.parameters = staticPrivKey.getParameters();
+
+ // TODO Validate that all the keys are using the same parameters?
+
+ agreement.init(localParams);
+ }
+ else
+ */
+ // END Android-removed: Unsupported algorithms
{
if (!(key instanceof PrivateKey))
{
@@ -264,248 +270,250 @@
}
}
- // BEGIN android-removed
- // public static class DHC
- // extends KeyAgreementSpi
- // {
- // public DHC()
- // {
- // super("ECDHC", new ECDHCBasicAgreement(), null);
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class DHC
+ extends KeyAgreementSpi
+ {
+ public DHC()
+ {
+ super("ECDHC", new ECDHCBasicAgreement(), null);
+ }
+ }
- // public static class MQV
- // extends KeyAgreementSpi
- // {
- // public MQV()
- // {
- // super("ECMQV", new ECMQVBasicAgreement(), null);
- // }
- // }
+ public static class MQV
+ extends KeyAgreementSpi
+ {
+ public MQV()
+ {
+ super("ECMQV", new ECMQVBasicAgreement(), null);
+ }
+ }
- // public static class DHwithSHA1KDF
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA1KDF()
- // {
- // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
- // }
- // }
+ public static class DHwithSHA1KDF
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA1KDF()
+ {
+ super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+ }
+ }
- // public static class DHwithSHA1KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA1KDFAndSharedInfo()
- // {
- // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
- // }
- // }
+ public static class DHwithSHA1KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA1KDFAndSharedInfo()
+ {
+ super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+ }
+ }
- // public static class CDHwithSHA1KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public CDHwithSHA1KDFAndSharedInfo()
- // {
- // super("ECCDHwithSHA1KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
- // }
- // }
+ public static class CDHwithSHA1KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public CDHwithSHA1KDFAndSharedInfo()
+ {
+ super("ECCDHwithSHA1KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+ }
+ }
- // public static class DHwithSHA224KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA224KDFAndSharedInfo()
- // {
- // super("ECDHwithSHA224KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
- // }
- // }
+ public static class DHwithSHA224KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA224KDFAndSharedInfo()
+ {
+ super("ECDHwithSHA224KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+ }
+ }
- // public static class CDHwithSHA224KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public CDHwithSHA224KDFAndSharedInfo()
- // {
- // super("ECCDHwithSHA224KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
- // }
- // }
+ public static class CDHwithSHA224KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public CDHwithSHA224KDFAndSharedInfo()
+ {
+ super("ECCDHwithSHA224KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+ }
+ }
- // public static class DHwithSHA256KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA256KDFAndSharedInfo()
- // {
- // super("ECDHwithSHA256KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
- // }
- // }
+ public static class DHwithSHA256KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA256KDFAndSharedInfo()
+ {
+ super("ECDHwithSHA256KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+ }
+ }
- // public static class CDHwithSHA256KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public CDHwithSHA256KDFAndSharedInfo()
- // {
- // super("ECCDHwithSHA256KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
- // }
- // }
+ public static class CDHwithSHA256KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public CDHwithSHA256KDFAndSharedInfo()
+ {
+ super("ECCDHwithSHA256KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+ }
+ }
- // public static class DHwithSHA384KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA384KDFAndSharedInfo()
- // {
- // super("ECDHwithSHA384KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
- // }
- // }
+ public static class DHwithSHA384KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA384KDFAndSharedInfo()
+ {
+ super("ECDHwithSHA384KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+ }
+ }
- // public static class CDHwithSHA384KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public CDHwithSHA384KDFAndSharedInfo()
- // {
- // super("ECCDHwithSHA384KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
- // }
- // }
+ public static class CDHwithSHA384KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public CDHwithSHA384KDFAndSharedInfo()
+ {
+ super("ECCDHwithSHA384KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+ }
+ }
- // public static class DHwithSHA512KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA512KDFAndSharedInfo()
- // {
- // super("ECDHwithSHA512KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
- // }
- // }
+ public static class DHwithSHA512KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA512KDFAndSharedInfo()
+ {
+ super("ECDHwithSHA512KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+ }
+ }
- // public static class CDHwithSHA512KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public CDHwithSHA512KDFAndSharedInfo()
- // {
- // super("ECCDHwithSHA512KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
- // }
- // }
+ public static class CDHwithSHA512KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public CDHwithSHA512KDFAndSharedInfo()
+ {
+ super("ECCDHwithSHA512KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+ }
+ }
- // public static class MQVwithSHA1KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA1KDFAndSharedInfo()
- // {
- // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
- // }
- // }
+ public static class MQVwithSHA1KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA1KDFAndSharedInfo()
+ {
+ super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+ }
+ }
- // public static class MQVwithSHA224KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA224KDFAndSharedInfo()
- // {
- // super("ECMQVwithSHA224KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
- // }
- // }
+ public static class MQVwithSHA224KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA224KDFAndSharedInfo()
+ {
+ super("ECMQVwithSHA224KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+ }
+ }
- // public static class MQVwithSHA256KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA256KDFAndSharedInfo()
- // {
- // super("ECMQVwithSHA256KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
- // }
- // }
+ public static class MQVwithSHA256KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA256KDFAndSharedInfo()
+ {
+ super("ECMQVwithSHA256KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+ }
+ }
- // public static class MQVwithSHA384KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA384KDFAndSharedInfo()
- // {
- // super("ECMQVwithSHA384KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
- // }
- // }
+ public static class MQVwithSHA384KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA384KDFAndSharedInfo()
+ {
+ super("ECMQVwithSHA384KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+ }
+ }
- // public static class MQVwithSHA512KDFAndSharedInfo
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA512KDFAndSharedInfo()
- // {
- // super("ECMQVwithSHA512KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
- // }
- // }
+ public static class MQVwithSHA512KDFAndSharedInfo
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA512KDFAndSharedInfo()
+ {
+ super("ECMQVwithSHA512KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+ }
+ }
- // public static class DHwithSHA1CKDF
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA1CKDF()
- // {
- // super("ECDHwithSHA1CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
- // }
- // }
+ public static class DHwithSHA1CKDF
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA1CKDF()
+ {
+ super("ECDHwithSHA1CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
+ }
+ }
- // public static class DHwithSHA256CKDF
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA256CKDF()
- // {
- // super("ECDHwithSHA256CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
- // }
- // }
+ public static class DHwithSHA256CKDF
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA256CKDF()
+ {
+ super("ECDHwithSHA256CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
+ }
+ }
- // public static class DHwithSHA384CKDF
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA384CKDF()
- // {
- // super("ECDHwithSHA384CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
- // }
- // }
+ public static class DHwithSHA384CKDF
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA384CKDF()
+ {
+ super("ECDHwithSHA384CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
+ }
+ }
- // public static class DHwithSHA512CKDF
- // extends KeyAgreementSpi
- // {
- // public DHwithSHA512CKDF()
- // {
- // super("ECDHwithSHA512CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
- // }
- // }
+ public static class DHwithSHA512CKDF
+ extends KeyAgreementSpi
+ {
+ public DHwithSHA512CKDF()
+ {
+ super("ECDHwithSHA512CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
+ }
+ }
- // public static class MQVwithSHA1CKDF
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA1CKDF()
- // {
- // super("ECMQVwithSHA1CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
- // }
- // }
+ public static class MQVwithSHA1CKDF
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA1CKDF()
+ {
+ super("ECMQVwithSHA1CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
+ }
+ }
- // public static class MQVwithSHA224CKDF
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA224CKDF()
- // {
- // super("ECMQVwithSHA224CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224()));
- // }
- // }
+ public static class MQVwithSHA224CKDF
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA224CKDF()
+ {
+ super("ECMQVwithSHA224CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224()));
+ }
+ }
- // public static class MQVwithSHA256CKDF
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA256CKDF()
- // {
- // super("ECMQVwithSHA256CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
- // }
- // }
+ public static class MQVwithSHA256CKDF
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA256CKDF()
+ {
+ super("ECMQVwithSHA256CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
+ }
+ }
- // public static class MQVwithSHA384CKDF
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA384CKDF()
- // {
- // super("ECMQVwithSHA384CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
- // }
- // }
+ public static class MQVwithSHA384CKDF
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA384CKDF()
+ {
+ super("ECMQVwithSHA384CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
+ }
+ }
- // public static class MQVwithSHA512CKDF
- // extends KeyAgreementSpi
- // {
- // public MQVwithSHA512CKDF()
- // {
- // super("ECMQVwithSHA512CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
- // }
- // }
- // END android-removed
+ public static class MQVwithSHA512CKDF
+ extends KeyAgreementSpi
+ {
+ public MQVwithSHA512CKDF()
+ {
+ super("ECMQVwithSHA512CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java
index a749f11..431b6bd 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java
@@ -208,16 +208,18 @@
}
}
- // BEGIN android-removed
- // public static class ECGOST3410
- // extends KeyFactorySpi
- // {
- // public ECGOST3410()
- // {
- // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ public static class ECGOST3410
+ extends KeyFactorySpi
+ {
+ public ECGOST3410()
+ {
+ super("ECGOST3410", BouncyCastleProvider.CONFIGURATION);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithm
public static class ECDH
extends KeyFactorySpi
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
index 5f8a901..794ca97 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
@@ -43,9 +43,10 @@
ECKeyGenerationParameters param;
ECKeyPairGenerator engine = new ECKeyPairGenerator();
Object ecParams = null;
- // BEGIN android-changed
+ // Android-changed: Use 256-bit keys by default.
+ // 239-bit keys (the Bouncy Castle default) are less widely-supported than 256-bit ones,
+ // so we've changed the default strength to 256 for increased compatibility
int strength = 256;
- // BEGIN android-changed
int certainty = 50;
SecureRandom random = new SecureRandom();
boolean initialised = false;
@@ -87,13 +88,13 @@
SecureRandom random)
{
this.strength = strength;
- // BEGIN android-added
+ // BEGIN Android-changed: Don't override this.random with null.
+ // Passing null just means to use a default random, which this.random is already
+ // initialized to, so just use that
if (random != null) {
- // END android-added
- this.random = random;
- // BEGIN android-added
+ this.random = random;
}
- // END android-added
+ // END Android-changed: Don't override this.random with null.
ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength));
if (ecParams == null)
@@ -116,11 +117,11 @@
SecureRandom random)
throws InvalidAlgorithmParameterException
{
- // BEGIN android-added
+ // BEGIN Android-added: Use existing SecureRandom if none is provided.
if (random == null) {
random = this.random;
}
- // END android-added
+ // END Android-added: Use existing SecureRandom if none is provided.
if (params == null)
{
ECParameterSpec implicitCA = configuration.getEcImplicitlyCa();
@@ -288,4 +289,4 @@
super("ECMQV", BouncyCastleProvider.CONFIGURATION);
}
}
-}
+}
\ No newline at end of file
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
index 46aeec7..93f9d16 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
@@ -16,19 +16,18 @@
import org.bouncycastle.crypto.DSA;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.NullDigest;
-// BEGIN android-added
-import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-added
-// BEGIN android-removed
+// BEGIN Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-// END android-removed
+// END Android-removed: Unsupported algorithms
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.ECDSASigner;
-// BEGIN android-removed
+// BEGIN Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.signers.ECNRSigner;
// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// END Android-removed: Unsupported algorithms
+// BEGIN Android-changed: Use Android digests
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase;
import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
@@ -74,22 +73,24 @@
{
public ecDSA()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(DigestFactory.createSHA1(), new ECDSASigner(), new StdDSAEncoder());
super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder());
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class ecDetDSA
- // extends SignatureSpi
- // {
- // public ecDetDSA()
- // {
- // super(DigestFactory.createSHA1(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())), new StdDSAEncoder());
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ static public class ecDetDSA
+ extends SignatureSpi
+ {
+ public ecDetDSA()
+ {
+ super(DigestFactory.createSHA1(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())), new StdDSAEncoder());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithm
static public class ecDSAnone
extends SignatureSpi
@@ -105,267 +106,276 @@
{
public ecDSA224()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(DigestFactory.createSHA224(), new ECDSASigner(), new StdDSAEncoder());
super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder());
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class ecDetDSA224
- // extends SignatureSpi
- // {
- // public ecDetDSA224()
- // {
- // super(DigestFactory.createSHA224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())), new StdDSAEncoder());
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ static public class ecDetDSA224
+ extends SignatureSpi
+ {
+ public ecDetDSA224()
+ {
+ super(DigestFactory.createSHA224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())), new StdDSAEncoder());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithm
static public class ecDSA256
extends SignatureSpi
{
public ecDSA256()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(DigestFactory.createSHA256(), new ECDSASigner(), new StdDSAEncoder());
super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder());
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class ecDetDSA256
- // extends SignatureSpi
- // {
- // public ecDetDSA256()
- // {
- // super(DigestFactory.createSHA256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())), new StdDSAEncoder());
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ static public class ecDetDSA256
+ extends SignatureSpi
+ {
+ public ecDetDSA256()
+ {
+ super(DigestFactory.createSHA256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())), new StdDSAEncoder());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithm
static public class ecDSA384
extends SignatureSpi
{
public ecDSA384()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(DigestFactory.createSHA384(), new ECDSASigner(), new StdDSAEncoder());
super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder());
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class ecDetDSA384
- // extends SignatureSpi
- // {
- // public ecDetDSA384()
- // {
- // super(DigestFactory.createSHA384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())), new StdDSAEncoder());
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ static public class ecDetDSA384
+ extends SignatureSpi
+ {
+ public ecDetDSA384()
+ {
+ super(DigestFactory.createSHA384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())), new StdDSAEncoder());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
+
static public class ecDSA512
extends SignatureSpi
{
public ecDSA512()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(DigestFactory.createSHA512(), new ECDSASigner(), new StdDSAEncoder());
super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder());
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class ecDetDSA512
- // extends SignatureSpi
- // {
- // public ecDetDSA512()
- // {
- // super(DigestFactory.createSHA512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())), new StdDSAEncoder());
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class ecDetDSA512
+ extends SignatureSpi
+ {
+ public ecDetDSA512()
+ {
+ super(DigestFactory.createSHA512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())), new StdDSAEncoder());
+ }
+ }
- // static public class ecDSASha3_224
- // extends SignatureSpi
- // {
- // public ecDSASha3_224()
- // {
- // super(DigestFactory.createSHA3_224(), new ECDSASigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecDSASha3_224
+ extends SignatureSpi
+ {
+ public ecDSASha3_224()
+ {
+ super(DigestFactory.createSHA3_224(), new ECDSASigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecDetDSASha3_224
- // extends SignatureSpi
- // {
- // public ecDetDSASha3_224()
- // {
- // super(DigestFactory.createSHA3_224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())), new StdDSAEncoder());
- // }
- // }
+ static public class ecDetDSASha3_224
+ extends SignatureSpi
+ {
+ public ecDetDSASha3_224()
+ {
+ super(DigestFactory.createSHA3_224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())), new StdDSAEncoder());
+ }
+ }
- // static public class ecDSASha3_256
- // extends SignatureSpi
- // {
- // public ecDSASha3_256()
- // {
- // super(DigestFactory.createSHA3_256(), new ECDSASigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecDSASha3_256
+ extends SignatureSpi
+ {
+ public ecDSASha3_256()
+ {
+ super(DigestFactory.createSHA3_256(), new ECDSASigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecDetDSASha3_256
- // extends SignatureSpi
- // {
- // public ecDetDSASha3_256()
- // {
- // super(DigestFactory.createSHA3_256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())), new StdDSAEncoder());
- // }
- // }
+ static public class ecDetDSASha3_256
+ extends SignatureSpi
+ {
+ public ecDetDSASha3_256()
+ {
+ super(DigestFactory.createSHA3_256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())), new StdDSAEncoder());
+ }
+ }
- // static public class ecDSASha3_384
- // extends SignatureSpi
- // {
- // public ecDSASha3_384()
- // {
- // super(DigestFactory.createSHA3_384(), new ECDSASigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecDSASha3_384
+ extends SignatureSpi
+ {
+ public ecDSASha3_384()
+ {
+ super(DigestFactory.createSHA3_384(), new ECDSASigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecDetDSASha3_384
- // extends SignatureSpi
- // {
- // public ecDetDSASha3_384()
- // {
- // super(DigestFactory.createSHA3_384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())), new StdDSAEncoder());
- // }
- // }
+ static public class ecDetDSASha3_384
+ extends SignatureSpi
+ {
+ public ecDetDSASha3_384()
+ {
+ super(DigestFactory.createSHA3_384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())), new StdDSAEncoder());
+ }
+ }
- // static public class ecDSASha3_512
- // extends SignatureSpi
- // {
- // public ecDSASha3_512()
- // {
- // super(DigestFactory.createSHA3_512(), new ECDSASigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecDSASha3_512
+ extends SignatureSpi
+ {
+ public ecDSASha3_512()
+ {
+ super(DigestFactory.createSHA3_512(), new ECDSASigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecDetDSASha3_512
- // extends SignatureSpi
- // {
- // public ecDetDSASha3_512()
- // {
- // super(DigestFactory.createSHA3_512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())), new StdDSAEncoder());
- // }
- // }
+ static public class ecDetDSASha3_512
+ extends SignatureSpi
+ {
+ public ecDetDSASha3_512()
+ {
+ super(DigestFactory.createSHA3_512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())), new StdDSAEncoder());
+ }
+ }
- // static public class ecDSARipeMD160
- // extends SignatureSpi
- // {
- // public ecDSARipeMD160()
- // {
- // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecDSARipeMD160
+ extends SignatureSpi
+ {
+ public ecDSARipeMD160()
+ {
+ super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecNR
- // extends SignatureSpi
- // {
- // public ecNR()
- // {
- // super(DigestFactory.createSHA1(), new ECNRSigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecNR
+ extends SignatureSpi
+ {
+ public ecNR()
+ {
+ super(DigestFactory.createSHA1(), new ECNRSigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecNR224
- // extends SignatureSpi
- // {
- // public ecNR224()
- // {
- // super(DigestFactory.createSHA224(), new ECNRSigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecNR224
+ extends SignatureSpi
+ {
+ public ecNR224()
+ {
+ super(DigestFactory.createSHA224(), new ECNRSigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecNR256
- // extends SignatureSpi
- // {
- // public ecNR256()
- // {
- // super(DigestFactory.createSHA256(), new ECNRSigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecNR256
+ extends SignatureSpi
+ {
+ public ecNR256()
+ {
+ super(DigestFactory.createSHA256(), new ECNRSigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecNR384
- // extends SignatureSpi
- // {
- // public ecNR384()
- // {
- // super(DigestFactory.createSHA384(), new ECNRSigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecNR384
+ extends SignatureSpi
+ {
+ public ecNR384()
+ {
+ super(DigestFactory.createSHA384(), new ECNRSigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecNR512
- // extends SignatureSpi
- // {
- // public ecNR512()
- // {
- // super(DigestFactory.createSHA512(), new ECNRSigner(), new StdDSAEncoder());
- // }
- // }
+ static public class ecNR512
+ extends SignatureSpi
+ {
+ public ecNR512()
+ {
+ super(DigestFactory.createSHA512(), new ECNRSigner(), new StdDSAEncoder());
+ }
+ }
- // static public class ecCVCDSA
- // extends SignatureSpi
- // {
- // public ecCVCDSA()
- // {
- // super(DigestFactory.createSHA1(), new ECDSASigner(), new PlainDSAEncoder());
- // }
- // }
+ static public class ecCVCDSA
+ extends SignatureSpi
+ {
+ public ecCVCDSA()
+ {
+ super(DigestFactory.createSHA1(), new ECDSASigner(), new PlainDSAEncoder());
+ }
+ }
- // static public class ecCVCDSA224
- // extends SignatureSpi
- // {
- // public ecCVCDSA224()
- // {
- // super(DigestFactory.createSHA224(), new ECDSASigner(), new PlainDSAEncoder());
- // }
- // }
+ static public class ecCVCDSA224
+ extends SignatureSpi
+ {
+ public ecCVCDSA224()
+ {
+ super(DigestFactory.createSHA224(), new ECDSASigner(), new PlainDSAEncoder());
+ }
+ }
- // static public class ecCVCDSA256
- // extends SignatureSpi
- // {
- // public ecCVCDSA256()
- // {
- // super(DigestFactory.createSHA256(), new ECDSASigner(), new PlainDSAEncoder());
- // }
- // }
+ static public class ecCVCDSA256
+ extends SignatureSpi
+ {
+ public ecCVCDSA256()
+ {
+ super(DigestFactory.createSHA256(), new ECDSASigner(), new PlainDSAEncoder());
+ }
+ }
- // static public class ecCVCDSA384
- // extends SignatureSpi
- // {
- // public ecCVCDSA384()
- // {
- // super(DigestFactory.createSHA384(), new ECDSASigner(), new PlainDSAEncoder());
- // }
- // }
+ static public class ecCVCDSA384
+ extends SignatureSpi
+ {
+ public ecCVCDSA384()
+ {
+ super(DigestFactory.createSHA384(), new ECDSASigner(), new PlainDSAEncoder());
+ }
+ }
- // static public class ecCVCDSA512
- // extends SignatureSpi
- // {
- // public ecCVCDSA512()
- // {
- // super(DigestFactory.createSHA512(), new ECDSASigner(), new PlainDSAEncoder());
- // }
- // }
+ static public class ecCVCDSA512
+ extends SignatureSpi
+ {
+ public ecCVCDSA512()
+ {
+ super(DigestFactory.createSHA512(), new ECDSASigner(), new PlainDSAEncoder());
+ }
+ }
- // static public class ecPlainDSARP160
- // extends SignatureSpi
- // {
- // public ecPlainDSARP160()
- // {
- // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder());
- // }
- // }
- // END android-removed
+ static public class ecPlainDSARP160
+ extends SignatureSpi
+ {
+ public ecPlainDSARP160()
+ {
+ super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
private static class StdDSAEncoder
implements DSAEncoder
@@ -406,68 +416,70 @@
}
}
- // BEGIN android-removed
- // private static class PlainDSAEncoder
- // implements DSAEncoder
- // {
- // public byte[] encode(
- // BigInteger r,
- // BigInteger s)
- // throws IOException
- // {
- // byte[] first = makeUnsigned(r);
- // byte[] second = makeUnsigned(s);
- // byte[] res;
- //
- // if (first.length > second.length)
- // {
- // res = new byte[first.length * 2];
- // }
- // else
- // {
- // res = new byte[second.length * 2];
- // }
- //
- // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length);
- // System.arraycopy(second, 0, res, res.length - second.length, second.length);
- //
- // return res;
- // }
- //
- //
- // private byte[] makeUnsigned(BigInteger val)
- // {
- // byte[] res = val.toByteArray();
- //
- // if (res[0] == 0)
- // {
- // byte[] tmp = new byte[res.length - 1];
- //
- // System.arraycopy(res, 1, tmp, 0, tmp.length);
- //
- // return tmp;
- // }
- //
- // return res;
- // }
- //
- // public BigInteger[] decode(
- // byte[] encoding)
- // throws IOException
- // {
- // BigInteger[] sig = new BigInteger[2];
- //
- // byte[] first = new byte[encoding.length / 2];
- // byte[] second = new byte[encoding.length / 2];
- //
- // System.arraycopy(encoding, 0, first, 0, first.length);
- // System.arraycopy(encoding, first.length, second, 0, second.length);
- //
- // sig[0] = new BigInteger(1, first);
- // sig[1] = new BigInteger(1, second);
- //
- // return sig;
- // }
- // }
- // END android-removed
-}
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ private static class PlainDSAEncoder
+ implements DSAEncoder
+ {
+ public byte[] encode(
+ BigInteger r,
+ BigInteger s)
+ throws IOException
+ {
+ byte[] first = makeUnsigned(r);
+ byte[] second = makeUnsigned(s);
+ byte[] res;
+
+ if (first.length > second.length)
+ {
+ res = new byte[first.length * 2];
+ }
+ else
+ {
+ res = new byte[second.length * 2];
+ }
+
+ System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length);
+ System.arraycopy(second, 0, res, res.length - second.length, second.length);
+
+ return res;
+ }
+
+
+ private byte[] makeUnsigned(BigInteger val)
+ {
+ byte[] res = val.toByteArray();
+
+ if (res[0] == 0)
+ {
+ byte[] tmp = new byte[res.length - 1];
+
+ System.arraycopy(res, 1, tmp, 0, tmp.length);
+
+ return tmp;
+ }
+
+ return res;
+ }
+
+ public BigInteger[] decode(
+ byte[] encoding)
+ throws IOException
+ {
+ BigInteger[] sig = new BigInteger[2];
+
+ byte[] first = new byte[encoding.length / 2];
+ byte[] second = new byte[encoding.length / 2];
+
+ System.arraycopy(encoding, 0, first, 0, first.length);
+ System.arraycopy(encoding, first.length, second, 0, second.length);
+
+ sig[0] = new BigInteger(1, first);
+ sig[1] = new BigInteger(1, second);
+
+ return sig;
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
+}
\ No newline at end of file
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
index c98b764..b7966ef 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
@@ -26,9 +26,8 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.InvalidCipherTextException;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithm
// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
-// END android-removed
import org.bouncycastle.crypto.encodings.OAEPEncoding;
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSABlindedEngine;
@@ -36,14 +35,18 @@
import org.bouncycastle.jcajce.provider.asymmetric.util.BaseCipherSpi;
import org.bouncycastle.jcajce.provider.util.BadBlockException;
import org.bouncycastle.jcajce.provider.util.DigestFactory;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.util.Strings;
public class CipherSpi
extends BaseCipherSpi
{
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
private AsymmetricBlockCipher cipher;
private AlgorithmParameterSpec paramSpec;
@@ -203,12 +206,12 @@
{
cipher = new PKCS1Encoding(new RSABlindedEngine());
}
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithm
// else if (pad.equals("ISO9796-1PADDING"))
// {
// cipher = new ISO9796d1Encoding(new RSABlindedEngine());
// }
- // END android-removed
+ // END Android-removed: Unsupported algorithm
else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING"))
{
initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT));
@@ -237,27 +240,29 @@
{
initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT));
}
- // BEGIN android-removed
- // else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING"))
- // {
- // initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT));
- // }
- // else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING"))
- // {
- // initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT));
- // }
- // else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING"))
- // {
- // initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT));
- // }
- // else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING"))
- // {
- // initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT));
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING"))
+ {
+ initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT));
+ }
+ else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING"))
+ {
+ initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT));
+ }
+ else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING"))
+ {
+ initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT));
+ }
+ else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING"))
+ {
+ initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT));
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else
{
- throw new NoSuchPaddingException(padding + " unavailable with RSA.");
+ throw new NoSuchPaddingException(padding + " unavailable with RSA.");
}
}
@@ -562,50 +567,52 @@
}
}
- // BEGIN android-removed
- // static public class PKCS1v1_5Padding
- // extends CipherSpi
- // {
- // public PKCS1v1_5Padding()
- // {
- // super(new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
- //
- // static public class PKCS1v1_5Padding_PrivateOnly
- // extends CipherSpi
- // {
- // public PKCS1v1_5Padding_PrivateOnly()
- // {
- // super(false, true, new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
- //
- // static public class PKCS1v1_5Padding_PublicOnly
- // extends CipherSpi
- // {
- // public PKCS1v1_5Padding_PublicOnly()
- // {
- // super(true, false, new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
- //
- // static public class OAEPPadding
- // extends CipherSpi
- // {
- // public OAEPPadding()
- // {
- // super(OAEPParameterSpec.DEFAULT);
- // }
- // }
- //
- // static public class ISO9796d1Padding
- // extends CipherSpi
- // {
- // public ISO9796d1Padding()
- // {
- // super(new ISO9796d1Encoding(new RSABlindedEngine()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class PKCS1v1_5Padding
+ extends CipherSpi
+ {
+ public PKCS1v1_5Padding()
+ {
+ super(new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
+
+ static public class PKCS1v1_5Padding_PrivateOnly
+ extends CipherSpi
+ {
+ public PKCS1v1_5Padding_PrivateOnly()
+ {
+ super(false, true, new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
+
+ static public class PKCS1v1_5Padding_PublicOnly
+ extends CipherSpi
+ {
+ public PKCS1v1_5Padding_PublicOnly()
+ {
+ super(true, false, new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
+
+ static public class OAEPPadding
+ extends CipherSpi
+ {
+ public OAEPPadding()
+ {
+ super(OAEPParameterSpec.DEFAULT);
+ }
+ }
+
+ static public class ISO9796d1Padding
+ extends CipherSpi
+ {
+ public ISO9796d1Padding()
+ {
+ super(new ISO9796d1Encoding(new RSABlindedEngine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java
index 1e4d854..5c2f1df 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java
@@ -17,30 +17,25 @@
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.crypto.AsymmetricBlockCipher;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.Digest;
-// BEGIN android-added
-import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-added
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.digests.MD2Digest;
// import org.bouncycastle.crypto.digests.MD4Digest;
// import org.bouncycastle.crypto.digests.NullDigest;
// import org.bouncycastle.crypto.digests.RIPEMD128Digest;
// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
// import org.bouncycastle.crypto.digests.RIPEMD256Digest;
-// END android-removed
import org.bouncycastle.crypto.encodings.PKCS1Encoding;
import org.bouncycastle.crypto.engines.RSABlindedEngine;
-// BEGIN android-removed
+// Android-changed: Use Android digests
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
import org.bouncycastle.util.Arrays;
public class DigestSignatureSpi
@@ -258,9 +253,9 @@
{
public SHA1()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(OIWObjectIdentifiers.idSHA1, DigestFactory.createSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
- // END android-changed
}
}
@@ -269,9 +264,9 @@
{
public SHA224()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(NISTObjectIdentifiers.id_sha224, DigestFactory.createSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
- // END android-changed
}
}
@@ -280,9 +275,9 @@
{
public SHA256()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(NISTObjectIdentifiers.id_sha256, DigestFactory.createSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
- // END android-changed
}
}
@@ -291,9 +286,9 @@
{
public SHA384()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(NISTObjectIdentifiers.id_sha384, DigestFactory.createSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
- // END android-changed
}
}
@@ -302,132 +297,136 @@
{
public SHA512()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(NISTObjectIdentifiers.id_sha512, DigestFactory.createSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class SHA512_224
- // extends DigestSignatureSpi
- // {
- // public SHA512_224()
- // {
- // super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class SHA512_224
+ extends DigestSignatureSpi
+ {
+ public SHA512_224()
+ {
+ super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
- // static public class SHA512_256
- // extends DigestSignatureSpi
- // {
- // public SHA512_256()
- // {
- // super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
+ static public class SHA512_256
+ extends DigestSignatureSpi
+ {
+ public SHA512_256()
+ {
+ super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
- // static public class SHA3_224
- // extends DigestSignatureSpi
- // {
- // public SHA3_224()
- // {
- // super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
+ static public class SHA3_224
+ extends DigestSignatureSpi
+ {
+ public SHA3_224()
+ {
+ super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
- // static public class SHA3_256
- // extends DigestSignatureSpi
- // {
- // public SHA3_256()
- // {
- // super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
+ static public class SHA3_256
+ extends DigestSignatureSpi
+ {
+ public SHA3_256()
+ {
+ super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
- // static public class SHA3_384
- // extends DigestSignatureSpi
- // {
- // public SHA3_384()
- // {
- // super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
+ static public class SHA3_384
+ extends DigestSignatureSpi
+ {
+ public SHA3_384()
+ {
+ super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
- // static public class SHA3_512
- // extends DigestSignatureSpi
- // {
- // public SHA3_512()
- // {
- // super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
+ static public class SHA3_512
+ extends DigestSignatureSpi
+ {
+ public SHA3_512()
+ {
+ super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
- // static public class MD2
- // extends DigestSignatureSpi
- // {
- // public MD2()
- // {
- // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
+ static public class MD2
+ extends DigestSignatureSpi
+ {
+ public MD2()
+ {
+ super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
- // static public class MD4
- // extends DigestSignatureSpi
- // {
- // public MD4()
- // {
- // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
- // END android-removed
+ static public class MD4
+ extends DigestSignatureSpi
+ {
+ public MD4()
+ {
+ super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
static public class MD5
extends DigestSignatureSpi
{
public MD5()
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // super(PKCSObjectIdentifiers.md5, DigestFactory.createMD5(), new PKCS1Encoding(new RSABlindedEngine()));
super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine()));
- // END android-changed
}
}
- // BEGIN android-removed
- // static public class RIPEMD160
- // extends DigestSignatureSpi
- // {
- // public RIPEMD160()
- // {
- // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
- //
- // static public class RIPEMD128
- // extends DigestSignatureSpi
- // {
- // public RIPEMD128()
- // {
- // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
- //
- // static public class RIPEMD256
- // extends DigestSignatureSpi
- // {
- // public RIPEMD256()
- // {
- // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
- //
- // static public class noneRSA
- // extends DigestSignatureSpi
- // {
- // public noneRSA()
- // {
- // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class RIPEMD160
+ extends DigestSignatureSpi
+ {
+ public RIPEMD160()
+ {
+ super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
+
+ static public class RIPEMD128
+ extends DigestSignatureSpi
+ {
+ public RIPEMD128()
+ {
+ super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
+
+ static public class RIPEMD256
+ extends DigestSignatureSpi
+ {
+ public RIPEMD256()
+ {
+ super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
+
+ static public class noneRSA
+ extends DigestSignatureSpi
+ {
+ public noneRSA()
+ {
+ super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java
index 4c3089a..a2c9666 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java
@@ -43,10 +43,9 @@
SecureRandom random)
{
param = new RSAKeyGenerationParameters(defaultPublicExponent,
- // BEGIN android-changed
- // Was: random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength));
+ // Android-changed: Replace null random with default implementation.
+ // random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength));
(random != null) ? random : new SecureRandom(), strength, PrimeCertaintyCalculator.getDefaultCertainty(strength));
- // END android-changed
engine.init(param);
}
@@ -64,10 +63,9 @@
param = new RSAKeyGenerationParameters(
rsaParams.getPublicExponent(),
- // BEGIN android-changed
- // Was: random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048));
+ // Android-changed: Replace null random with default implementation.
+ // random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048));
(random != null) ? random : new SecureRandom(), rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048));
- // END android-changed
engine.init(param);
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java
index 2994e73..f285ac5 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java
@@ -11,10 +11,9 @@
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
// import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
@@ -22,10 +21,9 @@
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.crypto.DerivationFunction;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
// import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
-// END android-removed
import org.bouncycastle.crypto.params.DESParameters;
import org.bouncycastle.crypto.params.KDFParameters;
import org.bouncycastle.util.Integers;
@@ -122,9 +120,8 @@
nameTable.put(KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.getId(), "SEED");
nameTable.put(KISAObjectIdentifiers.id_seedCBC.getId(), "SEED");
nameTable.put(KISAObjectIdentifiers.id_seedMAC.getId(), "SEED");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithm
// nameTable.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), "GOST28147");
- // END android-removed
nameTable.put(NISTObjectIdentifiers.id_aes128_wrap.getId(), "AES");
nameTable.put(NISTObjectIdentifiers.id_aes128_CCM.getId(), "AES");
@@ -163,12 +160,12 @@
{
return "AES";
}
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithm
// if (algDetails.startsWith(GNUObjectIdentifiers.Serpent.getId()))
// {
// return "Serpent";
// }
- // END android-removed
+ // END Android-removed: Unsupported algorithms
String name = (String)nameTable.get(Strings.toUpperCase(algDetails));
@@ -261,6 +258,7 @@
}
int keySize = getKeySize(oidAlgorithm);
+
if (kdf != null)
{
if (keySize < 0)
@@ -269,24 +267,26 @@
}
byte[] keyBytes = new byte[keySize / 8];
- // BEGIN android-removed
- // if (kdf instanceof DHKEKGenerator)
- // {
- // ASN1ObjectIdentifier oid;
- // try
- // {
- // oid = new ASN1ObjectIdentifier(oidAlgorithm);
- // }
- // catch (IllegalArgumentException e)
- // {
- // throw new NoSuchAlgorithmException("no OID for algorithm: " + oidAlgorithm);
- // }
- // DHKDFParameters params = new DHKDFParameters(oid, keySize, secret, ukmParameters);
+ // BEGIN Android-removed: Unsupported algorithm
+ /*
+ if (kdf instanceof DHKEKGenerator)
+ {
+ ASN1ObjectIdentifier oid;
+ try
+ {
+ oid = new ASN1ObjectIdentifier(oidAlgorithm);
+ }
+ catch (IllegalArgumentException e)
+ {
+ throw new NoSuchAlgorithmException("no OID for algorithm: " + oidAlgorithm);
+ }
+ DHKDFParameters params = new DHKDFParameters(oid, keySize, secret, ukmParameters);
- // kdf.init(params);
- // }
- // else
- // END android-removed
+ kdf.init(params);
+ }
+ else
+ */
+ // END Android-removed: Unsupported algorithm
{
KDFParameters params = new KDFParameters(secret, ukmParameters);
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java
index 602ca74..961e263 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java
@@ -18,10 +18,9 @@
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import javax.crypto.spec.RC2ParameterSpec;
// import javax.crypto.spec.RC5ParameterSpec;
-// END android-removed
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
@@ -41,10 +40,9 @@
{
IvParameterSpec.class,
PBEParameterSpec.class,
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// RC2ParameterSpec.class,
// RC5ParameterSpec.class
- // END android-removed
};
private final JcaJceHelper helper = new BCJcaJceHelper();
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
index 3b8a0a6..d67974b 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
@@ -47,14 +47,14 @@
}
}
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported curves
// X9ECParameters c25519 = CustomNamedCurves.getByName("Curve25519");
// customCurves.put(new ECCurve.Fp(
// c25519.getCurve().getField().getCharacteristic(),
// c25519.getCurve().getA().toBigInteger(),
- // c25519.getCurve().getB().toBigInteger()), c25519.getCurve());
- // END android-removed
+ // c25519.getCurve().getB().toBigInteger()), c25519.getCurve());
+ // END Android-removed: Unsupported curves
}
public static ECCurve getCurve(
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java
index cba154a..39ff397 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java
@@ -8,17 +8,15 @@
import java.util.Map;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.anssi.ANSSINamedCurves;
// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
// import org.bouncycastle.asn1.gm.GMNamedCurves;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.sec.SECNamedCurves;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
-// END android-removed
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.ECNamedCurveTable;
import org.bouncycastle.asn1.x9.X962NamedCurves;
@@ -338,24 +336,26 @@
{
oid = NISTNamedCurves.getOID(name);
}
- // BEGIN android-removed
- // if (oid == null)
- // {
- // oid = TeleTrusTNamedCurves.getOID(name);
- // }
- // if (oid == null)
- // {
- // oid = ECGOST3410NamedCurves.getOID(name);
- // }
- // if (oid == null)
- // {
- // oid = ANSSINamedCurves.getOID(name);
- // }
- // if (oid == null)
- // {
- // oid = GMNamedCurves.getOID(name);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (oid == null)
+ {
+ oid = TeleTrusTNamedCurves.getOID(name);
+ }
+ if (oid == null)
+ {
+ oid = ECGOST3410NamedCurves.getOID(name);
+ }
+ if (oid == null)
+ {
+ oid = ANSSINamedCurves.getOID(name);
+ }
+ if (oid == null)
+ {
+ oid = GMNamedCurves.getOID(name);
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
return oid;
@@ -398,16 +398,18 @@
{
params = NISTNamedCurves.getByOID(oid);
}
- // BEGIN android-removed
- // if (params == null)
- // {
- // params = TeleTrusTNamedCurves.getByOID(oid);
- // }
- // if (params == null)
- // {
- // params = GMNamedCurves.getByOID(oid);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (params == null)
+ {
+ params = TeleTrusTNamedCurves.getByOID(oid);
+ }
+ if (params == null)
+ {
+ params = GMNamedCurves.getByOID(oid);
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
return params;
@@ -429,16 +431,18 @@
{
params = NISTNamedCurves.getByName(curveName);
}
- // BEGIN android-removed
- // if (params == null)
- // {
- // params = TeleTrusTNamedCurves.getByName(curveName);
- // }
- // if (params == null)
- // {
- // params = GMNamedCurves.getByName(curveName);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (params == null)
+ {
+ params = TeleTrusTNamedCurves.getByName(curveName);
+ }
+ if (params == null)
+ {
+ params = GMNamedCurves.getByName(curveName);
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
return params;
@@ -456,16 +460,18 @@
{
name = NISTNamedCurves.getName(oid);
}
- // BEGIN android-removed
- // if (name == null)
- // {
- // name = TeleTrusTNamedCurves.getName(oid);
- // }
- // if (name == null)
- // {
- // name = ECGOST3410NamedCurves.getName(oid);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (name == null)
+ {
+ name = TeleTrusTNamedCurves.getName(oid);
+ }
+ if (name == null)
+ {
+ name = ECGOST3410NamedCurves.getName(oid);
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
return name;
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java
index 58310c7..d5608b9 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java
@@ -4,9 +4,8 @@
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
-// BEGIN Android-added
+// Android-added: Use PushbackInputStream
import java.io.PushbackInputStream;
-// END Android-added
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertPath;
@@ -217,22 +216,21 @@
}
else
{
- // BEGIN android-changed
- // Was: pis = new ByteArrayInputStream(Streams.readAll(in));
- // Reason: we want {@code in.available()} to return the number of available bytes if
+ // Android-changed: Use PushbackInputStream instead of ByteArrayInputStream.
+ // we want {@code in.available()} to return the number of available bytes if
// there is trailing data (otherwise it breaks
// libcore.java.security.cert.X509CertificateTest#test_Provider
// ). Which is not possible if we read the whole stream at this point.
+ // // pis = new ByteArrayInputStream(Streams.readAll(in));
pis = new PushbackInputStream(in);
- // END android-changed
}
- // BEGIN android-changed
- // Was: pis.mark(1);
+ // BEGIN Android-changed: Use PushbackInputStream
+ // pis.mark(1);
if (in.markSupported()) {
pis.mark(1);
}
- // END android-changed
+ // END Android-changed: Use PushbackInputStream
int tag = pis.read();
@@ -241,8 +239,8 @@
return null;
}
- // BEGIN android-changdd
- // Was: pis.reset
+ // BEGIN Android-changed: Use PushbackInputStream
+ // pis.reset
if (in.markSupported()) {
pis.reset();
}
@@ -250,7 +248,7 @@
{
((PushbackInputStream) pis).unread(tag);
}
- // END android-changed
+ // END Android-changed: Use PushbackInputStream
if (tag != 0x30) // assume ascii PEM encoded.
{
@@ -276,19 +274,17 @@
throws CertificateException
{
java.security.cert.Certificate cert;
- // BEGIN android-removed
- // BufferedInputStream in = new BufferedInputStream(inStream);
- // Reason: we want {@code in.available()} to return the number of available bytes if
+ // Android-removed: Don't read entire stream immediately.
+ // we want {@code in.available()} to return the number of available bytes if
// there is trailing data (otherwise it breaks
// libcore.java.security.cert.X509CertificateTest#test_Provider
// ). Which is not possible if we read the whole stream at this point.
- // END android-removed
+ // BufferedInputStream in = new BufferedInputStream(inStream);
List certs = new ArrayList();
- // BEGIN android-changed
- // Was: while ((cert = engineGenerateCertificate(in)) != null)
+ // Android-changed: Read from original stream
+ // while ((cert = engineGenerateCertificate(in)) != null)
while ((cert = engineGenerateCertificate(inStream)) != null)
- // END android-changed
{
certs.add(cert);
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java
index 8bb4c3a..b72de4c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java
@@ -37,9 +37,8 @@
import org.bouncycastle.jcajce.util.BCJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.util.io.pem.PemObject;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.util.io.pem.PemWriter;
-// END android-removed
/**
* CertPath implementation for X.509 certificates.
@@ -56,9 +55,8 @@
{
List encodings = new ArrayList();
encodings.add("PkiPath");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// encodings.add("PEM");
- // END android-removed
encodings.add("PKCS7");
certPathEncodings = Collections.unmodifiableList(encodings);
}
@@ -305,29 +303,31 @@
return toDEREncoded(new ContentInfo(
PKCSObjectIdentifiers.signedData, sd));
}
- // BEGIN android-removed
- // else if (encoding.equalsIgnoreCase("PEM"))
- // {
- // ByteArrayOutputStream bOut = new ByteArrayOutputStream();
- // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
- //
- // try
- // {
- // for (int i = 0; i != certificates.size(); i++)
- // {
- // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
- // }
- //
- // pWrt.close();
- // }
- // catch (Exception e)
- // {
- // throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
- // }
- //
- // return bOut.toByteArray();
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (encoding.equalsIgnoreCase("PEM"))
+ {
+ ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+ PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
+
+ try
+ {
+ for (int i = 0; i != certificates.size(); i++)
+ {
+ pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
+ }
+
+ pWrt.close();
+ }
+ catch (Exception e)
+ {
+ throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
+ }
+
+ return bOut.toByteArray();
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else
{
throw new CertificateEncodingException("unsupported encoding: " + encoding);
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java
index 51213d4..bfd7c25 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java
@@ -56,9 +56,9 @@
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.KeyUsage;
-// BEGIN android-added
+// BEGIN Android-added: Unknown reason
import org.bouncycastle.asn1.x509.X509Name;
-// END android-added
+// END Android-added: Unknown reason
import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.X509Principal;
@@ -542,20 +542,19 @@
}
}
- // BEGIN android-changed
+ // Android-added: Cache the encoded certificate
private byte[] encoded;
- // END android-changed
public byte[] getEncoded()
throws CertificateEncodingException
{
try
{
- // BEGIN android-changed
+ // BEGIN Android-changed: Cache the encoded certificate
if (encoded == null) {
encoded = c.getEncoded(ASN1Encoding.DER);
}
return encoded;
- // END android-changed
+ // END Android-changed: Cache the encoded certificate
}
catch (IOException e)
{
@@ -879,9 +878,9 @@
list.add(genName.getEncoded());
break;
case GeneralName.directoryName:
- // BEGIN android-changed
+ // Android-changed: Unknown reason
+ // list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
- // END android-changed
break;
case GeneralName.dNSName:
case GeneralName.rfc822Name:
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java
index 35e0318..17a5462 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java
@@ -5,12 +5,6 @@
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.crypto.CipherKeyGenerator;
import org.bouncycastle.crypto.digests.SHA1Digest;
-// BEGIN ANDROID-ADDED
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-// END ANDROID-ADDED
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java
index e129db4..af375c2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java
@@ -45,19 +45,21 @@
}
}
- // BEGIN android-removed
- // /**
- // * PBEWithHmacSHA
- // */
- // public static class PBEWithMacKeyFactory
- // extends PBESecretKeyFactory
- // {
- // public PBEWithMacKeyFactory()
- // {
- // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ /**
+ * PBEWithHmacSHA
+ *
+ public static class PBEWithMacKeyFactory
+ extends PBESecretKeyFactory
+ {
+ public PBEWithMacKeyFactory()
+ {
+ super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* HMACSHA256
@@ -86,11 +88,11 @@
provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256");
provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
// provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
// provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("Mac.PBEWITHHMACSHA256", PREFIX + "$HashMac");
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java
index f2fb6d3..8bddcb2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java
@@ -5,9 +5,8 @@
import org.bouncycastle.crypto.CipherKeyGenerator;
import org.bouncycastle.crypto.digests.SHA384Digest;
import org.bouncycastle.crypto.macs.HMac;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.macs.OldHMac;
-// END android-removed
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -59,16 +58,18 @@
}
}
- // BEGIN android-removed
- // public static class OldSHA384
- // extends BaseMac
- // {
- // public OldSHA384()
- // {
- // super(new OldHMac(new SHA384Digest()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class OldSHA384
+ extends BaseMac
+ {
+ public OldSHA384()
+ {
+ super(new OldHMac(new SHA384Digest()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class Mappings
extends DigestAlgorithmProvider
@@ -84,9 +85,8 @@
provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest");
provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384");
provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");
- // END android-removed
provider.addAlgorithm("Mac.PBEWITHHMACSHA384", PREFIX + "$HashMac");
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java
index 9433a81..589e26a 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java
@@ -4,13 +4,11 @@
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.crypto.CipherKeyGenerator;
import org.bouncycastle.crypto.digests.SHA512Digest;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.digests.SHA512tDigest;
-// END android-removed
import org.bouncycastle.crypto.macs.HMac;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.macs.OldHMac;
-// END android-removed
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -41,44 +39,46 @@
}
}
- // BEGIN android-removed
- // static public class DigestT
- // extends BCMessageDigest
- // implements Cloneable
- // {
- // public DigestT(int bitLength)
- // {
- // super(new SHA512tDigest(bitLength));
- // }
- //
- // public Object clone()
- // throws CloneNotSupportedException
- // {
- // DigestT d = (DigestT)super.clone();
- // d.digest = new SHA512tDigest((SHA512tDigest)digest);
- //
- // return d;
- // }
- // }
- //
- // static public class DigestT224
- // extends DigestT
- // {
- // public DigestT224()
- // {
- // super(224);
- // }
- // }
- //
- // static public class DigestT256
- // extends DigestT
- // {
- // public DigestT256()
- // {
- // super(256);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class DigestT
+ extends BCMessageDigest
+ implements Cloneable
+ {
+ public DigestT(int bitLength)
+ {
+ super(new SHA512tDigest(bitLength));
+ }
+
+ public Object clone()
+ throws CloneNotSupportedException
+ {
+ DigestT d = (DigestT)super.clone();
+ d.digest = new SHA512tDigest((SHA512tDigest)digest);
+
+ return d;
+ }
+ }
+
+ static public class DigestT224
+ extends DigestT
+ {
+ public DigestT224()
+ {
+ super(224);
+ }
+ }
+
+ static public class DigestT256
+ extends DigestT
+ {
+ public DigestT256()
+ {
+ super(256);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class HashMac
extends BaseMac
@@ -89,37 +89,39 @@
}
}
- // BEGIN android-removed
- // public static class HashMacT224
- // extends BaseMac
- // {
- // public HashMacT224()
- // {
- // super(new HMac(new SHA512tDigest(224)));
- // }
- // }
- //
- // public static class HashMacT256
- // extends BaseMac
- // {
- // public HashMacT256()
- // {
- // super(new HMac(new SHA512tDigest(256)));
- // }
- // }
- //
- // /**
- // * SHA-512 HMac
- // */
- // public static class OldSHA512
- // extends BaseMac
- // {
- // public OldSHA512()
- // {
- // super(new OldHMac(new SHA512Digest()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class HashMacT224
+ extends BaseMac
+ {
+ public HashMacT224()
+ {
+ super(new HMac(new SHA512tDigest(224)));
+ }
+ }
+
+ public static class HashMacT256
+ extends BaseMac
+ {
+ public HashMacT256()
+ {
+ super(new HMac(new SHA512tDigest(256)));
+ }
+ }
+
+ /**
+ * SHA-512 HMac
+ *
+ public static class OldSHA512
+ extends BaseMac
+ {
+ public OldSHA512()
+ {
+ super(new OldHMac(new SHA512Digest()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* HMACSHA512
@@ -133,25 +135,27 @@
}
}
- // BEGIN android-removed
- // public static class KeyGeneratorT224
- // extends BaseKeyGenerator
- // {
- // public KeyGeneratorT224()
- // {
- // super("HMACSHA512/224", 224, new CipherKeyGenerator());
- // }
- // }
- //
- // public static class KeyGeneratorT256
- // extends BaseKeyGenerator
- // {
- // public KeyGeneratorT256()
- // {
- // super("HMACSHA512/256", 256, new CipherKeyGenerator());
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class KeyGeneratorT224
+ extends BaseKeyGenerator
+ {
+ public KeyGeneratorT224()
+ {
+ super("HMACSHA512/224", 224, new CipherKeyGenerator());
+ }
+ }
+
+ public static class KeyGeneratorT256
+ extends BaseKeyGenerator
+ {
+ public KeyGeneratorT256()
+ {
+ super("HMACSHA512/256", 256, new CipherKeyGenerator());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class Mappings
extends DigestAlgorithmProvider
@@ -168,27 +172,29 @@
provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512");
provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512");
- // BEGIN android-removed
- // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
- // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
- // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");
- //
- // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
- // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
- // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");
- //
- // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
+ provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
+ provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");
+
+ provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
+ provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
+ provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");
+
+ provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("Mac.PBEWITHHMACSHA512", PREFIX + "$HashMac");
addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224");
// addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java
index 9711426..5bc0aa8 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java
@@ -17,9 +17,8 @@
public void configure(ConfigurableProvider provider)
{
provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1");
- // END android-removed
provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore");
provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle");
provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle");
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java
index 1d4e146..4dc856d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java
@@ -17,16 +17,18 @@
public void configure(ConfigurableProvider provider)
{
provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
- // BEGIN android-removed
- // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
- // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
- //
- // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
- // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES");
- //
- // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
- // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
+ provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
+
+ provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
+ provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES");
+
+ provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
+ provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES");
+ */
+ // END Android-removed: Unsupported algorithms
}
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
index 0640669..85365b7 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
@@ -48,7 +48,9 @@
import org.bouncycastle.crypto.io.MacInputStream;
import org.bouncycastle.crypto.io.MacOutputStream;
import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.interfaces.BCKeyStore;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -92,7 +94,9 @@
protected int version;
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
public BcKeyStoreSpi(int version)
{
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index 106f75b..efeaa9a 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -64,10 +64,9 @@
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
@@ -90,17 +89,17 @@
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import org.bouncycastle.crypto.Digest;
-// BEGIN android-changed
-// Was: import org.bouncycastle.crypto.digests.SHA1Digest
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-changed
import org.bouncycastle.jcajce.PKCS12Key;
import org.bouncycastle.jcajce.PKCS12StoreParameter;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-// END android-removed
import org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.interfaces.BCKeyStore;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
@@ -115,7 +114,9 @@
extends KeyStoreSpi
implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore
{
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
private static final int SALT_SIZE = 20;
private static final int MIN_ITERATIONS = 1024;
@@ -233,6 +234,8 @@
private static byte[] getDigest(SubjectPublicKeyInfo spki)
{
+ // Android-changed: Use Android digests
+ // Digest digest = DigestFactory.createSHA1();
Digest digest = AndroidDigestFactory.getSHA1();
byte[] resBuf = new byte[digest.getDigestSize()];
@@ -758,15 +761,17 @@
{
cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
}
- // BEGIN android-removed
- // else
- // {
- // // TODO: at the moment it's just GOST, but...
- // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
- //
- // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else
+ {
+ // TODO: at the moment it's just GOST, but...
+ GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
+
+ cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
+ }
+ */
+ // END Android-removed: Unsupported algorithms
return cipher;
}
@@ -1718,33 +1723,36 @@
super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
}
}
- // BEGIN android-removed
- // public static class BCPKCS12KeyStore3DES
- // extends PKCS12KeyStoreSpi
- // {
- // public BCPKCS12KeyStore3DES()
- // {
- // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
- // }
- // }
- //
- // public static class DefPKCS12KeyStore
- // extends PKCS12KeyStoreSpi
- // {
- // public DefPKCS12KeyStore()
- // {
- // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
- // }
- // }
- //
- // public static class DefPKCS12KeyStore3DES
- // extends PKCS12KeyStoreSpi
- // {
- // public DefPKCS12KeyStore3DES()
- // {
- // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
- // }
- // }
+
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class BCPKCS12KeyStore3DES
+ extends PKCS12KeyStoreSpi
+ {
+ public BCPKCS12KeyStore3DES()
+ {
+ super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
+ }
+ }
+
+ public static class DefPKCS12KeyStore
+ extends PKCS12KeyStoreSpi
+ {
+ public DefPKCS12KeyStore()
+ {
+ super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
+ }
+ }
+
+ public static class DefPKCS12KeyStore3DES
+ extends PKCS12KeyStoreSpi
+ {
+ public DefPKCS12KeyStore3DES()
+ {
+ super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
+ }
+ }
+ */
// END android-removed
private static class IgnoresCaseHashtable
@@ -1818,9 +1826,8 @@
keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));
- // END android-removed
KEY_SIZES = Collections.unmodifiableMap(keySizes);
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
index f118e5c..e0669d2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
@@ -1,13 +1,11 @@
package org.bouncycastle.jcajce.provider.symmetric;
import java.io.IOException;
-// BEGIN android-added
+// BEGIN Android-added: Needed for setting mode with GCM
import java.security.NoSuchAlgorithmException;
-// END android-added
-// BEGIN android-removed
-// import java.security.AlgorithmParameters;
-// import java.security.InvalidAlgorithmParameterException;
-// END android-removed
+// END Android-added: Needed for setting mode with GCM
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
@@ -16,13 +14,12 @@
import javax.crypto.spec.IvParameterSpec;
-// BEGIN android-added
+// BEGIN Android-added: Needed for setting padding with GCM
import javax.crypto.NoSuchPaddingException;
-// END android-added
+// END Android-added: Needed for setting padding with GCM
import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cms.CCMParameters;
-// END android-removed
import org.bouncycastle.asn1.cms.GCMParameters;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.crypto.BlockCipher;
@@ -34,32 +31,28 @@
import org.bouncycastle.crypto.Mac;
import org.bouncycastle.crypto.engines.AESEngine;
import org.bouncycastle.crypto.engines.AESWrapEngine;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.engines.AESWrapPadEngine;
// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
// import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
// import org.bouncycastle.crypto.macs.CMac;
// import org.bouncycastle.crypto.macs.GMac;
-// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.modes.CCMBlockCipher;
-// END android-removed
import org.bouncycastle.crypto.modes.CFBBlockCipher;
import org.bouncycastle.crypto.modes.GCMBlockCipher;
import org.bouncycastle.crypto.modes.OFBBlockCipher;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
-// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
@@ -130,7 +123,7 @@
public GCM()
{
super(new GCMBlockCipher(new AESEngine()));
- // BEGIN android-added
+ // BEGIN Android-added: Set mode and padding due to name change (see note in Mappings)
try {
engineSetMode("GCM");
engineSetPadding("NoPadding");
@@ -138,130 +131,132 @@
// this should not be possible
throw new RuntimeException("Could not set mode or padding for GCM mode", e);
}
- // END android-added
+ // END Android-added: Set mode and padding due to name change (see note in Mappings)
}
}
- // BEGIN android-removed
- // static public class CCM
- // extends BaseBlockCipher
- // {
- // public CCM()
- // {
- // super(new CCMBlockCipher(new AESEngine()), false, 16);
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class CCM
+ extends BaseBlockCipher
+ {
+ public CCM()
+ {
+ super(new CCMBlockCipher(new AESEngine()), false, 16);
+ }
+ }
- // public static class AESCMAC
- // extends BaseMac
- // {
- // public AESCMAC()
- // {
- // super(new CMac(new AESEngine()));
- // }
- // }
+ public static class AESCMAC
+ extends BaseMac
+ {
+ public AESCMAC()
+ {
+ super(new CMac(new AESEngine()));
+ }
+ }
- // public static class AESGMAC
- // extends BaseMac
- // {
- // public AESGMAC()
- // {
- // super(new GMac(new GCMBlockCipher(new AESEngine())));
- // }
- // }
+ public static class AESGMAC
+ extends BaseMac
+ {
+ public AESGMAC()
+ {
+ super(new GMac(new GCMBlockCipher(new AESEngine())));
+ }
+ }
- // public static class AESCCMMAC
- // extends BaseMac
- // {
- // public AESCCMMAC()
- // {
- // super(new CCMMac());
- // }
+ public static class AESCCMMAC
+ extends BaseMac
+ {
+ public AESCCMMAC()
+ {
+ super(new CCMMac());
+ }
- // private static class CCMMac
- // implements Mac
- // {
- // private final CCMBlockCipher ccm = new CCMBlockCipher(new AESEngine());
+ private static class CCMMac
+ implements Mac
+ {
+ private final CCMBlockCipher ccm = new CCMBlockCipher(new AESEngine());
- // private int macLength = 8;
+ private int macLength = 8;
- // public void init(CipherParameters params)
- // throws IllegalArgumentException
- // {
- // ccm.init(true, params);
+ public void init(CipherParameters params)
+ throws IllegalArgumentException
+ {
+ ccm.init(true, params);
- // this.macLength = ccm.getMac().length;
- // }
+ this.macLength = ccm.getMac().length;
+ }
- // public String getAlgorithmName()
- // {
- // return ccm.getAlgorithmName() + "Mac";
- // }
+ public String getAlgorithmName()
+ {
+ return ccm.getAlgorithmName() + "Mac";
+ }
- // public int getMacSize()
- // {
- // return macLength;
- // }
+ public int getMacSize()
+ {
+ return macLength;
+ }
- // public void update(byte in)
- // throws IllegalStateException
- // {
- // ccm.processAADByte(in);
- // }
+ public void update(byte in)
+ throws IllegalStateException
+ {
+ ccm.processAADByte(in);
+ }
- // public void update(byte[] in, int inOff, int len)
- // throws DataLengthException, IllegalStateException
- // {
- // ccm.processAADBytes(in, inOff, len);
- // }
+ public void update(byte[] in, int inOff, int len)
+ throws DataLengthException, IllegalStateException
+ {
+ ccm.processAADBytes(in, inOff, len);
+ }
- // public int doFinal(byte[] out, int outOff)
- // throws DataLengthException, IllegalStateException
- // {
- // try
- // {
- // return ccm.doFinal(out, 0);
- // }
- // catch (InvalidCipherTextException e)
- // {
- // throw new IllegalStateException("exception on doFinal(): " + e.toString());
- // }
- // }
+ public int doFinal(byte[] out, int outOff)
+ throws DataLengthException, IllegalStateException
+ {
+ try
+ {
+ return ccm.doFinal(out, 0);
+ }
+ catch (InvalidCipherTextException e)
+ {
+ throw new IllegalStateException("exception on doFinal(): " + e.toString());
+ }
+ }
- // public void reset()
- // {
- // ccm.reset();
- // }
- // }
- // }
+ public void reset()
+ {
+ ccm.reset();
+ }
+ }
+ }
- // static public class KeyFactory
- // extends BaseSecretKeyFactory
- // {
- // public KeyFactory()
- // {
- // super("AES", null);
- // }
- // }
+ static public class KeyFactory
+ extends BaseSecretKeyFactory
+ {
+ public KeyFactory()
+ {
+ super("AES", null);
+ }
+ }
- // public static class Poly1305
- // extends BaseMac
- // {
- // public Poly1305()
- // {
- // super(new org.bouncycastle.crypto.macs.Poly1305(new AESEngine()));
- // }
- // }
+ public static class Poly1305
+ extends BaseMac
+ {
+ public Poly1305()
+ {
+ super(new org.bouncycastle.crypto.macs.Poly1305(new AESEngine()));
+ }
+ }
- // public static class Poly1305KeyGen
- // extends BaseKeyGenerator
- // {
- // public Poly1305KeyGen()
- // {
- // super("Poly1305-AES", 256, new Poly1305KeyGenerator());
- // }
- // }
- // END android-removed
+ public static class Poly1305KeyGen
+ extends BaseKeyGenerator
+ {
+ public Poly1305KeyGen()
+ {
+ super("Poly1305-AES", 256, new Poly1305KeyGenerator());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
static public class Wrap
extends BaseWrapCipher
@@ -272,34 +267,36 @@
}
}
- // BEGIN android-removed
- // public static class WrapPad
- // extends BaseWrapCipher
- // {
- // public WrapPad()
- // {
- // super(new AESWrapPadEngine());
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class WrapPad
+ extends BaseWrapCipher
+ {
+ public WrapPad()
+ {
+ super(new AESWrapPadEngine());
+ }
+ }
- // public static class RFC3211Wrap
- // extends BaseWrapCipher
- // {
- // public RFC3211Wrap()
- // {
- // super(new RFC3211WrapEngine(new AESEngine()), 16);
- // }
- // }
+ public static class RFC3211Wrap
+ extends BaseWrapCipher
+ {
+ public RFC3211Wrap()
+ {
+ super(new RFC3211WrapEngine(new AESEngine()), 16);
+ }
+ }
- // public static class RFC5649Wrap
- // extends BaseWrapCipher
- // {
- // public RFC5649Wrap()
- // {
- // super(new RFC5649WrapEngine(new AESEngine()));
- // }
- // }
- // END android-removed
+ public static class RFC5649Wrap
+ extends BaseWrapCipher
+ {
+ public RFC5649Wrap()
+ {
+ super(new RFC5649WrapEngine(new AESEngine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* PBEWithAES-CBC
@@ -378,9 +375,12 @@
{
public KeyGen()
{
- // BEGIN android-changed
+ // Android-changed: Use 128-bit keys by default.
+ // Bouncy Castle defaults to 192-bit keys, which is the worst choice: worse security
+ // than 256-bit keys, slower than 128-bit keys, narrower support than either.
+ // Use 128-bit keys by default since they're faster and should still be plenty secure.
+ // this(192);
this(128);
- // END android-changed
}
public KeyGen(int keySize)
@@ -389,34 +389,36 @@
}
}
- // BEGIN android-removed
- // public static class KeyGen128
- // extends KeyGen
- // {
- // public KeyGen128()
- // {
- // super(128);
- // }
- // }
- //
- // public static class KeyGen192
- // extends KeyGen
- // {
- // public KeyGen192()
- // {
- // super(192);
- // }
- // }
- //
- // public static class KeyGen256
- // extends KeyGen
- // {
- // public KeyGen256()
- // {
- // super(256);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class KeyGen128
+ extends KeyGen
+ {
+ public KeyGen128()
+ {
+ super(128);
+ }
+ }
+
+ public static class KeyGen192
+ extends KeyGen
+ {
+ public KeyGen192()
+ {
+ super(192);
+ }
+ }
+
+ public static class KeyGen256
+ extends KeyGen
+ {
+ public KeyGen256()
+ {
+ super(256);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* PBEWithSHA1And128BitAES-BC
@@ -525,124 +527,126 @@
super("PBEWithMD5And256BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 256, 128);
}
}
+
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class AlgParamGen
+ extends BaseAlgorithmParameterGenerator
+ {
+ protected void engineInit(
+ AlgorithmParameterSpec genParamSpec,
+ SecureRandom random)
+ throws InvalidAlgorithmParameterException
+ {
+ throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+ }
- // BEGIN android-removed
- // public static class AlgParamGen
- // extends BaseAlgorithmParameterGenerator
- // {
- // protected void engineInit(
- // AlgorithmParameterSpec genParamSpec,
- // SecureRandom random)
- // throws InvalidAlgorithmParameterException
- // {
- // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
- // }
+ protected AlgorithmParameters engineGenerateParameters()
+ {
+ byte[] iv = new byte[16];
- // protected AlgorithmParameters engineGenerateParameters()
- // {
- // byte[] iv = new byte[16];
+ if (random == null)
+ {
+ random = new SecureRandom();
+ }
- // if (random == null)
- // {
- // random = new SecureRandom();
- // }
+ random.nextBytes(iv);
- // random.nextBytes(iv);
+ AlgorithmParameters params;
- // AlgorithmParameters params;
+ try
+ {
+ params = createParametersInstance("AES");
+ params.init(new IvParameterSpec(iv));
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e.getMessage());
+ }
- // try
- // {
- // params = createParametersInstance("AES");
- // params.init(new IvParameterSpec(iv));
- // }
- // catch (Exception e)
- // {
- // throw new RuntimeException(e.getMessage());
- // }
+ return params;
+ }
+ }
- // return params;
- // }
- // }
+ public static class AlgParamGenCCM
+ extends BaseAlgorithmParameterGenerator
+ {
+ protected void engineInit(
+ AlgorithmParameterSpec genParamSpec,
+ SecureRandom random)
+ throws InvalidAlgorithmParameterException
+ {
+ // TODO: add support for GCMParameterSpec as a template.
+ throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+ }
- // public static class AlgParamGenCCM
- // extends BaseAlgorithmParameterGenerator
- // {
- // protected void engineInit(
- // AlgorithmParameterSpec genParamSpec,
- // SecureRandom random)
- // throws InvalidAlgorithmParameterException
- // {
- // // TODO: add support for GCMParameterSpec as a template.
- // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
- // }
+ protected AlgorithmParameters engineGenerateParameters()
+ {
+ byte[] iv = new byte[12];
- // protected AlgorithmParameters engineGenerateParameters()
- // {
- // byte[] iv = new byte[12];
+ if (random == null)
+ {
+ random = new SecureRandom();
+ }
- // if (random == null)
- // {
- // random = new SecureRandom();
- // }
+ random.nextBytes(iv);
- // random.nextBytes(iv);
+ AlgorithmParameters params;
- // AlgorithmParameters params;
+ try
+ {
+ params = createParametersInstance("CCM");
+ params.init(new CCMParameters(iv, 12).getEncoded());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e.getMessage());
+ }
- // try
- // {
- // params = createParametersInstance("CCM");
- // params.init(new CCMParameters(iv, 12).getEncoded());
- // }
- // catch (Exception e)
- // {
- // throw new RuntimeException(e.getMessage());
- // }
+ return params;
+ }
+ }
- // return params;
- // }
- // }
+ public static class AlgParamGenGCM
+ extends BaseAlgorithmParameterGenerator
+ {
+ protected void engineInit(
+ AlgorithmParameterSpec genParamSpec,
+ SecureRandom random)
+ throws InvalidAlgorithmParameterException
+ {
+ // TODO: add support for GCMParameterSpec as a template.
+ throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+ }
- // public static class AlgParamGenGCM
- // extends BaseAlgorithmParameterGenerator
- // {
- // protected void engineInit(
- // AlgorithmParameterSpec genParamSpec,
- // SecureRandom random)
- // throws InvalidAlgorithmParameterException
- // {
- // // TODO: add support for GCMParameterSpec as a template.
- // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
- // }
+ protected AlgorithmParameters engineGenerateParameters()
+ {
+ byte[] nonce = new byte[12];
- // protected AlgorithmParameters engineGenerateParameters()
- // {
- // byte[] nonce = new byte[12];
+ if (random == null)
+ {
+ random = new SecureRandom();
+ }
- // if (random == null)
- // {
- // random = new SecureRandom();
- // }
+ random.nextBytes(nonce);
- // random.nextBytes(nonce);
+ AlgorithmParameters params;
- // AlgorithmParameters params;
+ try
+ {
+ params = createParametersInstance("GCM");
+ params.init(new GCMParameters(nonce, 16).getEncoded());
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e.getMessage());
+ }
- // try
- // {
- // params = createParametersInstance("GCM");
- // params.init(new GCMParameters(nonce, 16).getEncoded());
- // }
- // catch (Exception e)
- // {
- // throw new RuntimeException(e.getMessage());
- // }
-
- // return params;
- // }
- // }
- // END android-removed
+ return params;
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class AlgParams
extends IvAlgorithmParameters
@@ -738,92 +742,94 @@
}
}
- // BEGIN android-removed
- // public static class AlgParamsCCM
- // extends BaseAlgorithmParameters
- // {
- // private CCMParameters ccmParams;
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class AlgParamsCCM
+ extends BaseAlgorithmParameters
+ {
+ private CCMParameters ccmParams;
- // protected void engineInit(AlgorithmParameterSpec paramSpec)
- // throws InvalidParameterSpecException
- // {
- // if (GcmSpecUtil.isGcmSpec(paramSpec))
- // {
- // ccmParams = CCMParameters.getInstance(GcmSpecUtil.extractGcmParameters(paramSpec));
- // }
- // else if (paramSpec instanceof AEADParameterSpec)
- // {
- // ccmParams = new CCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8);
- // }
- // else
- // {
- // throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName());
- // }
- // }
+ protected void engineInit(AlgorithmParameterSpec paramSpec)
+ throws InvalidParameterSpecException
+ {
+ if (GcmSpecUtil.isGcmSpec(paramSpec))
+ {
+ ccmParams = CCMParameters.getInstance(GcmSpecUtil.extractGcmParameters(paramSpec));
+ }
+ else if (paramSpec instanceof AEADParameterSpec)
+ {
+ ccmParams = new CCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8);
+ }
+ else
+ {
+ throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName());
+ }
+ }
- // protected void engineInit(byte[] params)
- // throws IOException
- // {
- // ccmParams = CCMParameters.getInstance(params);
- // }
+ protected void engineInit(byte[] params)
+ throws IOException
+ {
+ ccmParams = CCMParameters.getInstance(params);
+ }
- // protected void engineInit(byte[] params, String format)
- // throws IOException
- // {
- // if (!isASN1FormatString(format))
- // {
- // throw new IOException("unknown format specified");
- // }
+ protected void engineInit(byte[] params, String format)
+ throws IOException
+ {
+ if (!isASN1FormatString(format))
+ {
+ throw new IOException("unknown format specified");
+ }
- // ccmParams = CCMParameters.getInstance(params);
- // }
+ ccmParams = CCMParameters.getInstance(params);
+ }
- // protected byte[] engineGetEncoded()
- // throws IOException
- // {
- // return ccmParams.getEncoded();
- // }
+ protected byte[] engineGetEncoded()
+ throws IOException
+ {
+ return ccmParams.getEncoded();
+ }
- // protected byte[] engineGetEncoded(String format)
- // throws IOException
- // {
- // if (!isASN1FormatString(format))
- // {
- // throw new IOException("unknown format specified");
- // }
+ protected byte[] engineGetEncoded(String format)
+ throws IOException
+ {
+ if (!isASN1FormatString(format))
+ {
+ throw new IOException("unknown format specified");
+ }
- // return ccmParams.getEncoded();
- // }
+ return ccmParams.getEncoded();
+ }
- // protected String engineToString()
- // {
- // return "CCM";
- // }
+ protected String engineToString()
+ {
+ return "CCM";
+ }
- // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
- // throws InvalidParameterSpecException
- // {
- // if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec))
- // {
- // if (GcmSpecUtil.gcmSpecExists())
- // {
- // return GcmSpecUtil.extractGcmSpec(ccmParams.toASN1Primitive());
- // }
- // return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8);
- // }
- // if (paramSpec == AEADParameterSpec.class)
- // {
- // return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8);
- // }
- // if (paramSpec == IvParameterSpec.class)
- // {
- // return new IvParameterSpec(ccmParams.getNonce());
- // }
+ protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
+ throws InvalidParameterSpecException
+ {
+ if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec))
+ {
+ if (GcmSpecUtil.gcmSpecExists())
+ {
+ return GcmSpecUtil.extractGcmSpec(ccmParams.toASN1Primitive());
+ }
+ return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8);
+ }
+ if (paramSpec == AEADParameterSpec.class)
+ {
+ return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8);
+ }
+ if (paramSpec == IvParameterSpec.class)
+ {
+ return new IvParameterSpec(ccmParams.getNonce());
+ }
- // throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
- // }
- // }
- // END android-removed
+ throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class Mappings
extends SymmetricAlgorithmProvider
@@ -857,40 +863,45 @@
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
- // BEGIN android-removed
- // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
- //
- // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
- // END android-removed
+
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+
+ provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAttributes("Cipher.AES", generalAesAttributes);
provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB");
provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES");
provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES");
provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES");
- // BEGIN android-removed
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB");
- // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB");
+ provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAttributes("Cipher.AESWRAP", generalAesAttributes);
provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap");
@@ -899,81 +910,85 @@
provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP");
provider.addAlgorithm("Alg.Alias.Cipher.AESKW", "AESWRAP");
- // BEGIN android-removed
- // provider.addAttributes("Cipher.AESWRAPPAD", generalAesAttributes);
- // provider.addAlgorithm("Cipher.AESWRAPPAD", PREFIX + "$WrapPad");
- // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap_pad, "AESWRAPPAD");
- // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_wrap_pad, "AESWRAPPAD");
- // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap_pad, "AESWRAPPAD");
- // provider.addAlgorithm("Alg.Alias.Cipher.AESKWP", "AESWRAPPAD");
- //
- // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap");
- // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap");
- //
- // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
- //
- // provider.addAttributes("Cipher.CCM", generalAesAttributes);
- // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM");
- // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_CCM, "CCM");
- // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_CCM, "CCM");
- // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_CCM, "CCM");
- //
- // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAttributes("Cipher.AESWRAPPAD", generalAesAttributes);
+ provider.addAlgorithm("Cipher.AESWRAPPAD", PREFIX + "$WrapPad");
+ provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap_pad, "AESWRAPPAD");
+ provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_wrap_pad, "AESWRAPPAD");
+ provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap_pad, "AESWRAPPAD");
+ provider.addAlgorithm("Alg.Alias.Cipher.AESKWP", "AESWRAPPAD");
- // BEGIN android-changed
+ provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap");
+ provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap");
+
+ provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+
+ provider.addAttributes("Cipher.CCM", generalAesAttributes);
+ provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM");
+ provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+ provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+ provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+
+ provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
+ */
+ // END Android-removed: Unsupported algorithms
+
+ // BEGIN Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM"
provider.addAttributes("Cipher.AES/GCM/NOPADDING", generalAesAttributes);
provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM");
provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING");
provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING");
provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING");
- // END android-changed
+ // END Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM"
provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen");
- // BEGIN android-removed
- // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("KeyGenerator.AESWRAPPAD", PREFIX + "$KeyGen");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap_pad, PREFIX + "$KeyGen128");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap_pad, PREFIX + "$KeyGen192");
- // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap_pad, PREFIX + "$KeyGen256");
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256");
+ provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256");
+ provider.addAlgorithm("KeyGenerator.AESWRAPPAD", PREFIX + "$KeyGen");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap_pad, PREFIX + "$KeyGen128");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap_pad, PREFIX + "$KeyGen192");
+ provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap_pad, PREFIX + "$KeyGen256");
- // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC");
+ provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC");
- // provider.addAlgorithm("Mac.AESCCMMAC", PREFIX + "$AESCCMMAC");
- // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes128_CCM.getId(), "AESCCMMAC");
- // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes192_CCM.getId(), "AESCCMMAC");
- // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes256_CCM.getId(), "AESCCMMAC");
- // END android-removed
+ provider.addAlgorithm("Mac.AESCCMMAC", PREFIX + "$AESCCMMAC");
+ provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes128_CCM.getId(), "AESCCMMAC");
+ provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes192_CCM.getId(), "AESCCMMAC");
+ provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes256_CCM.getId(), "AESCCMMAC");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc, "PBEWITHSHAAND128BITAES-CBC-BC");
provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc, "PBEWITHSHAAND192BITAES-CBC-BC");
@@ -1018,10 +1033,10 @@
provider.addAlgorithm("Cipher.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC");
provider.addAlgorithm("Cipher.PBEWITHMD5AND256BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("SecretKeyFactory.AES", PREFIX + "$KeyFactory");
// provider.addAlgorithm("SecretKeyFactory", NISTObjectIdentifiers.aes, PREFIX + "$KeyFactory");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND128BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And128BitAESCBCOpenSSL");
provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And192BitAESCBCOpenSSL");
@@ -1075,10 +1090,10 @@
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
// addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java
index c780d12..d1305cb 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java
@@ -29,9 +29,9 @@
{
public KeyGen()
{
- // BEGIN android-changed
+ // Android-changed: Use ARC4 for algorithm name to match name used in provider
+ // super("RC4", 128, new CipherKeyGenerator());
super("ARC4", 128, new CipherKeyGenerator());
- // END android-changed
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java
index c0a0949..ebaa5c5 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java
@@ -3,16 +3,14 @@
import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
import org.bouncycastle.crypto.CipherKeyGenerator;
import org.bouncycastle.crypto.engines.BlowfishEngine;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.macs.CMac;
-// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
@@ -40,16 +38,18 @@
}
}
- // BEGIN android-removed
- // public static class CMAC
- // extends BaseMac
- // {
- // public CMAC()
- // {
- // super(new CMac(new BlowfishEngine()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class CMAC
+ extends BaseMac
+ {
+ public CMAC()
+ {
+ super(new CMac(new BlowfishEngine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class KeyGen
extends BaseKeyGenerator
@@ -80,13 +80,11 @@
public void configure(ConfigurableProvider provider)
{
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Mac.BLOWFISHCMAC", PREFIX + "$CMAC");
- // END android-removed
provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Cipher", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, PREFIX + "$CBC");
- // END android-removed
provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen");
provider.addAlgorithm("Alg.Alias.KeyGenerator", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, "BLOWFISH");
provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams");
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java
index 5a4f8cd..de2e548 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java
@@ -19,16 +19,14 @@
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.KeyGenerationParameters;
import org.bouncycastle.crypto.engines.DESEngine;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-// END android-removed
import org.bouncycastle.crypto.generators.DESKeyGenerator;
import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
// import org.bouncycastle.crypto.macs.CMac;
// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
-// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
import org.bouncycastle.crypto.params.DESParameters;
@@ -69,19 +67,21 @@
}
}
- // BEGIN android-removed
- // /**
- // * DES CFB8
- // */
- // public static class DESCFB8
- // extends BaseMac
- // {
- // public DESCFB8()
- // {
- // super(new CFBBlockCipherMac(new DESEngine()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ /**
+ * DES CFB8
+ *
+ public static class DESCFB8
+ extends BaseMac
+ {
+ public DESCFB8()
+ {
+ super(new CFBBlockCipherMac(new DESEngine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* DES64
@@ -116,49 +116,49 @@
}
}
- // BEGIN android-removed
- // static public class CMAC
- // extends BaseMac
- // {
- // public CMAC()
- // {
- // super(new CMac(new DESEngine()));
- // }
- // }
- //
- // /**
- // * DES9797Alg3with7816-4Padding
- // */
- // public static class DES9797Alg3with7816d4
- // extends BaseMac
- // {
- // public DES9797Alg3with7816d4()
- // {
- // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding()));
- // }
- // }
- //
- // /**
- // * DES9797Alg3
- // */
- // public static class DES9797Alg3
- // extends BaseMac
- // {
- // public DES9797Alg3()
- // {
- // super(new ISO9797Alg3Mac(new DESEngine()));
- // }
- // }
- //
- // public static class RFC3211
- // extends BaseWrapCipher
- // {
- // public RFC3211()
- // {
- // super(new RFC3211WrapEngine(new DESEngine()), 8);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class CMAC
+ extends BaseMac
+ {
+ public CMAC()
+ {
+ super(new CMac(new DESEngine()));
+ }
+ }
+
+ /**
+ * DES9797Alg3with7816-4Padding
+ *
+ public static class DES9797Alg3with7816d4
+ extends BaseMac
+ {
+ public DES9797Alg3with7816d4()
+ {
+ super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding()));
+ }
+ }
+
+ /**
+ * DES9797Alg3
+ *
+ public static class DES9797Alg3
+ extends BaseMac
+ {
+ public DES9797Alg3()
+ {
+ super(new ISO9797Alg3Mac(new DESEngine()));
+ }
+ }
+
+ public static class RFC3211
+ extends BaseWrapCipher
+ {
+ public RFC3211()
+ {
+ super(new RFC3211WrapEngine(new DESEngine()), 8);
+ }
+ }
public static class AlgParamGen
extends BaseAlgorithmParameterGenerator
@@ -197,6 +197,8 @@
return params;
}
}
+ */
+ // END Android-removed: Unsupported algorithms
/**
* DES - the default for this is to generate a key in
@@ -358,19 +360,21 @@
}
}
- // BEGIN android-removed
- // /**
- // * PBEWithMD2AndDES
- // */
- // static public class PBEWithMD2KeyFactory
- // extends DESPBEKeyFactory
- // {
- // public PBEWithMD2KeyFactory()
- // {
- // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ /**
+ * PBEWithMD2AndDES
+ *
+ static public class PBEWithMD2KeyFactory
+ extends DESPBEKeyFactory
+ {
+ public PBEWithMD2KeyFactory()
+ {
+ super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* PBEWithMD5AndDES
@@ -396,19 +400,21 @@
}
}
- // BEGIN android-removed
- // /**
- // * PBEWithMD2AndDES
- // */
- // static public class PBEWithMD2
- // extends BaseBlockCipher
- // {
- // public PBEWithMD2()
- // {
- // super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD2, 64, 8);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ /**
+ * PBEWithMD2AndDES
+ *
+ static public class PBEWithMD2
+ extends BaseBlockCipher
+ {
+ public PBEWithMD2()
+ {
+ super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD2, 64, 8);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* PBEWithMD5AndDES
@@ -448,81 +454,80 @@
{
provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB");
- // BEGIN android-removed
- // provider.addAlgorithm("Cipher", OIWObjectIdentifiers.desCBC, PREFIX + "$CBC");
- //
- // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES");
- //
- // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Cipher", OIWObjectIdentifiers.desCBC, PREFIX + "$CBC");
+
+ addAlias(provider, OIWObjectIdentifiers.desCBC, "DES");
+
+ provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator");
provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory");
- // BEGIN android-removed
- // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC");
- // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC");
- // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC");
- //
- // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8");
- // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8");
- //
- // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64");
- // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64");
- //
- // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4");
- // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
- // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
- // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
- //
- // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3");
- // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797");
- //
- // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3");
- // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC");
- // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4");
- // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC");
+ provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC");
+ provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC");
+
+ provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8");
+ provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8");
+
+ provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64");
+ provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64");
+
+ provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4");
+ provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+ provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+ provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+
+ provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3");
+ provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797");
+
+ provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3");
+ provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC");
+ provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4");
+ provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters", OIWObjectIdentifiers.desCBC, "DES");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen");
// provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES");
//
// provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5");
provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
- // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
- // BEGIN android-removed
provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES");
provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES");
- // BEGIN android-removed
- // provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
- // END android-removed
+ // Android-removed: Unsupported algorithms
+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
- // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
- // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java
index c89fe34..9b2e57b 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java
@@ -1,21 +1,18 @@
package org.bouncycastle.jcajce.provider.symmetric;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import java.security.AlgorithmParameters;
// import java.security.InvalidAlgorithmParameterException;
-// END android-removed
import java.security.SecureRandom;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import java.security.spec.AlgorithmParameterSpec;
-// END android-removed
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import javax.crypto.SecretKey;
import javax.crypto.spec.DESedeKeySpec;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import javax.crypto.spec.IvParameterSpec;
-// END android-removed
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
@@ -23,21 +20,18 @@
import org.bouncycastle.crypto.KeyGenerationParameters;
import org.bouncycastle.crypto.engines.DESedeEngine;
import org.bouncycastle.crypto.engines.DESedeWrapEngine;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-// END android-removed
import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
// import org.bouncycastle.crypto.macs.CMac;
-// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -69,19 +63,21 @@
}
}
- // BEGIN android-removed
- // /**
- // * DESede CFB8
- // */
- // public static class DESedeCFB8
- // extends BaseMac
- // {
- // public DESedeCFB8()
- // {
- // super(new CFBBlockCipherMac(new DESedeEngine()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ /**
+ * DESede CFB8
+ *
+ public static class DESedeCFB8
+ extends BaseMac
+ {
+ public DESedeCFB8()
+ {
+ super(new CFBBlockCipherMac(new DESedeEngine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* DESede64
@@ -106,7 +102,7 @@
super(new CBCBlockCipherMac(new DESedeEngine(), 64, new ISO7816d4Padding()));
}
}
-
+
public static class CBCMAC
extends BaseMac
{
@@ -116,16 +112,18 @@
}
}
- // BEGIN android-removed
- // static public class CMAC
- // extends BaseMac
- // {
- // public CMAC()
- // {
- // super(new CMac(new DESedeEngine()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ static public class CMAC
+ extends BaseMac
+ {
+ public CMAC()
+ {
+ super(new CMac(new DESedeEngine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class Wrap
extends BaseWrapCipher
@@ -136,16 +134,18 @@
}
}
- // BEGIN android-removed
- // public static class RFC3211
- // extends BaseWrapCipher
- // {
- // public RFC3211()
- // {
- // super(new RFC3211WrapEngine(new DESedeEngine()), 8);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class RFC3211
+ extends BaseWrapCipher
+ {
+ public RFC3211()
+ {
+ super(new RFC3211WrapEngine(new DESedeEngine()), 8);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* DESede - the default for this is to generate a key in
@@ -259,45 +259,47 @@
}
}
- // BEGIN android-removed
- // public static class AlgParamGen
- // extends BaseAlgorithmParameterGenerator
- // {
- // protected void engineInit(
- // AlgorithmParameterSpec genParamSpec,
- // SecureRandom random)
- // throws InvalidAlgorithmParameterException
- // {
- // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation.");
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class AlgParamGen
+ extends BaseAlgorithmParameterGenerator
+ {
+ protected void engineInit(
+ AlgorithmParameterSpec genParamSpec,
+ SecureRandom random)
+ throws InvalidAlgorithmParameterException
+ {
+ throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation.");
+ }
- // protected AlgorithmParameters engineGenerateParameters()
- // {
- // byte[] iv = new byte[8];
+ protected AlgorithmParameters engineGenerateParameters()
+ {
+ byte[] iv = new byte[8];
- // if (random == null)
- // {
- // random = new SecureRandom();
- // }
+ if (random == null)
+ {
+ random = new SecureRandom();
+ }
- // random.nextBytes(iv);
+ random.nextBytes(iv);
- // AlgorithmParameters params;
+ AlgorithmParameters params;
- // try
- // {
- // params = createParametersInstance("DES");
- // params.init(new IvParameterSpec(iv));
- // }
- // catch (Exception e)
- // {
- // throw new RuntimeException(e.getMessage());
- // }
+ try
+ {
+ params = createParametersInstance("DES");
+ params.init(new IvParameterSpec(iv));
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e.getMessage());
+ }
- // return params;
- // }
- // }
- // END android-removed
+ return params;
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
static public class KeyFactory
extends BaseSecretKeyFactory
@@ -381,38 +383,35 @@
public void configure(ConfigurableProvider provider)
{
provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC");
- // END android-removed
provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap");
- // BEGIN android-changed
+ // BEGIN Android-changed: Make alias of DESEDEWRAP rather than separate algorithm
provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP");
- // END android-changed
- // BEGIN android-removed
+ // END Android-changed: Make alias of DESEDEWRAP rather than separate algorithm
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211");
// provider.addAlgorithm("Alg.Alias.Cipher.DESEDERFC3217WRAP", "DESEDEWRAP");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE");
provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP");
provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE");
- // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE");
if (provider.hasAlgorithm("MessageDigest", "SHA-1"))
{
provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key");
// provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key");
- // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
@@ -426,39 +425,41 @@
}
provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3");
// provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory");
- // BEGIN android-removed
- // provider.addAlgorithm("SecretKeyFactory", OIWObjectIdentifiers.desEDE, PREFIX + "$KeyFactory");
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("SecretKeyFactory", OIWObjectIdentifiers.desEDE, PREFIX + "$KeyFactory");
- // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC");
- // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC");
- // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC");
+ provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC");
+ provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC");
+ provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC");
- // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8");
- // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8");
+ provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8");
+ provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8");
- // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64");
- // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64");
+ provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64");
+ provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64");
- // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4");
- // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
- // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
- // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
- // END android-removed
+ provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4");
+ provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+ provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+ provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+ */
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen");
// provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory");
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
index b19a4d4..31c9bda 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
@@ -13,9 +13,8 @@
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.pkcs.PBKDF2Params;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.crypto.CipherParameters;
@@ -34,99 +33,101 @@
}
- // BEGIN android-removed
- // public static class AlgParams
- // extends BaseAlgorithmParameters
- // {
- // PBKDF2Params params;
- //
- // protected byte[] engineGetEncoded()
- // {
- // try
- // {
- // return params.getEncoded(ASN1Encoding.DER);
- // }
- // catch (IOException e)
- // {
- // throw new RuntimeException("Oooops! " + e.toString());
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class AlgParams
+ extends BaseAlgorithmParameters
+ {
+ PBKDF2Params params;
- // protected byte[] engineGetEncoded(
- // String format)
- // {
- // if (this.isASN1FormatString(format))
- // {
- // return engineGetEncoded();
- // }
- //
- // return null;
- // }
- //
- // protected AlgorithmParameterSpec localEngineGetParameterSpec(
- // Class paramSpec)
- // throws InvalidParameterSpecException
- // {
- // if (paramSpec == PBEParameterSpec.class)
- // {
- // return new PBEParameterSpec(params.getSalt(),
- // params.getIterationCount().intValue());
- // }
- //
- // throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF2 PBE parameters object.");
- // }
- //
- // protected void engineInit(
- // AlgorithmParameterSpec paramSpec)
- // throws InvalidParameterSpecException
- // {
- // if (!(paramSpec instanceof PBEParameterSpec))
- // {
- // throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF2 PBE parameters algorithm parameters object");
- // }
- //
- // PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec;
- //
- // this.params = new PBKDF2Params(pbeSpec.getSalt(),
- // pbeSpec.getIterationCount());
- // }
- //
- // protected void engineInit(
- // byte[] params)
- // throws IOException
- // {
- // this.params = PBKDF2Params.getInstance(ASN1Primitive.fromByteArray(params));
- // }
- //
- // protected void engineInit(
- // byte[] params,
- // String format)
- // throws IOException
- // {
- // if (this.isASN1FormatString(format))
- // {
- // engineInit(params);
- // return;
- // }
- //
- // throw new IOException("Unknown parameters format in PBKDF2 parameters object");
- // }
- //
- // protected String engineToString()
- // {
- // return "PBKDF2 Parameters";
- // }
- // }
- // END android-removed
+ protected byte[] engineGetEncoded()
+ {
+ try
+ {
+ return params.getEncoded(ASN1Encoding.DER);
+ }
+ catch (IOException e)
+ {
+ throw new RuntimeException("Oooops! " + e.toString());
+ }
+ }
+
+ protected byte[] engineGetEncoded(
+ String format)
+ {
+ if (this.isASN1FormatString(format))
+ {
+ return engineGetEncoded();
+ }
+
+ return null;
+ }
+
+ protected AlgorithmParameterSpec localEngineGetParameterSpec(
+ Class paramSpec)
+ throws InvalidParameterSpecException
+ {
+ if (paramSpec == PBEParameterSpec.class)
+ {
+ return new PBEParameterSpec(params.getSalt(),
+ params.getIterationCount().intValue());
+ }
+
+ throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF2 PBE parameters object.");
+ }
+
+ protected void engineInit(
+ AlgorithmParameterSpec paramSpec)
+ throws InvalidParameterSpecException
+ {
+ if (!(paramSpec instanceof PBEParameterSpec))
+ {
+ throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF2 PBE parameters algorithm parameters object");
+ }
+
+ PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec;
+
+ this.params = new PBKDF2Params(pbeSpec.getSalt(),
+ pbeSpec.getIterationCount());
+ }
+
+ protected void engineInit(
+ byte[] params)
+ throws IOException
+ {
+ this.params = PBKDF2Params.getInstance(ASN1Primitive.fromByteArray(params));
+ }
+
+ protected void engineInit(
+ byte[] params,
+ String format)
+ throws IOException
+ {
+ if (this.isASN1FormatString(format))
+ {
+ engineInit(params);
+ return;
+ }
+
+ throw new IOException("Unknown parameters format in PBKDF2 parameters object");
+ }
+
+ protected String engineToString()
+ {
+ return "PBKDF2 Parameters";
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class BasePBKDF2
extends BaseSecretKeyFactory
{
private int scheme;
- // BEGIN ANDROID-ADDED
+ // BEGIN Android-added: Allow to specify a key using only the password.
private int keySizeInBits;
private int ivSizeInBits;
- // END ANDROID-ADDED
+ // END Android-added: Allow to specify a key using only the password.
private int defaultDigest;
public BasePBKDF2(String name, int scheme)
@@ -134,27 +135,27 @@
this(name, scheme, SHA1);
}
- // BEGIN ANDROID-CHANGED
- // Was: public BasePBKDF2(String name, int scheme, int defaultDigest)
+ // BEGIN Android-changed: Allow to specify a key using only the password.
+ // public BasePBKDF2(String name, int scheme, int defaultDigest)
private BasePBKDF2(
String name, int scheme, int digest, int keySizeInBits, int ivSizeInBits)
- // END ANDROID-CHANGED
+ // END Android-changed: Allow to specify a key using only the password.
{
super(name, PKCSObjectIdentifiers.id_PBKDF2);
this.scheme = scheme;
- // BEGIN ANDROID-ADDED
+ // BEGIN Android-added: Support key-restricted versions.
this.keySizeInBits = keySizeInBits;
this.ivSizeInBits = ivSizeInBits;
- // END ANDROID-ADDED
+ // END Android-added: Support key-restricted versions.
this.defaultDigest = digest;
}
- // BEGIN android-added
+ // BEGIN Android-added: Allow to specify a key using only the password.
private BasePBKDF2(String name, int scheme, int digest) {
this(name, scheme, digest, 0, 0);
}
- // END android-added
+ // END Android-added: Allow to specify a key using only the password.
protected SecretKey engineGenerateSecret(
KeySpec keySpec)
@@ -164,9 +165,8 @@
{
PBEKeySpec pbeSpec = (PBEKeySpec)keySpec;
- // BEGIN ANDROID-ADDED
- // Allow to specify a key using only the password. The key will be generated later
- // when other parameters are known.
+ // BEGIN Android-added: Allow to specify a key using only the password.
+ // The key will be generated later when other parameters are known.
if (pbeSpec.getSalt() == null
&& pbeSpec.getIterationCount() == 0
&& pbeSpec.getKeyLength() == 0
@@ -178,7 +178,7 @@
// cipherParameters, to be generated when the PBE parameters are known.
null);
}
- // END ANDROID-ADDED
+ // END Android-added: Allow to specify a key using only the password.
if (pbeSpec.getSalt() == null)
{
@@ -231,13 +231,15 @@
private int getDigestCode(ASN1ObjectIdentifier algorithm)
throws InvalidKeySpecException
{
- // BEGIN android-removed
- // if (algorithm.equals(CryptoProObjectIdentifiers.gostR3411Hmac))
- // {
- // return GOST3411;
- // }
- // else
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (algorithm.equals(CryptoProObjectIdentifiers.gostR3411Hmac))
+ {
+ return GOST3411;
+ }
+ else
+ */
+ // END Android-removed: Unsupported algorithms
if (algorithm.equals(PKCSObjectIdentifiers.id_hmacWithSHA1))
{
return SHA1;
@@ -263,62 +265,65 @@
}
}
- // BEGIN android-removed
- // public static class PBKDF2withUTF8
- // extends BasePBKDF2
- // {
- // public PBKDF2withUTF8()
- // {
- // super("PBKDF2", PKCS5S2_UTF8);
- // }
- // }
- //
- // public static class PBKDF2withSHA224
- // extends BasePBKDF2
- // {
- // public PBKDF2withSHA224()
- // {
- // super("PBKDF2", PKCS5S2_UTF8, SHA224);
- // }
- // }
- //
- // public static class PBKDF2withSHA256
- // extends BasePBKDF2
- // {
- // public PBKDF2withSHA256()
- // {
- // super("PBKDF2", PKCS5S2_UTF8, SHA256);
- // }
- // }
- //
- // public static class PBKDF2withSHA384
- // extends BasePBKDF2
- // {
- // public PBKDF2withSHA384()
- // {
- // super("PBKDF2", PKCS5S2_UTF8, SHA384);
- // }
- // }
- //
- // public static class PBKDF2withSHA512
- // extends BasePBKDF2
- // {
- // public PBKDF2withSHA512()
- // {
- // super("PBKDF2", PKCS5S2_UTF8, SHA512);
- // }
- // }
- //
- // public static class PBKDF2with8BIT
- // extends BasePBKDF2
- // {
- // public PBKDF2with8BIT()
- // {
- // super("PBKDF2", PKCS5S2);
- // }
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class PBKDF2withUTF8
+ extends BasePBKDF2
+ {
+ public PBKDF2withUTF8()
+ {
+ super("PBKDF2", PKCS5S2_UTF8);
+ }
+ }
- // BEGIN android-added
+ public static class PBKDF2withSHA224
+ extends BasePBKDF2
+ {
+ public PBKDF2withSHA224()
+ {
+ super("PBKDF2", PKCS5S2_UTF8, SHA224);
+ }
+ }
+
+ public static class PBKDF2withSHA256
+ extends BasePBKDF2
+ {
+ public PBKDF2withSHA256()
+ {
+ super("PBKDF2", PKCS5S2_UTF8, SHA256);
+ }
+ }
+
+ public static class PBKDF2withSHA384
+ extends BasePBKDF2
+ {
+ public PBKDF2withSHA384()
+ {
+ super("PBKDF2", PKCS5S2_UTF8, SHA384);
+ }
+ }
+ public static class PBKDF2withSHA512
+ extends BasePBKDF2
+ {
+ public PBKDF2withSHA512()
+ {
+ super("PBKDF2", PKCS5S2_UTF8, SHA512);
+ }
+ }
+
+ public static class PBKDF2with8BIT
+ extends BasePBKDF2
+ {
+ public PBKDF2with8BIT()
+ {
+ super("PBKDF2", PKCS5S2);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
+
+ // BEGIN Android-added: Android implementations of PBKDF2 algorithms.
+ // See note in Mappings below.
public static class BasePBKDF2WithHmacSHA1 extends BasePBKDF2 {
public BasePBKDF2WithHmacSHA1(String name, int scheme)
{
@@ -479,7 +484,7 @@
super("PBEWithHmacSHA512AndAES_256", PKCS5S2_UTF8, SHA512, 256, 128);
}
}
- // END android-added
+ // END Android-added: Android implementations of PBKDF2 algorithms.
public static class Mappings
extends AlgorithmProvider
@@ -492,45 +497,34 @@
public void configure(ConfigurableProvider provider)
{
- // BEGIN android-comment
- // Context: many of these services used to be in
- // com.android.org.bouncycastle.jcajce.provider.digest,SHA1, duplicated with respect to here. This
- // class (PBEPBKDF2) wasn't present in Android until the upgrade to 1.56. Android added
- // some other of these services in SHA1 (for fixed key sizes). Then the duplicate
- // algorithms were removed upstream from SHA1 in
- // b5634e3155e7fd8688599d3eef8e4f3c8a1db078
- // . As a result, when adapting BouncyCastle 1.56 from upstream, the Android code that
- // had been added to SHA1 was moved here, and the rest of the services provided by this
- // class were commented.
- // BEGIN android-removed
- // provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams");
- // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2");
- // provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8");
- // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1", "PBKDF2");
- // END android-removed
- // BEGIN android-changed
- // Was: provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1ANDUTF8", "PBKDF2");
+ // Android-note: Provided classes differ significantly from upstream.
+ // Before BC 1.56, this class was omitted in Android and the algorithms we desired
+ // were provided in org.bouncycastle.jcajce.provider.digest.SHA1. During that
+ // time, Android added some additional versions of these algorithms for fixed key sizes.
+ // BC eventually consolidated the algorithms into this class. As a result, when
+ // upgrading to BC 1.56, we added this class but replaced its contents with
+ // our versions.
+ // BEGIN Android-removed: Bouncy Castle versions of algorithms.
+ /*
+ provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams");
+ provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2");
+ provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8");
+ provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1", "PBKDF2");
+ provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1ANDUTF8", "PBKDF2");
+ provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2");
+ provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHASCII", PREFIX + "$PBKDF2with8BIT");
+ provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITH8BIT", "PBKDF2WITHASCII");
+ provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1AND8BIT", "PBKDF2WITHASCII");
+ provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA224", PREFIX + "$PBKDF2withSHA224");
+ provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA256", PREFIX + "$PBKDF2withSHA256");
+ provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA384", PREFIX + "$PBKDF2withSHA384");
+ provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA512", PREFIX + "$PBKDF2withSHA512");
+ */
+ // END Android-removed: Bouncy Castle versions of algorithms.
+ // BEGIN Android-added: Android versions of algorithms.
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WithHmacSHA1AndUTF8", "PBKDF2WithHmacSHA1");
- // END android-changed
- // BEGin android-removed
- // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2");
- // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHASCII", PREFIX + "$PBKDF2with8BIT");
- // END android-removed
- // BEGIN android-changed
- // Was:
- // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITH8BIT", "PBKDF2WITHASCII");
- // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1AND8BIT", "PBKDF2WITHASCII");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2with8BIT", "PBKDF2WithHmacSHA1And8BIT");
- // END android-changed
- // BEGIN android-added
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2withASCII", "PBKDF2WithHmacSHA1And8BIT");
- // BEGIN android-removed
- // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA224", PREFIX + "$PBKDF2withSHA224");
- // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA256", PREFIX + "$PBKDF2withSHA256");
- // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA384", PREFIX + "$PBKDF2withSHA384");
- // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA512", PREFIX + "$PBKDF2withSHA512");
- // END android-removed
- // BEGIN android-added
provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1", PREFIX + "$PBKDF2WithHmacSHA1UTF8");
provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA224", PREFIX + "$PBKDF2WithHmacSHA224UTF8");
provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA256", PREFIX + "$PBKDF2WithHmacSHA256UTF8");
@@ -547,7 +541,7 @@
provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA384AndAES_256", PREFIX + "$PBEWithHmacSHA384AndAES_256");
provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA512AndAES_256", PREFIX + "$PBEWithHmacSHA512AndAES_256");
provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1And8BIT", PREFIX + "$PBKDF2WithHmacSHA18BIT");
- // END android-added
+ // END Android-added: Android versions of algorithms.
}
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java
index 7bc1e71..06693a2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java
@@ -12,28 +12,24 @@
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
// import org.bouncycastle.crypto.CipherKeyGenerator;
-// END android-removed
import org.bouncycastle.crypto.engines.RC2Engine;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.engines.RC2WrapEngine;
// import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
-// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
import org.bouncycastle.util.Arrays;
@@ -44,61 +40,63 @@
{
}
- // BEGIN android-removed
- // /**
- // * RC2
- // */
- // static public class ECB
- // extends BaseBlockCipher
- // {
- // public ECB()
- // {
- // super(new RC2Engine());
- // }
- // }
- //
- // /**
- // * RC2CBC
- // */
- // static public class CBC
- // extends BaseBlockCipher
- // {
- // public CBC()
- // {
- // super(new CBCBlockCipher(new RC2Engine()), 64);
- // }
- // }
- //
- // public static class Wrap
- // extends BaseWrapCipher
- // {
- // public Wrap()
- // {
- // super(new RC2WrapEngine());
- // }
- // }
- //
- // /**
- // * RC2
- // */
- // public static class CBCMAC
- // extends BaseMac
- // {
- // public CBCMAC()
- // {
- // super(new CBCBlockCipherMac(new RC2Engine()));
- // }
- // }
- //
- // public static class CFB8MAC
- // extends BaseMac
- // {
- // public CFB8MAC()
- // {
- // super(new CFBBlockCipherMac(new RC2Engine()));
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ /**
+ * RC2
+ *
+ static public class ECB
+ extends BaseBlockCipher
+ {
+ public ECB()
+ {
+ super(new RC2Engine());
+ }
+ }
+
+ /**
+ * RC2CBC
+ *
+ static public class CBC
+ extends BaseBlockCipher
+ {
+ public CBC()
+ {
+ super(new CBCBlockCipher(new RC2Engine()), 64);
+ }
+ }
+
+ public static class Wrap
+ extends BaseWrapCipher
+ {
+ public Wrap()
+ {
+ super(new RC2WrapEngine());
+ }
+ }
+
+ /**
+ * RC2
+ *
+ public static class CBCMAC
+ extends BaseMac
+ {
+ public CBCMAC()
+ {
+ super(new CBCBlockCipherMac(new RC2Engine()));
+ }
+ }
+
+ public static class CFB8MAC
+ extends BaseMac
+ {
+ public CFB8MAC()
+ {
+ super(new CFBBlockCipherMac(new RC2Engine()));
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* PBEWithSHA1AndRC2
@@ -184,19 +182,21 @@
}
}
- // BEGIN android-removed
- // /**
- // * PBEWithMD2AndRC2
- // */
- // static public class PBEWithMD2KeyFactory
- // extends PBESecretKeyFactory
- // {
- // public PBEWithMD2KeyFactory()
- // {
- // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64);
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ /**
+ * PBEWithMD2AndRC2
+ *
+ static public class PBEWithMD2KeyFactory
+ extends PBESecretKeyFactory
+ {
+ public PBEWithMD2KeyFactory()
+ {
+ super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64);
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* PBEWithMD5AndRC2
@@ -210,249 +210,251 @@
}
}
- // BEGIN android-removed
- // public static class AlgParamGen
- // extends BaseAlgorithmParameterGenerator
- // {
- // RC2ParameterSpec spec = null;
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class AlgParamGen
+ extends BaseAlgorithmParameterGenerator
+ {
+ RC2ParameterSpec spec = null;
- // protected void engineInit(
- // AlgorithmParameterSpec genParamSpec,
- // SecureRandom random)
- // throws InvalidAlgorithmParameterException
- // {
- // if (genParamSpec instanceof RC2ParameterSpec)
- // {
- // spec = (RC2ParameterSpec)genParamSpec;
- // return;
- // }
+ protected void engineInit(
+ AlgorithmParameterSpec genParamSpec,
+ SecureRandom random)
+ throws InvalidAlgorithmParameterException
+ {
+ if (genParamSpec instanceof RC2ParameterSpec)
+ {
+ spec = (RC2ParameterSpec)genParamSpec;
+ return;
+ }
- // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation.");
- // }
+ throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation.");
+ }
- // protected AlgorithmParameters engineGenerateParameters()
- // {
- // AlgorithmParameters params;
+ protected AlgorithmParameters engineGenerateParameters()
+ {
+ AlgorithmParameters params;
- // if (spec == null)
- // {
- // byte[] iv = new byte[8];
+ if (spec == null)
+ {
+ byte[] iv = new byte[8];
- // if (random == null)
- // {
- // random = new SecureRandom();
- // }
+ if (random == null)
+ {
+ random = new SecureRandom();
+ }
- // random.nextBytes(iv);
+ random.nextBytes(iv);
- // try
- // {
- // params = createParametersInstance("RC2");
- // params.init(new IvParameterSpec(iv));
- // }
- // catch (Exception e)
- // {
- // throw new RuntimeException(e.getMessage());
- // }
- // }
- // else
- // {
- // try
- // {
- // params = createParametersInstance("RC2");
- // params.init(spec);
- // }
- // catch (Exception e)
- // {
- // throw new RuntimeException(e.getMessage());
- // }
- // }
+ try
+ {
+ params = createParametersInstance("RC2");
+ params.init(new IvParameterSpec(iv));
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e.getMessage());
+ }
+ }
+ else
+ {
+ try
+ {
+ params = createParametersInstance("RC2");
+ params.init(spec);
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e.getMessage());
+ }
+ }
- // return params;
- // }
- // }
+ return params;
+ }
+ }
- // public static class KeyGenerator
- // extends BaseKeyGenerator
- // {
- // public KeyGenerator()
- // {
- // super("RC2", 128, new CipherKeyGenerator());
- // }
- // }
+ public static class KeyGenerator
+ extends BaseKeyGenerator
+ {
+ public KeyGenerator()
+ {
+ super("RC2", 128, new CipherKeyGenerator());
+ }
+ }
- // public static class AlgParams
- // extends BaseAlgorithmParameters
- // {
- // private static final short[] table = {
- // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
- // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
- // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
- // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
- // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
- // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
- // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
- // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
- // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
- // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
- // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
- // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
- // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
- // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
- // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
- // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
- // };
+ public static class AlgParams
+ extends BaseAlgorithmParameters
+ {
+ private static final short[] table = {
+ 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
+ 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
+ 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
+ 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
+ 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
+ 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
+ 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
+ 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
+ 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
+ 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
+ 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
+ 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
+ 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
+ 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
+ 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
+ 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
+ };
- // private static final short[] ekb = {
- // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
- // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
- // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
- // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
- // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
- // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
- // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
- // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
- // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
- // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
- // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
- // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
- // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
- // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
- // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
- // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
- // };
+ private static final short[] ekb = {
+ 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
+ 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
+ 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
+ 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
+ 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
+ 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
+ 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
+ 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
+ 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
+ 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
+ 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
+ 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
+ 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
+ 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
+ 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
+ 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
+ };
- // private byte[] iv;
- // private int parameterVersion = 58;
+ private byte[] iv;
+ private int parameterVersion = 58;
- // protected byte[] engineGetEncoded()
- // {
- // return Arrays.clone(iv);
- // }
+ protected byte[] engineGetEncoded()
+ {
+ return Arrays.clone(iv);
+ }
- // protected byte[] engineGetEncoded(
- // String format)
- // throws IOException
- // {
- // if (this.isASN1FormatString(format))
- // {
- // if (parameterVersion == -1)
- // {
- // return new RC2CBCParameter(engineGetEncoded()).getEncoded();
- // }
- // else
- // {
- // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded();
- // }
- // }
+ protected byte[] engineGetEncoded(
+ String format)
+ throws IOException
+ {
+ if (this.isASN1FormatString(format))
+ {
+ if (parameterVersion == -1)
+ {
+ return new RC2CBCParameter(engineGetEncoded()).getEncoded();
+ }
+ else
+ {
+ return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded();
+ }
+ }
- // if (format.equals("RAW"))
- // {
- // return engineGetEncoded();
- // }
+ if (format.equals("RAW"))
+ {
+ return engineGetEncoded();
+ }
- // return null;
- // }
+ return null;
+ }
- // protected AlgorithmParameterSpec localEngineGetParameterSpec(
- // Class paramSpec)
- // throws InvalidParameterSpecException
- // {
- // if (paramSpec == RC2ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
- // {
- // if (parameterVersion != -1)
- // {
- // if (parameterVersion < 256)
- // {
- // return new RC2ParameterSpec(ekb[parameterVersion], iv);
- // }
- // else
- // {
- // return new RC2ParameterSpec(parameterVersion, iv);
- // }
- // }
- // }
+ protected AlgorithmParameterSpec localEngineGetParameterSpec(
+ Class paramSpec)
+ throws InvalidParameterSpecException
+ {
+ if (paramSpec == RC2ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+ {
+ if (parameterVersion != -1)
+ {
+ if (parameterVersion < 256)
+ {
+ return new RC2ParameterSpec(ekb[parameterVersion], iv);
+ }
+ else
+ {
+ return new RC2ParameterSpec(parameterVersion, iv);
+ }
+ }
+ }
- // if (paramSpec == IvParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
- // {
- // return new IvParameterSpec(iv);
- // }
+ if (paramSpec == IvParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+ {
+ return new IvParameterSpec(iv);
+ }
- // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object.");
- // }
+ throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object.");
+ }
- // protected void engineInit(
- // AlgorithmParameterSpec paramSpec)
- // throws InvalidParameterSpecException
- // {
- // if (paramSpec instanceof IvParameterSpec)
- // {
- // this.iv = ((IvParameterSpec)paramSpec).getIV();
- // }
- // else if (paramSpec instanceof RC2ParameterSpec)
- // {
- // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits();
- // if (effKeyBits != -1)
- // {
- // if (effKeyBits < 256)
- // {
- // parameterVersion = table[effKeyBits];
- // }
- // else
- // {
- // parameterVersion = effKeyBits;
- // }
- // }
+ protected void engineInit(
+ AlgorithmParameterSpec paramSpec)
+ throws InvalidParameterSpecException
+ {
+ if (paramSpec instanceof IvParameterSpec)
+ {
+ this.iv = ((IvParameterSpec)paramSpec).getIV();
+ }
+ else if (paramSpec instanceof RC2ParameterSpec)
+ {
+ int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits();
+ if (effKeyBits != -1)
+ {
+ if (effKeyBits < 256)
+ {
+ parameterVersion = table[effKeyBits];
+ }
+ else
+ {
+ parameterVersion = effKeyBits;
+ }
+ }
- // this.iv = ((RC2ParameterSpec)paramSpec).getIV();
- // }
- // else
- // {
- // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object");
- // }
- // }
+ this.iv = ((RC2ParameterSpec)paramSpec).getIV();
+ }
+ else
+ {
+ throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object");
+ }
+ }
- // protected void engineInit(
- // byte[] params)
- // throws IOException
- // {
- // this.iv = Arrays.clone(params);
- // }
+ protected void engineInit(
+ byte[] params)
+ throws IOException
+ {
+ this.iv = Arrays.clone(params);
+ }
- // protected void engineInit(
- // byte[] params,
- // String format)
- // throws IOException
- // {
- // if (this.isASN1FormatString(format))
- // {
- // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params));
+ protected void engineInit(
+ byte[] params,
+ String format)
+ throws IOException
+ {
+ if (this.isASN1FormatString(format))
+ {
+ RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params));
- // if (p.getRC2ParameterVersion() != null)
- // {
- // parameterVersion = p.getRC2ParameterVersion().intValue();
- // }
+ if (p.getRC2ParameterVersion() != null)
+ {
+ parameterVersion = p.getRC2ParameterVersion().intValue();
+ }
- // iv = p.getIV();
+ iv = p.getIV();
- // return;
- // }
+ return;
+ }
- // if (format.equals("RAW"))
- // {
- // engineInit(params);
- // return;
- // }
+ if (format.equals("RAW"))
+ {
+ engineInit(params);
+ return;
+ }
- // throw new IOException("Unknown parameters format in IV parameters object");
- // }
+ throw new IOException("Unknown parameters format in IV parameters object");
+ }
- // protected String engineToString()
- // {
- // return "RC2 Parameters";
- // }
- // }
- // END android-removed
+ protected String engineToString()
+ {
+ return "RC2 Parameters";
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class Mappings
extends AlgorithmProvider
@@ -465,36 +467,40 @@
public void configure(ConfigurableProvider provider)
{
- // BEGIN android-removed
- // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen");
- // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen");
- //
- // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator");
- // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator");
- //
- // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams");
- // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams");
- //
- // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB");
- // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap");
- // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP");
- // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.RC2_CBC, PREFIX + "$CBC");
- //
- // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC");
- // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC");
- // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC");
- // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8");
- //
- // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen");
+ provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen");
+
+ provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator");
+ provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator");
+
+ provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams");
+ provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams");
+
+ provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB");
+ provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap");
+ provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP");
+ provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.RC2_CBC, PREFIX + "$CBC");
+
+ provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC");
+ provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC");
+ provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC");
+ provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8");
+
+ provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2");
+ */
+ // END Android-removed: Unsupported algorithms
+
+ // Android-note: All of the non-disabled algorithms in this class are necessary
+ // for KeyStore.PKCS12
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
- // END android-removed
provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
@@ -502,18 +508,16 @@
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC");
provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory");
- // END android-removed
provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory");
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
- // END android-removed
provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java
index 7ac79e7..e955e9d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java
@@ -6,44 +6,46 @@
abstract class SymmetricAlgorithmProvider
extends AlgorithmProvider
{
- // BEGIN android-removed
- // protected void addCMacAlgorithm(
- // ConfigurableProvider provider,
- // String algorithm,
- // String algorithmClassName,
- // String keyGeneratorClassName)
- // {
- // provider.addAlgorithm("Mac." + algorithm + "-CMAC", algorithmClassName);
- // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "CMAC", algorithm + "-CMAC");
- //
- // provider.addAlgorithm("KeyGenerator." + algorithm + "-CMAC", keyGeneratorClassName);
- // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "CMAC", algorithm + "-CMAC");
- // }
- //
- // protected void addGMacAlgorithm(
- // ConfigurableProvider provider,
- // String algorithm,
- // String algorithmClassName,
- // String keyGeneratorClassName)
- // {
- // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName);
- // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC");
- //
- // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName);
- // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC");
- // }
- //
- // protected void addPoly1305Algorithm(ConfigurableProvider provider,
- // String algorithm,
- // String algorithmClassName,
- // String keyGeneratorClassName)
- // {
- // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName);
- // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm);
- //
- // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName);
- // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm);
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ protected void addCMacAlgorithm(
+ ConfigurableProvider provider,
+ String algorithm,
+ String algorithmClassName,
+ String keyGeneratorClassName)
+ {
+ provider.addAlgorithm("Mac." + algorithm + "-CMAC", algorithmClassName);
+ provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "CMAC", algorithm + "-CMAC");
+
+ provider.addAlgorithm("KeyGenerator." + algorithm + "-CMAC", keyGeneratorClassName);
+ provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "CMAC", algorithm + "-CMAC");
+ }
+
+ protected void addGMacAlgorithm(
+ ConfigurableProvider provider,
+ String algorithm,
+ String algorithmClassName,
+ String keyGeneratorClassName)
+ {
+ provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName);
+ provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC");
+
+ provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName);
+ provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC");
+ }
+
+ protected void addPoly1305Algorithm(ConfigurableProvider provider,
+ String algorithm,
+ String algorithmClassName,
+ String keyGeneratorClassName)
+ {
+ provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName);
+ provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm);
+
+ provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName);
+ provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm);
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java
index c666ac1..62988e0 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java
@@ -1,26 +1,22 @@
package org.bouncycastle.jcajce.provider.symmetric;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.BlockCipher;
// import org.bouncycastle.crypto.CipherKeyGenerator;
-// END android-removed
import org.bouncycastle.crypto.engines.TwofishEngine;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
// import org.bouncycastle.crypto.macs.GMac;
-// END android-removed
import org.bouncycastle.crypto.modes.CBCBlockCipher;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.modes.GCMBlockCipher;
-// END android-removed
import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-// END android-removed
import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
public final class Twofish
@@ -29,58 +25,60 @@
{
}
- // BEGIN android-removed
- // public static class ECB
- // extends BaseBlockCipher
- // {
- // public ECB()
- // {
- // super(new BlockCipherProvider()
- // {
- // public BlockCipher get()
- // {
- // return new TwofishEngine();
- // }
- // });
- // }
- // }
- //
- // public static class KeyGen
- // extends BaseKeyGenerator
- // {
- // public KeyGen()
- // {
- // super("Twofish", 256, new CipherKeyGenerator());
- // }
- // }
- //
- // public static class GMAC
- // extends BaseMac
- // {
- // public GMAC()
- // {
- // super(new GMac(new GCMBlockCipher(new TwofishEngine())));
- // }
- // }
- //
- // public static class Poly1305
- // extends BaseMac
- // {
- // public Poly1305()
- // {
- // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine()));
- // }
- // }
- //
- // public static class Poly1305KeyGen
- // extends BaseKeyGenerator
- // {
- // public Poly1305KeyGen()
- // {
- // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator());
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class ECB
+ extends BaseBlockCipher
+ {
+ public ECB()
+ {
+ super(new BlockCipherProvider()
+ {
+ public BlockCipher get()
+ {
+ return new TwofishEngine();
+ }
+ });
+ }
+ }
+
+ public static class KeyGen
+ extends BaseKeyGenerator
+ {
+ public KeyGen()
+ {
+ super("Twofish", 256, new CipherKeyGenerator());
+ }
+ }
+
+ public static class GMAC
+ extends BaseMac
+ {
+ public GMAC()
+ {
+ super(new GMac(new GCMBlockCipher(new TwofishEngine())));
+ }
+ }
+
+ public static class Poly1305
+ extends BaseMac
+ {
+ public Poly1305()
+ {
+ super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine()));
+ }
+ }
+
+ public static class Poly1305KeyGen
+ extends BaseKeyGenerator
+ {
+ public Poly1305KeyGen()
+ {
+ super("Poly1305-Twofish", 256, new Poly1305KeyGenerator());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
/**
* PBEWithSHAAndTwofish-CBC
@@ -106,16 +104,18 @@
}
}
- // BEGIN android-removed
- // public static class AlgParams
- // extends IvAlgorithmParameters
- // {
- // protected String engineToString()
- // {
- // return "Twofish IV";
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ public static class AlgParams
+ extends IvAlgorithmParameters
+ {
+ protected String engineToString()
+ {
+ return "Twofish IV";
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
public static class Mappings
extends SymmetricAlgorithmProvider
@@ -128,21 +128,22 @@
public void configure(ConfigurableProvider provider)
{
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB");
// provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen");
// provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
+ // Android-note: These algorithms are necessary for KeyStore.BouncyCastle
provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE");
provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE");
provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA");
provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen");
// addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
}
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java
index 1486d71..a471972 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java
@@ -152,10 +152,4 @@
{
return tryWrong;
}
-
- // BEGIN android-added
- public PBEKeySpec getPbeKeySpec() {
- return pbeKeySpec;
- }
- // END android-added
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
index 296d692..2237e26 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
@@ -6,13 +6,17 @@
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
public abstract class BaseAlgorithmParameterGenerator
extends AlgorithmParameterGeneratorSpi
{
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
protected SecureRandom random;
protected int strength = 1024;
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
index 63d7b35..9e3dafa 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
@@ -20,14 +20,13 @@
import javax.crypto.ShortBufferException;
import javax.crypto.interfaces.PBEKey;
import javax.crypto.spec.IvParameterSpec;
-// BEGIN android-added
+// BEGIN Android-added: Various key-handling modifications
import javax.crypto.spec.PBEKeySpec;
-// END android-added
+// END Android-added: Various key-handling modifications
import javax.crypto.spec.PBEParameterSpec;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import javax.crypto.spec.RC2ParameterSpec;
// import javax.crypto.spec.RC5ParameterSpec;
-// END android-removed
import org.bouncycastle.asn1.cms.GCMParameters;
import org.bouncycastle.crypto.BlockCipher;
@@ -41,20 +40,17 @@
import org.bouncycastle.crypto.modes.CCMBlockCipher;
import org.bouncycastle.crypto.modes.CFBBlockCipher;
import org.bouncycastle.crypto.modes.CTSBlockCipher;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.modes.EAXBlockCipher;
// import org.bouncycastle.crypto.modes.GCFBBlockCipher;
-// END android-removed
import org.bouncycastle.crypto.modes.GCMBlockCipher;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.modes.GOFBBlockCipher;
// import org.bouncycastle.crypto.modes.OCBBlockCipher;
-// END android-removed
import org.bouncycastle.crypto.modes.OFBBlockCipher;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
-// END android-removed
import org.bouncycastle.crypto.modes.SICBlockCipher;
import org.bouncycastle.crypto.paddings.BlockCipherPadding;
import org.bouncycastle.crypto.paddings.ISO10126d2Padding;
@@ -67,22 +63,19 @@
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.crypto.params.ParametersWithRandom;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.params.ParametersWithSBox;
-// END android-removed
import org.bouncycastle.crypto.params.RC2Parameters;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.params.RC5Parameters;
// import org.bouncycastle.jcajce.PBKDF1Key;
// import org.bouncycastle.jcajce.PBKDF1KeyWithParameters;
-// END android-removed
import org.bouncycastle.jcajce.PKCS12Key;
import org.bouncycastle.jcajce.PKCS12KeyWithParameters;
import org.bouncycastle.jcajce.spec.AEADParameterSpec;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
-// END android-removed
import org.bouncycastle.util.Strings;
public class BaseBlockCipher
@@ -96,16 +89,14 @@
//
private Class[] availableSpecs =
{
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// RC2ParameterSpec.class,
// RC5ParameterSpec.class,
- // END android-removed
gcmSpecClass,
IvParameterSpec.class,
PBEParameterSpec.class,
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// GOST28147ParameterSpec.class
- // END android-removed
};
private BlockCipher baseEngine;
@@ -281,7 +272,12 @@
try
{
engineParams = createParametersInstance(name);
- engineParams.init(ivParam.getIV());
+ // Android-changed: Use IvParameterSpec instead of passing raw bytes.
+ // The documentation of init() says that a byte array should be decoded
+ // as ASN.1, and Conscrypt's implementations follow that requirement,
+ // even though Bouncy Castle's implementations don't. Wrapping it in
+ // an IvParameterSpec makes the interpretation unambiguous to both.
+ engineParams.init(new IvParameterSpec(ivParam.getIV()));
}
catch (Exception e)
{
@@ -342,33 +338,35 @@
new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
}
}
- // BEGIN android-removed
- // else if (modeName.startsWith("PGP"))
- // {
- // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV");
- //
- // ivLength = baseEngine.getBlockSize();
- // cipher = new BufferedGenericBlockCipher(
- // new PGPCFBBlockCipher(baseEngine, inlineIV));
- // }
- // else if (modeName.equalsIgnoreCase("OpenPGPCFB"))
- // {
- // ivLength = 0;
- // cipher = new BufferedGenericBlockCipher(
- // new OpenPGPCFBBlockCipher(baseEngine));
- // }
- // else if (modeName.startsWith("SIC"))
- // {
- // ivLength = baseEngine.getBlockSize();
- // if (ivLength < 16)
- // {
- // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
- // }
- // fixedIv = false;
- // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
- // new SICBlockCipher(baseEngine)));
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported modes
+ /*
+ else if (modeName.startsWith("PGP"))
+ {
+ boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV");
+
+ ivLength = baseEngine.getBlockSize();
+ cipher = new BufferedGenericBlockCipher(
+ new PGPCFBBlockCipher(baseEngine, inlineIV));
+ }
+ else if (modeName.equalsIgnoreCase("OpenPGPCFB"))
+ {
+ ivLength = 0;
+ cipher = new BufferedGenericBlockCipher(
+ new OpenPGPCFBBlockCipher(baseEngine));
+ }
+ else if (modeName.startsWith("SIC"))
+ {
+ ivLength = baseEngine.getBlockSize();
+ if (ivLength < 16)
+ {
+ throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
+ }
+ fixedIv = false;
+ cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+ new SICBlockCipher(baseEngine)));
+ }
+ */
+ // END Android-removed: Unsupported modes
else if (modeName.startsWith("CTR"))
{
ivLength = baseEngine.getBlockSize();
@@ -376,20 +374,22 @@
cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
new SICBlockCipher(baseEngine)));
}
- // BEGIN android-removed
- // else if (modeName.startsWith("GOFB"))
- // {
- // ivLength = baseEngine.getBlockSize();
- // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
- // new GOFBBlockCipher(baseEngine)));
- // }
- // else if (modeName.startsWith("GCFB"))
- // {
- // ivLength = baseEngine.getBlockSize();
- // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
- // new GCFBBlockCipher(baseEngine)));
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported modes
+ /*
+ else if (modeName.startsWith("GOFB"))
+ {
+ ivLength = baseEngine.getBlockSize();
+ cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+ new GOFBBlockCipher(baseEngine)));
+ }
+ else if (modeName.startsWith("GCFB"))
+ {
+ ivLength = baseEngine.getBlockSize();
+ cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+ new GCFBBlockCipher(baseEngine)));
+ }
+ */
+ // END Android-removed: Unsupported modes
else if (modeName.startsWith("CTS"))
{
ivLength = baseEngine.getBlockSize();
@@ -400,28 +400,30 @@
ivLength = 13; // CCM nonce 7..13 bytes
cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine));
}
- // BEGIN android-removed
- // else if (modeName.startsWith("OCB"))
- // {
- // if (engineProvider != null)
- // {
- // /*
- // * RFC 7253 4.2. Nonce is a string of no more than 120 bits
- // */
- // ivLength = 15;
- // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
- // }
- // else
- // {
- // throw new NoSuchAlgorithmException("can't support mode " + mode);
- // }
- // }
- // else if (modeName.startsWith("EAX"))
- // {
- // ivLength = baseEngine.getBlockSize();
- // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported modes
+ /*
+ else if (modeName.startsWith("OCB"))
+ {
+ if (engineProvider != null)
+ {
+ /*
+ * RFC 7253 4.2. Nonce is a string of no more than 120 bits
+ *
+ ivLength = 15;
+ cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
+ }
+ else
+ {
+ throw new NoSuchAlgorithmException("can't support mode " + mode);
+ }
+ }
+ else if (modeName.startsWith("EAX"))
+ {
+ ivLength = baseEngine.getBlockSize();
+ cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
+ }
+ */
+ // END Android-removed: Unsupported modes
else if (modeName.startsWith("GCM"))
{
ivLength = baseEngine.getBlockSize();
@@ -489,13 +491,11 @@
}
}
- // BEGIN android-added
- // TODO(27995180): This might need to be removed if we drop support for BCPBE keys without IV
- // in PKCS12
+ // BEGIN Android-added: Handling missing IVs
private boolean isBCPBEKeyWithoutIV(Key key) {
return (key instanceof BCPBEKey) && !(((BCPBEKey)key).getParam() instanceof ParametersWithIV);
}
- // END android-added
+ // END Android-added: Handling missing IVs
protected void engineInit(
int opmode,
@@ -530,12 +530,11 @@
//
// a note on iv's - if ivLength is zero the IV gets ignored (we don't use it).
//
- // BEGIN android-changed
- // Was: if (scheme == PKCS12 || key instanceof PKCS12Key)
+ // BEGIN Android-changed: Don't use PKCS12 with missing IV.
// If the key is a BCPBE one without an IV, ignore the fact that the scheme is PKCS12.
- // TODO(27995180): consider whether we want to keep support for these keys and PKCS12.
+ // if (scheme == PKCS12 || key instanceof PKCS12Key)
if ((scheme == PKCS12 || key instanceof PKCS12Key) && !isBCPBEKeyWithoutIV(key))
- // END android-changed
+ // END Android-changed: Don't use PKCS12 with missing IV.
{
SecretKey k;
try
@@ -578,13 +577,11 @@
}
else if (pbeKeyParam == null)
{
- // BEGIN android-changed
- // Was: param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
- // TODO(27995180): consider rejecting such keys for PKCS12
- // See above for the android-changed with a TODO for the same bug that makes
- // this code unreachable.
- // END android-changed
- throw new IllegalStateException("Unreachable code");
+ // BEGIN Android-changed: Unreachable code
+ // See above for the Android change that makes this code unreachable.
+ // param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+ throw new AssertionError("Unreachable code");
+ // END Android-changed: Unreachable code
}
else
{
@@ -600,27 +597,29 @@
ivParam = (ParametersWithIV)param;
}
}
- // BEGIN android-removed
- // else if (key instanceof PBKDF1Key)
- // {
- // PBKDF1Key k = (PBKDF1Key)key;
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (key instanceof PBKDF1Key)
+ {
+ PBKDF1Key k = (PBKDF1Key)key;
- // if (params instanceof PBEParameterSpec)
- // {
- // pbeSpec = (PBEParameterSpec)params;
- // }
- // if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null)
- // {
- // pbeSpec = new PBEParameterSpec(((PBKDF1KeyWithParameters)k).getSalt(), ((PBKDF1KeyWithParameters)k).getIterationCount());
- // }
+ if (params instanceof PBEParameterSpec)
+ {
+ pbeSpec = (PBEParameterSpec)params;
+ }
+ if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null)
+ {
+ pbeSpec = new PBEParameterSpec(((PBKDF1KeyWithParameters)k).getSalt(), ((PBKDF1KeyWithParameters)k).getIterationCount());
+ }
- // param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS5S1, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
- // if (param instanceof ParametersWithIV)
- // {
- // ivParam = (ParametersWithIV)param;
- // }
- // }
- // END android-removed
+ param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS5S1, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+ if (param instanceof ParametersWithIV)
+ {
+ ivParam = (ParametersWithIV)param;
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else if (key instanceof BCPBEKey)
{
BCPBEKey k = (BCPBEKey)key;
@@ -641,7 +640,7 @@
else if (params instanceof PBEParameterSpec)
{
pbeSpec = (PBEParameterSpec)params;
- // BEGIN android-added
+ // BEGIN Android-added: Allow PBE keys with only passwords.
// At this point, k.getParam() == null, so the key hasn't been generated. If
// the parameters have non-default values, recreate the BCPBEKey from algorithm
// parameters as to generate the key.
@@ -653,7 +652,7 @@
k.getKeySize()),
null /* CipherParameters */);
}
- // END android-added
+ // END Android-added: Allow PBE keys with only passwords.
param = PBE.Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName());
}
else
@@ -681,10 +680,10 @@
ivParam = (ParametersWithIV)param;
}
}
- // BEGIN android-changed
- // Was: else if (!(key instanceof RepeatedSecretKeySpec))
+ // BEGIN Android-changed: Unsupported algorithm
+ // else if (!(key instanceof RepeatedSecretKeySpec))
else
- // END android-changed
+ // END Android-changed: Unsupported algorithms
{
if (scheme == PKCS5S1 || scheme == PKCS5S1_UTF8 || scheme == PKCS5S2 || scheme == PKCS5S2_UTF8)
{
@@ -692,12 +691,12 @@
}
param = new KeyParameter(key.getEncoded());
}
- // BEGIN android-removed
+ // BEGIN Android-removed: Unreachable
// else
// {
// param = null;
// }
- // END android-removed
+ // END Android-removed: Unreachable
if (params instanceof AEADParameterSpec)
{
@@ -748,86 +747,88 @@
}
}
}
- // BEGIN android-removed
- // else if (params instanceof GOST28147ParameterSpec)
- // {
- // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
- //
- // param = new ParametersWithSBox(
- // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox());
- //
- // if (gost28147Param.getIV() != null && ivLength != 0)
- // {
- // if (param instanceof ParametersWithIV)
- // {
- // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), gost28147Param.getIV());
- // }
- // else
- // {
- // param = new ParametersWithIV(param, gost28147Param.getIV());
- // }
- // ivParam = (ParametersWithIV)param;
- // }
- // }
- // else if (params instanceof RC2ParameterSpec)
- // {
- // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params;
- //
- // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits());
- //
- // if (rc2Param.getIV() != null && ivLength != 0)
- // {
- // if (param instanceof ParametersWithIV)
- // {
- // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc2Param.getIV());
- // }
- // else
- // {
- // param = new ParametersWithIV(param, rc2Param.getIV());
- // }
- // ivParam = (ParametersWithIV)param;
- // }
- // }
- // else if (params instanceof RC5ParameterSpec)
- // {
- // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params;
- //
- // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds());
- // if (baseEngine.getAlgorithmName().startsWith("RC5"))
- // {
- // if (baseEngine.getAlgorithmName().equals("RC5-32"))
- // {
- // if (rc5Param.getWordSize() != 32)
- // {
- // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + ".");
- // }
- // }
- // else if (baseEngine.getAlgorithmName().equals("RC5-64"))
- // {
- // if (rc5Param.getWordSize() != 64)
- // {
- // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + ".");
- // }
- // }
- // }
- // else
- // {
- // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5.");
- // }
- // if ((rc5Param.getIV() != null) && (ivLength != 0))
- // {
- // if (param instanceof ParametersWithIV)
- // {
- // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc5Param.getIV());
- // }
- // else
- // {
- // param = new ParametersWithIV(param, rc5Param.getIV());
- // }
- // ivParam = (ParametersWithIV)param;
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (params instanceof GOST28147ParameterSpec)
+ {
+ GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
+
+ param = new ParametersWithSBox(
+ new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox());
+
+ if (gost28147Param.getIV() != null && ivLength != 0)
+ {
+ if (param instanceof ParametersWithIV)
+ {
+ param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), gost28147Param.getIV());
+ }
+ else
+ {
+ param = new ParametersWithIV(param, gost28147Param.getIV());
+ }
+ ivParam = (ParametersWithIV)param;
+ }
+ }
+ else if (params instanceof RC2ParameterSpec)
+ {
+ RC2ParameterSpec rc2Param = (RC2ParameterSpec)params;
+
+ param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits());
+
+ if (rc2Param.getIV() != null && ivLength != 0)
+ {
+ if (param instanceof ParametersWithIV)
+ {
+ param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc2Param.getIV());
+ }
+ else
+ {
+ param = new ParametersWithIV(param, rc2Param.getIV());
+ }
+ ivParam = (ParametersWithIV)param;
+ }
+ }
+ else if (params instanceof RC5ParameterSpec)
+ {
+ RC5ParameterSpec rc5Param = (RC5ParameterSpec)params;
+
+ param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds());
+ if (baseEngine.getAlgorithmName().startsWith("RC5"))
+ {
+ if (baseEngine.getAlgorithmName().equals("RC5-32"))
+ {
+ if (rc5Param.getWordSize() != 32)
+ {
+ throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + ".");
+ }
+ }
+ else if (baseEngine.getAlgorithmName().equals("RC5-64"))
+ {
+ if (rc5Param.getWordSize() != 64)
+ {
+ throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + ".");
+ }
+ }
+ }
+ else
+ {
+ throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5.");
+ }
+ if ((rc5Param.getIV() != null) && (ivLength != 0))
+ {
+ if (param instanceof ParametersWithIV)
+ {
+ param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc5Param.getIV());
+ }
+ else
+ {
+ param = new ParametersWithIV(param, rc5Param.getIV());
+ }
+ ivParam = (ParametersWithIV)param;
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else if (gcmSpecClass != null && gcmSpecClass.isInstance(params))
{
if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher))
@@ -869,35 +870,61 @@
{
ivRandom = new SecureRandom();
}
+
if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE))
{
byte[] iv = new byte[ivLength];
- // BEGIN android-changed
- // Was: ivRandom.nextBytes(iv);
- // TODO(27995180): for such keys, consider whether we want to reject them or
- // allow them if the IV is passed in the parameters
+ // BEGIN Android-changed: For PBE keys with no IV, log and use IV of 0
+ // These keys were accepted in BC 1.52 (and treated as having an IV of 0) but
+ // rejected outright in BC 1.54 (even if an IV was passed in params). We
+ // want the eventual state to be that an IV can be passed in params, but the key
+ // is rejected otherwise. For now, log that these will be rejected in a future
+ // release. See b/27995180 for historical details.
+ // ivRandom.nextBytes(iv);
if (!isBCPBEKeyWithoutIV(key)) {
ivRandom.nextBytes(iv);
+ } else {
+ // TODO(b/70275132): Change to rejecting these keys
+ System.err.println(" ******** DEPRECATED FUNCTIONALITY ********");
+ System.err.println(" * You have initialized a cipher with a PBE key with no IV and");
+ System.err.println(" * have not provided an IV in the AlgorithmParameterSpec. This");
+ System.err.println(" * configuration is deprecated. The cipher will be initialized");
+ System.err.println(" * with an all-zero IV, but in a future release this call will");
+ System.err.println(" * throw an exception.");
+ new InvalidAlgorithmParameterException("No IV set when using PBE key")
+ .printStackTrace(System.err);
}
- // END android-changed
+ // END Android-changed: For PBE keys with no IV, log and use IV of 0
param = new ParametersWithIV(param, iv);
ivParam = (ParametersWithIV)param;
}
else if (cipher.getUnderlyingCipher().getAlgorithmName().indexOf("PGPCFB") < 0)
{
- // BEGIN android-changed
- // Was: throw new InvalidAlgorithmParameterException("no IV set when one expected");
- // TODO(27995180): for such keys, consider whether we want to reject them or
- // allow them if the IV is passed in the parameters
+ // BEGIN Android-changed: For PBE keys with no IV, log and use IV of 0
+ // These keys were accepted in BC 1.52 (and treated as having an IV of 0) but
+ // rejected outright in BC 1.54 (even if an IV was passed in params). We
+ // want the eventual state to be that an IV can be passed in params, but the key
+ // is rejected otherwise. For now, log that these will be rejected in a future
+ // release. See b/27995180 for historical details.
+ // throw new InvalidAlgorithmParameterException("no IV set when one expected");
if (!isBCPBEKeyWithoutIV(key)) {
throw new InvalidAlgorithmParameterException("no IV set when one expected");
} else {
+ // TODO(b/70275132): Change to rejecting these keys
+ System.err.println(" ******** DEPRECATED FUNCTIONALITY ********");
+ System.err.println(" * You have initialized a cipher with a PBE key with no IV and");
+ System.err.println(" * have not provided an IV in the AlgorithmParameterSpec. This");
+ System.err.println(" * configuration is deprecated. The cipher will be initialized");
+ System.err.println(" * with an all-zero IV, but in a future release this call will");
+ System.err.println(" * throw an exception.");
+ new InvalidAlgorithmParameterException("No IV set when using PBE key")
+ .printStackTrace(System.err);
// Mimic behaviour in 1.52 by using an IV of 0's
param = new ParametersWithIV(param, new byte[ivLength]);
ivParam = (ParametersWithIV)param;
}
- // END android-changed
+ // END Android-changed: For PBE keys with no IV, log and use IV of 0
}
}
@@ -951,21 +978,23 @@
ivParam = new ParametersWithIV(key, iv.getIV());
param = ivParam;
}
- // BEGIN android-removed
- // else if (params instanceof GOST28147ParameterSpec)
- // {
- // // need to pick up IV and SBox.
- // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
- //
- // param = new ParametersWithSBox(param, gost28147Param.getSbox());
- //
- // if (gost28147Param.getIV() != null && ivLength != 0)
- // {
- // ivParam = new ParametersWithIV(key, gost28147Param.getIV());
- // param = ivParam;
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (params instanceof GOST28147ParameterSpec)
+ {
+ // need to pick up IV and SBox.
+ GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
+
+ param = new ParametersWithSBox(param, gost28147Param.getSbox());
+
+ if (gost28147Param.getIV() != null && ivLength != 0)
+ {
+ ivParam = new ParametersWithIV(key, gost28147Param.getIV());
+ param = ivParam;
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
else
{
@@ -976,20 +1005,22 @@
ivParam = new ParametersWithIV(param, iv.getIV());
param = ivParam;
}
- // BEGIN android-removed
- // else if (params instanceof GOST28147ParameterSpec)
- // {
- // // need to pick up IV and SBox.
- // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
- //
- // param = new ParametersWithSBox(param, gost28147Param.getSbox());
- //
- // if (gost28147Param.getIV() != null && ivLength != 0)
- // {
- // param = new ParametersWithIV(param, gost28147Param.getIV());
- // }
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (params instanceof GOST28147ParameterSpec)
+ {
+ // need to pick up IV and SBox.
+ GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
+
+ param = new ParametersWithSBox(param, gost28147Param.getSbox());
+
+ if (gost28147Param.getIV() != null && ivLength != 0)
+ {
+ param = new ParametersWithIV(param, gost28147Param.getIV());
+ }
+ }
+ */
+ // END Android-removed: Unsupported algorithms
}
return param;
}
@@ -1192,9 +1223,9 @@
private boolean isAEADModeName(
String modeName)
{
- // BEGIN android-changed
+ // Android-changed: Unsupported modes
+ // return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName);
return "CCM".equals(modeName) || "GCM".equals(modeName);
- // END android-changed
}
/*
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java
index 7102db5..45b24bf 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java
@@ -22,15 +22,13 @@
import org.bouncycastle.crypto.params.AEADParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.params.RC2Parameters;
// import org.bouncycastle.crypto.params.SkeinParameters;
-// END android-removed
import org.bouncycastle.jcajce.PKCS12Key;
import org.bouncycastle.jcajce.spec.AEADParameterSpec;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
-// END android-removed
public class BaseMac
extends MacSpi implements PBE
@@ -103,16 +101,16 @@
int digest = SHA1;
int keySize = 160;
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// if (macEngine.getAlgorithmName().startsWith("GOST"))
// {
- // digest = GOST3411;
- // keySize = 256;
+ // digest = GOST3411;
+ // keySize = 256;
// }
- // BEGIN android-changed
- // Was: else if (macEngine instanceof HMac)
+ // END Android-removed: Unsupported algorithms
+ // Android-changed: Adjust for missing if
+ // else if (macEngine instanceof HMac)
if (macEngine instanceof HMac)
- // END android-changed
{
if (!macEngine.getAlgorithmName().startsWith("SHA-1"))
{
@@ -136,13 +134,13 @@
digest = SHA512;
keySize = 512;
}
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// else if (macEngine.getAlgorithmName().startsWith("RIPEMD160"))
// {
// digest = RIPEMD160;
// keySize = 160;
// }
- // END android-removed
+ // END Android-removed: Unsupported algorithms
else
{
throw new InvalidAlgorithmParameterException("no PKCS12 mapping for HMAC: " + macEngine.getAlgorithmName());
@@ -198,17 +196,18 @@
{
param = new ParametersWithIV(keyParam, ((IvParameterSpec)params).getIV());
}
- // BEGIN android-removed
- // else if (params instanceof RC2ParameterSpec)
- // {
- // param = new ParametersWithIV(new RC2Parameters(keyParam.getKey(), ((RC2ParameterSpec)params).getEffectiveKeyBits()), ((RC2ParameterSpec)params).getIV());
- // }
-
- // else if (params instanceof SkeinParameterSpec)
- // {
- // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(keyParam.getKey()).build();
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (params instanceof RC2ParameterSpec)
+ {
+ param = new ParametersWithIV(new RC2Parameters(keyParam.getKey(), ((RC2ParameterSpec)params).getEffectiveKeyBits()), ((RC2ParameterSpec)params).getIV());
+ }
+ else if (params instanceof SkeinParameterSpec)
+ {
+ param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(keyParam.getKey()).build();
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else if (params == null)
{
param = new KeyParameter(key.getEncoded());
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java
index f289308..9795e2d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java
@@ -15,10 +15,9 @@
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import javax.crypto.spec.RC2ParameterSpec;
// import javax.crypto.spec.RC5ParameterSpec;
-// END android-removed
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.DataLengthException;
@@ -37,10 +36,9 @@
//
private Class[] availableSpecs =
{
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// RC2ParameterSpec.class,
// RC5ParameterSpec.class,
- // END android-removed
IvParameterSpec.class,
PBEParameterSpec.class
};
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
index e2c8676..58da98e 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
@@ -22,10 +22,9 @@
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import javax.crypto.spec.RC2ParameterSpec;
// import javax.crypto.spec.RC5ParameterSpec;
-// END android-removed
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
@@ -35,7 +34,9 @@
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Arrays;
@@ -51,10 +52,9 @@
{
IvParameterSpec.class,
PBEParameterSpec.class,
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// RC2ParameterSpec.class,
// RC5ParameterSpec.class
- // END android-removed
};
protected int pbeType = PKCS12;
@@ -69,7 +69,9 @@
private int ivSize;
private byte[] iv;
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
protected BaseWrapCipher()
{
@@ -279,8 +281,6 @@
return null;
}
- // BEGIN android-changed
- // added ShortBufferException to throws statement
protected int engineDoFinal(
byte[] input,
int inputOffset,
@@ -291,7 +291,6 @@
{
return 0;
}
- // END android-changed
protected byte[] engineWrap(
Key key)
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java
index 2e4f96b..89c2173 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java
@@ -1,27 +1,25 @@
package org.bouncycastle.jcajce.provider.symmetric.util;
+// BEGIN Android-added: Needed for compatibility helper
import java.lang.reflect.Method;
+// END Android-added: Needed for compatibility helper
import java.security.InvalidAlgorithmParameterException;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.SecretKey;
-// BEGIN android-added
+// BEGIN Android-added: Allow IVs specified in parameters.
import javax.crypto.spec.IvParameterSpec;
-// END android-added
+// END Android-added: Allow IVs specified in parameters.
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.PBEParametersGenerator;
-// BEGIN android-added
-import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-added
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.crypto.digests.GOST3411Digest;
// import org.bouncycastle.crypto.digests.MD2Digest;
// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
// import org.bouncycastle.crypto.digests.TigerDigest;
-// END android-removed
import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator;
@@ -29,9 +27,10 @@
import org.bouncycastle.crypto.params.DESParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
-// BEGIN android-removed
+// BEGIN Android-changed: Use Android digests
// import org.bouncycastle.crypto.util.DigestFactory;
-// END android-removed
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END Android-changed: Use Android digests
public interface PBE
{
@@ -40,15 +39,13 @@
//
static final int MD5 = 0;
static final int SHA1 = 1;
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// static final int RIPEMD160 = 2;
// static final int TIGER = 3;
- // END android-removed
static final int SHA256 = 4;
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// static final int MD2 = 5;
// static final int GOST3411 = 6;
- // END android-removed
static final int SHA224 = 7;
static final int SHA384 = 8;
static final int SHA512 = 9;
@@ -60,7 +57,6 @@
static final int PKCS5S1_UTF8 = 4;
static final int PKCS5S2_UTF8 = 5;
-
/**
* uses the appropriate mixer to generate the key and IV if necessary.
*/
@@ -76,20 +72,19 @@
{
switch (hash)
{
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// case MD2:
// generator = new PKCS5S1ParametersGenerator(new MD2Digest());
// break;
- // END android-removed
case MD5:
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // generator = new PKCS5S1ParametersGenerator(DigestFactory.createMD5());
generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5());
- // END android-changed
break;
case SHA1:
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // generator = new PKCS5S1ParametersGenerator(DigestFactory.createSHA1());
generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1());
- // END android-changed
break;
default:
throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1.");
@@ -99,48 +94,54 @@
{
switch (hash)
{
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// case MD2:
// generator = new PKCS5S2ParametersGenerator(new MD2Digest());
// break;
- // END android-removed
case MD5:
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // generator = new PKCS5S2ParametersGenerator(DigestFactory.createMD5());
generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5());
- // END android-changed
break;
-
case SHA1:
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA1());
generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1());
- // END android-changed
break;
- // BEGIN android-removed
- // case RIPEMD160:
- // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest());
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ case RIPEMD160:
+ generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest());
+ break;
+ case TIGER:
+ generator = new PKCS5S2ParametersGenerator(new TigerDigest());
+ break;
+ */
+ // END Android-removed: Unsupported algorithms
+ case SHA256:
+ // Android-changed: Use Android digests
+ // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA256());
+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256());
+ break;
+ // Android-removed: Unsupported algorithms
+ // case GOST3411:
+ // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest());
// break;
- // case TIGER:
- // generator = new PKCS5S2ParametersGenerator(new TigerDigest());
- // break;
- // END android-removed
- // BEGIN android-added
case SHA224:
+ // Android-changed: Use Android digests
+ // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA224());
generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA224());
break;
- // END android-added
- case SHA256:
- // BEGIN android-changed
- generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256());
- // END android-changed
- break;
- // BEGIN android-added
case SHA384:
+ // Android-changed: Use Android digests
+ // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA384());
generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA384());
break;
case SHA512:
+ // Android-changed: Use Android digests
+ // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA512());
generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA512());
break;
- // END android-added
default:
throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption.");
}
@@ -149,44 +150,52 @@
{
switch (hash)
{
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// case MD2:
// generator = new PKCS12ParametersGenerator(new MD2Digest());
// break;
- // END android-removed
case MD5:
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // generator = new PKCS12ParametersGenerator(DigestFactory.createMD5());
generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5());
- // END android-changed
break;
case SHA1:
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA1());
generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1());
- // END android-changed
break;
- // BEGIN android-removed
- // case RIPEMD160:
- // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ case RIPEMD160:
+ generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
+ break;
+ case TIGER:
+ generator = new PKCS12ParametersGenerator(new TigerDigest());
+ break;
+ */
+ // END Android-removed: Unsupported algorithms
+ case SHA256:
+ // Android-changed: Use Android digests
+ // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA256());
+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256());
+ break;
+ // Android-removed: Unsupported algorithms
+ // case GOST3411:
+ // generator = new PKCS12ParametersGenerator(new GOST3411Digest());
// break;
- // case TIGER:
- // generator = new PKCS12ParametersGenerator(new TigerDigest());
- // break;
- // END android-removed
- // BEGIN android-added
case SHA224:
+ // Android-changed: Use Android digests
+ // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA224());
generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA224());
break;
- // END android-added
- case SHA256:
- // BEGIN android-changed
- generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256());
- // END android-changed
- break;
- // BEGIN android-added
case SHA384:
+ // Android-changed: Use Android digests
+ // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA384());
generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA384());
break;
case SHA512:
+ // Android-changed: Use Android digests
+ // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA512());
generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA512());
break;
default:
@@ -235,7 +244,7 @@
if (ivSize != 0)
{
param = generator.generateDerivedParameters(keySize, ivSize);
- // BEGIN ANDROID-ADDED
+ // BEGIN Android-added: Allow IVs specified in parameters.
// PKCS5S2 doesn't specify that the IV must be generated from the password. If the
// IV is passed as a parameter, use it.
AlgorithmParameterSpec parameterSpecFromPBEParameterSpec =
@@ -249,7 +258,7 @@
(KeyParameter) parametersWithIV.getParameters(),
ivParameterSpec.getIV());
}
- // END ANDROID-ADDED
+ // END Android-added: Allow IVs specified in parameters.
}
else
{
@@ -304,7 +313,7 @@
if (pbeKey.getIvSize() != 0)
{
param = generator.generateDerivedParameters(pbeKey.getKeySize(), pbeKey.getIvSize());
- // BEGIN ANDROID-ADDED
+ // BEGIN Android-added: Allow IVs specified in parameters.
// PKCS5S2 doesn't specify that the IV must be generated from the password. If the
// IV is passed as a parameter, use it.
AlgorithmParameterSpec parameterSpecFromPBEParameterSpec =
@@ -318,7 +327,7 @@
(KeyParameter) parametersWithIV.getParameters(),
ivParameterSpec.getIV());
}
- // END ANDROID-ADDED
+ // END Android-added: Allow IVs specified in parameters.
}
else
{
@@ -464,7 +473,7 @@
return param;
}
- // BEGIN android-added
+ // BEGIN Android-added: Add helper for 1.8 compatibility.
/**
* Invokes the method {@link PBEParameterSpec#getParameterSpec()} via reflection.
*
@@ -483,7 +492,7 @@
return null;
}
}
- // END android-added
+ // END Android-added: Add helper for 1.8 compatibility.
private static byte[] convertPassword(int type, PBEKeySpec keySpec)
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java
index 9869b1c..552a6e6 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java
@@ -10,9 +10,9 @@
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.crypto.Digest;
-// BEGIN android-added
+// BEGIN Android-added: Use Android digests
import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-// END android-added
+// END Android-added: Use Android digests
import org.bouncycastle.util.Strings;
public class DigestFactory
@@ -23,14 +23,16 @@
private static Set sha256 = new HashSet();
private static Set sha384 = new HashSet();
private static Set sha512 = new HashSet();
- // BEGIN android-removed
- // private static Set sha512_224 = new HashSet();
- // private static Set sha512_256 = new HashSet();
- // private static Set sha3_224 = new HashSet();
- // private static Set sha3_256 = new HashSet();
- // private static Set sha3_384 = new HashSet();
- // private static Set sha3_512 = new HashSet();
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ private static Set sha512_224 = new HashSet();
+ private static Set sha512_256 = new HashSet();
+ private static Set sha3_224 = new HashSet();
+ private static Set sha3_256 = new HashSet();
+ private static Set sha3_384 = new HashSet();
+ private static Set sha3_512 = new HashSet();
+ */
+ // END Android-removed: Unsupported algorithms
private static Map oids = new HashMap();
@@ -59,27 +61,29 @@
sha512.add("SHA-512");
sha512.add(NISTObjectIdentifiers.id_sha512.getId());
- // BEGIN android-removed
- // sha512_224.add("SHA512(224)");
- // sha512_224.add("SHA-512(224)");
- // sha512_224.add(NISTObjectIdentifiers.id_sha512_224.getId());
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ sha512_224.add("SHA512(224)");
+ sha512_224.add("SHA-512(224)");
+ sha512_224.add(NISTObjectIdentifiers.id_sha512_224.getId());
- // sha512_256.add("SHA512(256)");
- // sha512_256.add("SHA-512(256)");
- // sha512_256.add(NISTObjectIdentifiers.id_sha512_256.getId());
+ sha512_256.add("SHA512(256)");
+ sha512_256.add("SHA-512(256)");
+ sha512_256.add(NISTObjectIdentifiers.id_sha512_256.getId());
- // sha3_224.add("SHA3-224");
- // sha3_224.add(NISTObjectIdentifiers.id_sha3_224.getId());
+ sha3_224.add("SHA3-224");
+ sha3_224.add(NISTObjectIdentifiers.id_sha3_224.getId());
- // sha3_256.add("SHA3-256");
- // sha3_256.add(NISTObjectIdentifiers.id_sha3_256.getId());
+ sha3_256.add("SHA3-256");
+ sha3_256.add(NISTObjectIdentifiers.id_sha3_256.getId());
- // sha3_384.add("SHA3-384");
- // sha3_384.add(NISTObjectIdentifiers.id_sha3_384.getId());
+ sha3_384.add("SHA3-384");
+ sha3_384.add(NISTObjectIdentifiers.id_sha3_384.getId());
- // sha3_512.add("SHA3-512");
- // sha3_512.add(NISTObjectIdentifiers.id_sha3_512.getId());
- // END android-removed
+ sha3_512.add("SHA3-512");
+ sha3_512.add(NISTObjectIdentifiers.id_sha3_512.getId());
+ */
+ // END Android-removed: Unsupported algorithms
oids.put("MD5", PKCSObjectIdentifiers.md5);
@@ -133,65 +137,69 @@
if (sha1.contains(digestName))
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // return org.bouncycastle.crypto.util.DigestFactory.createSHA1();
return AndroidDigestFactory.getSHA1();
- // END android-changed
}
if (md5.contains(digestName))
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // return org.bouncycastle.crypto.util.DigestFactory.createMD5();
return AndroidDigestFactory.getMD5();
- // END android-changed
}
if (sha224.contains(digestName))
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // return org.bouncycastle.crypto.util.DigestFactory.createSHA224();
return AndroidDigestFactory.getSHA224();
- // END android-changed
}
if (sha256.contains(digestName))
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // return org.bouncycastle.crypto.util.DigestFactory.createSHA256();
return AndroidDigestFactory.getSHA256();
- // END android-changed
}
if (sha384.contains(digestName))
{
- // BEGIN android-changed
+ // Android-changed: Use Android digests
+ // return org.bouncycastle.crypto.util.DigestFactory.createSHA384();
return AndroidDigestFactory.getSHA384();
- // END android-changed
}
- if (sha512.contains(digestName)) {
- // BEGIN android-changed
+ if (sha512.contains(digestName))
+ {
+ // Android-changed: Use Android digests
+ // return org.bouncycastle.crypto.util.DigestFactory.createSHA512();
return AndroidDigestFactory.getSHA512();
- // END android-changed
}
- // BEGIN android-removed
- // if (sha512_224.contains(digestName))
- // {
- // return org.bouncycastle.crypto.util.DigestFactory.createSHA512_224();
- // }
- // if (sha512_256.contains(digestName))
- // {
- // return org.bouncycastle.crypto.util.DigestFactory.createSHA512_256();
- // }
- //
- // if (sha3_224.contains(digestName))
- // {
- // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_224();
- // }
- // if (sha3_256.contains(digestName))
- // {
- // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_256();
- // }
- // if (sha3_384.contains(digestName))
- // {
- // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_384();
- // }
- // if (sha3_512.contains(digestName))
- // {
- // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_512();
- // }
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (sha512_224.contains(digestName))
+ {
+ return org.bouncycastle.crypto.util.DigestFactory.createSHA512_224();
+ }
+ if (sha512_256.contains(digestName))
+ {
+ return org.bouncycastle.crypto.util.DigestFactory.createSHA512_256();
+ }
+
+ if (sha3_224.contains(digestName))
+ {
+ return org.bouncycastle.crypto.util.DigestFactory.createSHA3_224();
+ }
+ if (sha3_256.contains(digestName))
+ {
+ return org.bouncycastle.crypto.util.DigestFactory.createSHA3_256();
+ }
+ if (sha3_384.contains(digestName))
+ {
+ return org.bouncycastle.crypto.util.DigestFactory.createSHA3_384();
+ }
+ if (sha3_512.contains(digestName))
+ {
+ return org.bouncycastle.crypto.util.DigestFactory.createSHA3_512();
+ }
+ */
+ // END Android-removed: Unsupported algorithms
return null;
}
@@ -205,14 +213,16 @@
|| (sha256.contains(digest1) && sha256.contains(digest2))
|| (sha384.contains(digest1) && sha384.contains(digest2))
|| (sha512.contains(digest1) && sha512.contains(digest2))
- // BEGIN android-removed
- // || (sha512_224.contains(digest1) && sha512_224.contains(digest2))
- // || (sha512_256.contains(digest1) && sha512_256.contains(digest2))
- // || (sha3_224.contains(digest1) && sha3_224.contains(digest2))
- // || (sha3_256.contains(digest1) && sha3_256.contains(digest2))
- // || (sha3_384.contains(digest1) && sha3_384.contains(digest2))
- // || (sha3_512.contains(digest1) && sha3_512.contains(digest2))
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ || (sha512_224.contains(digest1) && sha512_224.contains(digest2))
+ || (sha512_256.contains(digest1) && sha512_256.contains(digest2))
+ || (sha3_224.contains(digest1) && sha3_224.contains(digest2))
+ || (sha3_256.contains(digest1) && sha3_256.contains(digest2))
+ || (sha3_384.contains(digest1) && sha3_384.contains(digest2))
+ || (sha3_512.contains(digest1) && sha3_512.contains(digest2))
+ */
+ // END Android-removed: Unsupported algorithms
|| (md5.contains(digest1) && md5.contains(digest2));
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java
index 5148601..4237ac6 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java
@@ -6,15 +6,13 @@
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-// END android-removed
/**
* General JCA/JCE utility methods.
@@ -107,24 +105,26 @@
{
return "SHA512";
}
- // BEGIN android-removed
- // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
- // {
- // return "RIPEMD128";
- // }
- // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
- // {
- // return "RIPEMD160";
- // }
- // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
- // {
- // return "RIPEMD256";
- // }
- // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
- // {
- // return "GOST3411";
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+ {
+ return "RIPEMD128";
+ }
+ else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+ {
+ return "RIPEMD160";
+ }
+ else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+ {
+ return "RIPEMD256";
+ }
+ else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+ {
+ return "GOST3411";
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else
{
return digestAlgOID.getId();
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java
index 1125a4b..119d8eb 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java
@@ -4,17 +4,15 @@
import java.util.Map;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
// import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
// import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-// END android-removed
public class MessageDigestUtils
{
@@ -22,30 +20,32 @@
static
{
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// digestOidMap.put(PKCSObjectIdentifiers.md2, "MD2");
// digestOidMap.put(PKCSObjectIdentifiers.md4, "MD4");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
digestOidMap.put(PKCSObjectIdentifiers.md5, "MD5");
digestOidMap.put(OIWObjectIdentifiers.idSHA1, "SHA-1");
digestOidMap.put(NISTObjectIdentifiers.id_sha224, "SHA-224");
digestOidMap.put(NISTObjectIdentifiers.id_sha256, "SHA-256");
digestOidMap.put(NISTObjectIdentifiers.id_sha384, "SHA-384");
digestOidMap.put(NISTObjectIdentifiers.id_sha512, "SHA-512");
- // BEGIN android-removed
- // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD-128");
- // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD-160");
- // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD-128");
- // digestOidMap.put(ISOIECObjectIdentifiers.ripemd128, "RIPEMD-128");
- // digestOidMap.put(ISOIECObjectIdentifiers.ripemd160, "RIPEMD-160");
- // digestOidMap.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411");
- // digestOidMap.put(GNUObjectIdentifiers.Tiger_192, "Tiger");
- // digestOidMap.put(ISOIECObjectIdentifiers.whirlpool, "Whirlpool");
- // digestOidMap.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224");
- // digestOidMap.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256");
- // digestOidMap.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384");
- // digestOidMap.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512");
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD-128");
+ digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD-160");
+ digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD-128");
+ digestOidMap.put(ISOIECObjectIdentifiers.ripemd128, "RIPEMD-128");
+ digestOidMap.put(ISOIECObjectIdentifiers.ripemd160, "RIPEMD-160");
+ digestOidMap.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411");
+ digestOidMap.put(GNUObjectIdentifiers.Tiger_192, "Tiger");
+ digestOidMap.put(ISOIECObjectIdentifiers.whirlpool, "Whirlpool");
+ digestOidMap.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224");
+ digestOidMap.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256");
+ digestOidMap.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384");
+ digestOidMap.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512");
+ */
+ // END Android-removed: Unsupported algorithms
}
/**
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java b/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java
index 0c41c88..2237348 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java
@@ -30,18 +30,16 @@
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERNull;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.CertificationRequest;
import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509Name;
@@ -85,11 +83,10 @@
static
{
- // BEGIN android-removed
- // Dropping MD2
+ // Android-removed: Unsupported algorithms
// algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
// algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
- // END android-removed
+ // END Android-removed: Unsupported algorithms
algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
@@ -109,14 +106,14 @@
algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"));
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
// algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
// algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
// algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
// algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
// algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
@@ -129,13 +126,13 @@
algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
// algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
// algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
// algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
// algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
//
// reverse mappings
@@ -145,15 +142,15 @@
oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
// oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
@@ -187,10 +184,10 @@
//
// RFC 4491
//
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
// noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
//
// explicit params
//
@@ -633,24 +630,26 @@
{
return "SHA512";
}
- // BEGIN android-removed
- // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
- // {
- // return "RIPEMD128";
- // }
- // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
- // {
- // return "RIPEMD160";
- // }
- // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
- // {
- // return "RIPEMD256";
- // }
- // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
- // {
- // return "GOST3411";
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+ {
+ return "RIPEMD128";
+ }
+ else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+ {
+ return "RIPEMD160";
+ }
+ else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+ {
+ return "RIPEMD256";
+ }
+ else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+ {
+ return "GOST3411";
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else
{
return digestAlgOID.getId();
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
index 5cb5d52..dfc56d7 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
@@ -60,29 +60,25 @@
private static final String[] SYMMETRIC_GENERIC =
{
- // BEGIN android-changed
- // Was: "PBEPBKDF2", "TLSKDF"
+ // Android-changed: Remove unsupported algorithms, add our own version of PBEv2 AlgParams
+ // "PBEPBKDF2", "TLSKDF"
"PBEPBKDF2", "PBEPKCS12", "PBES2AlgorithmParameters"
};
private static final String[] SYMMETRIC_MACS =
{
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// "SipHash", "Poly1305"
- // END android-removed
};
private static final String[] SYMMETRIC_CIPHERS =
{
- // BEGIN android-removed
+ // Android-changed: Unsupported algorithms
// "AES", "ARC4", "ARIA", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede",
// "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5",
// "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "SM4", "TEA", "Twofish", "Threefish",
// "VMPC", "VMPCKSA3", "XTEA", "XSalsa20", "OpenSSLPBKDF"
- // END android-removed
- // BEGIN android-added
"AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish",
- // END android-added
};
/*
@@ -94,22 +90,16 @@
// later ones configure it.
private static final String[] ASYMMETRIC_GENERIC =
{
- // BEGIN android-removed
+ // Android-changed: Unsupported algorithms
// "X509", "IES"
- // END android-removed
- // BEGIN android-added
"X509"
- // END android-added
};
private static final String[] ASYMMETRIC_CIPHERS =
{
- // BEGIN android-removed
+ // Android-changed: Unsupported algorithms
// "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145", "GM"
- // END android-removed
- // BEGIN android-added
"DSA", "DH", "EC", "RSA",
- // END android-added
};
/*
@@ -118,13 +108,10 @@
private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest.";
private static final String[] DIGESTS =
{
- // BEGIN android-removed
+ // Android-changed: Unsupported algorithms
// "GOST3411", "Keccak", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224",
// "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool", "Blake2b"
- // END android-removed
- // BEGIN android-added
"MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512",
- // END android-added
};
/*
@@ -136,7 +123,7 @@
"BC", "BCFKS", "PKCS12"
};
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// /*
// * Configurable secure random
// */
@@ -181,54 +168,56 @@
loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES);
- // BEGIN android-removed
- // loadAlgorithms(SECURE_RANDOM_PACKAGE, SECURE_RANDOMS);
+ // Android-removed: Unsupported algorithms
+ /*
+ loadAlgorithms(SECURE_RANDOM_PACKAGE, SECURE_RANDOMS);
+
//
- // //
- // // X509Store
- // //
- // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection");
- // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection");
- // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection");
- // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection");
+ // X509Store
//
- // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts");
- // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs");
- // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts");
- // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs");
+ put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection");
+ put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection");
+ put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection");
+ put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection");
+
+ put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts");
+ put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs");
+ put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts");
+ put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs");
+
//
- // //
- // // X509StreamParser
- // //
- // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser");
- // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser");
- // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser");
- // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser");
+ // X509StreamParser
//
- // //
- // // cipher engines
- // //
- // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES");
+ put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser");
+ put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser");
+ put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser");
+ put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser");
+
//
- // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES");
+ // cipher engines
//
- //
- // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish");
- //
- // // Certification Path API
- // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi");
- // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi");
- // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
- // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
- // END android-removed
+ put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES");
+
+ put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES");
+
+
+ put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish");
+
+ // Certification Path API
+ put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi");
+ put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi");
+ put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
+ put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
+ */
+ // END Android-removed: Unsupported algorithms
put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi");
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi");
// put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi");
// put("Alg.Alias.CertStore.X509LDAP", "LDAP");
- // END android-removed
+ // END Android-removed: Unsupported algorithms
}
private void loadAlgorithms(String packageName, String[] names)
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java
index b6a9d6a..b72a6f4 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java
@@ -75,9 +75,7 @@
import org.bouncycastle.util.Store;
import org.bouncycastle.util.StoreException;
import org.bouncycastle.x509.X509AttributeCertificate;
-// BEGIN android-removed
-// import org.bouncycastle.x509.extension.X509ExtensionUtil;
-// END android-removed
+import org.bouncycastle.x509.extension.X509ExtensionUtil;
class CertPathValidatorUtilities
{
@@ -657,22 +655,24 @@
{
Object obj = iter.next();
- // BEGIN android-removed
- // if (obj instanceof X509Store)
- // {
- // X509Store certStore = (X509Store)obj;
- // try
- // {
- // certs.addAll(certStore.getMatches(certSelect));
- // }
- // catch (StoreException e)
- // {
- // throw new AnnotatedException(
- // "Problem while picking certificates from X.509 store.", e);
- // }
- // }
- // else
- // END android-removed
+ // BEGIN Android-removed: Unknown reason
+ /*
+ if (obj instanceof Store)
+ {
+ Store certStore = (Store)obj;
+ try
+ {
+ certs.addAll(certStore.getMatches(certSelect));
+ }
+ catch (StoreException e)
+ {
+ throw new AnnotatedException(
+ "Problem while picking certificates from X.509 store.", e);
+ }
+ }
+ else
+ */
+ // END Android-removed: Unknown reason
{
CertStore certStore = (CertStore)obj;
@@ -894,7 +894,9 @@
{
return;
}
+
X500Principal certificateIssuer = crl_entry.getCertificateIssuer();
+
X500Name certIssuer;
if (certificateIssuer == null)
{
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java
index 20ca6f2..7d6a50c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java
@@ -19,10 +19,9 @@
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERNull;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-// END android-removed
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.sec.ECPrivateKeyStructure;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
@@ -205,23 +204,25 @@
ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
- // BEGIN android-removed
- // if (ecP == null) // GOST Curve
- // {
- // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
- // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
- //
- // ecSpec = new ECNamedCurveSpec(
- // ECGOST3410NamedCurves.getName(oid),
- // ellipticCurve,
- // new ECPoint(
- // gParam.getG().getAffineXCoord().toBigInteger(),
- // gParam.getG().getAffineYCoord().toBigInteger()),
- // gParam.getN(),
- // gParam.getH());
- // }
- // else
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (ecP == null) // GOST Curve
+ {
+ ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
+
+ ecSpec = new ECNamedCurveSpec(
+ ECGOST3410NamedCurves.getName(oid),
+ ellipticCurve,
+ new ECPoint(
+ gParam.getG().getAffineXCoord().toBigInteger(),
+ gParam.getG().getAffineYCoord().toBigInteger()),
+ gParam.getN(),
+ gParam.getH());
+ }
+ else
+ */
+ // END Android-removed: Unsupported algorithms
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
@@ -335,13 +336,13 @@
try
{
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// if (algorithm.equals("ECGOST3410"))
// {
// info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
// }
// else
- // END android-removed
+ // END Android-removed: Unsupported algorithms
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java
index 94fb728..654b5e1 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java
@@ -18,11 +18,10 @@
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962Parameters;
@@ -35,13 +34,11 @@
import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-// END android-removed
import org.bouncycastle.jce.interfaces.ECPointEncoder;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-// END android-removed
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.math.ec.ECCurve;
import org.bouncycastle.math.ec.custom.sec.SecP256K1Point;
@@ -55,9 +52,8 @@
private org.bouncycastle.math.ec.ECPoint q;
private ECParameterSpec ecSpec;
private boolean withCompression;
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// private GOST3410PublicKeyAlgParameters gostParams;
- // END android-removed
public JCEECPublicKey(
String algorithm,
@@ -67,9 +63,8 @@
this.q = key.q;
this.ecSpec = key.ecSpec;
this.withCompression = key.withCompression;
- // BEGIN android-removed
+ // Android-removed: Unsupported algorithms
// this.gostParams = key.gostParams;
- // END android-removed
}
public JCEECPublicKey(
@@ -192,56 +187,58 @@
private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
{
- // BEGIN android-removed
- // if (info.getAlgorithmId().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001))
- // {
- // DERBitString bits = info.getPublicKeyData();
- // ASN1OctetString key;
- // this.algorithm = "ECGOST3410";
- //
- // try
- // {
- // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
- // }
- // catch (IOException ex)
- // {
- // throw new IllegalArgumentException("error recovering public key");
- // }
- //
- // byte[] keyEnc = key.getOctets();
- // byte[] x = new byte[32];
- // byte[] y = new byte[32];
- //
- // for (int i = 0; i != x.length; i++)
- // {
- // x[i] = keyEnc[32 - 1 - i];
- // }
- //
- // for (int i = 0; i != y.length; i++)
- // {
- // y[i] = keyEnc[64 - 1 - i];
- // }
- //
- // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters());
- //
- // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
- //
- // ECCurve curve = spec.getCurve();
- // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
- //
- // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
- //
- // ecSpec = new ECNamedCurveSpec(
- // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
- // ellipticCurve,
- // new ECPoint(
- // spec.getG().getAffineXCoord().toBigInteger(),
- // spec.getG().getAffineYCoord().toBigInteger()),
- // spec.getN(), spec.getH());
- //
- // }
- // else
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (info.getAlgorithmId().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001))
+ {
+ DERBitString bits = info.getPublicKeyData();
+ ASN1OctetString key;
+ this.algorithm = "ECGOST3410";
+
+ try
+ {
+ key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
+ }
+ catch (IOException ex)
+ {
+ throw new IllegalArgumentException("error recovering public key");
+ }
+
+ byte[] keyEnc = key.getOctets();
+ byte[] x = new byte[32];
+ byte[] y = new byte[32];
+
+ for (int i = 0; i != x.length; i++)
+ {
+ x[i] = keyEnc[32 - 1 - i];
+ }
+
+ for (int i = 0; i != y.length; i++)
+ {
+ y[i] = keyEnc[64 - 1 - i];
+ }
+
+ gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters());
+
+ ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
+
+ ECCurve curve = spec.getCurve();
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
+
+ this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
+
+ ecSpec = new ECNamedCurveSpec(
+ ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
+ ellipticCurve,
+ new ECPoint(
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
+ spec.getN(), spec.getH());
+
+ }
+ else
+ */
+ // END Android-removed: Unsupported algorithms
{
X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters());
ECCurve curve;
@@ -330,54 +327,56 @@
ASN1Encodable params;
SubjectPublicKeyInfo info;
- // BEGIN android-removed
- // if (algorithm.equals("ECGOST3410"))
- // {
- // if (gostParams != null)
- // {
- // params = gostParams;
- // }
- // else
- // {
- // if (ecSpec instanceof ECNamedCurveSpec)
- // {
- // params = new GOST3410PublicKeyAlgParameters(
- // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
- // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
- // }
- // else
- // { // strictly speaking this may not be applicable...
- // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
- //
- // X9ECParameters ecP = new X9ECParameters(
- // curve,
- // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
- // ecSpec.getOrder(),
- // BigInteger.valueOf(ecSpec.getCofactor()),
- // ecSpec.getCurve().getSeed());
- //
- // params = new X962Parameters(ecP);
- // }
- // }
- //
- // BigInteger bX = this.q.getAffineXCoord().toBigInteger();
- // BigInteger bY = this.q.getAffineYCoord().toBigInteger();
- // byte[] encKey = new byte[64];
- //
- // extractBytes(encKey, 0, bX);
- // extractBytes(encKey, 32, bY);
- //
- // try
- // {
- // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
- // }
- // catch (IOException e)
- // {
- // return null;
- // }
- // }
- // else
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (algorithm.equals("ECGOST3410"))
+ {
+ if (gostParams != null)
+ {
+ params = gostParams;
+ }
+ else
+ {
+ if (ecSpec instanceof ECNamedCurveSpec)
+ {
+ params = new GOST3410PublicKeyAlgParameters(
+ ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
+ CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
+ }
+ else
+ { // strictly speaking this may not be applicable...
+ ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
+
+ X9ECParameters ecP = new X9ECParameters(
+ curve,
+ EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
+ ecSpec.getOrder(),
+ BigInteger.valueOf(ecSpec.getCofactor()),
+ ecSpec.getCurve().getSeed());
+
+ params = new X962Parameters(ecP);
+ }
+ }
+
+ BigInteger bX = this.q.getAffineXCoord().toBigInteger();
+ BigInteger bY = this.q.getAffineYCoord().toBigInteger();
+ byte[] encKey = new byte[64];
+
+ extractBytes(encKey, 0, bX);
+ extractBytes(encKey, 32, bY);
+
+ try
+ {
+ info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
+ }
+ catch (IOException e)
+ {
+ return null;
+ }
+ }
+ else
+ */
+ // END Android-removed: Unsupported algorithms
{
if (ecSpec instanceof ECNamedCurveSpec)
{
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java
index b53b7aa..97a38ac 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java
@@ -88,24 +88,26 @@
{
Object obj = iter.next();
- // BEGIN android-removed
- // if (obj instanceof Store)
- // {
- // Store store = (Store)obj;
+ // BEGIN Android-removed: Unknown reason
+ /*
+ if (obj instanceof Store)
+ {
+ Store store = (Store)obj;
- // try
- // {
- // crls.addAll(store.getMatches(crlSelect));
- // foundValidStore = true;
- // }
- // catch (StoreException e)
- // {
- // lastException = new AnnotatedException(
- // "Exception searching in X.509 CRL store.", e);
- // }
- // }
- // else
- // END android-removed
+ try
+ {
+ crls.addAll(store.getMatches(crlSelect));
+ foundValidStore = true;
+ }
+ catch (StoreException e)
+ {
+ lastException = new AnnotatedException(
+ "Exception searching in X.509 CRL store.", e);
+ }
+ }
+ else
+ */
+ // END Android-removed: Unknown reason
{
CertStore store = (CertStore)obj;
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
index 5d49d88..bd2331a 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
@@ -1,8 +1,8 @@
package org.bouncycastle.jce.provider;
-// BEGIN android-added
+// BEGIN Android-added: Blacklist support
import java.math.BigInteger;
-// END android-added
+// END Android-added: Blacklist support
import java.security.InvalidAlgorithmParameterException;
import java.security.PublicKey;
import java.security.cert.CertPath;
@@ -45,11 +45,11 @@
public PKIXCertPathValidatorSpi()
{
}
- // BEGIN android-added
+ // BEGIN Android-added: Avoid loading blacklist during class init
private static class NoPreloadHolder {
private final static CertBlacklist blacklist = new CertBlacklist();
}
- // END android-added
+ // END Android-added: Avoid loading blacklist during class init
public CertPathValidatorResult engineValidate(
CertPath certPath,
@@ -105,7 +105,7 @@
{
throw new CertPathValidatorException("Certification path is empty.", null, certPath, -1);
}
- // BEGIN android-added
+ // BEGIN Android-added: Support blacklisting known-bad certs
{
X509Certificate cert = (X509Certificate) certs.get(0);
@@ -120,7 +120,7 @@
}
}
}
- // END android-added
+ // END Android-added: Support blacklisting known-bad certs
//
// (b)
@@ -300,7 +300,7 @@
for (index = certs.size() - 1; index >= 0; index--)
{
- // BEGIN android-added
+ // BEGIN Android-added: Support blacklisting known-bad certs
if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) {
// emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
String message = "Certificate revocation of public key " + workingPublicKey;
@@ -308,7 +308,7 @@
AnnotatedException e = new AnnotatedException(message);
throw new CertPathValidatorException(e.getMessage(), e, certPath, index);
}
- // END android-added
+ // END Android-added: Support blacklisting known-bad certs
// try
// {
//
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java
index 4a0166b..a35fa65 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java
@@ -58,9 +58,9 @@
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.KeyUsage;
-// BEGIN android-added
+// BEGIN Android-added: Unknown reason
import org.bouncycastle.asn1.x509.X509Name;
-// END android-added
+// END Android-added: Unknown reason
import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
@@ -570,20 +570,20 @@
}
}
- // BEGIN android-changed
+ // BEGIN Android-added: Cache encoded certificates
private byte[] encoded;
- // END android-changed
+ // END Android-added: Cache encoded certificates
public byte[] getEncoded()
throws CertificateEncodingException
{
try
{
- // BEGIN android-changed
+ // BEGIN Android-changed: Cache encoded certificates
if (encoded == null) {
encoded = c.getEncoded(ASN1Encoding.DER);
}
return encoded;
- // END android-changed
+ // END Android-changed: Cache encoded certificates
}
catch (IOException e)
{
@@ -904,9 +904,9 @@
list.add(genName.getEncoded());
break;
case GeneralName.directoryName:
- // BEGIN android-changed
+ // BEGIN Android-changed: Unknown reason
list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
- // END android-changed
+ // END Android-changed: Unknown reason
break;
case GeneralName.dNSName:
case GeneralName.rfc822Name:
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java
index b12b1df..a2ac86f 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java
@@ -14,9 +14,8 @@
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERNull;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -68,14 +67,16 @@
if (params != null && !derNull.equals(params))
{
- // BEGIN android-removed
- // if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
- // {
- // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
- //
- // return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
+ {
+ RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
+
+ return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
+ }
+ */
+ // END Android-removed: Unsupported algorithms
if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2))
{
ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params);
@@ -118,24 +119,26 @@
{
return "SHA512";
}
- // BEGIN android-removed
- // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
- // {
- // return "RIPEMD128";
- // }
- // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
- // {
- // return "RIPEMD160";
- // }
- // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
- // {
- // return "RIPEMD256";
- // }
- // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
- // {
- // return "GOST3411";
- // }
- // END android-removed
+ // BEGIN Android-removed: Unsupported algorithms
+ /*
+ else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+ {
+ return "RIPEMD128";
+ }
+ else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+ {
+ return "RIPEMD160";
+ }
+ else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+ {
+ return "RIPEMD256";
+ }
+ else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+ {
+ return "GOST3411";
+ }
+ */
+ // END Android-removed: Unsupported algorithms
else
{
return digestAlgOID.getId();
diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java b/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java
index ecf910f..4762ec5 100644
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java
+++ b/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java
@@ -25,16 +25,14 @@
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERNull;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-// BEGIN android-removed
+// Android-removed: Unsupported algorithms
// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-// END android-removed
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.jce.X509Principal;
@@ -48,10 +46,10 @@
static
{
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
// algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
@@ -69,14 +67,14 @@
algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
// algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
// algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
// algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
// algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
// algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
@@ -89,13 +87,13 @@
algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
// algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
// algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
// algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
// algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
//
// According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
@@ -115,10 +113,10 @@
//
// RFC 4491
//
- // BEGIN android-removed
+ // BEGIN Android-removed: Unsupported algorithms
// noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
// noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
- // END android-removed
+ // END Android-removed: Unsupported algorithms
//
// explicit params
diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java b/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java
index 28bf550..325b8fb 100644
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java
@@ -38,7 +38,6 @@
import org.bouncycastle.jcajce.util.BCJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.X509Principal;
-
import org.bouncycastle.x509.extension.X509ExtensionUtil;
/**
diff --git a/bouncycastle.config b/bouncycastle.config
deleted file mode 100644
index 12ccaaa..0000000
--- a/bouncycastle.config
+++ /dev/null
@@ -1,691 +0,0 @@
-# directories
-UNNEEDED_BCPROV_SOURCES=" \
-org/bouncycastle/asn1/bsi \
-org/bouncycastle/asn1/cmp \
-org/bouncycastle/asn1/cms/ecc \
-org/bouncycastle/asn1/crmf \
-org/bouncycastle/asn1/cryptopro \
-org/bouncycastle/asn1/dvcs \
-org/bouncycastle/asn1/esf \
-org/bouncycastle/asn1/ess \
-org/bouncycastle/asn1/gnu \
-org/bouncycastle/asn1/icao \
-org/bouncycastle/asn1/microsoft \
-org/bouncycastle/asn1/mozilla \
-org/bouncycastle/asn1/ocsp \
-org/bouncycastle/asn1/smime \
-org/bouncycastle/asn1/test \
-org/bouncycastle/asn1/tsp \
-org/bouncycastle/asn1/ua \
-org/bouncycastle/asn1/x509/qualified \
-org/bouncycastle/asn1/x509/sigi \
-org/bouncycastle/crypto/agreement/jpake \
-org/bouncycastle/crypto/agreement/kdf \
-org/bouncycastle/crypto/agreement/srp \
-org/bouncycastle/crypto/agreement/test \
-org/bouncycastle/crypto/commitments \
-org/bouncycastle/crypto/ec/test \
-org/bouncycastle/crypto/examples \
-org/bouncycastle/crypto/kems \
-org/bouncycastle/crypto/parsers \
-org/bouncycastle/crypto/prng \
-org/bouncycastle/crypto/test/ \
-org/bouncycastle/crypto/tls/ \
-org/bouncycastle/i18n/ \
-org/bouncycastle/jcajce/io \
-org/bouncycastle/jcajce/provider/asymmetric/dstu \
-org/bouncycastle/jcajce/provider/asymmetric/ecgost \
-org/bouncycastle/jcajce/provider/asymmetric/elgamal \
-org/bouncycastle/jcajce/provider/asymmetric/gost \
-org/bouncycastle/jcajce/provider/asymmetric/ies \
-org/bouncycastle/jce/examples \
-org/bouncycastle/jce/provider/test \
-org/bouncycastle/math/ec/custom/djb \
-org/bouncycastle/math/ec/tools \
-org/bouncycastle/ocsp \
-org/bouncycastle/pqc \
-org/bouncycastle/util/test \
-org/bouncycastle/x509/examples \
-"
-
-# files
-UNNEEDED_BCPROV_SOURCES+=" \
-org/bouncycastle/LICENSE.java \
-org/bouncycastle/asn1/BERSequenceGenerator.java \
-org/bouncycastle/asn1/DERGenerator.java \
-org/bouncycastle/asn1/DERSequenceGenerator.java \
-org/bouncycastle/asn1/DERT61UTF8String.java \
-org/bouncycastle/asn1/cms/AuthEnvelopedData.java \
-org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java \
-org/bouncycastle/asn1/cms/AuthenticatedData.java \
-org/bouncycastle/asn1/cms/AuthenticatedDataParser.java \
-org/bouncycastle/asn1/cms/CCMParameters.java \
-org/bouncycastle/asn1/cms/CompressedData.java \
-org/bouncycastle/asn1/cms/CompressedDataParser.java \
-org/bouncycastle/asn1/cms/ContentInfoParser.java \
-org/bouncycastle/asn1/cms/DigestedData.java \
-org/bouncycastle/asn1/cms/EncryptedContentInfo.java \
-org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java \
-org/bouncycastle/asn1/cms/EncryptedData.java \
-org/bouncycastle/asn1/cms/EnvelopedData.java \
-org/bouncycastle/asn1/cms/EnvelopedDataParser.java \
-org/bouncycastle/asn1/cms/Evidence.java \
-org/bouncycastle/asn1/cms/KEKIdentifier.java \
-org/bouncycastle/asn1/cms/KEKRecipientInfo.java \
-org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java \
-org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java \
-org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java \
-org/bouncycastle/asn1/cms/MetaData.java \
-org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java \
-org/bouncycastle/asn1/cms/OriginatorInfo.java \
-org/bouncycastle/asn1/cms/OriginatorPublicKey.java \
-org/bouncycastle/asn1/cms/OtherKeyAttribute.java \
-org/bouncycastle/asn1/cms/OtherRecipientInfo.java \
-org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java \
-org/bouncycastle/asn1/cms/PasswordRecipientInfo.java \
-org/bouncycastle/asn1/cms/RecipientEncryptedKey.java \
-org/bouncycastle/asn1/cms/RecipientIdentifier.java \
-org/bouncycastle/asn1/cms/RecipientInfo.java \
-org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java \
-org/bouncycastle/asn1/cms/SCVPReqRes.java \
-org/bouncycastle/asn1/cms/SignedDataParser.java \
-org/bouncycastle/asn1/cms/TimeStampAndCRL.java \
-org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java \
-org/bouncycastle/asn1/cms/TimeStampedData.java \
-org/bouncycastle/asn1/cms/TimeStampedDataParser.java \
-org/bouncycastle/asn1/eac/BidirectionalMap.java \
-org/bouncycastle/asn1/eac/CVCertificate.java \
-org/bouncycastle/asn1/eac/CVCertificateRequest.java \
-org/bouncycastle/asn1/eac/CertificateBody.java \
-org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java \
-org/bouncycastle/asn1/eac/CertificateHolderReference.java \
-org/bouncycastle/asn1/eac/CertificationAuthorityReference.java \
-org/bouncycastle/asn1/eac/EACTags.java \
-org/bouncycastle/asn1/eac/ECDSAPublicKey.java \
-org/bouncycastle/asn1/eac/Flags.java \
-org/bouncycastle/asn1/eac/PackedDate.java \
-org/bouncycastle/asn1/eac/PublicKeyDataObject.java \
-org/bouncycastle/asn1/eac/RSAPublicKey.java \
-org/bouncycastle/asn1/eac/UnsignedInteger.java \
-org/bouncycastle/asn1/isismtt/ocsp/CertHash.java \
-org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java \
-org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java \
-org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java \
-org/bouncycastle/asn1/isismtt/x509/Admissions.java \
-org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java \
-org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java \
-org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java \
-org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java \
-org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java \
-org/bouncycastle/asn1/isismtt/x509/Restriction.java \
-org/bouncycastle/asn1/misc/CAST5CBCParameters.java \
-org/bouncycastle/asn1/misc/IDEACBCPar.java \
-org/bouncycastle/asn1/oiw/ElGamalParameter.java \
-org/bouncycastle/asn1/pkcs/Attribute.java \
-org/bouncycastle/asn1/pkcs/RC2CBCParameter.java \
-org/bouncycastle/asn1/pkcs/SignerInfo.java \
-org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java \
-org/bouncycastle/asn1/util/DERDump.java \
-org/bouncycastle/asn1/util/Dump.java \
-org/bouncycastle/asn1/x509/AccessDescription.java \
-org/bouncycastle/asn1/x509/AuthorityInformationAccess.java \
-org/bouncycastle/asn1/x509/CertPolicyId.java \
-org/bouncycastle/asn1/x509/CertificatePair.java \
-org/bouncycastle/asn1/x509/CertificatePolicies.java \
-org/bouncycastle/asn1/x509/DisplayText.java \
-org/bouncycastle/asn1/x509/GeneralNamesBuilder.java \
-org/bouncycastle/asn1/x509/IetfAttrSyntax.java \
-org/bouncycastle/asn1/x509/NoticeReference.java \
-org/bouncycastle/asn1/x509/PolicyMappings.java \
-org/bouncycastle/asn1/x509/PolicyQualifierId.java \
-org/bouncycastle/asn1/x509/PolicyQualifierInfo.java \
-org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java \
-org/bouncycastle/asn1/x509/RoleSyntax.java \
-org/bouncycastle/asn1/x509/SubjectDirectoryAttributes.java \
-org/bouncycastle/asn1/x509/Target.java \
-org/bouncycastle/asn1/x509/TargetInformation.java \
-org/bouncycastle/asn1/x509/Targets.java \
-org/bouncycastle/asn1/x509/UserNotice.java \
-org/bouncycastle/asn1/x509/V2AttributeCertificateInfoGenerator.java \
-org/bouncycastle/asn1/x509/V2TBSCertListGenerator.java \
-org/bouncycastle/asn1/x509/X509AttributeIdentifiers.java \
-org/bouncycastle/asn1/x9/KeySpecificInfo.java \
-org/bouncycastle/asn1/x9/OtherInfo.java \
-org/bouncycastle/crypto/BufferedAsymmetricBlockCipher.java \
-org/bouncycastle/crypto/Commitment.java \
-org/bouncycastle/crypto/Committer.java \
-org/bouncycastle/crypto/DigestDerivationFunction.java \
-org/bouncycastle/crypto/EphemeralKeyPair.java \
-org/bouncycastle/crypto/KeyEncapsulation.java \
-org/bouncycastle/crypto/KeyEncoder.java \
-org/bouncycastle/crypto/KeyParser.java \
-org/bouncycastle/crypto/MacDerivationFunction.java \
-org/bouncycastle/crypto/MaxBytesExceededException.java \
-org/bouncycastle/crypto/agreement/DHAgreement.java \
-org/bouncycastle/crypto/agreement/DHStandardGroups.java \
-org/bouncycastle/crypto/agreement/ECDHCBasicAgreement.java \
-org/bouncycastle/crypto/agreement/ECMQVBasicAgreement.java \
-org/bouncycastle/crypto/generators/BCrypt.java \
-org/bouncycastle/crypto/generators/OpenBSDBCrypt.java \
-org/bouncycastle/crypto/digests/GOST3411Digest.java \
-org/bouncycastle/crypto/digests/MD2Digest.java \
-org/bouncycastle/crypto/digests/MD4Digest.java \
-org/bouncycastle/crypto/digests/NonMemoableDigest.java \
-org/bouncycastle/crypto/digests/RIPEMD128Digest.java \
-org/bouncycastle/crypto/digests/RIPEMD160Digest.java \
-org/bouncycastle/crypto/digests/RIPEMD256Digest.java \
-org/bouncycastle/crypto/digests/RIPEMD320Digest.java \
-org/bouncycastle/crypto/digests/SHA3Digest.java \
-org/bouncycastle/crypto/digests/SHA512tDigest.java \
-org/bouncycastle/crypto/digests/SM3Digest.java \
-org/bouncycastle/crypto/digests/ShortenedDigest.java \
-org/bouncycastle/crypto/digests/SkeinDigest.java \
-org/bouncycastle/crypto/digests/SkeinEngine.java \
-org/bouncycastle/crypto/digests/TigerDigest.java \
-org/bouncycastle/crypto/digests/WhirlpoolDigest.java \
-org/bouncycastle/crypto/ec/ECDecryptor.java \
-org/bouncycastle/crypto/ec/ECElGamalDecryptor.java \
-org/bouncycastle/crypto/ec/ECElGamalEncryptor.java \
-org/bouncycastle/crypto/ec/ECEncryptor.java \
-org/bouncycastle/crypto/ec/ECFixedTransform.java \
-org/bouncycastle/crypto/ec/ECNewPublicKeyTransform.java \
-org/bouncycastle/crypto/ec/ECNewRandomnessTransform.java \
-org/bouncycastle/crypto/ec/ECPair.java \
-org/bouncycastle/crypto/ec/ECPairFactorTransform.java \
-org/bouncycastle/crypto/ec/ECPairTransform.java \
-org/bouncycastle/crypto/ec/ECUtil.java \
-org/bouncycastle/crypto/encodings/ISO9796d1Encoding.java \
-org/bouncycastle/crypto/engines/AESLightEngine.java \
-org/bouncycastle/crypto/engines/AESWrapPadEngine.java \
-org/bouncycastle/crypto/engines/CAST5Engine.java \
-org/bouncycastle/crypto/engines/CAST6Engine.java \
-org/bouncycastle/crypto/engines/CamelliaEngine.java \
-org/bouncycastle/crypto/engines/CamelliaLightEngine.java \
-org/bouncycastle/crypto/engines/CamelliaWrapEngine.java \
-org/bouncycastle/crypto/engines/ChaChaEngine.java \
-org/bouncycastle/crypto/engines/CramerShoupCiphertext.java \
-org/bouncycastle/crypto/engines/CramerShoupCoreEngine.java \
-org/bouncycastle/crypto/engines/ElGamalEngine.java \
-org/bouncycastle/crypto/engines/GOST28147Engine.java \
-org/bouncycastle/crypto/engines/Grain128Engine.java \
-org/bouncycastle/crypto/engines/Grainv1Engine.java \
-org/bouncycastle/crypto/engines/HC128Engine.java \
-org/bouncycastle/crypto/engines/HC256Engine.java \
-org/bouncycastle/crypto/engines/IDEAEngine.java \
-org/bouncycastle/crypto/engines/IESEngine.java \
-org/bouncycastle/crypto/engines/ISAACEngine.java \
-org/bouncycastle/crypto/engines/NaccacheSternEngine.java \
-org/bouncycastle/crypto/engines/NoekeonEngine.java \
-org/bouncycastle/crypto/engines/NullEngine.java \
-org/bouncycastle/crypto/engines/RC2WrapEngine.java \
-org/bouncycastle/crypto/engines/RC532Engine.java \
-org/bouncycastle/crypto/engines/RC564Engine.java \
-org/bouncycastle/crypto/engines/RC6Engine.java \
-org/bouncycastle/crypto/engines/RFC3211WrapEngine.java \
-org/bouncycastle/crypto/engines/RFC5649WrapEngine.java \
-org/bouncycastle/crypto/engines/RSABlindingEngine.java \
-org/bouncycastle/crypto/engines/RSAEngine.java \
-org/bouncycastle/crypto/engines/RijndaelEngine.java \
-org/bouncycastle/crypto/engines/SEEDEngine.java \
-org/bouncycastle/crypto/engines/SEEDWrapEngine.java \
-org/bouncycastle/crypto/engines/Salsa20Engine.java \
-org/bouncycastle/crypto/engines/SerpentEngine.java \
-org/bouncycastle/crypto/engines/Shacal2Engine.java \
-org/bouncycastle/crypto/engines/SkipjackEngine.java \
-org/bouncycastle/crypto/engines/TEAEngine.java \
-org/bouncycastle/crypto/engines/ThreefishEngine.java \
-org/bouncycastle/crypto/engines/VMPCEngine.java \
-org/bouncycastle/crypto/engines/VMPCKSA3Engine.java \
-org/bouncycastle/crypto/engines/XSalsa20Engine.java \
-org/bouncycastle/crypto/engines/XTEAEngine.java \
-org/bouncycastle/crypto/generators/BaseKDFBytesGenerator.java \
-org/bouncycastle/crypto/generators/CramerShoupKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/CramerShoupParametersGenerator.java \
-org/bouncycastle/crypto/generators/DHKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/DSTU4145KeyPairGenerator.java \
-org/bouncycastle/crypto/generators/ElGamalKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/ElGamalParametersGenerator.java \
-org/bouncycastle/crypto/generators/EphemeralKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/GOST3410KeyPairGenerator.java \
-org/bouncycastle/crypto/generators/GOST3410ParametersGenerator.java \
-org/bouncycastle/crypto/generators/HKDFBytesGenerator.java \
-org/bouncycastle/crypto/generators/KDF1BytesGenerator.java \
-org/bouncycastle/crypto/generators/KDF2BytesGenerator.java \
-org/bouncycastle/crypto/generators/KDFCounterBytesGenerator.java \
-org/bouncycastle/crypto/generators/KDFDoublePipelineIterationBytesGenerator.java \
-org/bouncycastle/crypto/generators/KDFFeedbackBytesGenerator.java \
-org/bouncycastle/crypto/generators/MGF1BytesGenerator.java \
-org/bouncycastle/crypto/generators/NaccacheSternKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/Poly1305KeyGenerator.java \
-org/bouncycastle/crypto/generators/RSABlindingFactorGenerator.java \
-org/bouncycastle/crypto/generators/SCrypt.java \
-org/bouncycastle/crypto/io/CipherIOException.java \
-org/bouncycastle/crypto/io/CipherInputStream.java \
-org/bouncycastle/crypto/io/CipherOutputStream.java \
-org/bouncycastle/crypto/io/InvalidCipherTextIOException.java \
-org/bouncycastle/crypto/io/SignerInputStream.java \
-org/bouncycastle/crypto/io/SignerOutputStream.java \
-org/bouncycastle/crypto/macs/BlockCipherMac.java \
-org/bouncycastle/crypto/macs/CFBBlockCipherMac.java \
-org/bouncycastle/crypto/macs/CMac.java \
-org/bouncycastle/crypto/macs/CMacWithIV.java \
-org/bouncycastle/crypto/macs/GMac.java \
-org/bouncycastle/crypto/macs/GOST28147Mac.java \
-org/bouncycastle/crypto/macs/ISO9797Alg3Mac.java \
-org/bouncycastle/crypto/macs/OldHMac.java \
-org/bouncycastle/crypto/macs/Poly1305.java \
-org/bouncycastle/crypto/macs/SipHash.java \
-org/bouncycastle/crypto/macs/SkeinMac.java \
-org/bouncycastle/crypto/macs/VMPCMac.java \
-org/bouncycastle/crypto/modes/EAXBlockCipher.java \
-org/bouncycastle/crypto/modes/GCFBBlockCipher.java \
-org/bouncycastle/crypto/modes/GOFBBlockCipher.java \
-org/bouncycastle/crypto/modes/OCBBlockCipher.java \
-org/bouncycastle/crypto/modes/OldCTSBlockCipher.java \
-org/bouncycastle/crypto/modes/OpenPGPCFBBlockCipher.java \
-org/bouncycastle/crypto/modes/NISTCTSBlockCipher.java \
-org/bouncycastle/crypto/modes/PGPCFBBlockCipher.java \
-org/bouncycastle/crypto/modes/PaddedBlockCipher.java \
-org/bouncycastle/crypto/modes/gcm/BasicGCMExponentiator.java \
-org/bouncycastle/crypto/modes/gcm/BasicGCMMultiplier.java \
-org/bouncycastle/crypto/modes/gcm/Tables64kGCMMultiplier.java \
-org/bouncycastle/crypto/params/CCMParameters.java \
-org/bouncycastle/crypto/params/CramerShoupKeyGenerationParameters.java \
-org/bouncycastle/crypto/params/CramerShoupKeyParameters.java \
-org/bouncycastle/crypto/params/CramerShoupParameters.java \
-org/bouncycastle/crypto/params/CramerShoupPrivateKeyParameters.java \
-org/bouncycastle/crypto/params/CramerShoupPublicKeyParameters.java \
-org/bouncycastle/crypto/params/ElGamalKeyGenerationParameters.java \
-org/bouncycastle/crypto/params/ElGamalKeyParameters.java \
-org/bouncycastle/crypto/params/ElGamalParameters.java \
-org/bouncycastle/crypto/params/ElGamalPrivateKeyParameters.java \
-org/bouncycastle/crypto/params/ElGamalPublicKeyParameters.java \
-org/bouncycastle/crypto/params/GOST3410KeyGenerationParameters.java \
-org/bouncycastle/crypto/params/GOST3410KeyParameters.java \
-org/bouncycastle/crypto/params/GOST3410Parameters.java \
-org/bouncycastle/crypto/params/GOST3410PrivateKeyParameters.java \
-org/bouncycastle/crypto/params/GOST3410PublicKeyParameters.java \
-org/bouncycastle/crypto/params/GOST3410ValidationParameters.java \
-org/bouncycastle/crypto/params/HKDFParameters.java \
-org/bouncycastle/crypto/params/IESParameters.java \
-org/bouncycastle/crypto/params/IESWithCipherParameters.java \
-org/bouncycastle/crypto/params/ISO18033KDFParameters.java \
-org/bouncycastle/crypto/params/KDFCounterParameters.java \
-org/bouncycastle/crypto/params/KDFDoublePipelineIterationParameters.java \
-org/bouncycastle/crypto/params/KDFFeedbackParameters.java \
-org/bouncycastle/crypto/params/KDFParameters.java \
-org/bouncycastle/crypto/params/MGFParameters.java \
-org/bouncycastle/crypto/params/MQVPrivateParameters.java \
-org/bouncycastle/crypto/params/MQVPublicParameters.java \
-org/bouncycastle/crypto/params/NaccacheSternKeyGenerationParameters.java \
-org/bouncycastle/crypto/params/NaccacheSternKeyParameters.java \
-org/bouncycastle/crypto/params/NaccacheSternPrivateKeyParameters.java \
-org/bouncycastle/crypto/params/ParametersWithSBox.java \
-org/bouncycastle/crypto/params/ParametersWithSalt.java \
-org/bouncycastle/crypto/params/RC5Parameters.java \
-org/bouncycastle/crypto/params/RSABlindingParameters.java \
-org/bouncycastle/crypto/params/SRP6GroupParameters.java \
-org/bouncycastle/crypto/params/SkeinParameters.java \
-org/bouncycastle/crypto/params/TweakableBlockCipherParameters.java \
-org/bouncycastle/crypto/signers/DSADigestSigner.java \
-org/bouncycastle/crypto/signers/DSTU4145Signer.java \
-org/bouncycastle/crypto/signers/ECGOST3410Signer.java \
-org/bouncycastle/crypto/signers/ECNRSigner.java \
-org/bouncycastle/crypto/signers/GOST3410Signer.java \
-org/bouncycastle/crypto/signers/GenericSigner.java \
-org/bouncycastle/crypto/signers/HMacDSAKCalculator.java \
-org/bouncycastle/crypto/signers/ISO9796d2PSSSigner.java \
-org/bouncycastle/crypto/signers/ISO9796d2Signer.java \
-org/bouncycastle/crypto/signers/PSSSigner.java \
-org/bouncycastle/crypto/signers/X931Signer.java \
-org/bouncycastle/crypto/util/PrivateKeyInfoFactory.java \
-org/bouncycastle/crypto/util/SubjectPublicKeyInfoFactory.java \
-org/bouncycastle/jcajce/PKCS12Key.java \
-org/bouncycastle/jcajce/PKCS12KeyWithParameters.java \
-org/bouncycastle/jcajce/provider/asymmetric/DSTU4145.java \
-org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java \
-org/bouncycastle/jcajce/provider/asymmetric/ElGamal.java \
-org/bouncycastle/jcajce/provider/asymmetric/GOST.java \
-org/bouncycastle/jcajce/provider/asymmetric/IES.java \
-org/bouncycastle/jcajce/provider/asymmetric/dh/IESCipher.java \
-org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java \
-org/bouncycastle/jcajce/provider/asymmetric/rsa/ISOSignatureSpi.java \
-org/bouncycastle/jcajce/provider/asymmetric/rsa/PSSSignatureSpi.java \
-org/bouncycastle/jcajce/provider/asymmetric/rsa/X931SignatureSpi.java \
-org/bouncycastle/jcajce/provider/asymmetric/util/GOST3410Util.java \
-org/bouncycastle/jcajce/provider/asymmetric/util/IESUtil.java \
-org/bouncycastle/jcajce/provider/digest/GOST3411.java \
-org/bouncycastle/jcajce/provider/digest/MD2.java \
-org/bouncycastle/jcajce/provider/digest/MD4.java \
-org/bouncycastle/jcajce/provider/digest/RIPEMD128.java \
-org/bouncycastle/jcajce/provider/digest/RIPEMD160.java \
-org/bouncycastle/jcajce/provider/digest/RIPEMD256.java \
-org/bouncycastle/jcajce/provider/digest/RIPEMD320.java \
-org/bouncycastle/jcajce/provider/digest/SHA3.java \
-org/bouncycastle/jcajce/provider/digest/SM3.java \
-org/bouncycastle/jcajce/provider/digest/Skein.java \
-org/bouncycastle/jcajce/provider/digest/Tiger.java \
-org/bouncycastle/jcajce/provider/digest/Whirlpool.java \
-org/bouncycastle/jcajce/provider/symmetric/CAST5.java \
-org/bouncycastle/jcajce/provider/symmetric/CAST6.java \
-org/bouncycastle/jcajce/provider/symmetric/Camellia.java \
-org/bouncycastle/jcajce/provider/symmetric/ChaCha.java \
-org/bouncycastle/jcajce/provider/symmetric/GOST28147.java \
-org/bouncycastle/jcajce/provider/symmetric/Grain128.java \
-org/bouncycastle/jcajce/provider/symmetric/Grainv1.java \
-org/bouncycastle/jcajce/provider/symmetric/HC128.java \
-org/bouncycastle/jcajce/provider/symmetric/HC256.java \
-org/bouncycastle/jcajce/provider/symmetric/IDEA.java \
-org/bouncycastle/jcajce/provider/symmetric/Noekeon.java \
-org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java \
-org/bouncycastle/jcajce/provider/symmetric/RC5.java \
-org/bouncycastle/jcajce/provider/symmetric/RC6.java \
-org/bouncycastle/jcajce/provider/symmetric/Rijndael.java \
-org/bouncycastle/jcajce/provider/symmetric/SEED.java \
-org/bouncycastle/jcajce/provider/symmetric/Salsa20.java \
-org/bouncycastle/jcajce/provider/symmetric/Serpent.java \
-org/bouncycastle/jcajce/provider/symmetric/Shacal2.java \
-org/bouncycastle/jcajce/provider/symmetric/SipHash.java \
-org/bouncycastle/jcajce/provider/symmetric/Skipjack.java \
-org/bouncycastle/jcajce/provider/symmetric/TEA.java \
-org/bouncycastle/jcajce/provider/symmetric/Threefish.java \
-org/bouncycastle/jcajce/provider/symmetric/VMPC.java \
-org/bouncycastle/jcajce/provider/symmetric/VMPCKSA3.java \
-org/bouncycastle/jcajce/provider/symmetric/XSalsa20.java \
-org/bouncycastle/jcajce/provider/symmetric/XTEA.java \
-org/bouncycastle/jcajce/spec/GOST28147ParameterSpec.java \
-org/bouncycastle/jcajce/spec/RepeatedSecretKeySpec.java \
-org/bouncycastle/jcajce/spec/SkeinParameterSpec.java \
-org/bouncycastle/jce/ECGOST3410NamedCurveTable.java \
-org/bouncycastle/jce/ECKeyUtil.java \
-org/bouncycastle/jce/ECPointUtil.java \
-org/bouncycastle/jce/MultiCertStoreParameters.java \
-org/bouncycastle/jce/PKCS12Util.java \
-org/bouncycastle/jce/X509KeyUsage.java \
-org/bouncycastle/jce/X509LDAPCertStoreParameters.java \
-org/bouncycastle/jce/exception/ExtCertificateEncodingException.java \
-org/bouncycastle/jce/exception/ExtIOException.java \
-org/bouncycastle/jce/interfaces/ElGamalKey.java \
-org/bouncycastle/jce/interfaces/ElGamalPrivateKey.java \
-org/bouncycastle/jce/interfaces/ElGamalPublicKey.java \
-org/bouncycastle/jce/interfaces/GOST3410Key.java \
-org/bouncycastle/jce/interfaces/GOST3410Params.java \
-org/bouncycastle/jce/interfaces/GOST3410PrivateKey.java \
-org/bouncycastle/jce/interfaces/GOST3410PublicKey.java \
-org/bouncycastle/jce/interfaces/IESKey.java \
-org/bouncycastle/jce/interfaces/MQVPrivateKey.java \
-org/bouncycastle/jce/interfaces/MQVPublicKey.java \
-org/bouncycastle/jce/provider/BrokenJCEBlockCipher.java \
-org/bouncycastle/jce/provider/BrokenKDF2BytesGenerator.java \
-org/bouncycastle/jce/provider/BrokenPBE.java \
-org/bouncycastle/jce/provider/JCEElGamalPrivateKey.java \
-org/bouncycastle/jce/provider/JCEElGamalPublicKey.java \
-org/bouncycastle/jce/provider/MultiCertStoreSpi.java \
-org/bouncycastle/jce/provider/PKIXAttrCertPathBuilderSpi.java \
-org/bouncycastle/jce/provider/PKIXAttrCertPathValidatorSpi.java \
-org/bouncycastle/jce/provider/RFC3281CertPathUtilities.java \
-org/bouncycastle/jce/provider/X509AttrCertParser.java \
-org/bouncycastle/jce/provider/X509CRLParser.java \
-org/bouncycastle/jce/provider/X509CertPairParser.java \
-org/bouncycastle/jce/provider/X509CertParser.java \
-org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java \
-org/bouncycastle/jce/provider/X509StoreAttrCertCollection.java \
-org/bouncycastle/jce/provider/X509StoreCRLCollection.java \
-org/bouncycastle/jce/provider/X509StoreCertCollection.java \
-org/bouncycastle/jce/provider/X509StoreCertPairCollection.java \
-org/bouncycastle/jce/provider/X509StoreLDAPAttrCerts.java \
-org/bouncycastle/jce/provider/X509StoreLDAPCRLs.java \
-org/bouncycastle/jce/provider/X509StoreLDAPCertPairs.java \
-org/bouncycastle/jce/provider/X509StoreLDAPCerts.java \
-org/bouncycastle/jce/spec/ElGamalGenParameterSpec.java \
-org/bouncycastle/jce/spec/ElGamalKeySpec.java \
-org/bouncycastle/jce/spec/ElGamalParameterSpec.java \
-org/bouncycastle/jce/spec/ElGamalPrivateKeySpec.java \
-org/bouncycastle/jce/spec/ElGamalPublicKeySpec.java \
-org/bouncycastle/jce/spec/GOST28147ParameterSpec.java \
-org/bouncycastle/jce/spec/GOST3410ParameterSpec.java \
-org/bouncycastle/jce/spec/GOST3410PrivateKeySpec.java \
-org/bouncycastle/jce/spec/GOST3410PublicKeyParameterSetSpec.java \
-org/bouncycastle/jce/spec/GOST3410PublicKeySpec.java \
-org/bouncycastle/jce/spec/IEKeySpec.java \
-org/bouncycastle/jce/spec/IESParameterSpec.java \
-org/bouncycastle/jce/spec/MQVPrivateKeySpec.java \
-org/bouncycastle/jce/spec/MQVPublicKeySpec.java \
-org/bouncycastle/jce/spec/RepeatedSecretKeySpec.java \
-org/bouncycastle/math/ec/DoubleAddMultiplier.java \
-org/bouncycastle/math/ec/MixedNafR2LMultiplier.java \
-org/bouncycastle/math/ec/MontgomeryLadderMultiplier.java \
-org/bouncycastle/math/ec/NafL2RMultiplier.java \
-org/bouncycastle/math/ec/NafR2LMultiplier.java \
-org/bouncycastle/math/ec/ReferenceMultiplier.java \
-org/bouncycastle/math/ec/ScaleYPointMap.java \
-org/bouncycastle/math/ec/ZSignedDigitL2RMultiplier.java \
-org/bouncycastle/math/ec/ZSignedDigitR2LMultiplier.java \
-org/bouncycastle/math/raw/Mont256.java \
-org/bouncycastle/util/MemoableResetException.java \
-org/bouncycastle/util/Shorts.java \
-org/bouncycastle/util/StreamParser.java \
-org/bouncycastle/util/StreamParsingException.java \
-org/bouncycastle/util/Times.java \
-org/bouncycastle/util/encoders/BufferedDecoder.java \
-org/bouncycastle/util/encoders/BufferedEncoder.java \
-org/bouncycastle/util/encoders/HexTranslator.java \
-org/bouncycastle/util/encoders/Translator.java \
-org/bouncycastle/util/encoders/UrlBase64.java \
-org/bouncycastle/util/encoders/UrlBase64Encoder.java \
-org/bouncycastle/util/io/BufferingOutputStream.java \
-org/bouncycastle/x509/CertPathReviewerException.java \
-org/bouncycastle/x509/CertPathReviewerMessages_de.properties \
-org/bouncycastle/x509/NoSuchParserException.java \
-org/bouncycastle/x509/PKIXCRLUtil.java \
-org/bouncycastle/x509/PKIXCertPathReviewer.java \
-org/bouncycastle/x509/CertPathValidatorUtilities.java \
-org/bouncycastle/x509/CertStatus.java \
-org/bouncycastle/x509/X509AttributeCertStoreSelector.java \
-org/bouncycastle/x509/X509CertPairStoreSelector.java \
-org/bouncycastle/x509/X509CertificatePair.java \
-org/bouncycastle/x509/X509Store.java \
-org/bouncycastle/x509/X509StreamParser.java \
-org/bouncycastle/x509/X509StreamParserSpi.java \
-org/bouncycastle/x509/X509V2CRLGenerator.java \
-org/bouncycastle/x509/util/LDAPStoreHelper.java \
-org/bouncycastle/x509/util/StreamParser.java \
-org/bouncycastle/x509/util/StreamParsingException.java \
-"
-
-# directories
-UNNEEDED_BCPKIX_SOURCES=" \
-docs \
-org/bouncycastle/cert/bc \
-org/bouncycastle/cert/cmp \
-org/bouncycastle/cert/crmf \
-org/bouncycastle/cert/dane \
-org/bouncycastle/cert/ocsp \
-org/bouncycastle/cert/path \
-org/bouncycastle/cert/selector/jcajce \
-org/bouncycastle/cert/test \
-org/bouncycastle/cms/bc \
-org/bouncycastle/cms/test \
-org/bouncycastle/dvcs \
-org/bouncycastle/eac \
-org/bouncycastle/mozilla \
-org/bouncycastle/openssl \
-org/bouncycastle/operator/test \
-org/bouncycastle/pkcs \
-org/bouncycastle/pkix \
-org/bouncycastle/tsp \
-org/bouncycastle/voms \
-"
-
-# files
-UNNEEDED_BCPKIX_SOURCES+=" \
-org/bouncycastle/cert/CertRuntimeException.java \
-org/bouncycastle/cert/X509ContentVerifierProviderBuilder.java \
-org/bouncycastle/cert/X509ExtensionUtils.java \
-org/bouncycastle/cert/X509v1CertificateBuilder.java \
-org/bouncycastle/cert/X509v2AttributeCertificateBuilder.java \
-org/bouncycastle/cert/X509v2CRLBuilder.java \
-org/bouncycastle/cert/X509v3CertificateBuilder.java \
-org/bouncycastle/cert/jcajce/CertHelper.java \
-org/bouncycastle/cert/jcajce/DefaultCertHelper.java \
-org/bouncycastle/cert/jcajce/JcaAttrCertStore.java \
-org/bouncycastle/cert/jcajce/JcaAttributeCertificateIssuer.java \
-org/bouncycastle/cert/jcajce/JcaCRLStore.java \
-org/bouncycastle/cert/jcajce/JcaCertStoreBuilder.java \
-org/bouncycastle/cert/jcajce/JcaX500NameUtil.java \
-org/bouncycastle/cert/jcajce/JcaX509AttributeCertificateHolder.java \
-org/bouncycastle/cert/jcajce/JcaX509CRLConverter.java \
-org/bouncycastle/cert/jcajce/JcaX509CRLHolder.java \
-org/bouncycastle/cert/jcajce/JcaX509CertificateConverter.java \
-org/bouncycastle/cert/jcajce/JcaX509ContentVerifierProviderBuilder.java \
-org/bouncycastle/cert/jcajce/JcaX509ExtensionUtils.java \
-org/bouncycastle/cert/jcajce/JcaX509v1CertificateBuilder.java \
-org/bouncycastle/cert/jcajce/JcaX509v2CRLBuilder.java \
-org/bouncycastle/cert/jcajce/JcaX509v3CertificateBuilder.java \
-org/bouncycastle/cert/jcajce/NamedCertHelper.java \
-org/bouncycastle/cert/jcajce/ProviderCertHelper.java \
-org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelector.java \
-org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelectorBuilder.java \
-org/bouncycastle/cms/AuthAttributesProvider.java \
-org/bouncycastle/cms/CMSAlgorithm.java \
-org/bouncycastle/cms/CMSAuthEnvelopedData.java \
-org/bouncycastle/cms/CMSAuthEnvelopedGenerator.java \
-org/bouncycastle/cms/CMSAuthenticatedData.java \
-org/bouncycastle/cms/CMSAuthenticatedDataGenerator.java \
-org/bouncycastle/cms/CMSAuthenticatedDataParser.java \
-org/bouncycastle/cms/CMSAuthenticatedDataStreamGenerator.java \
-org/bouncycastle/cms/CMSAuthenticatedGenerator.java \
-org/bouncycastle/cms/CMSCompressedData.java \
-org/bouncycastle/cms/CMSCompressedDataGenerator.java \
-org/bouncycastle/cms/CMSCompressedDataParser.java \
-org/bouncycastle/cms/CMSCompressedDataStreamGenerator.java \
-org/bouncycastle/cms/CMSConfig.java \
-org/bouncycastle/cms/CMSContentInfoParser.java \
-org/bouncycastle/cms/CMSDigestedData.java \
-org/bouncycastle/cms/CMSEncryptedData.java \
-org/bouncycastle/cms/CMSEncryptedDataGenerator.java \
-org/bouncycastle/cms/CMSEncryptedGenerator.java \
-org/bouncycastle/cms/CMSEnvelopedData.java \
-org/bouncycastle/cms/CMSEnvelopedDataGenerator.java \
-org/bouncycastle/cms/CMSEnvelopedDataParser.java \
-org/bouncycastle/cms/CMSEnvelopedDataStreamGenerator.java \
-org/bouncycastle/cms/CMSEnvelopedGenerator.java \
-org/bouncycastle/cms/CMSEnvelopedHelper.java \
-org/bouncycastle/cms/CMSProcessableFile.java \
-org/bouncycastle/cms/CMSProcessableInputStream.java \
-org/bouncycastle/cms/CMSSecureReadable.java \
-org/bouncycastle/cms/CMSSignedDataParser.java \
-org/bouncycastle/cms/CMSSignedDataStreamGenerator.java \
-org/bouncycastle/cms/CMSStreamException.java \
-org/bouncycastle/cms/CMSTypedStream.java \
-org/bouncycastle/cms/DefaultAuthenticatedAttributeTableGenerator.java \
-org/bouncycastle/cms/KEKRecipient.java \
-org/bouncycastle/cms/KEKRecipientId.java \
-org/bouncycastle/cms/KEKRecipientInfoGenerator.java \
-org/bouncycastle/cms/KEKRecipientInformation.java \
-org/bouncycastle/cms/KeyAgreeRecipient.java \
-org/bouncycastle/cms/KeyAgreeRecipientId.java \
-org/bouncycastle/cms/KeyAgreeRecipientInfoGenerator.java \
-org/bouncycastle/cms/KeyAgreeRecipientInformation.java \
-org/bouncycastle/cms/KeyTransRecipient.java \
-org/bouncycastle/cms/KeyTransRecipientId.java \
-org/bouncycastle/cms/KeyTransRecipientInfoGenerator.java \
-org/bouncycastle/cms/KeyTransRecipientInformation.java \
-org/bouncycastle/cms/OriginatorId.java \
-org/bouncycastle/cms/OriginatorInfoGenerator.java \
-org/bouncycastle/cms/OriginatorInformation.java \
-org/bouncycastle/cms/PasswordRecipientId.java \
-org/bouncycastle/cms/PasswordRecipientInfoGenerator.java \
-org/bouncycastle/cms/PasswordRecipientInformation.java \
-org/bouncycastle/cms/RecipientId.java \
-org/bouncycastle/cms/RecipientInfoGenerator.java \
-org/bouncycastle/cms/RecipientInformation.java \
-org/bouncycastle/cms/RecipientInformationStore.java \
-org/bouncycastle/cms/SignerInformationVerifierProvider.java \
-org/bouncycastle/cms/jcajce/CMSUtils.java \
-org/bouncycastle/cms/jcajce/DefaultJcaJceExtHelper.java \
-org/bouncycastle/cms/jcajce/EnvelopedDataHelper.java \
-org/bouncycastle/cms/jcajce/JcaJceExtHelper.java \
-org/bouncycastle/cms/jcajce/JcaSelectorConverter.java \
-org/bouncycastle/cms/jcajce/JcaSignerId.java \
-org/bouncycastle/cms/jcajce/JcaSimpleSignerInfoGeneratorBuilder.java \
-org/bouncycastle/cms/jcajce/JcaX509CertSelectorConverter.java \
-org/bouncycastle/cms/jcajce/JceAlgorithmIdentifierConverter.java \
-org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java \
-org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java \
-org/bouncycastle/cms/jcajce/JceKEKAuthenticatedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKEKEnvelopedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKEKRecipient.java \
-org/bouncycastle/cms/jcajce/JceKEKRecipientInfoGenerator.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeAuthenticatedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeEnvelopedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientId.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientInfoGenerator.java \
-org/bouncycastle/cms/jcajce/JceKeyTransAuthenticatedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyTransEnvelopedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyTransRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyTransRecipientId.java \
-org/bouncycastle/cms/jcajce/JceKeyTransRecipientInfoGenerator.java \
-org/bouncycastle/cms/jcajce/JcePasswordAuthenticatedRecipient.java \
-org/bouncycastle/cms/jcajce/JcePasswordEnvelopedRecipient.java \
-org/bouncycastle/cms/jcajce/JcePasswordRecipient.java \
-org/bouncycastle/cms/jcajce/JcePasswordRecipientInfoGenerator.java \
-org/bouncycastle/cms/jcajce/NamedJcaJceExtHelper.java \
-org/bouncycastle/cms/jcajce/ProviderJcaJceExtHelper.java \
-org/bouncycastle/cms/jcajce/ZlibCompressor.java \
-org/bouncycastle/cms/jcajce/ZlibExpanderProvider.java \
-org/bouncycastle/operator/AlgorithmNameFinder.java \
-org/bouncycastle/operator/AsymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/AsymmetricKeyWrapper.java \
-org/bouncycastle/operator/BufferingContentSigner.java \
-org/bouncycastle/operator/DefaultAlgorithmNameFinder.java \
-org/bouncycastle/operator/DefaultSecretKeySizeProvider.java \
-org/bouncycastle/operator/InputDecryptorProvider.java \
-org/bouncycastle/operator/InputExpander.java \
-org/bouncycastle/operator/InputExpanderProvider.java \
-org/bouncycastle/operator/KeyUnwrapper.java \
-org/bouncycastle/operator/KeyWrapper.java \
-org/bouncycastle/operator/MacCalculatorProvider.java \
-org/bouncycastle/operator/OutputCompressor.java \
-org/bouncycastle/operator/OutputEncryptor.java \
-org/bouncycastle/operator/SecretKeySizeProvider.java \
-org/bouncycastle/operator/SymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/SymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/AESUtil.java \
-org/bouncycastle/operator/bc/BcAESSymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/bc/BcAESSymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/BcAsymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/bc/BcAsymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/BcContentSignerBuilder.java \
-org/bouncycastle/operator/bc/BcContentVerifierProviderBuilder.java \
-org/bouncycastle/operator/bc/BcDSAContentSignerBuilder.java \
-org/bouncycastle/operator/bc/BcDSAContentVerifierProviderBuilder.java \
-org/bouncycastle/operator/bc/BcRSAAsymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/bc/BcRSAAsymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/BcRSAContentSignerBuilder.java \
-org/bouncycastle/operator/bc/BcRSAContentVerifierProviderBuilder.java \
-org/bouncycastle/operator/bc/BcSignerOutputStream.java \
-org/bouncycastle/operator/bc/BcSymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/bc/BcSymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/CamelliaUtil.java \
-org/bouncycastle/operator/bc/OperatorUtils.java \
-org/bouncycastle/operator/bc/SEEDUtil.java \
-org/bouncycastle/operator/jcajce/JcaAlgorithmParametersConverter.java \
-org/bouncycastle/operator/jcajce/JceAsymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/jcajce/JceAsymmetricKeyWrapper.java \
-org/bouncycastle/operator/jcajce/JceGenericKey.java \
-org/bouncycastle/operator/jcajce/JceSymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/jcajce/JceSymmetricKeyWrapper.java \
-org/bouncycastle/operator/jcajce/OperatorUtils.java \
-"
-
-# needed sources to copy in
-NEEDED_BCPROV_SOURCES="org"
-
-# needed sources to copy in
-NEEDED_BCPKIX_SOURCES="org"
-
-# list of patch files to apply in the given order
-BOUNCYCASTLE_BCPROV_PATCHES="patches/bcprov.patch"
-BOUNCYCASTLE_BCPKIX_PATCHES="patches/bcpkix.patch"
diff --git a/import_bouncycastle.sh b/import_bouncycastle.sh
deleted file mode 100755
index 45cdae8..0000000
--- a/import_bouncycastle.sh
+++ /dev/null
@@ -1,284 +0,0 @@
-#!/bin/bash
-#
-# Copyright (C) 2010 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-#
-# This script imports new versions of Bouncy Castle
-# (http://bouncycastle.org) into the Android source tree. To run, (1)
-# fetch the appropriate tarballs (bcprov and bcpkix) from the Bouncy
-# Castle repository, (2) check the checksum, and then (3) run:
-# ./import_bouncycastle.sh import bcprov-jdk*-*.tar.gz
-#
-# IMPORTANT: See README.android for additional details.
-
-# turn on exit on error as well as a warning when it happens
-set -e
-trap "echo WARNING: Exiting on non-zero subprocess exit code" ERR;
-
-cd $(dirname $0)
-
-function die() {
- declare -r message=$1
-
- echo $message
- exit 1
-}
-
-function usage() {
- declare -r message=$1
-
- if [ ! "$message" = "" ]; then
- echo $message
- fi
- echo "Usage:"
- echo " ./import_bouncycastle.sh import </path/to/bcprov-jdk*-*.tar.gz>"
- echo " ./import_bouncycastle.sh regenerate <patch/*.patch>"
- echo " ./import_bouncycastle.sh generate <patch/*.patch> </path/to/bcprov-jdk*-*.tar.gz>"
- exit 1
-}
-
-function main() {
- if [ ! -d patches ]; then
- die "Bouncy Castle patch directory patches/ not found"
- fi
-
- if [ ! -f bouncycastle.version ]; then
- die "bouncycastle.version not found"
- fi
-
- source ./bouncycastle.version
- if [ "$BOUNCYCASTLE_JDK" == "" -o "$BOUNCYCASTLE_VERSION" == "" ]; then
- die "Invalid bouncycastle.version; see README.android for more information"
- fi
-
- BOUNCYCASTLE_BCPROV_DIR=bcprov-jdk$BOUNCYCASTLE_JDK-$BOUNCYCASTLE_VERSION
- BOUNCYCASTLE_BCPROV_DIR_ORIG=$BOUNCYCASTLE_BCPROV_DIR.orig
-
- BOUNCYCASTLE_BCPKIX_DIR=bcpkix-jdk$BOUNCYCASTLE_JDK-$BOUNCYCASTLE_VERSION
- BOUNCYCASTLE_BCPKIX_DIR_ORIG=$BOUNCYCASTLE_BCPKIX_DIR.orig
-
- if [ ! -f bouncycastle.config ]; then
- die "bouncycastle.config not found"
- fi
-
- source ./bouncycastle.config
- if [ "$UNNEEDED_BCPROV_SOURCES" == "" -o "$NEEDED_BCPROV_SOURCES" == "" \
- -o "$UNNEEDED_BCPKIX_SOURCES" == "" -o "$NEEDED_BCPKIX_SOURCES" == "" ]; then
- die "Invalid bouncycastle.config; see README.android for more information"
- fi
-
- declare -r command=$1
- shift || usage "No command specified. Try import, regenerate, or generate."
- if [ "$command" = "import" ]; then
- declare -r bcprov_tar=$1
- shift || usage "No tar file specified."
- declare -r bcpkix_tar=`echo $bcprov_tar | sed s/bcprov/bcpkix/`
- import $bcprov_tar $BOUNCYCASTLE_BCPROV_DIR $BOUNCYCASTLE_BCPROV_DIR_ORIG bcprov "$BOUNCYCASTLE_BCPROV_PATCHES" "$NEEDED_BCPROV_SOURCES" "$UNNEEDED_BCPROV_SOURCES"
- import $bcpkix_tar $BOUNCYCASTLE_BCPKIX_DIR $BOUNCYCASTLE_BCPKIX_DIR_ORIG bcpkix "$BOUNCYCASTLE_BCPKIX_PATCHES" "$NEEDED_BCPKIX_SOURCES" "$UNNEEDED_BCPKIX_SOURCES"
- elif [ "$command" = "regenerate" ]; then
- declare -r patch=$1
- shift || usage "No patch file specified."
- if [[ $BOUNCYCASTLE_BCPROV_PATCHES == *$patch* ]]; then
- [ -d $BOUNCYCASTLE_BCPROV_DIR ] || usage "$BOUNCYCASTLE_BCPROV_DIR not found, did you mean to use generate?"
- [ -d $BOUNCYCASTLE_BCPROV_DIR_ORIG ] || usage "$BOUNCYCASTLE_BCPROV_DIR_ORIG not found, did you mean to use generate?"
- regenerate $patch $BOUNCYCASTLE_BCPROV_DIR $BOUNCYCASTLE_BCPROV_DIR_ORIG
- elif [[ $BOUNCYCASTLE_BCPKIX_PATCHES == *$patch* ]]; then
- [ -d $BOUNCYCASTLE_BCPKIX_DIR ] || usage "$BOUNCYCASTLE_BCPROV_DIR not found, did you mean to use generate?"
- [ -d $BOUNCYCASTLE_BCPKIX_DIR_ORIG ] || usage "$BOUNCYCASTLE_BCPKIX_DIR_ORIG not found, did you mean to use generate?"
- regenerate $patch $BOUNCYCASTLE_BCPKIX_DIR $BOUNCYCASTLE_BCPKIX_DIR_ORIG
- else
- usage "Unknown patch file $patch specified"
- fi
- elif [ "$command" = "generate" ]; then
- declare -r patch=$1
- shift || usage "No patch file specified."
- declare -r bcprov_tar=$1
- shift || usage "No tar file specified."
- declare -r bcpkix_tar=`echo $bcprov_tar | sed s/bcprov/bcpkix/`
- if [[ $BOUNCYCASTLE_BCPROV_PATCHES == *$patch* ]]; then
- generate $patch $bcprov_tar $BOUNCYCASTLE_BCPROV_DIR $BOUNCYCASTLE_BCPROV_DIR_ORIG bcprov "$BOUNCYCASTLE_BCPROV_PATCHES" "$NEEDED_BCPROV_SOURCES" "$UNNEEDED_BCPROV_SOURCES"
- elif [[ $BOUNCYCASTLE_BCPKIX_PATCHES == *$patch* ]]; then
- generate $patch $bcpkix_tar $BOUNCYCASTLE_BCPKIX_DIR $BOUNCYCASTLE_BCPKIX_DIR_ORIG bcpkix "$BOUNCYCASTLE_BCPKIX_PATCHES" "$NEEDED_BCPKIX_SOURCES" "$UNNEEDED_BCPKIX_SOURCES"
- else
- usage "Unknown patch file $patch specified"
- fi
- else
- usage "Unknown command specified $command. Try import, regenerate, or generate."
- fi
-}
-
-function import() {
- declare -r bouncycastle_source=$1
- declare -r bouncycastle_dir=$2
- declare -r bouncycastle_dir_orig=$3
- declare -r bouncycastle_out_dir=$4
- declare -r bouncycastle_patches=$5
- declare -r needed_sources=$6
- declare -r unneeded_sources=$7
-
- untar $bouncycastle_source $bouncycastle_dir $bouncycastle_dir_orig "$unneeded_sources"
- applypatches $bouncycastle_dir "$bouncycastle_patches" "$unneeded_sources"
-
- cd $bouncycastle_dir
-
- sed 's/<p>/& <BR>/g' LICENSE.html | html2text -width 102 -nobs -ascii > ../NOTICE
- touch ../MODULE_LICENSE_BSD_LIKE
-
- cd ..
-
- rm -r $bouncycastle_out_dir/src
- mkdir -p $bouncycastle_out_dir/src/main/java/
- for i in $needed_sources; do
- echo "Updating $i"
- mv $bouncycastle_dir/$i $bouncycastle_out_dir/src/main/java/
- done
-
- cleantar $bouncycastle_dir $bouncycastle_dir_orig
-}
-
-function regenerate() {
- declare -r patch=$1
- declare -r bouncycastle_dir=$2
- declare -r bouncycastle_dir_orig=$3
-
- generatepatch $patch $bouncycastle_dir $bouncycastle_dir_orig
-}
-
-function update_timestamps() {
- declare -r git_dir="$1"
- declare -r target_dir="$2"
-
- echo -n "Restoring timestamps for ${target_dir}... "
-
- find "$git_dir" -type f -print0 | while IFS= read -r -d $'\0' file; do
- file_rev="$(git rev-list -n 1 HEAD "$file")"
- if [ "$file_rev" == "" ]; then
- echo
- echo -n "WARNING: No file revision for file $file..."
- continue
- fi
- file_time="$(git show --pretty=format:%ai --abbrev-commit "$file_rev" | head -n 1)"
- touch -d "$file_time" "${target_dir}${file#$git_dir}"
- done
-
- echo "done."
-}
-
-function generate() {
- declare -r patch=$1
- declare -r bouncycastle_source=$2
- declare -r bouncycastle_dir=$3
- declare -r bouncycastle_dir_orig=$4
- declare -r bouncycastle_out_dir=$5
- declare -r bouncycastle_patches=$6
- declare -r needed_sources=$7
- declare -r unneeded_sources=$8
-
- untar $bouncycastle_source $bouncycastle_dir $bouncycastle_dir_orig "$unneeded_sources"
- applypatches $bouncycastle_dir "$bouncycastle_patches" "$unneeded_sources"
-
- for i in $needed_sources; do
- echo "Restoring $i"
- rm -r $bouncycastle_dir/$i
- cp -rf $bouncycastle_out_dir/src/main/java/$i $bouncycastle_dir/$i
- update_timestamps $bouncycastle_out_dir/src/main/java/$i $bouncycastle_dir/$i
- done
-
- generatepatch $patch $bouncycastle_dir $bouncycastle_dir_orig
- cleantar $bouncycastle_dir $bouncycastle_dir_orig
-}
-
-function untar() {
- declare -r bouncycastle_source=$1
- declare -r bouncycastle_dir=$2
- declare -r bouncycastle_dir_orig=$3
- declare -r unneeded_sources=$4
-
- # Remove old source
- cleantar $bouncycastle_dir $bouncycastle_dir_orig
-
- # Process new source
- tar -zxf $bouncycastle_source
- mv $bouncycastle_dir $bouncycastle_dir_orig
- find $bouncycastle_dir_orig -type f -print0 | xargs -0 chmod a-w
- (cd $bouncycastle_dir_orig && unzip -q src.zip)
- tar -zxf $bouncycastle_source
- (cd $bouncycastle_dir && unzip -q src.zip)
-
- # Prune unnecessary sources
- echo "Removing $unneeded_sources"
- (cd $bouncycastle_dir_orig && rm -rf $unneeded_sources)
- (cd $bouncycastle_dir && rm -r $unneeded_sources)
-
- echo "Removing package.html files"
- find $bouncycastle_dir_orig -name package.html -print0 | xargs -0 rm
- find $bouncycastle_dir -name package.html -print0 | xargs -0 rm
-}
-
-function cleantar() {
- declare -r bouncycastle_dir=$1
- declare -r bouncycastle_dir_orig=$2
-
- rm -rf $bouncycastle_dir_orig
- rm -rf $bouncycastle_dir
-}
-
-function applypatches () {
- declare -r bouncycastle_dir=$1
- declare -r bouncycastle_patches=$2
- declare -r unneeded_sources=$3
-
- cd $bouncycastle_dir
-
- # Apply appropriate patches
- for i in $bouncycastle_patches; do
- echo "Applying patch $i"
- patch -p1 --merge < ../$i || die "Could not apply patches/$i. Fix source and run: $0 regenerate $i"
-
- # make sure no unneeded sources got into the patch
- problem=0
- for s in $unneeded_sources; do
- if [ -e $s ]; then
- echo Unneeded source $s restored by patch $i
- problem=1
- fi
- done
- if [ $problem = 1 ]; then
- exit 1
- fi
- done
-
- # Cleanup patch output
- find . -type f -name "*.orig" -print0 | xargs -0 rm -f
-
- cd ..
-}
-
-function generatepatch() {
- declare -r patch=$1
- declare -r bouncycastle_dir=$2
- declare -r bouncycastle_dir_orig=$3
-
- # Cleanup stray files before generating patch
- find $bouncycastle_dir -type f -name "*.orig" -print0 | xargs -0 rm -f
- find $bouncycastle_dir -type f -name "*~" -print0 | xargs -0 rm -f
-
- rm -f $patch
- LC_ALL=C TZ=UTC0 diff -Naur $bouncycastle_dir_orig $bouncycastle_dir >> $patch && die "ERROR: No diff for patch $path in file $i"
- echo "Generated patch $patch"
-}
-
-main $@
diff --git a/patches/README b/patches/README
deleted file mode 100644
index 522ff97..0000000
--- a/patches/README
+++ /dev/null
@@ -1,42 +0,0 @@
-bcprov.patch:
-
-patch against Bouncy Castle's bcprov:
-
-The main differences involve removing algorithms not included in the
-reference implementation (RI). The libcore
-java.security.StandardNames test support class provides the most
-up-do-date documentation of differences between the RI's list of
-supported algorithms and Android's. Some notable omissions versus the
-RI:
-- LDAP
-- MD2
-- RC2
-
-Other performance (both speed and memory) and correctness changes:
-- singleton DERNull (BouncyCastle now does this but we make constructor private to be sure)
-- similarly made DERBoolean constructor private and moved to DERBoolean.{getInstance,TRUE,FALSE}
-- removed use of Boolean constructor (not-upstreamable due to J2ME requirement upstream)
-- DERObjectIdentifier interns its internal String indentifer value
-- changed uses of 'new Integer' to 'Integers.valueOf'
-- X509CertificateObject.getEncoded caches its result
-- removed references to SecretKeyFactory.PBE/PKCS5 SecretKeyFactory.PBE/PKCS12
-- OpenSSLDigest uses NativeCrypto JNI API
-- JDKKeyStore made more tolerant of non-existant aliases
-- Make BouncyCastleProvider.PROVIDER_NAME final
-- Added wrapper for SecretKeyFactory.PBKDF2WithHmacSHA1
-
-Other security changes:
-- Blacklist fraudulent Comodo certificates in PKIXCertPathValidatorSpi
-- Blacklist compromised DigiNotar Root CA by public key to block cross-signed intermediates
-
-Other changes:
-- Log entry and exit to DHParametersHelper.generateSafePrimes which has long, unpredictable runtime
-
-
-bcpkix.patch:
-
-patch against Bouncy Castle's bcpkix:
-
-The main differences involve:
-- removing algorithms not in our bcprov (MD2, MD4, SHA224, RIPEMD, GOST)
-- using the singleton DERNull.INSTANCE
diff --git a/patches/bcpkix.patch b/patches/bcpkix.patch
deleted file mode 100644
index f871201..0000000
--- a/patches/bcpkix.patch
+++ /dev/null
@@ -1,1156 +0,0 @@
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/cms/CMSSignedData.java bcpkix-jdk15on-152/org/bouncycastle/cms/CMSSignedData.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/cms/CMSSignedData.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/cms/CMSSignedData.java 2015-04-09 13:10:16.000000000 +0000
-@@ -287,18 +287,20 @@
- return HELPER.getAttributeCertificates(signedData.getCertificates());
- }
-
-- /**
-- * Return any OtherRevocationInfo OtherRevInfo objects of the type indicated by otherRevocationInfoFormat in
-- * this SignedData structure.
-- *
-- * @param otherRevocationInfoFormat OID of the format type been looked for.
-- *
-- * @return a Store of ASN1Encodable objects representing any objects of otherRevocationInfoFormat found.
-- */
-- public Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat)
-- {
-- return HELPER.getOtherRevocationInfo(otherRevocationInfoFormat, signedData.getCRLs());
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * Return any OtherRevocationInfo OtherRevInfo objects of the type indicated by otherRevocationInfoFormat in
-+ // * this SignedData structure.
-+ // *
-+ // * @param otherRevocationInfoFormat OID of the format type been looked for.
-+ // *
-+ // * @return a Store of ASN1Encodable objects representing any objects of otherRevocationInfoFormat found.
-+ // */
-+ // public Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat)
-+ // {
-+ // return HELPER.getOtherRevocationInfo(otherRevocationInfoFormat, signedData.getCRLs());
-+ // }
-+ // END android-removed
-
- /**
- * Return the a string representation of the OID associated with the
-@@ -333,90 +335,92 @@
- return contentInfo.getEncoded();
- }
-
-- /**
-- * Verify all the SignerInformation objects and their associated counter signatures attached
-- * to this CMS SignedData object.
-- *
-- * @param verifierProvider a provider of SignerInformationVerifier objects.
-- * @return true if all verify, false otherwise.
-- * @throws CMSException if an exception occurs during the verification process.
-- */
-- public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider)
-- throws CMSException
-- {
-- return verifySignatures(verifierProvider, false);
-- }
--
-- /**
-- * Verify all the SignerInformation objects and optionally their associated counter signatures attached
-- * to this CMS SignedData object.
-- *
-- * @param verifierProvider a provider of SignerInformationVerifier objects.
-- * @param ignoreCounterSignatures if true don't check counter signatures. If false check counter signatures as well.
-- * @return true if all verify, false otherwise.
-- * @throws CMSException if an exception occurs during the verification process.
-- */
-- public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures)
-- throws CMSException
-- {
-- Collection signers = this.getSignerInfos().getSigners();
--
-- for (Iterator it = signers.iterator(); it.hasNext();)
-- {
-- SignerInformation signer = (SignerInformation)it.next();
--
-- try
-- {
-- SignerInformationVerifier verifier = verifierProvider.get(signer.getSID());
--
-- if (!signer.verify(verifier))
-- {
-- return false;
-- }
--
-- if (!ignoreCounterSignatures)
-- {
-- Collection counterSigners = signer.getCounterSignatures().getSigners();
--
-- for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
-- {
-- if (!verifyCounterSignature((SignerInformation)cIt.next(), verifierProvider))
-- {
-- return false;
-- }
-- }
-- }
-- }
-- catch (OperatorCreationException e)
-- {
-- throw new CMSException("failure in verifier provider: " + e.getMessage(), e);
-- }
-- }
--
-- return true;
-- }
--
-- private boolean verifyCounterSignature(SignerInformation counterSigner, SignerInformationVerifierProvider verifierProvider)
-- throws OperatorCreationException, CMSException
-- {
-- SignerInformationVerifier counterVerifier = verifierProvider.get(counterSigner.getSID());
--
-- if (!counterSigner.verify(counterVerifier))
-- {
-- return false;
-- }
--
-- Collection counterSigners = counterSigner.getCounterSignatures().getSigners();
-- for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
-- {
-- if (!verifyCounterSignature((SignerInformation)cIt.next(), verifierProvider))
-- {
-- return false;
-- }
-- }
--
-- return true;
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * Verify all the SignerInformation objects and their associated counter signatures attached
-+ // * to this CMS SignedData object.
-+ // *
-+ // * @param verifierProvider a provider of SignerInformationVerifier objects.
-+ // * @return true if all verify, false otherwise.
-+ // * @throws CMSException if an exception occurs during the verification process.
-+ // */
-+ // public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider)
-+ // throws CMSException
-+ // {
-+ // return verifySignatures(verifierProvider, false);
-+ // }
-+ //
-+ // /**
-+ // * Verify all the SignerInformation objects and optionally their associated counter signatures attached
-+ // * to this CMS SignedData object.
-+ // *
-+ // * @param verifierProvider a provider of SignerInformationVerifier objects.
-+ // * @param ignoreCounterSignatures if true don't check counter signatures. If false check counter signatures as well.
-+ // * @return true if all verify, false otherwise.
-+ // * @throws CMSException if an exception occurs during the verification process.
-+ // */
-+ // public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures)
-+ // throws CMSException
-+ // {
-+ // Collection signers = this.getSignerInfos().getSigners();
-+ //
-+ // for (Iterator it = signers.iterator(); it.hasNext();)
-+ // {
-+ // SignerInformation signer = (SignerInformation)it.next();
-+ //
-+ // try
-+ // {
-+ // SignerInformationVerifier verifier = verifierProvider.get(signer.getSID());
-+ //
-+ // if (!signer.verify(verifier))
-+ // {
-+ // return false;
-+ // }
-+ //
-+ // if (!ignoreCounterSignatures)
-+ // {
-+ // Collection counterSigners = signer.getCounterSignatures().getSigners();
-+ //
-+ // for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
-+ // {
-+ // if (!verifyCounterSignature((SignerInformation)cIt.next(), verifierProvider))
-+ // {
-+ // return false;
-+ // }
-+ // }
-+ // }
-+ // }
-+ // catch (OperatorCreationException e)
-+ // {
-+ // throw new CMSException("failure in verifier provider: " + e.getMessage(), e);
-+ // }
-+ // }
-+ //
-+ // return true;
-+ // }
-+ //
-+ // private boolean verifyCounterSignature(SignerInformation counterSigner, SignerInformationVerifierProvider verifierProvider)
-+ // throws OperatorCreationException, CMSException
-+ // {
-+ // SignerInformationVerifier counterVerifier = verifierProvider.get(counterSigner.getSID());
-+ //
-+ // if (!counterSigner.verify(counterVerifier))
-+ // {
-+ // return false;
-+ // }
-+ //
-+ // Collection counterSigners = counterSigner.getCounterSignatures().getSigners();
-+ // for (Iterator cIt = counterSigners.iterator(); cIt.hasNext();)
-+ // {
-+ // if (!verifyCounterSignature((SignerInformation)cIt.next(), verifierProvider))
-+ // {
-+ // return false;
-+ // }
-+ // }
-+ //
-+ // return true;
-+ // }
-+ // END android-removed
-
- /**
- * Replace the SignerInformation store associated with this
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/cms/CMSSignedGenerator.java bcpkix-jdk15on-152/org/bouncycastle/cms/CMSSignedGenerator.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/cms/CMSSignedGenerator.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/cms/CMSSignedGenerator.java 2013-12-12 00:35:05.000000000 +0000
-@@ -12,8 +12,10 @@
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.DERTaggedObject;
- import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
--import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-@@ -39,17 +41,21 @@
- public static final String DIGEST_SHA384 = NISTObjectIdentifiers.id_sha384.getId();
- public static final String DIGEST_SHA512 = NISTObjectIdentifiers.id_sha512.getId();
- public static final String DIGEST_MD5 = PKCSObjectIdentifiers.md5.getId();
-- public static final String DIGEST_GOST3411 = CryptoProObjectIdentifiers.gostR3411.getId();
-- public static final String DIGEST_RIPEMD128 = TeleTrusTObjectIdentifiers.ripemd128.getId();
-- public static final String DIGEST_RIPEMD160 = TeleTrusTObjectIdentifiers.ripemd160.getId();
-- public static final String DIGEST_RIPEMD256 = TeleTrusTObjectIdentifiers.ripemd256.getId();
-+ // BEGIN android-removed
-+ // public static final String DIGEST_GOST3411 = CryptoProObjectIdentifiers.gostR3411.getId();
-+ // public static final String DIGEST_RIPEMD128 = TeleTrusTObjectIdentifiers.ripemd128.getId();
-+ // public static final String DIGEST_RIPEMD160 = TeleTrusTObjectIdentifiers.ripemd160.getId();
-+ // public static final String DIGEST_RIPEMD256 = TeleTrusTObjectIdentifiers.ripemd256.getId();
-+ // END android-removed
-
- public static final String ENCRYPTION_RSA = PKCSObjectIdentifiers.rsaEncryption.getId();
- public static final String ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1.getId();
- public static final String ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1.getId();
- public static final String ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS.getId();
-- public static final String ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94.getId();
-- public static final String ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001.getId();
-+ // BEGIN android-removed
-+ // public static final String ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94.getId();
-+ // public static final String ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001.getId();
-+ // END android-removed
-
- private static final String ENCRYPTION_ECDSA_WITH_SHA1 = X9ObjectIdentifiers.ecdsa_with_SHA1.getId();
- private static final String ENCRYPTION_ECDSA_WITH_SHA224 = X9ObjectIdentifiers.ecdsa_with_SHA224.getId();
-@@ -174,31 +180,33 @@
- certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrStore));
- }
-
-- /**
-- * Add a single instance of otherRevocationData to the CRL set to be included with the generated SignedData message.
-- *
-- * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
-- * @param otherRevocationInfo the otherRevocationInfo ASN.1 structure.
-- */
-- public void addOtherRevocationInfo(
-- ASN1ObjectIdentifier otherRevocationInfoFormat,
-- ASN1Encodable otherRevocationInfo)
-- {
-- crls.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, otherRevocationInfo)));
-- }
--
-- /**
-- * Add a Store of otherRevocationData to the CRL set to be included with the generated SignedData message.
-- *
-- * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
-- * @param otherRevocationInfos a Store of otherRevocationInfo data to add.
-- */
-- public void addOtherRevocationInfo(
-- ASN1ObjectIdentifier otherRevocationInfoFormat,
-- Store otherRevocationInfos)
-- {
-- crls.addAll(CMSUtils.getOthersFromStore(otherRevocationInfoFormat, otherRevocationInfos));
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * Add a single instance of otherRevocationData to the CRL set to be included with the generated SignedData message.
-+ // *
-+ // * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
-+ // * @param otherRevocationInfo the otherRevocationInfo ASN.1 structure.
-+ // */
-+ // public void addOtherRevocationInfo(
-+ // ASN1ObjectIdentifier otherRevocationInfoFormat,
-+ // ASN1Encodable otherRevocationInfo)
-+ // {
-+ // crls.add(new DERTaggedObject(false, 1, new OtherRevocationInfoFormat(otherRevocationInfoFormat, otherRevocationInfo)));
-+ // }
-+ //
-+ // /**
-+ // * Add a Store of otherRevocationData to the CRL set to be included with the generated SignedData message.
-+ // *
-+ // * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
-+ // * @param otherRevocationInfos a Store of otherRevocationInfo data to add.
-+ // */
-+ // public void addOtherRevocationInfo(
-+ // ASN1ObjectIdentifier otherRevocationInfoFormat,
-+ // Store otherRevocationInfos)
-+ // {
-+ // crls.addAll(CMSUtils.getOthersFromStore(otherRevocationInfoFormat, otherRevocationInfos));
-+ // }
-+ // END android-removed
-
- /**
- * Add a store of pre-calculated signers to the generator.
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/cms/CMSSignedHelper.java bcpkix-jdk15on-152/org/bouncycastle/cms/CMSSignedHelper.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/cms/CMSSignedHelper.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/cms/CMSSignedHelper.java 2013-12-12 00:35:05.000000000 +0000
-@@ -13,8 +13,10 @@
- import org.bouncycastle.asn1.ASN1Set;
- import org.bouncycastle.asn1.ASN1TaggedObject;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-@@ -53,12 +55,16 @@
- addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA");
- addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA");
- addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA");
-- addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
-- addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
-+ // BEGIN android-removed
-+ // addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
-+ // addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
-+ // END android-removed
- addEntries(OIWObjectIdentifiers.md5WithRSA, "MD5", "RSA");
- addEntries(OIWObjectIdentifiers.sha1WithRSA, "SHA1", "RSA");
-- addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
-- addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
-+ // BEGIN android-removed
-+ // addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
-+ // addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
-+ // END android-removed
- addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA");
- addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA");
- addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA");
-@@ -85,27 +91,31 @@
- encryptionAlgs.put(PKCSObjectIdentifiers.rsaEncryption.getId(), "RSA");
- encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA");
- encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa.getId(), "RSA");
-- encryptionAlgs.put(CMSSignedDataGenerator.ENCRYPTION_RSA_PSS, "RSAandMGF1");
-- encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94.getId(), "GOST3410");
-- encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001.getId(), "ECGOST3410");
-- encryptionAlgs.put("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
-- encryptionAlgs.put("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
-- encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001.getId(), "ECGOST3410");
-- encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94.getId(), "GOST3410");
--
-- digestAlgs.put(PKCSObjectIdentifiers.md2.getId(), "MD2");
-- digestAlgs.put(PKCSObjectIdentifiers.md4.getId(), "MD4");
-+ // BEGIN android-removed
-+ // encryptionAlgs.put(CMSSignedDataGenerator.ENCRYPTION_RSA_PSS, "RSAandMGF1");
-+ // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94.getId(), "GOST3410");
-+ // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001.getId(), "ECGOST3410");
-+ // encryptionAlgs.put("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410");
-+ // encryptionAlgs.put("1.3.6.1.4.1.5849.1.1.5", "GOST3410");
-+ // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001.getId(), "ECGOST3410");
-+ // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94.getId(), "GOST3410");
-+ //
-+ // digestAlgs.put(PKCSObjectIdentifiers.md2.getId(), "MD2");
-+ // digestAlgs.put(PKCSObjectIdentifiers.md4.getId(), "MD4");
-+ // END android-removed
- digestAlgs.put(PKCSObjectIdentifiers.md5.getId(), "MD5");
- digestAlgs.put(OIWObjectIdentifiers.idSHA1.getId(), "SHA1");
- digestAlgs.put(NISTObjectIdentifiers.id_sha224.getId(), "SHA224");
- digestAlgs.put(NISTObjectIdentifiers.id_sha256.getId(), "SHA256");
- digestAlgs.put(NISTObjectIdentifiers.id_sha384.getId(), "SHA384");
- digestAlgs.put(NISTObjectIdentifiers.id_sha512.getId(), "SHA512");
-- digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd128.getId(), "RIPEMD128");
-- digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd160.getId(), "RIPEMD160");
-- digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd256.getId(), "RIPEMD256");
-- digestAlgs.put(CryptoProObjectIdentifiers.gostR3411.getId(), "GOST3411");
-- digestAlgs.put("1.3.6.1.4.1.5849.1.2.1", "GOST3411");
-+ // BEGIN android-removed
-+ // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd128.getId(), "RIPEMD128");
-+ // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd160.getId(), "RIPEMD160");
-+ // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd256.getId(), "RIPEMD256");
-+ // digestAlgs.put(CryptoProObjectIdentifiers.gostR3411.getId(), "GOST3411");
-+ // digestAlgs.put("1.3.6.1.4.1.5849.1.2.1", "GOST3411");
-+ // END android-removed
-
- digestAliases.put("SHA1", new String[] { "SHA-1" });
- digestAliases.put("SHA224", new String[] { "SHA-224" });
-@@ -219,35 +229,35 @@
- return new CollectionStore(new ArrayList());
- }
-
-- Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet)
-- {
-- if (crlSet != null)
-- {
-- List crlList = new ArrayList(crlSet.size());
--
-- for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();)
-- {
-- ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
--
-- if (obj instanceof ASN1TaggedObject)
-- {
-- ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj);
--
-- if (tObj.getTagNo() == 1)
-- {
-- OtherRevocationInfoFormat other = OtherRevocationInfoFormat.getInstance(tObj, false);
--
-- if (otherRevocationInfoFormat.equals(other.getInfoFormat()))
-- {
-- crlList.add(other.getInfo());
-- }
-- }
-- }
-- }
--
-- return new CollectionStore(crlList);
-- }
--
-- return new CollectionStore(new ArrayList());
-- }
-+ // Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet)
-+ // {
-+ // if (crlSet != null)
-+ // {
-+ // List crlList = new ArrayList(crlSet.size());
-+ //
-+ // for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();)
-+ // {
-+ // ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
-+ //
-+ // if (obj instanceof ASN1TaggedObject)
-+ // {
-+ // ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(obj);
-+ //
-+ // if (tObj.getTagNo() == 1)
-+ // {
-+ // OtherRevocationInfoFormat other = OtherRevocationInfoFormat.getInstance(tObj, false);
-+ //
-+ // if (otherRevocationInfoFormat.equals(other.getInfoFormat()))
-+ // {
-+ // crlList.add(other.getInfo());
-+ // }
-+ // }
-+ // }
-+ // }
-+ //
-+ // return new CollectionStore(crlList);
-+ // }
-+ //
-+ // return new CollectionStore(new ArrayList());
-+ // }
- }
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/cms/CMSUtils.java bcpkix-jdk15on-152/org/bouncycastle/cms/CMSUtils.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/cms/CMSUtils.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/cms/CMSUtils.java 2014-07-28 19:51:54.000000000 +0000
-@@ -20,9 +20,11 @@
- import org.bouncycastle.asn1.DERTaggedObject;
- import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
- import org.bouncycastle.asn1.cms.ContentInfo;
--import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
--import org.bouncycastle.asn1.ocsp.OCSPResponse;
--import org.bouncycastle.asn1.ocsp.OCSPResponseStatus;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
-+// import org.bouncycastle.asn1.ocsp.OCSPResponse;
-+// import org.bouncycastle.asn1.ocsp.OCSPResponseStatus;
-+// END android-removed
- import org.bouncycastle.cert.X509AttributeCertificateHolder;
- import org.bouncycastle.cert.X509CRLHolder;
- import org.bouncycastle.cert.X509CertificateHolder;
-@@ -113,14 +115,16 @@
-
- crls.add(c.toASN1Structure());
- }
-- else if (rev instanceof OtherRevocationInfoFormat)
-- {
-- OtherRevocationInfoFormat infoFormat = OtherRevocationInfoFormat.getInstance(rev);
--
-- validateInfoFormat(infoFormat);
--
-- crls.add(new DERTaggedObject(false, 1, infoFormat));
-- }
-+ // BEGIN android-removed
-+ // else if (rev instanceof OtherRevocationInfoFormat)
-+ // {
-+ // OtherRevocationInfoFormat infoFormat = OtherRevocationInfoFormat.getInstance(rev);
-+ //
-+ // validateInfoFormat(infoFormat);
-+ //
-+ // crls.add(new DERTaggedObject(false, 1, infoFormat));
-+ // }
-+ // END android-removed
- else if (rev instanceof ASN1TaggedObject)
- {
- crls.add(rev);
-@@ -135,35 +139,36 @@
- }
- }
-
-- private static void validateInfoFormat(OtherRevocationInfoFormat infoFormat)
-- {
-- if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(infoFormat.getInfoFormat()))
-- {
-- OCSPResponse resp = OCSPResponse.getInstance(infoFormat.getInfo());
--
-- if (resp.getResponseStatus().getValue().intValue() != OCSPResponseStatus.SUCCESSFUL)
-- {
-- throw new IllegalArgumentException("cannot add unsuccessful OCSP response to CMS SignedData");
-- }
-- }
-- }
--
-- static Collection getOthersFromStore(ASN1ObjectIdentifier otherRevocationInfoFormat, Store otherRevocationInfos)
-- {
-- List others = new ArrayList();
--
-- for (Iterator it = otherRevocationInfos.getMatches(null).iterator(); it.hasNext();)
-- {
-- ASN1Encodable info = (ASN1Encodable)it.next();
-- OtherRevocationInfoFormat infoFormat = new OtherRevocationInfoFormat(otherRevocationInfoFormat, info);
--
-- validateInfoFormat(infoFormat);
--
-- others.add(new DERTaggedObject(false, 1, infoFormat));
-- }
--
-- return others;
-- }
-+ // BEGIN android-removed
-+ // private static void validateInfoFormat(OtherRevocationInfoFormat infoFormat)
-+ // {
-+ // if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(infoFormat.getInfoFormat()))
-+ // {
-+ // OCSPResponse resp = OCSPResponse.getInstance(infoFormat.getInfo());
-+ //
-+ // if (resp.getResponseStatus().getValue().intValue() != OCSPResponseStatus.SUCCESSFUL)
-+ // {
-+ // throw new IllegalArgumentException("cannot add unsuccessful OCSP response to CMS SignedData");
-+ // }
-+ // }
-+ // }
-+ //
-+ // static Collection getOthersFromStore(ASN1ObjectIdentifier otherRevocationInfoFormat, Store otherRevocationInfos)
-+ // {
-+ // List others = new ArrayList();
-+ //
-+ // for (Iterator it = otherRevocationInfos.getMatches(null).iterator(); it.hasNext();)
-+ // {
-+ // ASN1Encodable info = (ASN1Encodable)it.next();
-+ // OtherRevocationInfoFormat infoFormat = new OtherRevocationInfoFormat(otherRevocationInfoFormat, info);
-+ // validateInfoFormat(infoFormat);
-+ //
-+ // others.add(new DERTaggedObject(false, 1, infoFormat));
-+ // }
-+ //
-+ // return others;
-+ // }
-+ // END android-removed
-
- static ASN1Set createBerSetFromList(List derObjects)
- {
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java bcpkix-jdk15on-152/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java 2015-04-09 13:10:16.000000000 +0000
-@@ -4,8 +4,10 @@
- import java.util.Map;
-
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
--import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-@@ -34,12 +36,16 @@
- addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA");
- addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA");
- addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA");
-- addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
-- addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
-+ // BEGIN android-removed
-+ // addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
-+ // addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
-+ // END android-removed
- addEntries(OIWObjectIdentifiers.md5WithRSA, "MD5", "RSA");
- addEntries(OIWObjectIdentifiers.sha1WithRSA, "SHA1", "RSA");
-- addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
-- addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
-+ // BEGIN android-removed
-+ // addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
-+ // addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
-+ // END android-removed
- addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA");
- addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA");
- addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA");
-@@ -66,38 +72,44 @@
- addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
- addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
- addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
-- addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1", "PLAIN-ECDSA");
-- addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA224, "SHA224", "PLAIN-ECDSA");
-- addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA256, "SHA256", "PLAIN-ECDSA");
-- addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA384, "SHA384", "PLAIN-ECDSA");
-- addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA512, "SHA512", "PLAIN-ECDSA");
-- addEntries(BSIObjectIdentifiers.ecdsa_plain_RIPEMD160, "RIPEMD160", "PLAIN-ECDSA");
-+ // BEGIN android-removed
-+ // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1", "PLAIN-ECDSA");
-+ // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA224, "SHA224", "PLAIN-ECDSA");
-+ // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA256, "SHA256", "PLAIN-ECDSA");
-+ // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA384, "SHA384", "PLAIN-ECDSA");
-+ // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA512, "SHA512", "PLAIN-ECDSA");
-+ // addEntries(BSIObjectIdentifiers.ecdsa_plain_RIPEMD160, "RIPEMD160", "PLAIN-ECDSA");
-+ // END android-removed
-
- encryptionAlgs.put(X9ObjectIdentifiers.id_dsa, "DSA");
- encryptionAlgs.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
- encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA");
- encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa, "RSA");
- encryptionAlgs.put(PKCSObjectIdentifiers.id_RSASSA_PSS, "RSAandMGF1");
-- encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94, "GOST3410");
-- encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410");
-- encryptionAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.6.2"), "ECGOST3410");
-- encryptionAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.1.5"), "GOST3410");
-- encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "ECGOST3410");
-- encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410");
--
-- digestAlgs.put(PKCSObjectIdentifiers.md2, "MD2");
-- digestAlgs.put(PKCSObjectIdentifiers.md4, "MD4");
-+ // BEGIN android-removed
-+ // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94, "GOST3410");
-+ // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410");
-+ // encryptionAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.6.2"), "ECGOST3410");
-+ // encryptionAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.1.5"), "GOST3410");
-+ // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "ECGOST3410");
-+ // encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410");
-+ //
-+ // digestAlgs.put(PKCSObjectIdentifiers.md2, "MD2");
-+ // digestAlgs.put(PKCSObjectIdentifiers.md4, "MD4");
-+ // END android-removed
- digestAlgs.put(PKCSObjectIdentifiers.md5, "MD5");
- digestAlgs.put(OIWObjectIdentifiers.idSHA1, "SHA1");
- digestAlgs.put(NISTObjectIdentifiers.id_sha224, "SHA224");
- digestAlgs.put(NISTObjectIdentifiers.id_sha256, "SHA256");
- digestAlgs.put(NISTObjectIdentifiers.id_sha384, "SHA384");
- digestAlgs.put(NISTObjectIdentifiers.id_sha512, "SHA512");
-- digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128");
-- digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160");
-- digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256");
-- digestAlgs.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411");
-- digestAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.2.1"), "GOST3411");
-+ // BEGIN android-removed
-+ // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128");
-+ // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160");
-+ // digestAlgs.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256");
-+ // digestAlgs.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411");
-+ // digestAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.2.1"), "GOST3411");
-+ // END android-removed
- }
-
- /**
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java bcpkix-jdk15on-152/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java 2013-09-26 18:06:21.000000000 +0000
-@@ -16,21 +16,27 @@
-
- static
- {
-- RSA_PKCS1d5.add(PKCSObjectIdentifiers.md2WithRSAEncryption);
-- RSA_PKCS1d5.add(PKCSObjectIdentifiers.md4WithRSAEncryption);
-+ // BEGIN android-removed
-+ // RSA_PKCS1d5.add(PKCSObjectIdentifiers.md2WithRSAEncryption);
-+ // RSA_PKCS1d5.add(PKCSObjectIdentifiers.md4WithRSAEncryption);
-+ // END android-removed
- RSA_PKCS1d5.add(PKCSObjectIdentifiers.md5WithRSAEncryption);
- RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha1WithRSAEncryption);
- RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha224WithRSAEncryption);
- RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha256WithRSAEncryption);
- RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha384WithRSAEncryption);
- RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha512WithRSAEncryption);
-- RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSAEncryption);
-- RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSA);
-+ // BEGIN android-removed
-+ // RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSAEncryption);
-+ // RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSA);
-+ // END android-removed
- RSA_PKCS1d5.add(OIWObjectIdentifiers.md5WithRSA);
- RSA_PKCS1d5.add(OIWObjectIdentifiers.sha1WithRSA);
-- RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // BEGIN android-removed
-+ // RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // END android-removed
- }
-
- public AlgorithmIdentifier findEncryptionAlgorithm(AlgorithmIdentifier signatureAlgorithm)
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java bcpkix-jdk15on-152/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java 2013-09-26 18:06:21.000000000 +0000
-@@ -5,7 +5,9 @@
-
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-@@ -25,16 +27,20 @@
- //
- // digests
- //
-- digestOids.put(OIWObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
-- digestOids.put(OIWObjectIdentifiers.md4WithRSA, PKCSObjectIdentifiers.md4);
-+ // BEGIN android-removed
-+ // digestOids.put(OIWObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
-+ // digestOids.put(OIWObjectIdentifiers.md4WithRSA, PKCSObjectIdentifiers.md4);
-+ // END android-removed
- digestOids.put(OIWObjectIdentifiers.sha1WithRSA, OIWObjectIdentifiers.idSHA1);
-
- digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224);
- digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
- digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
- digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
-- digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
-- digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
-+ // BEGIN android-removed
-+ // digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
-+ // digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
-+ // END android-removed
- digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
- digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
-
-@@ -50,12 +56,14 @@
- digestOids.put(NISTObjectIdentifiers.dsa_with_sha384, NISTObjectIdentifiers.id_sha384);
- digestOids.put(NISTObjectIdentifiers.dsa_with_sha512, NISTObjectIdentifiers.id_sha512);
-
-- digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
-- digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
-- digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
--
-- digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
-- digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
-+ // BEGIN android-removed
-+ // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
-+ // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
-+ // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
-+ //
-+ // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
-+ // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
-+ // END android-removed
-
- digestNameToOids.put("SHA-1", OIWObjectIdentifiers.idSHA1);
- digestNameToOids.put("SHA-224", NISTObjectIdentifiers.id_sha224);
-@@ -63,15 +71,19 @@
- digestNameToOids.put("SHA-384", NISTObjectIdentifiers.id_sha384);
- digestNameToOids.put("SHA-512", NISTObjectIdentifiers.id_sha512);
-
-- digestNameToOids.put("GOST3411", CryptoProObjectIdentifiers.gostR3411);
--
-- digestNameToOids.put("MD2", PKCSObjectIdentifiers.md2);
-- digestNameToOids.put("MD4", PKCSObjectIdentifiers.md4);
-+ // BEGIN android-removed
-+ // digestNameToOids.put("GOST3411", CryptoProObjectIdentifiers.gostR3411);
-+ //
-+ // digestNameToOids.put("MD2", PKCSObjectIdentifiers.md2);
-+ // digestNameToOids.put("MD4", PKCSObjectIdentifiers.md4);
-+ // END android-removed
- digestNameToOids.put("MD5", PKCSObjectIdentifiers.md5);
-
-- digestNameToOids.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
-- digestNameToOids.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
-- digestNameToOids.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
-+ // BEGIN android-removed
-+ // digestNameToOids.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
-+ // digestNameToOids.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
-+ // digestNameToOids.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
-+ // END android-removed
- }
-
- public AlgorithmIdentifier find(AlgorithmIdentifier sigAlgId)
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java bcpkix-jdk15on-152/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java 2014-07-28 19:51:54.000000000 +0000
-@@ -9,9 +9,11 @@
- import org.bouncycastle.asn1.ASN1Integer;
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
--import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-@@ -34,13 +36,17 @@
- private static final ASN1ObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1;
- private static final ASN1ObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1;
- private static final ASN1ObjectIdentifier ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS;
-- private static final ASN1ObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94;
-- private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001;
-+ // BEGIN android-removed
-+ // private static final ASN1ObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94;
-+ // private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001;
-+ // END android-removed
-
- static
- {
-- algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
-- algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
-+ // BEGIN android-removed
-+ // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
-+ // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
-+ // END android-removed
- algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
- algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
- algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
-@@ -58,12 +64,14 @@
- algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
-- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // BEGIN android-removed
-+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // END android-removed
- algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
- algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
-@@ -76,22 +84,24 @@
- algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
- algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
- algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
-- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-- algorithms.put("SHA1WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
-- algorithms.put("SHA224WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA224);
-- algorithms.put("SHA256WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA256);
-- algorithms.put("SHA384WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA384);
-- algorithms.put("SHA512WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA512);
-- algorithms.put("RIPEMD160WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
-- algorithms.put("SHA1WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
-- algorithms.put("SHA224WITHPCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
-- algorithms.put("SHA256WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
-- algorithms.put("SHA384WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
-- algorithms.put("SHA512WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
-+ // BEGIN android-removed
-+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // algorithms.put("SHA1WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
-+ // algorithms.put("SHA224WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA224);
-+ // algorithms.put("SHA256WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA256);
-+ // algorithms.put("SHA384WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA384);
-+ // algorithms.put("SHA512WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_SHA512);
-+ // algorithms.put("RIPEMD160WITHPLAIN-ECDSA", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
-+ // algorithms.put("SHA1WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
-+ // algorithms.put("SHA224WITHPCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
-+ // algorithms.put("SHA256WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
-+ // algorithms.put("SHA384WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
-+ // algorithms.put("SHA512WITHCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
-+ // END android-removed
- //
- // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
- // The parameters field SHALL be NULL for RSA based signature algorithms.
-@@ -110,8 +120,10 @@
- //
- // RFC 4491
- //
-- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // BEGIN android-removed
-+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // END android-removed
-
- //
- // PKCS 1.5 encrypted algorithms
-@@ -121,9 +133,11 @@
- pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha256WithRSAEncryption);
- pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha384WithRSAEncryption);
- pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha512WithRSAEncryption);
-- pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // BEGIN android-removed
-+ // pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // END android-removed
-
- //
- // explicit params
-@@ -150,15 +164,19 @@
- digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
- digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
- digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
-- digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
-- digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
-+ // BEGIN android-removed
-+ // digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
-+ // digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
-+ // END android-removed
- digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
- digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
-- digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
-- digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
-- digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
-- digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
-- digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
-+ // BEGIN android-removed
-+ // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
-+ // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
-+ // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
-+ // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
-+ // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
-+ // END android-removed
- }
-
- private static AlgorithmIdentifier generate(String signatureAlgorithm)
-@@ -221,4 +239,4 @@
- {
- return generate(sigAlgName);
- }
--}
-\ No newline at end of file
-+}
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java bcpkix-jdk15on-152/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java 2013-09-26 18:06:21.000000000 +0000
-@@ -4,20 +4,26 @@
- import java.util.HashMap;
- import java.util.Map;
-
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
- import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
- import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
- import org.bouncycastle.crypto.ExtendedDigest;
--import org.bouncycastle.crypto.digests.GOST3411Digest;
--import org.bouncycastle.crypto.digests.MD2Digest;
--import org.bouncycastle.crypto.digests.MD4Digest;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.digests.GOST3411Digest;
-+// import org.bouncycastle.crypto.digests.MD2Digest;
-+// import org.bouncycastle.crypto.digests.MD4Digest;
-+// END android-removed
- import org.bouncycastle.crypto.digests.MD5Digest;
--import org.bouncycastle.crypto.digests.RIPEMD128Digest;
--import org.bouncycastle.crypto.digests.RIPEMD160Digest;
--import org.bouncycastle.crypto.digests.RIPEMD256Digest;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-+// import org.bouncycastle.crypto.digests.RIPEMD256Digest;
-+// END android-removed
- import org.bouncycastle.crypto.digests.SHA1Digest;
- import org.bouncycastle.crypto.digests.SHA224Digest;
- import org.bouncycastle.crypto.digests.SHA256Digest;
-@@ -76,48 +82,50 @@
- return new MD5Digest();
- }
- });
-- table.put(PKCSObjectIdentifiers.md4, new BcDigestProvider()
-- {
-- public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-- {
-- return new MD4Digest();
-- }
-- });
-- table.put(PKCSObjectIdentifiers.md2, new BcDigestProvider()
-- {
-- public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-- {
-- return new MD2Digest();
-- }
-- });
-- table.put(CryptoProObjectIdentifiers.gostR3411, new BcDigestProvider()
-- {
-- public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-- {
-- return new GOST3411Digest();
-- }
-- });
-- table.put(TeleTrusTObjectIdentifiers.ripemd128, new BcDigestProvider()
-- {
-- public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-- {
-- return new RIPEMD128Digest();
-- }
-- });
-- table.put(TeleTrusTObjectIdentifiers.ripemd160, new BcDigestProvider()
-- {
-- public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-- {
-- return new RIPEMD160Digest();
-- }
-- });
-- table.put(TeleTrusTObjectIdentifiers.ripemd256, new BcDigestProvider()
-- {
-- public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-- {
-- return new RIPEMD256Digest();
-- }
-- });
-+ // BEGIN android-removed
-+ // table.put(PKCSObjectIdentifiers.md4, new BcDigestProvider()
-+ // {
-+ // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-+ // {
-+ // return new MD4Digest();
-+ // }
-+ // });
-+ // table.put(PKCSObjectIdentifiers.md2, new BcDigestProvider()
-+ // {
-+ // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-+ // {
-+ // return new MD2Digest();
-+ // }
-+ // });
-+ // table.put(CryptoProObjectIdentifiers.gostR3411, new BcDigestProvider()
-+ // {
-+ // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-+ // {
-+ // return new GOST3411Digest();
-+ // }
-+ // });
-+ // table.put(TeleTrusTObjectIdentifiers.ripemd128, new BcDigestProvider()
-+ // {
-+ // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-+ // {
-+ // return new RIPEMD128Digest();
-+ // }
-+ // });
-+ // table.put(TeleTrusTObjectIdentifiers.ripemd160, new BcDigestProvider()
-+ // {
-+ // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-+ // {
-+ // return new RIPEMD160Digest();
-+ // }
-+ // });
-+ // table.put(TeleTrusTObjectIdentifiers.ripemd256, new BcDigestProvider()
-+ // {
-+ // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-+ // {
-+ // return new RIPEMD256Digest();
-+ // }
-+ // });
-+ // END android-removed
-
- return Collections.unmodifiableMap(table);
- }
-diff -Naur bcpkix-jdk15on-152.orig/org/bouncycastle/operator/jcajce/OperatorHelper.java bcpkix-jdk15on-152/org/bouncycastle/operator/jcajce/OperatorHelper.java
---- bcpkix-jdk15on-152.orig/org/bouncycastle/operator/jcajce/OperatorHelper.java 2015-03-01 12:03:46.000000000 +0000
-+++ bcpkix-jdk15on-152/org/bouncycastle/operator/jcajce/OperatorHelper.java 2015-04-09 13:10:16.000000000 +0000
-@@ -24,9 +24,11 @@
- import org.bouncycastle.asn1.ASN1Encodable;
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
--import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-@@ -59,22 +61,26 @@
- oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
- oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
- oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
-- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
-- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
-- oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1WITHPLAIN-ECDSA");
-- oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA224, "SHA224WITHPLAIN-ECDSA");
-- oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA256, "SHA256WITHPLAIN-ECDSA");
-- oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA384, "SHA384WITHPLAIN-ECDSA");
-- oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA512, "SHA512WITHPLAIN-ECDSA");
-- oids.put(BSIObjectIdentifiers.ecdsa_plain_RIPEMD160, "RIPEMD160WITHPLAIN-ECDSA");
-- oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1WITHCVC-ECDSA");
-- oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224WITHCVC-ECDSA");
-- oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256WITHCVC-ECDSA");
-- oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384WITHCVC-ECDSA");
-- oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512WITHCVC-ECDSA");
-+ // BEGIN android-removed
-+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
-+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
-+ // oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1WITHPLAIN-ECDSA");
-+ // oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA224, "SHA224WITHPLAIN-ECDSA");
-+ // oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA256, "SHA256WITHPLAIN-ECDSA");
-+ // oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA384, "SHA384WITHPLAIN-ECDSA");
-+ // oids.put(BSIObjectIdentifiers.ecdsa_plain_SHA512, "SHA512WITHPLAIN-ECDSA");
-+ // oids.put(BSIObjectIdentifiers.ecdsa_plain_RIPEMD160, "RIPEMD160WITHPLAIN-ECDSA");
-+ // oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1WITHCVC-ECDSA");
-+ // oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224WITHCVC-ECDSA");
-+ // oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256WITHCVC-ECDSA");
-+ // oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384WITHCVC-ECDSA");
-+ // oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512WITHCVC-ECDSA");
-+ // END android-removed
-
- oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
-- oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
-+ // BEGIN android-removed
-+ // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
-+ // END android-removed
- oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
- oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
- oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
diff --git a/patches/bcprov.patch b/patches/bcprov.patch
deleted file mode 100644
index ec0a653..0000000
--- a/patches/bcprov.patch
+++ /dev/null
@@ -1,9040 +0,0 @@
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Boolean.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Boolean.java 2014-07-28 19:51:54.000000000 +0000
-@@ -23,7 +23,9 @@
- private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff };
- private static final byte[] FALSE_VALUE = new byte[] { 0 };
-
-- private byte[] value;
-+ // BEGIN android-changed
-+ final private byte[] value;
-+ // END android-changed
-
- public static final ASN1Boolean FALSE = new ASN1Boolean(false);
- public static final ASN1Boolean TRUE = new ASN1Boolean(true);
-@@ -79,6 +81,17 @@
- return (value != 0 ? TRUE : FALSE);
- }
-
-+ // BEGIN android-added
-+ /**
-+ * return a ASN1Boolean from the passed in array.
-+ */
-+ public static ASN1Boolean getInstance(
-+ byte[] octets)
-+ {
-+ return (octets[0] != 0) ? TRUE : FALSE;
-+ }
-+
-+ // END android-added
- /**
- * return a Boolean from a tagged object.
- *
-@@ -105,7 +118,9 @@
- }
- }
-
-- ASN1Boolean(
-+ // BEGIN android-changed
-+ protected ASN1Boolean(
-+ // END android-changed
- byte[] value)
- {
- if (value.length != 1)
-@@ -131,8 +146,10 @@
- * @deprecated use getInstance(boolean) method.
- * @param value true or false.
- */
-- public ASN1Boolean(
-+ // BEGIN android-changed
-+ protected ASN1Boolean(
- boolean value)
-+ // END android-changed
- {
- this.value = (value) ? TRUE_VALUE : FALSE_VALUE;
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1Null.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1Null.java 2014-07-28 19:51:54.000000000 +0000
-@@ -8,6 +8,12 @@
- public abstract class ASN1Null
- extends ASN1Primitive
- {
-+ // BEGIN android-added
-+ /*package*/ ASN1Null()
-+ {
-+ }
-+
-+ // END android-added
- /**
- * Return an instance of ASN.1 NULL from the passed in object.
- * <p>
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/ASN1ObjectIdentifier.java 2014-07-28 19:51:54.000000000 +0000
-@@ -152,7 +152,13 @@
- }
- }
-
-- this.identifier = objId.toString();
-+ // BEGIN android-changed
-+ /*
-+ * Intern the identifier so there aren't hundreds of duplicates
-+ * (in practice).
-+ */
-+ this.identifier = objId.toString().intern();
-+ // END android-changed
- this.body = Arrays.clone(bytes);
- }
-
-@@ -173,7 +179,13 @@
- throw new IllegalArgumentException("string " + identifier + " not an OID");
- }
-
-- this.identifier = identifier;
-+ // BEGIN android-changed
-+ /*
-+ * Intern the identifier so there aren't hundreds of duplicates
-+ * (in practice).
-+ */
-+ this.identifier = identifier.intern();
-+ // END android-changed
- }
-
- /**
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERNull.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERNull.java 2013-01-31 02:26:40.000000000 +0000
-@@ -15,7 +15,9 @@
- /**
- * @deprecated use DERNull.INSTANCE
- */
-- public DERNull()
-+ // BEGIN android-changed
-+ protected DERNull()
-+ // END android-changed
- {
- }
-
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/DERPrintableString.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/DERPrintableString.java 2014-07-28 19:51:54.000000000 +0000
-@@ -12,7 +12,9 @@
- extends ASN1Primitive
- implements ASN1String
- {
-- private byte[] string;
-+ // BEGIN android-changed
-+ private final byte[] string;
-+ // END android-changed
-
- /**
- * return a printable string from the passed in object.
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/StreamUtil.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/StreamUtil.java 2014-05-05 17:17:14.000000000 +0000
-@@ -8,7 +8,9 @@
-
- class StreamUtil
- {
-- private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory();
-+ // BEGIN android-removed
-+ // private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory();
-+ // END android-removed
-
- /**
- * Find out possible longest length...
-@@ -48,12 +50,15 @@
- }
- }
-
-- if (MAX_MEMORY > Integer.MAX_VALUE)
-+ // BEGIN android-changed
-+ long maxMemory = Runtime.getRuntime().maxMemory();
-+ if (maxMemory > Integer.MAX_VALUE)
- {
- return Integer.MAX_VALUE;
- }
-
-- return (int)MAX_MEMORY;
-+ return (int) maxMemory;
-+ // END android-changed
- }
-
- static int calculateBodyLength(
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/cms/ContentInfo.java 2013-12-12 00:35:05.000000000 +0000
-@@ -28,7 +28,9 @@
- */
- public class ContentInfo
- extends ASN1Object
-- implements CMSObjectIdentifiers
-+ // BEGIN android-removed
-+ // implements CMSObjectIdentifiers
-+ // END android-removed
- {
- private ASN1ObjectIdentifier contentType;
- private ASN1Encodable content;
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-12-12 00:35:05.000000000 +0000
-@@ -13,10 +13,12 @@
- static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1");
- /** PKCS#1: 1.2.840.113549.1.1.1 */
- static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1");
-- /** PKCS#1: 1.2.840.113549.1.1.2 */
-- static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2");
-- /** PKCS#1: 1.2.840.113549.1.1.3 */
-- static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3");
-+ // BEGIN android-removed
-+ // /** PKCS#1: 1.2.840.113549.1.1.2 */
-+ // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2");
-+ // /** PKCS#1: 1.2.840.113549.1.1.3 */
-+ // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3");
-+ // END android-removed
- /** PKCS#1: 1.2.840.113549.1.1.4 */
- static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4");
- /** PKCS#1: 1.2.840.113549.1.1.5 */
-@@ -96,15 +98,19 @@
- // md2 OBJECT IDENTIFIER ::=
- // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2}
- //
-- /** 1.2.840.113549.2.2 */
-- static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2");
-+ // BEGIN android-removed
-+ // /** 1.2.840.113549.2.2 */
-+ // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2");
-+ // END android-removed
-
- //
- // md4 OBJECT IDENTIFIER ::=
- // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4}
- //
-- /** 1.2.840.113549.2.4 */
-- static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4");
-+ // BEGIN android-removed
-+ // /** 1.2.840.113549.2.4 */
-+ // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4");
-+ // END android-removed
-
- //
- // md5 OBJECT IDENTIFIER ::=
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2014-07-28 19:51:54.000000000 +0000
-@@ -14,7 +14,9 @@
- import org.bouncycastle.asn1.DERSequence;
- import org.bouncycastle.asn1.DERTaggedObject;
- import org.bouncycastle.crypto.Digest;
--import org.bouncycastle.crypto.digests.SHA1Digest;
-+// BEGIN android-changed
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-changed
-
- /**
- * The AuthorityKeyIdentifier object.
-@@ -106,7 +108,9 @@
- public AuthorityKeyIdentifier(
- SubjectPublicKeyInfo spki)
- {
-- Digest digest = new SHA1Digest();
-+ // BEGIN android-changed
-+ Digest digest = AndroidDigestFactory.getSHA1();
-+ // END android-changed
- byte[] resBuf = new byte[digest.getDigestSize()];
-
- byte[] bytes = spki.getPublicKeyData().getBytes();
-@@ -125,7 +129,9 @@
- GeneralNames name,
- BigInteger serialNumber)
- {
-- Digest digest = new SHA1Digest();
-+ // BEGIN android-changed
-+ Digest digest = AndroidDigestFactory.getSHA1();
-+ // END android-changed
- byte[] resBuf = new byte[digest.getDigestSize()];
-
- byte[] bytes = spki.getPublicKeyData().getBytes();
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509Name.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509Name.java 2013-12-12 00:35:05.000000000 +0000
-@@ -255,8 +255,10 @@
- */
- public static final Hashtable SymbolLookUp = DefaultLookUp;
-
-- private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility
-- private static final Boolean FALSE = new Boolean(false);
-+ // BEGIN android-changed
-+ private static final Boolean TRUE = Boolean.TRUE;
-+ private static final Boolean FALSE = Boolean.FALSE;
-+ // END android-changed
-
- static
- {
-@@ -446,7 +448,9 @@
- throw new IllegalArgumentException("cannot encode value");
- }
- }
-- added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility
-+ // BEGIN android-changed
-+ added.addElement(Boolean.valueOf(i != 0));
-+ // END android-changed
- }
- }
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2013-05-25 02:14:15.000000000 +0000
-@@ -78,6 +78,17 @@
- }
- else
- {
-+ // BEGIN android-added
-+ // copied from a newer version of BouncyCastle
-+ if (c == '#' && buf.charAt(buf.length() - 1) == '=')
-+ {
-+ buf.append('\\');
-+ }
-+ else if (c == '+' && separator != '+')
-+ {
-+ buf.append('\\');
-+ }
-+ // END android-added
- buf.append(c);
- }
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/asn1/x9/ECNamedCurveTable.java 2014-07-28 19:51:54.000000000 +0000
-@@ -6,7 +6,9 @@
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.nist.NISTNamedCurves;
- import org.bouncycastle.asn1.sec.SECNamedCurves;
--import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
-+// END android-removed
-
- /**
- * A general class that reads all X9.62 style EC curve tables.
-@@ -30,10 +32,12 @@
- ecP = SECNamedCurves.getByName(name);
- }
-
-- if (ecP == null)
-- {
-- ecP = TeleTrusTNamedCurves.getByName(name);
-- }
-+ // BEGIN android-removed
-+ // if (ecP == null)
-+ // {
-+ // ecP = TeleTrusTNamedCurves.getByName(name);
-+ // }
-+ // END android-removed
-
- if (ecP == null)
- {
-@@ -59,10 +63,12 @@
- oid = SECNamedCurves.getOID(name);
- }
-
-- if (oid == null)
-- {
-- oid = TeleTrusTNamedCurves.getOID(name);
-- }
-+ // BEGIN android-removed
-+ // if (oid == null)
-+ // {
-+ // oid = TeleTrusTNamedCurves.getOID(name);
-+ // }
-+ // END android-removed
-
- if (oid == null)
- {
-@@ -89,10 +95,12 @@
- ecP = SECNamedCurves.getByOID(oid);
- }
-
-- if (ecP == null)
-- {
-- ecP = TeleTrusTNamedCurves.getByOID(oid);
-- }
-+ // BEGIN android-removed
-+ // if (ecP == null)
-+ // {
-+ // ecP = TeleTrusTNamedCurves.getByOID(oid);
-+ // }
-+ // END android-removed
-
- // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup
-
-@@ -111,7 +119,9 @@
- addEnumeration(v, X962NamedCurves.getNames());
- addEnumeration(v, SECNamedCurves.getNames());
- addEnumeration(v, NISTNamedCurves.getNames());
-- addEnumeration(v, TeleTrusTNamedCurves.getNames());
-+ // BEGIN android-removed
-+ // addEnumeration(v, TeleTrusTNamedCurves.getNames());
-+ // END android-removed
-
- return v.elements();
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java bcprov-jdk15on-152/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java 2015-07-07 18:14:00.000000000 +0000
-@@ -6,6 +6,9 @@
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
- import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-+// BEGIN android-added
-+import org.bouncycastle.math.ec.ECCurve;
-+// END android-added
- import org.bouncycastle.math.ec.ECPoint;
-
- /**
-@@ -41,8 +44,23 @@
- public BigInteger calculateAgreement(
- CipherParameters pubKey)
- {
-- ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey;
-- ECPoint P = pub.getQ().multiply(key.getD()).normalize();
-+ // BEGIN android-changed
-+ ECPoint peerPoint = ((ECPublicKeyParameters) pubKey).getQ();
-+ ECCurve myCurve = key.getParameters().getCurve();
-+ if (peerPoint.isInfinity()) {
-+ throw new IllegalStateException("Infinity is not a valid public key for ECDH");
-+ }
-+ try {
-+ myCurve.validatePoint(peerPoint.getXCoord().toBigInteger(),
-+ peerPoint.getYCoord().toBigInteger());
-+ } catch (IllegalArgumentException ex) {
-+ throw new IllegalStateException("The peer public key must be on the curve for ECDH");
-+ }
-+ // Explicitly construct a public key using the private key's curve.
-+ ECPoint pubPoint = myCurve.createPoint(peerPoint.getXCoord().toBigInteger(),
-+ peerPoint.getYCoord().toBigInteger());
-+ ECPoint P = pubPoint.multiply(key.getD()).normalize();
-+ // END android-changed
-
- if (P.isInfinity())
- {
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-09-26 18:06:21.000000000 +0000
-@@ -0,0 +1,87 @@
-+/*
-+ * Copyright (C) 2012 The Android Open Source Project
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License");
-+ * you may not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS,
-+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ */
-+
-+package org.bouncycastle.crypto.digests;
-+
-+import org.bouncycastle.crypto.Digest;
-+
-+/**
-+ * Level of indirection to let us select OpenSSLDigest implementations
-+ * for libcore but fallback to BouncyCastle ones on the RI.
-+ */
-+public final class AndroidDigestFactory {
-+ private static final String OpenSSLFactoryClassName
-+ = AndroidDigestFactory.class.getName() + "OpenSSL";
-+ private static final String BouncyCastleFactoryClassName
-+ = AndroidDigestFactory.class.getName() + "BouncyCastle";
-+
-+ private static final AndroidDigestFactoryInterface FACTORY;
-+ static {
-+ Class factoryImplementationClass;
-+ try {
-+ factoryImplementationClass = Class.forName(OpenSSLFactoryClassName);
-+ // Double check for NativeCrypto in case we are running on RI for testing
-+ Class.forName("com.android.org.conscrypt.NativeCrypto");
-+ } catch (ClassNotFoundException e1) {
-+ try {
-+ factoryImplementationClass = Class.forName(BouncyCastleFactoryClassName);
-+ } catch (ClassNotFoundException e2) {
-+ AssertionError e = new AssertionError("Failed to load "
-+ + "AndroidDigestFactoryInterface "
-+ + "implementation. Looked for "
-+ + OpenSSLFactoryClassName + " and "
-+ + BouncyCastleFactoryClassName);
-+ e.initCause(e1);
-+ throw e;
-+ }
-+ }
-+ if (!AndroidDigestFactoryInterface.class.isAssignableFrom(factoryImplementationClass)) {
-+ throw new AssertionError(factoryImplementationClass
-+ + "does not implement AndroidDigestFactoryInterface");
-+ }
-+ try {
-+ FACTORY = (AndroidDigestFactoryInterface) factoryImplementationClass.newInstance();
-+ } catch (InstantiationException e) {
-+ throw new AssertionError(e);
-+ } catch (IllegalAccessException e) {
-+ throw new AssertionError(e);
-+ }
-+ }
-+
-+ public static Digest getMD5() {
-+ return FACTORY.getMD5();
-+ }
-+
-+ public static Digest getSHA1() {
-+ return FACTORY.getSHA1();
-+ }
-+
-+ public static Digest getSHA224() {
-+ return FACTORY.getSHA224();
-+ }
-+
-+ public static Digest getSHA256() {
-+ return FACTORY.getSHA256();
-+ }
-+
-+ public static Digest getSHA384() {
-+ return FACTORY.getSHA384();
-+ }
-+
-+ public static Digest getSHA512() {
-+ return FACTORY.getSHA512();
-+ }
-+}
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2013-09-26 18:06:21.000000000 +0000
-@@ -0,0 +1,40 @@
-+/*
-+ * Copyright (C) 2012 The Android Open Source Project
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License");
-+ * you may not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS,
-+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ */
-+
-+package org.bouncycastle.crypto.digests;
-+
-+import org.bouncycastle.crypto.Digest;
-+
-+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface {
-+ public Digest getMD5() {
-+ return new MD5Digest();
-+ }
-+ public Digest getSHA1() {
-+ return new SHA1Digest();
-+ }
-+ public Digest getSHA224() {
-+ return new SHA224Digest();
-+ }
-+ public Digest getSHA256() {
-+ return new SHA256Digest();
-+ }
-+ public Digest getSHA384() {
-+ return new SHA384Digest();
-+ }
-+ public Digest getSHA512() {
-+ return new SHA512Digest();
-+ }
-+}
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2013-09-26 18:06:21.000000000 +0000
-@@ -0,0 +1,28 @@
-+/*
-+ * Copyright (C) 2012 The Android Open Source Project
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License");
-+ * you may not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS,
-+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ */
-+
-+package org.bouncycastle.crypto.digests;
-+
-+import org.bouncycastle.crypto.Digest;
-+
-+interface AndroidDigestFactoryInterface {
-+ public Digest getMD5();
-+ public Digest getSHA1();
-+ public Digest getSHA224();
-+ public Digest getSHA256();
-+ public Digest getSHA384();
-+ public Digest getSHA512();
-+}
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2013-09-26 18:06:21.000000000 +0000
-@@ -0,0 +1,40 @@
-+/*
-+ * Copyright (C) 2012 The Android Open Source Project
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License");
-+ * you may not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS,
-+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ */
-+
-+package org.bouncycastle.crypto.digests;
-+
-+import org.bouncycastle.crypto.Digest;
-+
-+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface {
-+ public Digest getMD5() {
-+ return new OpenSSLDigest.MD5();
-+ }
-+ public Digest getSHA1() {
-+ return new OpenSSLDigest.SHA1();
-+ }
-+ public Digest getSHA224() {
-+ return new OpenSSLDigest.SHA224();
-+ }
-+ public Digest getSHA256() {
-+ return new OpenSSLDigest.SHA256();
-+ }
-+ public Digest getSHA384() {
-+ return new OpenSSLDigest.SHA384();
-+ }
-+ public Digest getSHA512() {
-+ return new OpenSSLDigest.SHA512();
-+ }
-+}
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2014-02-27 18:09:19.000000000 +0000
-@@ -0,0 +1,97 @@
-+/*
-+ * Copyright (C) 2008 The Android Open Source Project
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License");
-+ * you may not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS,
-+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ */
-+
-+package org.bouncycastle.crypto.digests;
-+
-+import org.bouncycastle.crypto.ExtendedDigest;
-+import org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi;
-+import java.security.DigestException;
-+import java.security.MessageDigest;
-+
-+/**
-+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. This
-+ * must be an ExtendedDigest for {@link BcKeyStoreSpi} to be able to use it.
-+ */
-+public class OpenSSLDigest implements ExtendedDigest {
-+ private final MessageDigest delegate;
-+
-+ private final int byteSize;
-+
-+ public OpenSSLDigest(String algorithm, int byteSize) {
-+ try {
-+ delegate = MessageDigest.getInstance(algorithm, "AndroidOpenSSL");
-+ this.byteSize = byteSize;
-+ } catch (Exception e) {
-+ throw new RuntimeException(e);
-+ }
-+ }
-+
-+ public String getAlgorithmName() {
-+ return delegate.getAlgorithm();
-+ }
-+
-+ public int getDigestSize() {
-+ return delegate.getDigestLength();
-+ }
-+
-+ public int getByteLength() {
-+ return byteSize;
-+ }
-+
-+ public void reset() {
-+ delegate.reset();
-+ }
-+
-+ public void update(byte in) {
-+ delegate.update(in);
-+ }
-+
-+ public void update(byte[] in, int inOff, int len) {
-+ delegate.update(in, inOff, len);
-+ }
-+
-+ public int doFinal(byte[] out, int outOff) {
-+ try {
-+ return delegate.digest(out, outOff, out.length - outOff);
-+ } catch (DigestException e) {
-+ throw new RuntimeException(e);
-+ }
-+ }
-+
-+ public static class MD5 extends OpenSSLDigest {
-+ public MD5() { super("MD5", 64); }
-+ }
-+
-+ public static class SHA1 extends OpenSSLDigest {
-+ public SHA1() { super("SHA-1", 64); }
-+ }
-+
-+ public static class SHA224 extends OpenSSLDigest {
-+ public SHA224() { super("SHA-224", 64); }
-+ }
-+
-+ public static class SHA256 extends OpenSSLDigest {
-+ public SHA256() { super("SHA-256", 64); }
-+ }
-+
-+ public static class SHA384 extends OpenSSLDigest {
-+ public SHA384() { super("SHA-384", 128); }
-+ }
-+
-+ public static class SHA512 extends OpenSSLDigest {
-+ public SHA512() { super("SHA-512", 128); }
-+ }
-+}
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/ec/CustomNamedCurves.java 2014-07-28 19:51:54.000000000 +0000
-@@ -10,7 +10,9 @@
- import org.bouncycastle.asn1.x9.X9ECParametersHolder;
- import org.bouncycastle.math.ec.ECCurve;
- import org.bouncycastle.math.ec.ECPoint;
--import org.bouncycastle.math.ec.custom.djb.Curve25519;
-+// BEGIN android-removed
-+// import org.bouncycastle.math.ec.custom.djb.Curve25519;
-+// END android-removed
- import org.bouncycastle.math.ec.custom.sec.SecP192K1Curve;
- import org.bouncycastle.math.ec.custom.sec.SecP192R1Curve;
- import org.bouncycastle.math.ec.custom.sec.SecP224K1Curve;
-@@ -36,32 +38,34 @@
- return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create();
- }
-
-- /*
-- * curve25519
-- */
-- static X9ECParametersHolder curve25519 = new X9ECParametersHolder()
-- {
-- protected X9ECParameters createParameters()
-- {
-- byte[] S = null;
-- ECCurve curve = configureCurve(new Curve25519());
--
-- /*
-- * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
-- * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
-- *
-- * The Curve25519 paper doesn't say which of the two possible y values the base
-- * point has. The choice here is guided by language in the Ed25519 paper.
-- *
-- * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14)
-- */
-- ECPoint G = curve.decodePoint(Hex.decode("04"
-- + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
-- + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
--
-- return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
-- }
-- };
-+ // BEGIN android-removed
-+ // /*
-+ // * curve25519
-+ // */
-+ // static X9ECParametersHolder curve25519 = new X9ECParametersHolder()
-+ // {
-+ // protected X9ECParameters createParameters()
-+ // {
-+ // byte[] S = null;
-+ // ECCurve curve = configureCurve(new Curve25519());
-+ //
-+ // /*
-+ // * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
-+ // * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
-+ // *
-+ // * The Curve25519 paper doesn't say which of the two possible y values the base
-+ // * point has. The choice here is guided by language in the Ed25519 paper.
-+ // *
-+ // * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14)
-+ // */
-+ // ECPoint G = curve.decodePoint(Hex.decode("04"
-+ // + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
-+ // + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
-+ //
-+ // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
-+ // }
-+ // };
-+ // END android-removed
-
- /*
- * secp192k1
-@@ -254,7 +258,9 @@
-
- static
- {
-- defineCurve("curve25519", curve25519);
-+ // BEGIN android-removed
-+ // defineCurve("curve25519", curve25519);
-+ // END android-removed
-
- defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1);
- defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1);
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/OAEPEncoding.java 2013-05-25 02:14:15.000000000 +0000
-@@ -6,7 +6,9 @@
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.Digest;
- import org.bouncycastle.crypto.InvalidCipherTextException;
--import org.bouncycastle.crypto.digests.SHA1Digest;
-+// BEGIN android-changed
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-changed
- import org.bouncycastle.crypto.params.ParametersWithRandom;
-
- /**
-@@ -25,7 +27,9 @@
- public OAEPEncoding(
- AsymmetricBlockCipher cipher)
- {
-- this(cipher, new SHA1Digest(), null);
-+ // BEGIN android-changed
-+ this(cipher, AndroidDigestFactory.getSHA1(), null);
-+ // END android-changed
- }
-
- public OAEPEncoding(
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/encodings/PKCS1Encoding.java 2015-04-09 13:10:16.000000000 +0000
-@@ -378,6 +378,12 @@
- throw new InvalidCipherTextException("unknown block type");
- }
- }
-+ // BEGIN android-added
-+ if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey))
-+ {
-+ throw new InvalidCipherTextException("invalid block type " + type);
-+ }
-+ // END android-added
-
- if (useStrictLength && block.length != engine.getOutputBlockSize())
- {
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/engines/DESedeWrapEngine.java 2014-07-28 19:51:54.000000000 +0000
-@@ -6,7 +6,9 @@
- import org.bouncycastle.crypto.Digest;
- import org.bouncycastle.crypto.InvalidCipherTextException;
- import org.bouncycastle.crypto.Wrapper;
--import org.bouncycastle.crypto.digests.SHA1Digest;
-+// BEGIN android-changed
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-changed
- import org.bouncycastle.crypto.modes.CBCBlockCipher;
- import org.bouncycastle.crypto.params.KeyParameter;
- import org.bouncycastle.crypto.params.ParametersWithIV;
-@@ -52,7 +54,9 @@
- //
- // checksum digest
- //
-- Digest sha1 = new SHA1Digest();
-+ // BEGIN android-changed
-+ Digest sha1 = AndroidDigestFactory.getSHA1();
-+ // END android-changed
- byte[] digest = new byte[20];
-
- /**
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DHParametersHelper.java 2014-07-28 19:51:54.000000000 +0000
-@@ -3,11 +3,18 @@
- import java.math.BigInteger;
- import java.security.SecureRandom;
-
-+// BEGIN android-added
-+import java.util.logging.Logger;
-+// END android-added
- import org.bouncycastle.math.ec.WNafUtil;
- import org.bouncycastle.util.BigIntegers;
-
- class DHParametersHelper
- {
-+ // BEGIN android-added
-+ private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName());
-+ // END android-added
-+
- private static final BigInteger ONE = BigInteger.valueOf(1);
- private static final BigInteger TWO = BigInteger.valueOf(2);
-
-@@ -18,12 +25,20 @@
- */
- static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random)
- {
-+ // BEGIN android-added
-+ logger.info("Generating safe primes. This may take a long time.");
-+ long start = System.currentTimeMillis();
-+ int tries = 0;
-+ // END android-added
- BigInteger p, q;
- int qLength = size - 1;
- int minWeight = size >>> 2;
-
- for (;;)
- {
-+ // BEGIN android-added
-+ tries++;
-+ // END android-added
- q = new BigInteger(qLength, 2, random);
-
- // p <- 2q + 1
-@@ -52,6 +67,11 @@
-
- break;
- }
-+ // BEGIN android-added
-+ long end = System.currentTimeMillis();
-+ long duration = end - start;
-+ logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms");
-+ // END android-added
-
- return new BigInteger[] { p, q };
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/DSAParametersGenerator.java 2014-07-28 19:51:54.000000000 +0000
-@@ -4,7 +4,9 @@
- import java.security.SecureRandom;
-
- import org.bouncycastle.crypto.Digest;
--import org.bouncycastle.crypto.digests.SHA1Digest;
-+// BEGIN android-changed
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-changed
- import org.bouncycastle.crypto.params.DSAParameterGenerationParameters;
- import org.bouncycastle.crypto.params.DSAParameters;
- import org.bouncycastle.crypto.params.DSAValidationParameters;
-@@ -31,7 +33,9 @@
-
- public DSAParametersGenerator()
- {
-- this(new SHA1Digest());
-+ // BEGIN android-changed
-+ this(AndroidDigestFactory.getSHA1());
-+ // END android-changed
- }
-
- public DSAParametersGenerator(Digest digest)
-@@ -122,7 +126,9 @@
- int n = (L - 1) / 160;
- byte[] w = new byte[L / 8];
-
-- if (!(digest instanceof SHA1Digest))
-+ // BEGIN android-changed
-+ if (!(digest.getAlgorithmName().equals("SHA-1")))
-+ // END android-changed
- {
- throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters");
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java 2012-09-17 23:04:47.000000000 +0000
-@@ -3,7 +3,9 @@
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.Digest;
- import org.bouncycastle.crypto.PBEParametersGenerator;
--import org.bouncycastle.crypto.digests.MD5Digest;
-+// BEGIN android-changed
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-changed
- import org.bouncycastle.crypto.params.KeyParameter;
- import org.bouncycastle.crypto.params.ParametersWithIV;
-
-@@ -17,7 +19,9 @@
- public class OpenSSLPBEParametersGenerator
- extends PBEParametersGenerator
- {
-- private Digest digest = new MD5Digest();
-+ // BEGIN android-changed
-+ private Digest digest = AndroidDigestFactory.getMD5();
-+ // END android-changed
-
- /**
- * Construct a OpenSSL Parameters generator.
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java 2013-12-12 00:35:05.000000000 +0000
-@@ -4,7 +4,9 @@
- import org.bouncycastle.crypto.Digest;
- import org.bouncycastle.crypto.Mac;
- import org.bouncycastle.crypto.PBEParametersGenerator;
--import org.bouncycastle.crypto.digests.SHA1Digest;
-+// BEGIN android-changed
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-changed
- import org.bouncycastle.crypto.macs.HMac;
- import org.bouncycastle.crypto.params.KeyParameter;
- import org.bouncycastle.crypto.params.ParametersWithIV;
-@@ -28,7 +30,9 @@
- */
- public PKCS5S2ParametersGenerator()
- {
-- this(new SHA1Digest());
-+ // BEGIN android-changed
-+ this(AndroidDigestFactory.getSHA1());
-+ // END android-changed
- }
-
- public PKCS5S2ParametersGenerator(Digest digest)
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/macs/HMac.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/macs/HMac.java 2013-09-26 18:06:21.000000000 +0000
-@@ -36,14 +36,18 @@
- {
- blockLengths = new Hashtable();
-
-- blockLengths.put("GOST3411", Integers.valueOf(32));
--
-- blockLengths.put("MD2", Integers.valueOf(16));
-- blockLengths.put("MD4", Integers.valueOf(64));
-+ // BEGIN android-removed
-+ // blockLengths.put("GOST3411", Integers.valueOf(32));
-+ //
-+ // blockLengths.put("MD2", Integers.valueOf(16));
-+ // blockLengths.put("MD4", Integers.valueOf(64));
-+ // END android-removed
- blockLengths.put("MD5", Integers.valueOf(64));
-
-- blockLengths.put("RIPEMD128", Integers.valueOf(64));
-- blockLengths.put("RIPEMD160", Integers.valueOf(64));
-+ // BEGIN android-removed
-+ // blockLengths.put("RIPEMD128", Integers.valueOf(64));
-+ // blockLengths.put("RIPEMD160", Integers.valueOf(64));
-+ // END android-removed
-
- blockLengths.put("SHA-1", Integers.valueOf(64));
- blockLengths.put("SHA-224", Integers.valueOf(64));
-@@ -51,8 +55,10 @@
- blockLengths.put("SHA-384", Integers.valueOf(128));
- blockLengths.put("SHA-512", Integers.valueOf(128));
-
-- blockLengths.put("Tiger", Integers.valueOf(64));
-- blockLengths.put("Whirlpool", Integers.valueOf(64));
-+ // BEGIN android-removed
-+ // blockLengths.put("Tiger", Integers.valueOf(64));
-+ // blockLengths.put("Whirlpool", Integers.valueOf(64));
-+ // END android-removed
- }
-
- private static int getByteLength(
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/modes/GCMBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/crypto/modes/GCMBlockCipher.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/modes/GCMBlockCipher.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/modes/GCMBlockCipher.java 2015-11-12 22:10:47.000000000 +0000
-@@ -24,6 +24,11 @@
- implements AEADBlockCipher
- {
- private static final int BLOCK_SIZE = 16;
-+ // BEGIN android-added
-+ // 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak
-+ // plaintext and authentication key
-+ private static final long MAX_INPUT_SIZE = 68719476704L;
-+ // END android-added
-
- // not final due to a compiler bug
- private BlockCipher cipher;
-@@ -202,6 +207,14 @@
- return totalData < macSize ? 0 : totalData - macSize;
- }
-
-+ // BEGIN android-added
-+ /** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */
-+ private long getTotalInputSizeAfterNewInput(int newInputLen)
-+ {
-+ return totalLength + newInputLen + bufOff;
-+ }
-+ // END android-added
-+
- public int getUpdateOutputSize(int len)
- {
- int totalData = len + bufOff;
-@@ -218,6 +231,11 @@
-
- public void processAADByte(byte in)
- {
-+ // BEGIN android-added
-+ if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
-+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
-+ }
-+ // END android-added
- atBlock[atBlockPos] = in;
- if (++atBlockPos == BLOCK_SIZE)
- {
-@@ -230,6 +248,11 @@
-
- public void processAADBytes(byte[] in, int inOff, int len)
- {
-+ // BEGIN android-added
-+ if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
-+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
-+ }
-+ // END android-added
- for (int i = 0; i < len; ++i)
- {
- atBlock[atBlockPos] = in[inOff + i];
-@@ -267,6 +290,11 @@
- public int processByte(byte in, byte[] out, int outOff)
- throws DataLengthException
- {
-+ // BEGIN android-added
-+ if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
-+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
-+ }
-+ // END android-added
- bufBlock[bufOff] = in;
- if (++bufOff == bufBlock.length)
- {
-@@ -279,6 +307,11 @@
- public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff)
- throws DataLengthException
- {
-+ // BEGIN android-added
-+ if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
-+ throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
-+ }
-+ // END android-added
- if (in.length < (inOff + len))
- {
- throw new DataLengthException("Input buffer too short");
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/signers/RSADigestSigner.java 2015-04-09 13:10:16.000000000 +0000
-@@ -39,9 +39,11 @@
- */
- static
- {
-- oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
-- oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
-- oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
-+ // BEGIN android-removed
-+ // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
-+ // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
-+ // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
-+ // END android-removed
-
- oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1);
- oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224);
-@@ -51,8 +53,10 @@
- oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224);
- oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256);
-
-- oidMap.put("MD2", PKCSObjectIdentifiers.md2);
-- oidMap.put("MD4", PKCSObjectIdentifiers.md4);
-+ // BEGIN android-removed
-+ // oidMap.put("MD2", PKCSObjectIdentifiers.md2);
-+ // oidMap.put("MD4", PKCSObjectIdentifiers.md4);
-+ // END android-removed
- oidMap.put("MD5", PKCSObjectIdentifiers.md5);
- }
-
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2014-07-28 19:51:54.000000000 +0000
-@@ -9,7 +9,9 @@
- import org.bouncycastle.asn1.ASN1Integer;
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.ASN1Primitive;
--import org.bouncycastle.asn1.oiw.ElGamalParameter;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.oiw.ElGamalParameter;
-+// END android-removed
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.DHParameter;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-@@ -31,8 +33,10 @@
- import org.bouncycastle.crypto.params.ECDomainParameters;
- import org.bouncycastle.crypto.params.ECNamedDomainParameters;
- import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
--import org.bouncycastle.crypto.params.ElGamalParameters;
--import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.params.ElGamalParameters;
-+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-+// END android-removed
- import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-
- /**
-@@ -98,14 +102,16 @@
-
- return new DHPrivateKeyParameters(derX.getValue(), dhParams);
- }
-- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
-- {
-- ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
-- ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
--
-- return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(
-- params.getP(), params.getG()));
-- }
-+ // BEGIN android-removed
-+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
-+ // {
-+ // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
-+ // ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
-+ //
-+ // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(
-+ // params.getP(), params.getG()));
-+ // }
-+ // END android-removed
- else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa))
- {
- ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/crypto/util/PublicKeyFactory.java 2014-07-28 19:51:54.000000000 +0000
-@@ -11,7 +11,9 @@
- import org.bouncycastle.asn1.ASN1OctetString;
- import org.bouncycastle.asn1.ASN1Primitive;
- import org.bouncycastle.asn1.DEROctetString;
--import org.bouncycastle.asn1.oiw.ElGamalParameter;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.oiw.ElGamalParameter;
-+// END android-removed
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.DHParameter;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-@@ -38,8 +40,10 @@
- import org.bouncycastle.crypto.params.ECDomainParameters;
- import org.bouncycastle.crypto.params.ECNamedDomainParameters;
- import org.bouncycastle.crypto.params.ECPublicKeyParameters;
--import org.bouncycastle.crypto.params.ElGamalParameters;
--import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.params.ElGamalParameters;
-+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-+// END android-removed
- import org.bouncycastle.crypto.params.RSAKeyParameters;
-
- /**
-@@ -133,14 +137,16 @@
-
- return new DHPublicKeyParameters(derY.getValue(), dhParams);
- }
-- else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
-- {
-- ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
-- ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
--
-- return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
-- params.getP(), params.getG()));
-- }
-+ // BEGIN android-removed
-+ // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm))
-+ // {
-+ // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
-+ // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
-+ //
-+ // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
-+ // params.getP(), params.getG()));
-+ // }
-+ // END android-removed
- else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)
- || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1))
- {
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DH.java 2014-07-28 19:51:54.000000000 +0000
-@@ -35,10 +35,12 @@
-
- provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi");
-
-- provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES");
-- provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES");
-- provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES");
-- provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES");
-+ // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES");
-+ // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES");
-+ // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede");
-+ // END android-removed
-
- registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi());
- registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi());
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2015-06-01 19:10:55.000000000 +0000
-@@ -27,40 +27,55 @@
- provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi");
- provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi");
-
-- provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA");
-+ // BEGIN android-changed
-+ provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA");
-+ // END android-changed
- provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA");
-
- provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA");
-
-- provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
-- provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
-- provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
-- provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256");
-- provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384");
-- provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
-+ // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
-+ // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
-+ // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256");
-+ // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384");
-+ // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512");
-+ // END android-removed
-
- addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224);
- addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256);
-- addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
-- addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512);
--
-- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA");
-- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA");
-- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA");
-- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA");
-- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA");
-- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA");
--
-- provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA");
-+ // BEGIN android-removed
-+ // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
-+ // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512);
-+ // END android-removed
-+
-+ // BEGIN android-added
-+ provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA");
-+ // END android-added
-+ // BEGIN android-changed
-+ provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA");
-+ provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA");
-+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA");
-+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA");
-+ provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA");
-+ provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA");
-+ provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA");
-+ provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA");
-+ provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA");
-+ // END android-changed
-+
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA");
-+ // END android-removed
-
- AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi();
-
- for (int i = 0; i != DSAUtil.dsaOids.length; i++)
- {
-- provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA");
-+ // BEGIN android-changed
-+ provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA");
-+ // END android-changed
-
- registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact);
- registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA");
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-04-09 13:10:16.000000000 +0000
-@@ -1,8 +1,10 @@
- package org.bouncycastle.jcajce.provider.asymmetric;
-
--import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
--import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
--import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
- import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi;
- import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-@@ -22,45 +24,59 @@
- public void configure(ConfigurableProvider provider)
- {
- provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH");
-- provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC");
-- provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV");
-- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
-- provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF");
-- provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC");
-+ // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV");
-+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
-+ // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF");
-+ // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
-+ // END android-removed
-
- registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC());
- // TODO Should this be an alias for ECDH?
- registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
-- registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
--
-- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC");
-+ // BEGIN android-removed
-+ // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
-+ //
-+ // // Android comment: the registration below is causing CTS tests to fail and doesn't seem
-+ // // to be implemented by bouncycastle (so looks like an bug in bouncycastle).
-+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC");
-+ // END android-removed
- // TODO Should this be an alias for ECDH?
-- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC");
-- registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC");
-+ // BEGIN android-removed
-+ // // Android comment: the registration below is causing CTS tests to fail and doesn't seem
-+ // // to be implemented by bouncycastle (so looks like an bug in bouncycastle).
-+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC");
-+ // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC");
-+ // END android-removed
-
- provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC");
-- provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA");
-- provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH");
-- provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC");
-- provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA");
-+ // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH");
-+ // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC");
-+ // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV");
-+ // END android-removed
-
- provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC");
-- provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA");
-- provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH");
-- provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH");
-- provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC");
-- provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH");
-- provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV");
--
-- provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES");
-- provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES");
-- provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES");
-- provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
-- provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
-- provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
-- provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
-- provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
-- provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA");
-+ // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH");
-+ // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH");
-+ // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC");
-+ // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH");
-+ // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV");
-+ //
-+ // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES");
-+ // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES");
-+ // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES");
-+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
-+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede");
-+ // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
-+ // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
-+ // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
-+ // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
-+ // END android-removed
-
- provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA");
- provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone");
-@@ -72,39 +88,43 @@
- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA");
- provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA");
- provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA");
-- provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
--
-- provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
-- provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
-- provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224");
-- provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256");
-- provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384");
-- provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
-+ //
-+ // provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
-+ // provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
-+ // provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224");
-+ // provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256");
-+ // provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384");
-+ // provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512");
-+ // END android-removed
-
- addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224);
- addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256);
- addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384);
- addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512);
-- addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160);
--
-- provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR");
-- provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224");
-- provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256");
-- provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384");
-- provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512");
--
-- addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
-- addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
-- addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
-- addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
-- addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
--
-- addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
-- addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224);
-- addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256);
-- addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384);
-- addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512);
-- addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
-+ // BEGIN android-removed
-+ // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160);
-+ //
-+ // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR");
-+ // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224");
-+ // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256");
-+ // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384");
-+ // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512");
-+ //
-+ // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
-+ // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
-+ // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
-+ // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
-+ // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
-+ //
-+ // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
-+ // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224);
-+ // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256);
-+ // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384);
-+ // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512);
-+ // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
-+ // END android-removed
- }
- }
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2015-04-09 13:10:16.000000000 +0000
-@@ -3,7 +3,9 @@
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
--import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
- import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi;
- import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-@@ -26,39 +28,47 @@
- provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP");
- provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS");
-
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS");
--
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS");
--
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS");
-+ //
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS");
-+ //
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS");
-+ // END android-removed
-
- provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding");
-- provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding");
-- provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
-- provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
-- provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
-- provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly");
-- provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly");
-- provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding");
-- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding");
-- provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding");
-+ // BEGIN android-changed
-+ provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA");
-+ // END android-changed
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
-+ // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
-+ // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
-+ // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly");
-+ // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly");
-+ // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding");
-+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding");
-+ // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding");
-+ // END android-removed
-
- provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA");
- provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA");
-- provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1");
-- provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP");
-- provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1");
-+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP");
-+ // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1");
-+ // END android-removed
-
- provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi");
- provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi");
-@@ -68,79 +78,89 @@
- registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact);
- registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact);
- registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact);
-- registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact);
--
-- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA");
-- registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA");
-- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP");
-- registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS");
--
--
-- provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA");
-- provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
-- provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
--
-- provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA");
-- provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA");
-- provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA");
-- provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA");
-- provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA");
-- provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA");
-- provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA");
-- provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA");
--
-- provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA");
-- provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS");
--
-- provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA");
-- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA");
-- provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS");
-- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS");
-- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS");
-- provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS");
-- provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS");
--
--
-- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS");
--
-- if (provider.hasAlgorithm("MessageDigest", "MD2"))
-- {
-- addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption);
-- }
--
-- if (provider.hasAlgorithm("MessageDigest", "MD4"))
-- {
-- addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption);
-- }
-+ // BEGIN android-removed
-+ // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact);
-+ //
-+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA");
-+ // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA");
-+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP");
-+ // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS");
-+ //
-+ //
-+ // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA");
-+ // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
-+ // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
-+ //
-+ // provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA");
-+ // provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA");
-+ // provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA");
-+ // provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA");
-+ // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA");
-+ // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA");
-+ // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA");
-+ // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA");
-+ //
-+ // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA");
-+ // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS");
-+ //
-+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA");
-+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA");
-+ // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS");
-+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS");
-+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS");
-+ // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS");
-+ // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS");
-+ //
-+ //
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS");
-+ //
-+ // if (provider.hasAlgorithm("MessageDigest", "MD2"))
-+ // {
-+ // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption);
-+ // }
-+ //
-+ // if (provider.hasAlgorithm("MessageDigest", "MD4"))
-+ // {
-+ // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption);
-+ // }
-+ // END android-removed
-
- if (provider.hasAlgorithm("MessageDigest", "MD5"))
- {
- addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption);
-- provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption");
-- provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2");
-+ // END android-removed
-+ // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption");
-+ // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2");
-+ // END android-removed
- }
-
- if (provider.hasAlgorithm("MessageDigest", "SHA1"))
- {
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS");
-- provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS");
-+ // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS");
-+ // END android-removed
-
- addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption);
-
-- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2");
-- provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2");
-+ // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption");
-+ // END android-removed
- provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
- provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
-
-- provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31");
-- provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31");
-+ // provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption");
-+ // END android-removed
- }
-
- addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption);
-@@ -148,52 +168,54 @@
- addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption);
- addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption);
-
-- provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31");
-- provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31");
-- provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31");
-- provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31");
-- provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption");
--
-- if (provider.hasAlgorithm("MessageDigest", "RIPEMD128"))
-- {
-- addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null);
-- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31");
-- provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
-- }
--
-- if (provider.hasAlgorithm("MessageDigest", "RIPEMD160"))
-- {
-- addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null);
-- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2");
-- provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption");
-- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31");
-- provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
-- }
--
-- if (provider.hasAlgorithm("MessageDigest", "RIPEMD256"))
-- {
-- addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-- addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null);
-- }
--
-- if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL"))
-- {
-- provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
-- provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
-- provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
-- }
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31");
-+ // provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31");
-+ // provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31");
-+ // provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31");
-+ // provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption");
-+ //
-+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128"))
-+ // {
-+ // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null);
-+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31");
-+ // provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
-+ // }
-+ //
-+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160"))
-+ // {
-+ // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null);
-+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2");
-+ // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption");
-+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31");
-+ // provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
-+ // }
-+ //
-+ // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256"))
-+ // {
-+ // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null);
-+ // }
-+ //
-+ // if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL"))
-+ // {
-+ // provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
-+ // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31");
-+ // provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
-+ // }
-+ // END android-removed
- }
-
- private void addDigestSignature(
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/X509.java 2012-09-17 23:04:47.000000000 +0000
-@@ -18,8 +18,10 @@
-
- public void configure(ConfigurableProvider provider)
- {
-- provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory");
-- provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory");
-+ // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509");
-+ // END android-removed
-
- //
- // certificate factories.
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2015-07-21 14:37:00.000000000 +0000
-@@ -23,13 +23,24 @@
- import org.bouncycastle.crypto.DSA;
- import org.bouncycastle.crypto.Digest;
- import org.bouncycastle.crypto.digests.NullDigest;
--import org.bouncycastle.crypto.digests.SHA1Digest;
--import org.bouncycastle.crypto.digests.SHA224Digest;
--import org.bouncycastle.crypto.digests.SHA256Digest;
--import org.bouncycastle.crypto.digests.SHA384Digest;
--import org.bouncycastle.crypto.digests.SHA512Digest;
-+// BEGIN android-added
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-added
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.digests.SHA1Digest;
-+// import org.bouncycastle.crypto.digests.SHA224Digest;
-+// import org.bouncycastle.crypto.digests.SHA256Digest;
-+// import org.bouncycastle.crypto.digests.SHA384Digest;
-+// import org.bouncycastle.crypto.digests.SHA512Digest;
-+// END android-removed
-+// BEGIN android-added
-+import org.bouncycastle.crypto.params.DSAKeyParameters;
-+import org.bouncycastle.crypto.params.DSAParameters;
-+// END android-added
- import org.bouncycastle.crypto.params.ParametersWithRandom;
--import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
-+// END android-removed
-
- public class DSASigner
- extends SignatureSpi
-@@ -79,6 +90,10 @@
- throw new InvalidKeyException("can't recognise key type in DSA based signer");
- }
- }
-+ // BEGIN android-added
-+ DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters();
-+ checkKey(dsaParam);
-+ // END android-added
-
- digest.reset();
- signer.init(false, param);
-@@ -100,6 +115,10 @@
- CipherParameters param;
-
- param = DSAUtil.generatePrivateKeyParameter(privateKey);
-+ // BEGIN android-added
-+ DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters();
-+ checkKey(dsaParam);
-+ // END android-added
-
- if (random != null)
- {
-@@ -173,6 +192,28 @@
- throw new UnsupportedOperationException("engineSetParameter unsupported");
- }
-
-+ // BEGIN android-added
-+ protected void checkKey(DSAParameters params) throws InvalidKeyException {
-+ int valueL = params.getP().bitLength();
-+ int valueN = params.getQ().bitLength();
-+ int digestSize = digest.getDigestSize();
-+
-+ // The checks are consistent with DSAParametersGenerator's init method.
-+ if ((valueL < 1024 || valueL > 3072) || valueL % 1024 != 0) {
-+ throw new InvalidKeyException("valueL values must be between 1024 and 3072 and a multiple of 1024");
-+ } else if (valueL == 1024 && valueN != 160) {
-+ throw new InvalidKeyException("valueN must be 160 for valueL = 1024");
-+ } else if (valueL == 2048 && (valueN != 224 && valueN != 256)) {
-+ throw new InvalidKeyException("valueN must be 224 or 256 for valueL = 2048");
-+ } else if (valueL == 3072 && valueN != 256) {
-+ throw new InvalidKeyException("valueN must be 256 for valueL = 3072");
-+ }
-+ if (valueN > digestSize * 8) {
-+ throw new InvalidKeyException("Key is too strong for this signature algorithm");
-+ }
-+ }
-+
-+ // END android-added
- /**
- * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)">
- */
-@@ -217,90 +258,102 @@
- {
- public stdDSA()
- {
-- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner());
-+ // BEGIN android-changed
-+ super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner());
-+ // END android-changed
- }
- }
-
-- static public class detDSA
-- extends DSASigner
-- {
-- public detDSA()
-- {
-- super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest())));
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class detDSA
-+ // extends DSASigner
-+ // {
-+ // public detDSA()
-+ // {
-+ // super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest())));
-+ // }
-+ // }
-+ // END android-removed
-
- static public class dsa224
- extends DSASigner
- {
- public dsa224()
- {
-- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner());
-+ // BEGIN android-changed
-+ super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner());
-+ // END android-changed
- }
- }
-
-- static public class detDSA224
-- extends DSASigner
-- {
-- public detDSA224()
-- {
-- super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest())));
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class detDSA224
-+ // extends DSASigner
-+ // {
-+ // public detDSA224()
-+ // {
-+ // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest())));
-+ // }
-+ // }
-+ // END android-removed
-
- static public class dsa256
- extends DSASigner
- {
- public dsa256()
- {
-- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner());
-+ // BEGIN android-changed
-+ super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner());
-+ // END android-changed
- }
- }
-
-- static public class detDSA256
-- extends DSASigner
-- {
-- public detDSA256()
-- {
-- super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest())));
-- }
-- }
--
-- static public class dsa384
-- extends DSASigner
-- {
-- public dsa384()
-- {
-- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner());
-- }
-- }
--
-- static public class detDSA384
-- extends DSASigner
-- {
-- public detDSA384()
-- {
-- super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest())));
-- }
-- }
--
-- static public class dsa512
-- extends DSASigner
-- {
-- public dsa512()
-- {
-- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner());
-- }
-- }
--
-- static public class detDSA512
-- extends DSASigner
-- {
-- public detDSA512()
-- {
-- super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest())));
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class detDSA256
-+ // extends DSASigner
-+ // {
-+ // public detDSA256()
-+ // {
-+ // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest())));
-+ // }
-+ // }
-+ //
-+ // static public class dsa384
-+ // extends DSASigner
-+ // {
-+ // public dsa384()
-+ // {
-+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner());
-+ // }
-+ // }
-+ //
-+ // static public class detDSA384
-+ // extends DSASigner
-+ // {
-+ // public detDSA384()
-+ // {
-+ // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest())));
-+ // }
-+ // }
-+ //
-+ // static public class dsa512
-+ // extends DSASigner
-+ // {
-+ // public dsa512()
-+ // {
-+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner());
-+ // }
-+ // }
-+ //
-+ // static public class detDSA512
-+ // extends DSASigner
-+ // {
-+ // public detDSA512()
-+ // {
-+ // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest())));
-+ // }
-+ // }
-+ // END android-removed
-
- static public class noneDSA
- extends DSASigner
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java 2015-06-01 19:10:55.000000000 +0000
-@@ -23,6 +23,9 @@
- public static final ASN1ObjectIdentifier[] dsaOids =
- {
- X9ObjectIdentifiers.id_dsa,
-+ // BEGIN android-added
-+ X9ObjectIdentifiers.id_dsa_with_sha1,
-+ // END android-added
- OIWObjectIdentifiers.dsaWithSHA1
- };
-
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java 2015-07-07 18:14:00.000000000 +0000
-@@ -24,22 +24,28 @@
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.DerivationFunction;
- import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
--import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
--import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
--import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
--import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
-+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
-+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
-+// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator;
-+// END android-removed
- import org.bouncycastle.crypto.digests.SHA1Digest;
- import org.bouncycastle.crypto.params.DESParameters;
- import org.bouncycastle.crypto.params.ECDomainParameters;
- import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
- import org.bouncycastle.crypto.params.ECPublicKeyParameters;
--import org.bouncycastle.crypto.params.MQVPrivateParameters;
--import org.bouncycastle.crypto.params.MQVPublicParameters;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.params.MQVPrivateParameters;
-+// import org.bouncycastle.crypto.params.MQVPublicParameters;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
- import org.bouncycastle.jce.interfaces.ECPrivateKey;
- import org.bouncycastle.jce.interfaces.ECPublicKey;
--import org.bouncycastle.jce.interfaces.MQVPrivateKey;
--import org.bouncycastle.jce.interfaces.MQVPublicKey;
-+// BEGIN android-removed
-+// import org.bouncycastle.jce.interfaces.MQVPrivateKey;
-+// import org.bouncycastle.jce.interfaces.MQVPublicKey;
-+// END android-removed
- import org.bouncycastle.util.Integers;
- import org.bouncycastle.util.Strings;
-
-@@ -89,7 +95,9 @@
- private BigInteger result;
- private ECDomainParameters parameters;
- private BasicAgreement agreement;
-- private DerivationFunction kdf;
-+ // BEGIN android-removed
-+ // private DerivationFunction kdf;
-+ // END android-removed
-
- private byte[] bigIntToBytes(
- BigInteger r)
-@@ -104,7 +112,9 @@
- {
- this.kaAlgorithm = kaAlgorithm;
- this.agreement = agreement;
-- this.kdf = kdf;
-+ // BEGIN android-removed
-+ // this.kdf = kdf;
-+ // END android-removed
- }
-
- protected Key engineDoPhase(
-@@ -123,25 +133,27 @@
- }
-
- CipherParameters pubKey;
-- if (agreement instanceof ECMQVBasicAgreement)
-- {
-- if (!(key instanceof MQVPublicKey))
-- {
-- throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
-- + getSimpleName(MQVPublicKey.class) + " for doPhase");
-- }
--
-- MQVPublicKey mqvPubKey = (MQVPublicKey)key;
-- ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
-- ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey());
-- ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
-- ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey());
--
-- pubKey = new MQVPublicParameters(staticKey, ephemKey);
--
-- // TODO Validate that all the keys are using the same parameters?
-- }
-- else
-+ // BEGIN android-removed
-+ // if (agreement instanceof ECMQVBasicAgreement)
-+ // {
-+ // if (!(key instanceof MQVPublicKey))
-+ // {
-+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
-+ // + getSimpleName(MQVPublicKey.class) + " for doPhase");
-+ // }
-+ //
-+ // MQVPublicKey mqvPubKey = (MQVPublicKey)key;
-+ // ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
-+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey());
-+ // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
-+ // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey());
-+ //
-+ // pubKey = new MQVPublicParameters(staticKey, ephemKey);
-+ //
-+ // // TODO Validate that all the keys are using the same parameters?
-+ // }
-+ // else
-+ // END android-removed
- {
- if (!(key instanceof PublicKey))
- {
-@@ -154,7 +166,15 @@
- // TODO Validate that all the keys are using the same parameters?
- }
-
-+ // BEGIN android-added
-+ try {
-+ // END android-added
- result = agreement.calculateAgreement(pubKey);
-+ // BEGIN android-added
-+ } catch (IllegalStateException e) {
-+ throw new InvalidKeyException("Invalid public key");
-+ }
-+ // END android-added
-
- return null;
- }
-@@ -162,11 +182,13 @@
- protected byte[] engineGenerateSecret()
- throws IllegalStateException
- {
-- if (kdf != null)
-- {
-- throw new UnsupportedOperationException(
-- "KDF can only be used when algorithm is known");
-- }
-+ // BEGIN android-removed
-+ // if (kdf != null)
-+ // {
-+ // throw new UnsupportedOperationException(
-+ // "KDF can only be used when algorithm is known");
-+ // }
-+ // END android-removed
-
- return bigIntToBytes(result);
- }
-@@ -201,23 +223,25 @@
- oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId();
- }
-
-- if (kdf != null)
-- {
-- if (!algorithms.containsKey(oidAlgorithm))
-- {
-- throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm);
-- }
--
-- int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue();
--
-- DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret);
--
-- byte[] keyBytes = new byte[keySize / 8];
-- kdf.init(params);
-- kdf.generateBytes(keyBytes, 0, keyBytes.length);
-- secret = keyBytes;
-- }
-- else
-+ // BEGIN android-removed
-+ // if (kdf != null)
-+ // {
-+ // if (!algorithms.containsKey(oidAlgorithm))
-+ // {
-+ // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm);
-+ // }
-+ //
-+ // int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue();
-+ //
-+ // DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret);
-+ //
-+ // byte[] keyBytes = new byte[keySize / 8];
-+ // kdf.init(params);
-+ // kdf.generateBytes(keyBytes, 0, keyBytes.length);
-+ // secret = keyBytes;
-+ // }
-+ // else
-+ // END android-removed
- {
- if (algorithms.containsKey(oidAlgorithm))
- {
-@@ -264,35 +288,37 @@
- private void initFromKey(Key key)
- throws InvalidKeyException
- {
-- if (agreement instanceof ECMQVBasicAgreement)
-- {
-- if (!(key instanceof MQVPrivateKey))
-- {
-- throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
-- + getSimpleName(MQVPrivateKey.class) + " for initialisation");
-- }
--
-- MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key;
-- ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters)
-- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey());
-- ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters)
-- ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey());
--
-- ECPublicKeyParameters ephemPubKey = null;
-- if (mqvPrivKey.getEphemeralPublicKey() != null)
-- {
-- ephemPubKey = (ECPublicKeyParameters)
-- ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey());
-- }
--
-- MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
-- this.parameters = staticPrivKey.getParameters();
--
-- // TODO Validate that all the keys are using the same parameters?
--
-- agreement.init(localParams);
-- }
-- else
-+ // BEGIN android-removed
-+ // if (agreement instanceof ECMQVBasicAgreement)
-+ // {
-+ // if (!(key instanceof MQVPrivateKey))
-+ // {
-+ // throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
-+ // + getSimpleName(MQVPrivateKey.class) + " for initialisation");
-+ // }
-+ //
-+ // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key;
-+ // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters)
-+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey());
-+ // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters)
-+ // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey());
-+ //
-+ // ECPublicKeyParameters ephemPubKey = null;
-+ // if (mqvPrivKey.getEphemeralPublicKey() != null)
-+ // {
-+ // ephemPubKey = (ECPublicKeyParameters)
-+ // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey());
-+ // }
-+ //
-+ // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
-+ // this.parameters = staticPrivKey.getParameters();
-+ //
-+ // // TODO Validate that all the keys are using the same parameters?
-+ //
-+ // agreement.init(localParams);
-+ // }
-+ // else
-+ // END android-removed
- {
- if (!(key instanceof PrivateKey))
- {
-@@ -323,39 +349,41 @@
- }
- }
-
-- public static class DHC
-- extends KeyAgreementSpi
-- {
-- public DHC()
-- {
-- super("ECDHC", new ECDHCBasicAgreement(), null);
-- }
-- }
--
-- public static class MQV
-- extends KeyAgreementSpi
-- {
-- public MQV()
-- {
-- super("ECMQV", new ECMQVBasicAgreement(), null);
-- }
-- }
--
-- public static class DHwithSHA1KDF
-- extends KeyAgreementSpi
-- {
-- public DHwithSHA1KDF()
-- {
-- super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest()));
-- }
-- }
--
-- public static class MQVwithSHA1KDF
-- extends KeyAgreementSpi
-- {
-- public MQVwithSHA1KDF()
-- {
-- super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest()));
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class DHC
-+ // extends KeyAgreementSpi
-+ // {
-+ // public DHC()
-+ // {
-+ // super("ECDHC", new ECDHCBasicAgreement(), null);
-+ // }
-+ // }
-+ //
-+ // public static class MQV
-+ // extends KeyAgreementSpi
-+ // {
-+ // public MQV()
-+ // {
-+ // super("ECMQV", new ECMQVBasicAgreement(), null);
-+ // }
-+ // }
-+ //
-+ // public static class DHwithSHA1KDF
-+ // extends KeyAgreementSpi
-+ // {
-+ // public DHwithSHA1KDF()
-+ // {
-+ // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest()));
-+ // }
-+ // }
-+ //
-+ // public static class MQVwithSHA1KDF
-+ // extends KeyAgreementSpi
-+ // {
-+ // public MQVwithSHA1KDF()
-+ // {
-+ // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest()));
-+ // }
-+ // }
-+ // END android-removed
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java 2013-05-25 02:14:15.000000000 +0000
-@@ -201,14 +201,16 @@
- }
- }
-
-- public static class ECGOST3410
-- extends KeyFactorySpi
-- {
-- public ECGOST3410()
-- {
-- super("ECGOST3410", BouncyCastleProvider.CONFIGURATION);
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class ECGOST3410
-+ // extends KeyFactorySpi
-+ // {
-+ // public ECGOST3410()
-+ // {
-+ // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION);
-+ // }
-+ // }
-+ // END android-removed
-
- public static class ECDH
- extends KeyFactorySpi
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java 2015-05-12 17:22:22.000000000 +0000
-@@ -42,7 +42,9 @@
- ECKeyGenerationParameters param;
- ECKeyPairGenerator engine = new ECKeyPairGenerator();
- Object ecParams = null;
-- int strength = 239;
-+ // BEGIN android-changed
-+ int strength = 256;
-+ // BEGIN android-changed
- int certainty = 50;
- SecureRandom random = new SecureRandom();
- boolean initialised = false;
-@@ -84,7 +86,13 @@
- SecureRandom random)
- {
- this.strength = strength;
-+ // BEGIN android-added
-+ if (random != null) {
-+ // END android-added
- this.random = random;
-+ // BEGIN android-added
-+ }
-+ // END android-added
-
- ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength));
- if (ecParams == null)
-@@ -107,6 +115,11 @@
- SecureRandom random)
- throws InvalidAlgorithmParameterException
- {
-+ // BEGIN android-added
-+ if (random == null) {
-+ random = this.random;
-+ }
-+ // END android-added
- if (params == null)
- {
- ECParameterSpec implicitCA = configuration.getEcImplicitlyCa();
-@@ -267,4 +280,4 @@
- super("ECMQV", BouncyCastleProvider.CONFIGURATION);
- }
- }
--}
-\ No newline at end of file
-+}
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2014-07-28 19:51:54.000000000 +0000
-@@ -16,16 +16,23 @@
- import org.bouncycastle.crypto.DSA;
- import org.bouncycastle.crypto.Digest;
- import org.bouncycastle.crypto.digests.NullDigest;
--import org.bouncycastle.crypto.digests.RIPEMD160Digest;
--import org.bouncycastle.crypto.digests.SHA1Digest;
--import org.bouncycastle.crypto.digests.SHA224Digest;
--import org.bouncycastle.crypto.digests.SHA256Digest;
--import org.bouncycastle.crypto.digests.SHA384Digest;
--import org.bouncycastle.crypto.digests.SHA512Digest;
-+// BEGIN android-added
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-added
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-+// import org.bouncycastle.crypto.digests.SHA1Digest;
-+// import org.bouncycastle.crypto.digests.SHA224Digest;
-+// import org.bouncycastle.crypto.digests.SHA256Digest;
-+// import org.bouncycastle.crypto.digests.SHA384Digest;
-+// import org.bouncycastle.crypto.digests.SHA512Digest;
-+// END android-removed
- import org.bouncycastle.crypto.params.ParametersWithRandom;
- import org.bouncycastle.crypto.signers.ECDSASigner;
--import org.bouncycastle.crypto.signers.ECNRSigner;
--import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.signers.ECNRSigner;
-+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase;
- import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder;
- import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-@@ -70,18 +77,22 @@
- {
- public ecDSA()
- {
-- super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder());
-+ // BEGIN android-changed
-+ super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder());
-+ // END android-changed
- }
- }
-
-- static public class ecDetDSA
-- extends SignatureSpi
-- {
-- public ecDetDSA()
-- {
-- super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder());
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class ecDetDSA
-+ // extends SignatureSpi
-+ // {
-+ // public ecDetDSA()
-+ // {
-+ // super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder());
-+ // }
-+ // }
-+ // END android-removed
-
- static public class ecDSAnone
- extends SignatureSpi
-@@ -97,180 +108,196 @@
- {
- public ecDSA224()
- {
-- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder());
-+ // BEGIN android-changed
-+ super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder());
-+ // END android-changed
- }
- }
-
-- static public class ecDetDSA224
-- extends SignatureSpi
-- {
-- public ecDetDSA224()
-- {
-- super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder());
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class ecDetDSA224
-+ // extends SignatureSpi
-+ // {
-+ // public ecDetDSA224()
-+ // {
-+ // super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder());
-+ // }
-+ // }
-+ // END android-removed
-
- static public class ecDSA256
- extends SignatureSpi
- {
- public ecDSA256()
- {
-- super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder());
-+ // BEGIN android-changed
-+ super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder());
-+ // END android-changed
- }
- }
-
-- static public class ecDetDSA256
-- extends SignatureSpi
-- {
-- public ecDetDSA256()
-- {
-- super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder());
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class ecDetDSA256
-+ // extends SignatureSpi
-+ // {
-+ // public ecDetDSA256()
-+ // {
-+ // super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder());
-+ // }
-+ // }
-+ // END android-removed
-
- static public class ecDSA384
- extends SignatureSpi
- {
- public ecDSA384()
- {
-- super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder());
-+ // BEGIN android-changed
-+ super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder());
-+ // END android-changed
- }
- }
-
-- static public class ecDetDSA384
-- extends SignatureSpi
-- {
-- public ecDetDSA384()
-- {
-- super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder());
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class ecDetDSA384
-+ // extends SignatureSpi
-+ // {
-+ // public ecDetDSA384()
-+ // {
-+ // super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder());
-+ // }
-+ // }
-+ // END android-removed
-
- static public class ecDSA512
- extends SignatureSpi
- {
- public ecDSA512()
- {
-- super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder());
-- }
-- }
--
-- static public class ecDetDSA512
-- extends SignatureSpi
-- {
-- public ecDetDSA512()
-- {
-- super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder());
-- }
-- }
--
-- static public class ecDSARipeMD160
-- extends SignatureSpi
-- {
-- public ecDSARipeMD160()
-- {
-- super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder());
-- }
-- }
--
-- static public class ecNR
-- extends SignatureSpi
-- {
-- public ecNR()
-- {
-- super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder());
-- }
-- }
--
-- static public class ecNR224
-- extends SignatureSpi
-- {
-- public ecNR224()
-- {
-- super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder());
-- }
-- }
--
-- static public class ecNR256
-- extends SignatureSpi
-- {
-- public ecNR256()
-- {
-- super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder());
-- }
-- }
--
-- static public class ecNR384
-- extends SignatureSpi
-- {
-- public ecNR384()
-- {
-- super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder());
-- }
-- }
--
-- static public class ecNR512
-- extends SignatureSpi
-- {
-- public ecNR512()
-- {
-- super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder());
-- }
-- }
--
-- static public class ecCVCDSA
-- extends SignatureSpi
-- {
-- public ecCVCDSA()
-- {
-- super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder());
-- }
-- }
--
-- static public class ecCVCDSA224
-- extends SignatureSpi
-- {
-- public ecCVCDSA224()
-- {
-- super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder());
-- }
-- }
--
-- static public class ecCVCDSA256
-- extends SignatureSpi
-- {
-- public ecCVCDSA256()
-- {
-- super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder());
-- }
-- }
--
-- static public class ecCVCDSA384
-- extends SignatureSpi
-- {
-- public ecCVCDSA384()
-- {
-- super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder());
-- }
-- }
--
-- static public class ecCVCDSA512
-- extends SignatureSpi
-- {
-- public ecCVCDSA512()
-- {
-- super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder());
-- }
-- }
--
-- static public class ecPlainDSARP160
-- extends SignatureSpi
-- {
-- public ecPlainDSARP160()
-- {
-- super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder());
-- }
-- }
-+ // BEGIN android-changed
-+ super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder());
-+ // END android-changed
-+ }
-+ }
-+
-+ // BEGIN android-removed
-+ // static public class ecDetDSA512
-+ // extends SignatureSpi
-+ // {
-+ // public ecDetDSA512()
-+ // {
-+ // super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecDSARipeMD160
-+ // extends SignatureSpi
-+ // {
-+ // public ecDSARipeMD160()
-+ // {
-+ // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecNR
-+ // extends SignatureSpi
-+ // {
-+ // public ecNR()
-+ // {
-+ // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecNR224
-+ // extends SignatureSpi
-+ // {
-+ // public ecNR224()
-+ // {
-+ // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecNR256
-+ // extends SignatureSpi
-+ // {
-+ // public ecNR256()
-+ // {
-+ // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecNR384
-+ // extends SignatureSpi
-+ // {
-+ // public ecNR384()
-+ // {
-+ // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecNR512
-+ // extends SignatureSpi
-+ // {
-+ // public ecNR512()
-+ // {
-+ // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecCVCDSA
-+ // extends SignatureSpi
-+ // {
-+ // public ecCVCDSA()
-+ // {
-+ // super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecCVCDSA224
-+ // extends SignatureSpi
-+ // {
-+ // public ecCVCDSA224()
-+ // {
-+ // super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecCVCDSA256
-+ // extends SignatureSpi
-+ // {
-+ // public ecCVCDSA256()
-+ // {
-+ // super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecCVCDSA384
-+ // extends SignatureSpi
-+ // {
-+ // public ecCVCDSA384()
-+ // {
-+ // super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecCVCDSA512
-+ // extends SignatureSpi
-+ // {
-+ // public ecCVCDSA512()
-+ // {
-+ // super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder());
-+ // }
-+ // }
-+ //
-+ // static public class ecPlainDSARP160
-+ // extends SignatureSpi
-+ // {
-+ // public ecPlainDSARP160()
-+ // {
-+ // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder());
-+ // }
-+ // }
-+ // END android-removed
-
- private static class StdDSAEncoder
- implements DSAEncoder
-@@ -302,66 +329,68 @@
- }
- }
-
-- private static class PlainDSAEncoder
-- implements DSAEncoder
-- {
-- public byte[] encode(
-- BigInteger r,
-- BigInteger s)
-- throws IOException
-- {
-- byte[] first = makeUnsigned(r);
-- byte[] second = makeUnsigned(s);
-- byte[] res;
--
-- if (first.length > second.length)
-- {
-- res = new byte[first.length * 2];
-- }
-- else
-- {
-- res = new byte[second.length * 2];
-- }
--
-- System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length);
-- System.arraycopy(second, 0, res, res.length - second.length, second.length);
--
-- return res;
-- }
--
--
-- private byte[] makeUnsigned(BigInteger val)
-- {
-- byte[] res = val.toByteArray();
--
-- if (res[0] == 0)
-- {
-- byte[] tmp = new byte[res.length - 1];
--
-- System.arraycopy(res, 1, tmp, 0, tmp.length);
--
-- return tmp;
-- }
--
-- return res;
-- }
--
-- public BigInteger[] decode(
-- byte[] encoding)
-- throws IOException
-- {
-- BigInteger[] sig = new BigInteger[2];
--
-- byte[] first = new byte[encoding.length / 2];
-- byte[] second = new byte[encoding.length / 2];
--
-- System.arraycopy(encoding, 0, first, 0, first.length);
-- System.arraycopy(encoding, first.length, second, 0, second.length);
--
-- sig[0] = new BigInteger(1, first);
-- sig[1] = new BigInteger(1, second);
--
-- return sig;
-- }
-- }
--}
-\ No newline at end of file
-+ // BEGIN android-removed
-+ // private static class PlainDSAEncoder
-+ // implements DSAEncoder
-+ // {
-+ // public byte[] encode(
-+ // BigInteger r,
-+ // BigInteger s)
-+ // throws IOException
-+ // {
-+ // byte[] first = makeUnsigned(r);
-+ // byte[] second = makeUnsigned(s);
-+ // byte[] res;
-+ //
-+ // if (first.length > second.length)
-+ // {
-+ // res = new byte[first.length * 2];
-+ // }
-+ // else
-+ // {
-+ // res = new byte[second.length * 2];
-+ // }
-+ //
-+ // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length);
-+ // System.arraycopy(second, 0, res, res.length - second.length, second.length);
-+ //
-+ // return res;
-+ // }
-+ //
-+ //
-+ // private byte[] makeUnsigned(BigInteger val)
-+ // {
-+ // byte[] res = val.toByteArray();
-+ //
-+ // if (res[0] == 0)
-+ // {
-+ // byte[] tmp = new byte[res.length - 1];
-+ //
-+ // System.arraycopy(res, 1, tmp, 0, tmp.length);
-+ //
-+ // return tmp;
-+ // }
-+ //
-+ // return res;
-+ // }
-+ //
-+ // public BigInteger[] decode(
-+ // byte[] encoding)
-+ // throws IOException
-+ // {
-+ // BigInteger[] sig = new BigInteger[2];
-+ //
-+ // byte[] first = new byte[encoding.length / 2];
-+ // byte[] second = new byte[encoding.length / 2];
-+ //
-+ // System.arraycopy(encoding, 0, first, 0, first.length);
-+ // System.arraycopy(encoding, first.length, second, 0, second.length);
-+ //
-+ // sig[0] = new BigInteger(1, first);
-+ // sig[1] = new BigInteger(1, second);
-+ //
-+ // return sig;
-+ // }
-+ // }
-+ // END android-removed
-+}
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2015-04-09 13:10:16.000000000 +0000
-@@ -26,7 +26,9 @@
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.Digest;
- import org.bouncycastle.crypto.InvalidCipherTextException;
--import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
-+// END android-removed
- import org.bouncycastle.crypto.encodings.OAEPEncoding;
- import org.bouncycastle.crypto.encodings.PKCS1Encoding;
- import org.bouncycastle.crypto.engines.RSABlindedEngine;
-@@ -201,10 +203,12 @@
- {
- cipher = new PKCS1Encoding(new RSABlindedEngine());
- }
-- else if (pad.equals("ISO9796-1PADDING"))
-- {
-- cipher = new ISO9796d1Encoding(new RSABlindedEngine());
-- }
-+ // BEGIN android-removed
-+ // else if (pad.equals("ISO9796-1PADDING"))
-+ // {
-+ // cipher = new ISO9796d1Encoding(new RSABlindedEngine());
-+ // }
-+ // END android-removed
- else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING"))
- {
- initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT));
-@@ -543,48 +547,50 @@
- }
- }
-
-- static public class PKCS1v1_5Padding
-- extends CipherSpi
-- {
-- public PKCS1v1_5Padding()
-- {
-- super(new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
--
-- static public class PKCS1v1_5Padding_PrivateOnly
-- extends CipherSpi
-- {
-- public PKCS1v1_5Padding_PrivateOnly()
-- {
-- super(false, true, new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
--
-- static public class PKCS1v1_5Padding_PublicOnly
-- extends CipherSpi
-- {
-- public PKCS1v1_5Padding_PublicOnly()
-- {
-- super(true, false, new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
--
-- static public class OAEPPadding
-- extends CipherSpi
-- {
-- public OAEPPadding()
-- {
-- super(OAEPParameterSpec.DEFAULT);
-- }
-- }
--
-- static public class ISO9796d1Padding
-- extends CipherSpi
-- {
-- public ISO9796d1Padding()
-- {
-- super(new ISO9796d1Encoding(new RSABlindedEngine()));
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class PKCS1v1_5Padding
-+ // extends CipherSpi
-+ // {
-+ // public PKCS1v1_5Padding()
-+ // {
-+ // super(new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ //
-+ // static public class PKCS1v1_5Padding_PrivateOnly
-+ // extends CipherSpi
-+ // {
-+ // public PKCS1v1_5Padding_PrivateOnly()
-+ // {
-+ // super(false, true, new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ //
-+ // static public class PKCS1v1_5Padding_PublicOnly
-+ // extends CipherSpi
-+ // {
-+ // public PKCS1v1_5Padding_PublicOnly()
-+ // {
-+ // super(true, false, new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ //
-+ // static public class OAEPPadding
-+ // extends CipherSpi
-+ // {
-+ // public OAEPPadding()
-+ // {
-+ // super(OAEPParameterSpec.DEFAULT);
-+ // }
-+ // }
-+ //
-+ // static public class ISO9796d1Padding
-+ // extends CipherSpi
-+ // {
-+ // public ISO9796d1Padding()
-+ // {
-+ // super(new ISO9796d1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ // END android-removed
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2015-04-09 13:10:16.000000000 +0000
-@@ -17,24 +17,31 @@
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
--import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
- import org.bouncycastle.asn1.x509.DigestInfo;
- import org.bouncycastle.crypto.AsymmetricBlockCipher;
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.Digest;
--import org.bouncycastle.crypto.digests.MD2Digest;
--import org.bouncycastle.crypto.digests.MD4Digest;
--import org.bouncycastle.crypto.digests.MD5Digest;
--import org.bouncycastle.crypto.digests.NullDigest;
--import org.bouncycastle.crypto.digests.RIPEMD128Digest;
--import org.bouncycastle.crypto.digests.RIPEMD160Digest;
--import org.bouncycastle.crypto.digests.RIPEMD256Digest;
--import org.bouncycastle.crypto.digests.SHA1Digest;
--import org.bouncycastle.crypto.digests.SHA224Digest;
--import org.bouncycastle.crypto.digests.SHA256Digest;
--import org.bouncycastle.crypto.digests.SHA384Digest;
--import org.bouncycastle.crypto.digests.SHA512Digest;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.digests.MD2Digest;
-+// import org.bouncycastle.crypto.digests.MD4Digest;
-+// import org.bouncycastle.crypto.digests.MD5Digest;
-+// import org.bouncycastle.crypto.digests.NullDigest;
-+// import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-+// import org.bouncycastle.crypto.digests.RIPEMD256Digest;
-+// import org.bouncycastle.crypto.digests.SHA1Digest;
-+// import org.bouncycastle.crypto.digests.SHA224Digest;
-+// import org.bouncycastle.crypto.digests.SHA256Digest;
-+// import org.bouncycastle.crypto.digests.SHA384Digest;
-+// import org.bouncycastle.crypto.digests.SHA512Digest;
-+// END android-removed
-+// BEGIN android-added
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-added
- import org.bouncycastle.crypto.encodings.PKCS1Encoding;
- import org.bouncycastle.crypto.engines.RSABlindedEngine;
- import org.bouncycastle.util.Arrays;
-@@ -254,7 +261,9 @@
- {
- public SHA1()
- {
-- super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // BEGIN android-changed
-+ super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // END android-changed
- }
- }
-
-@@ -263,7 +272,9 @@
- {
- public SHA224()
- {
-- super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // BEGIN android-changed
-+ super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // END android-changed
- }
- }
-
-@@ -272,7 +283,9 @@
- {
- public SHA256()
- {
-- super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // BEGIN android-changed
-+ super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // END android-changed
- }
- }
-
-@@ -281,7 +294,9 @@
- {
- public SHA384()
- {
-- super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // BEGIN android-changed
-+ super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // END android-changed
- }
- }
-
-@@ -290,70 +305,78 @@
- {
- public SHA512()
- {
-- super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // BEGIN android-changed
-+ super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // END android-changed
- }
- }
-
-- static public class MD2
-- extends DigestSignatureSpi
-- {
-- public MD2()
-- {
-- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
--
-- static public class MD4
-- extends DigestSignatureSpi
-- {
-- public MD4()
-- {
-- super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class MD2
-+ // extends DigestSignatureSpi
-+ // {
-+ // public MD2()
-+ // {
-+ // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ //
-+ // static public class MD4
-+ // extends DigestSignatureSpi
-+ // {
-+ // public MD4()
-+ // {
-+ // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ // END android-removed
-
- static public class MD5
- extends DigestSignatureSpi
- {
- public MD5()
- {
-- super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
--
-- static public class RIPEMD160
-- extends DigestSignatureSpi
-- {
-- public RIPEMD160()
-- {
-- super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // BEGIN android-changed
-+ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // END android-changed
- }
- }
-
-- static public class RIPEMD128
-- extends DigestSignatureSpi
-- {
-- public RIPEMD128()
-- {
-- super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
--
-- static public class RIPEMD256
-- extends DigestSignatureSpi
-- {
-- public RIPEMD256()
-- {
-- super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
--
-- static public class noneRSA
-- extends DigestSignatureSpi
-- {
-- public noneRSA()
-- {
-- super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine()));
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class RIPEMD160
-+ // extends DigestSignatureSpi
-+ // {
-+ // public RIPEMD160()
-+ // {
-+ // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ //
-+ // static public class RIPEMD128
-+ // extends DigestSignatureSpi
-+ // {
-+ // public RIPEMD128()
-+ // {
-+ // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ //
-+ // static public class RIPEMD256
-+ // extends DigestSignatureSpi
-+ // {
-+ // public RIPEMD256()
-+ // {
-+ // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ //
-+ // static public class noneRSA
-+ // extends DigestSignatureSpi
-+ // {
-+ // public noneRSA()
-+ // {
-+ // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine()));
-+ // }
-+ // }
-+ // END android-removed
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java 2015-04-09 13:10:16.000000000 +0000
-@@ -18,8 +18,10 @@
- import javax.crypto.NoSuchPaddingException;
- import javax.crypto.spec.IvParameterSpec;
- import javax.crypto.spec.PBEParameterSpec;
--import javax.crypto.spec.RC2ParameterSpec;
--import javax.crypto.spec.RC5ParameterSpec;
-+// BEGIN android-removed
-+// import javax.crypto.spec.RC2ParameterSpec;
-+// import javax.crypto.spec.RC5ParameterSpec;
-+// END android-removed
- import javax.crypto.spec.SecretKeySpec;
-
- import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-@@ -39,8 +41,10 @@
- {
- IvParameterSpec.class,
- PBEParameterSpec.class,
-- RC2ParameterSpec.class,
-- RC5ParameterSpec.class
-+ // BEGIN android-removed
-+ // RC2ParameterSpec.class,
-+ // RC5ParameterSpec.class
-+ // END android-removed
- };
-
- private final JcaJceHelper helper = new BCJcaJceHelper();
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java 2015-04-09 13:10:16.000000000 +0000
-@@ -6,11 +6,15 @@
- import java.security.PublicKey;
-
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
--import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTNamedCurves;
- import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
- import org.bouncycastle.asn1.sec.SECNamedCurves;
--import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
-+// END android-removed
- import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
- import org.bouncycastle.asn1.x9.X962NamedCurves;
- import org.bouncycastle.asn1.x9.X962Parameters;
-@@ -247,14 +251,16 @@
- {
- oid = NISTNamedCurves.getOID(name);
- }
-- if (oid == null)
-- {
-- oid = TeleTrusTNamedCurves.getOID(name);
-- }
-- if (oid == null)
-- {
-- oid = ECGOST3410NamedCurves.getOID(name);
-- }
-+ // BEGIN android-removed
-+ // if (oid == null)
-+ // {
-+ // oid = TeleTrusTNamedCurves.getOID(name);
-+ // }
-+ // if (oid == null)
-+ // {
-+ // oid = ECGOST3410NamedCurves.getOID(name);
-+ // }
-+ // END android-removed
- }
-
- return oid;
-@@ -276,10 +282,12 @@
- {
- params = NISTNamedCurves.getByOID(oid);
- }
-- if (params == null)
-- {
-- params = TeleTrusTNamedCurves.getByOID(oid);
-- }
-+ // BEGIN android-removed
-+ // if (params == null)
-+ // {
-+ // params = TeleTrusTNamedCurves.getByOID(oid);
-+ // }
-+ // END android-removed
- }
-
- return params;
-@@ -297,14 +305,16 @@
- {
- name = NISTNamedCurves.getName(oid);
- }
-- if (name == null)
-- {
-- name = TeleTrusTNamedCurves.getName(oid);
-- }
-- if (name == null)
-- {
-- name = ECGOST3410NamedCurves.getName(oid);
-- }
-+ // BEGIN android-removed
-+ // if (name == null)
-+ // {
-+ // name = TeleTrusTNamedCurves.getName(oid);
-+ // }
-+ // if (name == null)
-+ // {
-+ // name = ECGOST3410NamedCurves.getName(oid);
-+ // }
-+ // END android-removed
- }
-
- return name;
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java 2015-04-09 13:10:16.000000000 +0000
-@@ -37,7 +37,9 @@
- import org.bouncycastle.jcajce.util.BCJcaJceHelper;
- import org.bouncycastle.jcajce.util.JcaJceHelper;
- import org.bouncycastle.util.io.pem.PemObject;
--import org.bouncycastle.util.io.pem.PemWriter;
-+// BEGIN android-removed
-+// import org.bouncycastle.util.io.pem.PemWriter;
-+// END android-removed
-
- /**
- * CertPath implementation for X.509 certificates.
-@@ -54,7 +56,9 @@
- {
- List encodings = new ArrayList();
- encodings.add("PkiPath");
-- encodings.add("PEM");
-+ // BEGIN android-removed
-+ // encodings.add("PEM");
-+ // END android-removed
- encodings.add("PKCS7");
- certPathEncodings = Collections.unmodifiableList(encodings);
- }
-@@ -301,27 +305,29 @@
- return toDEREncoded(new ContentInfo(
- PKCSObjectIdentifiers.signedData, sd));
- }
-- else if (encoding.equalsIgnoreCase("PEM"))
-- {
-- ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-- PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
--
-- try
-- {
-- for (int i = 0; i != certificates.size(); i++)
-- {
-- pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
-- }
--
-- pWrt.close();
-- }
-- catch (Exception e)
-- {
-- throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
-- }
--
-- return bOut.toByteArray();
-- }
-+ // BEGIN android-removed
-+ // else if (encoding.equalsIgnoreCase("PEM"))
-+ // {
-+ // ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-+ // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
-+ //
-+ // try
-+ // {
-+ // for (int i = 0; i != certificates.size(); i++)
-+ // {
-+ // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
-+ // }
-+ //
-+ // pWrt.close();
-+ // }
-+ // catch (Exception e)
-+ // {
-+ // throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
-+ // }
-+ //
-+ // return bOut.toByteArray();
-+ // }
-+ // END android-removed
- else
- {
- throw new CertificateEncodingException("unsupported encoding: " + encoding);
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java 2015-04-09 13:10:16.000000000 +0000
-@@ -55,6 +55,9 @@
- import org.bouncycastle.asn1.x509.Extensions;
- import org.bouncycastle.asn1.x509.GeneralName;
- import org.bouncycastle.asn1.x509.KeyUsage;
-+// BEGIN android-added
-+import org.bouncycastle.asn1.x509.X509Name;
-+// END android-added
- import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
- import org.bouncycastle.jce.X509Principal;
- import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-@@ -534,12 +537,20 @@
- }
- }
-
-+ // BEGIN android-changed
-+ private byte[] encoded;
-+ // END android-changed
- public byte[] getEncoded()
- throws CertificateEncodingException
- {
- try
- {
-- return c.getEncoded(ASN1Encoding.DER);
-+ // BEGIN android-changed
-+ if (encoded == null) {
-+ encoded = c.getEncoded(ASN1Encoding.DER);
-+ }
-+ return encoded;
-+ // END android-changed
- }
- catch (IOException e)
- {
-@@ -839,7 +850,9 @@
- list.add(genName.getEncoded());
- break;
- case GeneralName.directoryName:
-- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
-+ // BEGIN android-changed
-+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
-+ // END android-changed
- break;
- case GeneralName.dNSName:
- case GeneralName.rfc822Name:
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java 2015-04-09 13:10:16.000000000 +0000
-@@ -16,12 +16,16 @@
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.ASN1Sequence;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
--import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
- import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
- import org.bouncycastle.jce.provider.BouncyCastleProvider;
-@@ -143,22 +147,24 @@
- {
- return "SHA512";
- }
-- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
-- {
-- return "RIPEMD128";
-- }
-- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
-- {
-- return "RIPEMD160";
-- }
-- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
-- {
-- return "RIPEMD256";
-- }
-- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
-- {
-- return "GOST3411";
-- }
-+ // BEGIN android-removed
-+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD128";
-+ // }
-+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD160";
-+ // }
-+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD256";
-+ // }
-+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
-+ // {
-+ // return "GOST3411";
-+ // }
-+ // END android-removed
- else
- {
- return digestAlgOID.getId();
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA256.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA256.java 2013-05-25 02:14:15.000000000 +0000
-@@ -45,17 +45,19 @@
- }
- }
-
-- /**
-- * PBEWithHmacSHA
-- */
-- public static class PBEWithMacKeyFactory
-- extends PBESecretKeyFactory
-- {
-- public PBEWithMacKeyFactory()
-- {
-- super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0);
-- }
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * PBEWithHmacSHA
-+ // */
-+ // public static class PBEWithMacKeyFactory
-+ // extends PBESecretKeyFactory
-+ // {
-+ // public PBEWithMacKeyFactory()
-+ // {
-+ // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0);
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * HMACSHA256
-@@ -84,9 +86,11 @@
- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256");
- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256");
-
-- provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
-- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
-- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
-+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
-+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");
-+ // END android-removed
-
- addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
- addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256);
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA384.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA384.java 2013-05-25 02:14:15.000000000 +0000
-@@ -5,7 +5,9 @@
- import org.bouncycastle.crypto.CipherKeyGenerator;
- import org.bouncycastle.crypto.digests.SHA384Digest;
- import org.bouncycastle.crypto.macs.HMac;
--import org.bouncycastle.crypto.macs.OldHMac;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.macs.OldHMac;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-@@ -57,14 +59,16 @@
- }
- }
-
-- public static class OldSHA384
-- extends BaseMac
-- {
-- public OldSHA384()
-- {
-- super(new OldHMac(new SHA384Digest()));
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class OldSHA384
-+ // extends BaseMac
-+ // {
-+ // public OldSHA384()
-+ // {
-+ // super(new OldHMac(new SHA384Digest()));
-+ // }
-+ // }
-+ // END android-removed
-
- public static class Mappings
- extends DigestAlgorithmProvider
-@@ -80,7 +84,9 @@
- provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest");
- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384");
- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384");
-- provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");
-+ // END android-removed
-
- addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
- addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384);
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/digest/SHA512.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/digest/SHA512.java 2013-05-25 02:14:15.000000000 +0000
-@@ -4,9 +4,13 @@
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
- import org.bouncycastle.crypto.CipherKeyGenerator;
- import org.bouncycastle.crypto.digests.SHA512Digest;
--import org.bouncycastle.crypto.digests.SHA512tDigest;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.digests.SHA512tDigest;
-+// END android-removed
- import org.bouncycastle.crypto.macs.HMac;
--import org.bouncycastle.crypto.macs.OldHMac;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.macs.OldHMac;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-@@ -37,42 +41,44 @@
- }
- }
-
-- static public class DigestT
-- extends BCMessageDigest
-- implements Cloneable
-- {
-- public DigestT(int bitLength)
-- {
-- super(new SHA512tDigest(bitLength));
-- }
--
-- public Object clone()
-- throws CloneNotSupportedException
-- {
-- DigestT d = (DigestT)super.clone();
-- d.digest = new SHA512tDigest((SHA512tDigest)digest);
--
-- return d;
-- }
-- }
--
-- static public class DigestT224
-- extends DigestT
-- {
-- public DigestT224()
-- {
-- super(224);
-- }
-- }
--
-- static public class DigestT256
-- extends DigestT
-- {
-- public DigestT256()
-- {
-- super(256);
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class DigestT
-+ // extends BCMessageDigest
-+ // implements Cloneable
-+ // {
-+ // public DigestT(int bitLength)
-+ // {
-+ // super(new SHA512tDigest(bitLength));
-+ // }
-+ //
-+ // public Object clone()
-+ // throws CloneNotSupportedException
-+ // {
-+ // DigestT d = (DigestT)super.clone();
-+ // d.digest = new SHA512tDigest((SHA512tDigest)digest);
-+ //
-+ // return d;
-+ // }
-+ // }
-+ //
-+ // static public class DigestT224
-+ // extends DigestT
-+ // {
-+ // public DigestT224()
-+ // {
-+ // super(224);
-+ // }
-+ // }
-+ //
-+ // static public class DigestT256
-+ // extends DigestT
-+ // {
-+ // public DigestT256()
-+ // {
-+ // super(256);
-+ // }
-+ // }
-+ // END android-removed
-
- public static class HashMac
- extends BaseMac
-@@ -83,35 +89,37 @@
- }
- }
-
-- public static class HashMacT224
-- extends BaseMac
-- {
-- public HashMacT224()
-- {
-- super(new HMac(new SHA512tDigest(224)));
-- }
-- }
--
-- public static class HashMacT256
-- extends BaseMac
-- {
-- public HashMacT256()
-- {
-- super(new HMac(new SHA512tDigest(256)));
-- }
-- }
--
-- /**
-- * SHA-512 HMac
-- */
-- public static class OldSHA512
-- extends BaseMac
-- {
-- public OldSHA512()
-- {
-- super(new OldHMac(new SHA512Digest()));
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class HashMacT224
-+ // extends BaseMac
-+ // {
-+ // public HashMacT224()
-+ // {
-+ // super(new HMac(new SHA512tDigest(224)));
-+ // }
-+ // }
-+ //
-+ // public static class HashMacT256
-+ // extends BaseMac
-+ // {
-+ // public HashMacT256()
-+ // {
-+ // super(new HMac(new SHA512tDigest(256)));
-+ // }
-+ // }
-+ //
-+ // /**
-+ // * SHA-512 HMac
-+ // */
-+ // public static class OldSHA512
-+ // extends BaseMac
-+ // {
-+ // public OldSHA512()
-+ // {
-+ // super(new OldHMac(new SHA512Digest()));
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * HMACSHA512
-@@ -125,23 +133,25 @@
- }
- }
-
-- public static class KeyGeneratorT224
-- extends BaseKeyGenerator
-- {
-- public KeyGeneratorT224()
-- {
-- super("HMACSHA512/224", 224, new CipherKeyGenerator());
-- }
-- }
--
-- public static class KeyGeneratorT256
-- extends BaseKeyGenerator
-- {
-- public KeyGeneratorT256()
-- {
-- super("HMACSHA512/256", 256, new CipherKeyGenerator());
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class KeyGeneratorT224
-+ // extends BaseKeyGenerator
-+ // {
-+ // public KeyGeneratorT224()
-+ // {
-+ // super("HMACSHA512/224", 224, new CipherKeyGenerator());
-+ // }
-+ // }
-+ //
-+ // public static class KeyGeneratorT256
-+ // extends BaseKeyGenerator
-+ // {
-+ // public KeyGeneratorT256()
-+ // {
-+ // super("HMACSHA512/256", 256, new CipherKeyGenerator());
-+ // }
-+ // }
-+ // END android-removed
-
- public static class Mappings
- extends DigestAlgorithmProvider
-@@ -158,21 +168,25 @@
- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512");
- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512");
-
-- provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
-- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
-- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");
--
-- provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
-- provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
-- provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");
--
-- provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
-+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
-+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");
-+ //
-+ // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
-+ // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
-+ // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");
-+ //
-+ // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");
-+ // END android-removed
-
- addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
- addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);
-
-- addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224");
-- addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256");
-+ // BEGIN android-removed
-+ // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224");
-+ // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256");
-+ // END android-removed
- }
- }
-
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/BC.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/BC.java 2013-05-25 02:14:15.000000000 +0000
-@@ -17,7 +17,9 @@
- public void configure(ConfigurableProvider provider)
- {
- provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std");
-- provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1");
-+ // END android-removed
- provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore");
- provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle");
- provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle");
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/PKCS12.java 2013-05-25 02:14:15.000000000 +0000
-@@ -17,14 +17,16 @@
- public void configure(ConfigurableProvider provider)
- {
- provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
-- provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
-- provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
--
-- provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
-- provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES");
--
-- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
-- provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
-+ // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
-+ //
-+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
-+ // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES");
-+ //
-+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
-+ // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES");
-+ // END android-removed
- }
- }
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java 2015-04-09 13:10:16.000000000 +0000
-@@ -62,8 +62,10 @@
- import org.bouncycastle.asn1.DEROutputStream;
- import org.bouncycastle.asn1.DERSequence;
- import org.bouncycastle.asn1.DERSet;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
--import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
-@@ -89,7 +91,9 @@
- import org.bouncycastle.crypto.digests.SHA1Digest;
- import org.bouncycastle.jcajce.PKCS12StoreParameter;
- import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
--import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-+// BEGIN android-removed
-+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-+// END android-removed
- import org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
- import org.bouncycastle.jcajce.util.BCJcaJceHelper;
- import org.bouncycastle.jcajce.util.JcaJceHelper;
-@@ -753,13 +757,15 @@
- {
- cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
- }
-- else
-- {
-- // TODO: at the moment it's just GOST, but...
-- GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
--
-- cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
-- }
-+ // BEGIN android-removed
-+ // else
-+ // {
-+ // // TODO: at the moment it's just GOST, but...
-+ // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
-+ //
-+ // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
-+ // }
-+ // END android-removed
- return cipher;
- }
-
-@@ -1680,33 +1686,34 @@
- super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
- }
- }
--
-- public static class BCPKCS12KeyStore3DES
-- extends PKCS12KeyStoreSpi
-- {
-- public BCPKCS12KeyStore3DES()
-- {
-- super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
-- }
-- }
--
-- public static class DefPKCS12KeyStore
-- extends PKCS12KeyStoreSpi
-- {
-- public DefPKCS12KeyStore()
-- {
-- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
-- }
-- }
--
-- public static class DefPKCS12KeyStore3DES
-- extends PKCS12KeyStoreSpi
-- {
-- public DefPKCS12KeyStore3DES()
-- {
-- super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class BCPKCS12KeyStore3DES
-+ // extends PKCS12KeyStoreSpi
-+ // {
-+ // public BCPKCS12KeyStore3DES()
-+ // {
-+ // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
-+ // }
-+ // }
-+ //
-+ // public static class DefPKCS12KeyStore
-+ // extends PKCS12KeyStoreSpi
-+ // {
-+ // public DefPKCS12KeyStore()
-+ // {
-+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
-+ // }
-+ // }
-+ //
-+ // public static class DefPKCS12KeyStore3DES
-+ // extends PKCS12KeyStoreSpi
-+ // {
-+ // public DefPKCS12KeyStore3DES()
-+ // {
-+ // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
-+ // }
-+ // }
-+ // END android-removed
-
- private static class IgnoresCaseHashtable
- {
-@@ -1779,7 +1786,9 @@
- keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
- keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));
-
-- keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));
-+ // BEGIN android-removed
-+ // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));
-+ // END android-removed
-
- KEY_SIZES = Collections.unmodifiableMap(keySizes);
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/AES.java 2015-07-22 00:42:46.000000000 +0000
-@@ -3,16 +3,28 @@
- import java.io.IOException;
- import java.lang.reflect.Constructor;
- import java.lang.reflect.Method;
--import java.security.AlgorithmParameters;
--import java.security.InvalidAlgorithmParameterException;
-+// BEGIN android-added
-+import java.security.NoSuchAlgorithmException;
-+// END android-added
-+// BEGIN android-removed
-+// import java.security.AlgorithmParameters;
-+// import java.security.InvalidAlgorithmParameterException;
-+// END android-removed
- import java.security.SecureRandom;
- import java.security.spec.AlgorithmParameterSpec;
- import java.security.spec.InvalidParameterSpecException;
-
--import javax.crypto.spec.IvParameterSpec;
--
-+// BEGIN android-removed
-+// import javax.crypto.spec.IvParameterSpec;
-+// END android-removed
-+
-+// BEGIN android-added
-+import javax.crypto.NoSuchPaddingException;
-+// END android-added
- import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
--import org.bouncycastle.asn1.cms.CCMParameters;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cms.CCMParameters;
-+// END android-removed
- import org.bouncycastle.asn1.cms.GCMParameters;
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.crypto.BlockCipher;
-@@ -20,22 +32,30 @@
- import org.bouncycastle.crypto.CipherKeyGenerator;
- import org.bouncycastle.crypto.engines.AESFastEngine;
- import org.bouncycastle.crypto.engines.AESWrapEngine;
--import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
--import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
--import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
--import org.bouncycastle.crypto.macs.CMac;
--import org.bouncycastle.crypto.macs.GMac;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-+// import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
-+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-+// import org.bouncycastle.crypto.macs.CMac;
-+// import org.bouncycastle.crypto.macs.GMac;
-+// END android-removed
- import org.bouncycastle.crypto.modes.CBCBlockCipher;
--import org.bouncycastle.crypto.modes.CCMBlockCipher;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.modes.CCMBlockCipher;
-+// END android-removed
- import org.bouncycastle.crypto.modes.CFBBlockCipher;
- import org.bouncycastle.crypto.modes.GCMBlockCipher;
- import org.bouncycastle.crypto.modes.OFBBlockCipher;
- import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-+// BEGIN android-removed
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-+// BEGIN android-removed
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
- import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
- import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-@@ -98,53 +118,64 @@
- public GCM()
- {
- super(new GCMBlockCipher(new AESFastEngine()));
-+ // BEGIN android-added
-+ try {
-+ engineSetMode("GCM");
-+ engineSetPadding("NoPadding");
-+ } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
-+ // this should not be possible
-+ throw new RuntimeException("Could not set mode or padding for GCM mode", e);
-+ }
-+ // END android-added
- }
- }
-
-- static public class CCM
-- extends BaseBlockCipher
-- {
-- public CCM()
-- {
-- super(new CCMBlockCipher(new AESFastEngine()));
-- }
-- }
--
-- public static class AESCMAC
-- extends BaseMac
-- {
-- public AESCMAC()
-- {
-- super(new CMac(new AESFastEngine()));
-- }
-- }
--
-- public static class AESGMAC
-- extends BaseMac
-- {
-- public AESGMAC()
-- {
-- super(new GMac(new GCMBlockCipher(new AESFastEngine())));
-- }
-- }
--
-- public static class Poly1305
-- extends BaseMac
-- {
-- public Poly1305()
-- {
-- super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine()));
-- }
-- }
--
-- public static class Poly1305KeyGen
-- extends BaseKeyGenerator
-- {
-- public Poly1305KeyGen()
-- {
-- super("Poly1305-AES", 256, new Poly1305KeyGenerator());
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class CCM
-+ // extends BaseBlockCipher
-+ // {
-+ // public CCM()
-+ // {
-+ // super(new CCMBlockCipher(new AESFastEngine()));
-+ // }
-+ // }
-+ //
-+ // public static class AESCMAC
-+ // extends BaseMac
-+ // {
-+ // public AESCMAC()
-+ // {
-+ // super(new CMac(new AESFastEngine()));
-+ // }
-+ // }
-+ //
-+ // public static class AESGMAC
-+ // extends BaseMac
-+ // {
-+ // public AESGMAC()
-+ // {
-+ // super(new GMac(new GCMBlockCipher(new AESFastEngine())));
-+ // }
-+ // }
-+ //
-+ // public static class Poly1305
-+ // extends BaseMac
-+ // {
-+ // public Poly1305()
-+ // {
-+ // super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine()));
-+ // }
-+ // }
-+ //
-+ // public static class Poly1305KeyGen
-+ // extends BaseKeyGenerator
-+ // {
-+ // public Poly1305KeyGen()
-+ // {
-+ // super("Poly1305-AES", 256, new Poly1305KeyGenerator());
-+ // }
-+ // }
-+ // END android-removed
-
- static public class Wrap
- extends BaseWrapCipher
-@@ -155,23 +186,25 @@
- }
- }
-
-- public static class RFC3211Wrap
-- extends BaseWrapCipher
-- {
-- public RFC3211Wrap()
-- {
-- super(new RFC3211WrapEngine(new AESFastEngine()), 16);
-- }
-- }
--
-- public static class RFC5649Wrap
-- extends BaseWrapCipher
-- {
-- public RFC5649Wrap()
-- {
-- super(new RFC5649WrapEngine(new AESFastEngine()));
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class RFC3211Wrap
-+ // extends BaseWrapCipher
-+ // {
-+ // public RFC3211Wrap()
-+ // {
-+ // super(new RFC3211WrapEngine(new AESFastEngine()), 16);
-+ // }
-+ // }
-+ //
-+ // public static class RFC5649Wrap
-+ // extends BaseWrapCipher
-+ // {
-+ // public RFC5649Wrap()
-+ // {
-+ // super(new RFC5649WrapEngine(new AESFastEngine()));
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * PBEWithAES-CBC
-@@ -190,7 +223,9 @@
- {
- public KeyGen()
- {
-- this(192);
-+ // BEGIN android-changed
-+ this(128);
-+ // END android-changed
- }
-
- public KeyGen(int keySize)
-@@ -199,32 +234,34 @@
- }
- }
-
-- public static class KeyGen128
-- extends KeyGen
-- {
-- public KeyGen128()
-- {
-- super(128);
-- }
-- }
--
-- public static class KeyGen192
-- extends KeyGen
-- {
-- public KeyGen192()
-- {
-- super(192);
-- }
-- }
--
-- public static class KeyGen256
-- extends KeyGen
-- {
-- public KeyGen256()
-- {
-- super(256);
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class KeyGen128
-+ // extends KeyGen
-+ // {
-+ // public KeyGen128()
-+ // {
-+ // super(128);
-+ // }
-+ // }
-+ //
-+ // public static class KeyGen192
-+ // extends KeyGen
-+ // {
-+ // public KeyGen192()
-+ // {
-+ // super(192);
-+ // }
-+ // }
-+ //
-+ // public static class KeyGen256
-+ // extends KeyGen
-+ // {
-+ // public KeyGen256()
-+ // {
-+ // super(256);
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * PBEWithSHA1And128BitAES-BC
-@@ -334,119 +371,121 @@
- }
- }
-
-- public static class AlgParamGen
-- extends BaseAlgorithmParameterGenerator
-- {
-- protected void engineInit(
-- AlgorithmParameterSpec genParamSpec,
-- SecureRandom random)
-- throws InvalidAlgorithmParameterException
-- {
-- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
-- }
--
-- protected AlgorithmParameters engineGenerateParameters()
-- {
-- byte[] iv = new byte[16];
--
-- if (random == null)
-- {
-- random = new SecureRandom();
-- }
--
-- random.nextBytes(iv);
--
-- AlgorithmParameters params;
--
-- try
-- {
-- params = createParametersInstance("AES");
-- params.init(new IvParameterSpec(iv));
-- }
-- catch (Exception e)
-- {
-- throw new RuntimeException(e.getMessage());
-- }
--
-- return params;
-- }
-- }
--
-- public static class AlgParamGenCCM
-- extends BaseAlgorithmParameterGenerator
-- {
-- protected void engineInit(
-- AlgorithmParameterSpec genParamSpec,
-- SecureRandom random)
-- throws InvalidAlgorithmParameterException
-- {
-- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
-- }
--
-- protected AlgorithmParameters engineGenerateParameters()
-- {
-- byte[] iv = new byte[12];
--
-- if (random == null)
-- {
-- random = new SecureRandom();
-- }
--
-- random.nextBytes(iv);
--
-- AlgorithmParameters params;
--
-- try
-- {
-- params = createParametersInstance("CCM");
-- params.init(new CCMParameters(iv, 12).getEncoded());
-- }
-- catch (Exception e)
-- {
-- throw new RuntimeException(e.getMessage());
-- }
--
-- return params;
-- }
-- }
--
-- public static class AlgParamGenGCM
-- extends BaseAlgorithmParameterGenerator
-- {
-- protected void engineInit(
-- AlgorithmParameterSpec genParamSpec,
-- SecureRandom random)
-- throws InvalidAlgorithmParameterException
-- {
-- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
-- }
--
-- protected AlgorithmParameters engineGenerateParameters()
-- {
-- byte[] nonce = new byte[12];
--
-- if (random == null)
-- {
-- random = new SecureRandom();
-- }
--
-- random.nextBytes(nonce);
--
-- AlgorithmParameters params;
--
-- try
-- {
-- params = createParametersInstance("GCM");
-- params.init(new GCMParameters(nonce, 12).getEncoded());
-- }
-- catch (Exception e)
-- {
-- throw new RuntimeException(e.getMessage());
-- }
--
-- return params;
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class AlgParamGen
-+ // extends BaseAlgorithmParameterGenerator
-+ // {
-+ // protected void engineInit(
-+ // AlgorithmParameterSpec genParamSpec,
-+ // SecureRandom random)
-+ // throws InvalidAlgorithmParameterException
-+ // {
-+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
-+ // }
-+ //
-+ // protected AlgorithmParameters engineGenerateParameters()
-+ // {
-+ // byte[] iv = new byte[16];
-+ //
-+ // if (random == null)
-+ // {
-+ // random = new SecureRandom();
-+ // }
-+ //
-+ // random.nextBytes(iv);
-+ //
-+ // AlgorithmParameters params;
-+ //
-+ // try
-+ // {
-+ // params = createParametersInstance("AES");
-+ // params.init(new IvParameterSpec(iv));
-+ // }
-+ // catch (Exception e)
-+ // {
-+ // throw new RuntimeException(e.getMessage());
-+ // }
-+ //
-+ // return params;
-+ // }
-+ // }
-+ //
-+ // public static class AlgParamGenCCM
-+ // extends BaseAlgorithmParameterGenerator
-+ // {
-+ // protected void engineInit(
-+ // AlgorithmParameterSpec genParamSpec,
-+ // SecureRandom random)
-+ // throws InvalidAlgorithmParameterException
-+ // {
-+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
-+ // }
-+ //
-+ // protected AlgorithmParameters engineGenerateParameters()
-+ // {
-+ // byte[] iv = new byte[12];
-+ //
-+ // if (random == null)
-+ // {
-+ // random = new SecureRandom();
-+ // }
-+ //
-+ // random.nextBytes(iv);
-+ //
-+ // AlgorithmParameters params;
-+ //
-+ // try
-+ // {
-+ // params = createParametersInstance("CCM");
-+ // params.init(new CCMParameters(iv, 12).getEncoded());
-+ // }
-+ // catch (Exception e)
-+ // {
-+ // throw new RuntimeException(e.getMessage());
-+ // }
-+ //
-+ // return params;
-+ // }
-+ // }
-+ //
-+ // public static class AlgParamGenGCM
-+ // extends BaseAlgorithmParameterGenerator
-+ // {
-+ // protected void engineInit(
-+ // AlgorithmParameterSpec genParamSpec,
-+ // SecureRandom random)
-+ // throws InvalidAlgorithmParameterException
-+ // {
-+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
-+ // }
-+ //
-+ // protected AlgorithmParameters engineGenerateParameters()
-+ // {
-+ // byte[] nonce = new byte[12];
-+ //
-+ // if (random == null)
-+ // {
-+ // random = new SecureRandom();
-+ // }
-+ //
-+ // random.nextBytes(nonce);
-+ //
-+ // AlgorithmParameters params;
-+ //
-+ // try
-+ // {
-+ // params = createParametersInstance("GCM");
-+ // params.init(new GCMParameters(nonce, 12).getEncoded());
-+ // }
-+ // catch (Exception e)
-+ // {
-+ // throw new RuntimeException(e.getMessage());
-+ // }
-+ //
-+ // return params;
-+ // }
-+ // }
-+ // END android-removed
-
- public static class AlgParams
- extends IvAlgorithmParameters
-@@ -545,80 +584,82 @@
- }
- }
-
-- public static class AlgParamsCCM
-- extends BaseAlgorithmParameters
-- {
-- private CCMParameters ccmParams;
--
-- protected void engineInit(AlgorithmParameterSpec paramSpec)
-- throws InvalidParameterSpecException
-- {
-- throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation.");
-- }
--
-- protected void engineInit(byte[] params)
-- throws IOException
-- {
-- ccmParams = CCMParameters.getInstance(params);
-- }
--
-- protected void engineInit(byte[] params, String format)
-- throws IOException
-- {
-- if (!isASN1FormatString(format))
-- {
-- throw new IOException("unknown format specified");
-- }
--
-- ccmParams = CCMParameters.getInstance(params);
-- }
--
-- protected byte[] engineGetEncoded()
-- throws IOException
-- {
-- return ccmParams.getEncoded();
-- }
--
-- protected byte[] engineGetEncoded(String format)
-- throws IOException
-- {
-- if (!isASN1FormatString(format))
-- {
-- throw new IOException("unknown format specified");
-- }
--
-- return ccmParams.getEncoded();
-- }
--
-- protected String engineToString()
-- {
-- return "CCM";
-- }
--
-- protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
-- throws InvalidParameterSpecException
-- {
-- if (gcmSpecClass != null)
-- {
-- try
-- {
-- Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class });
--
-- return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() });
-- }
-- catch (NoSuchMethodException e)
-- {
-- throw new InvalidParameterSpecException("no constructor found!"); // should never happen
-- }
-- catch (Exception e)
-- {
-- throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen
-- }
-- }
--
-- throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName());
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class AlgParamsCCM
-+ // extends BaseAlgorithmParameters
-+ // {
-+ // private CCMParameters ccmParams;
-+ //
-+ // protected void engineInit(AlgorithmParameterSpec paramSpec)
-+ // throws InvalidParameterSpecException
-+ // {
-+ // throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation.");
-+ // }
-+ //
-+ // protected void engineInit(byte[] params)
-+ // throws IOException
-+ // {
-+ // ccmParams = CCMParameters.getInstance(params);
-+ // }
-+ //
-+ // protected void engineInit(byte[] params, String format)
-+ // throws IOException
-+ // {
-+ // if (!isASN1FormatString(format))
-+ // {
-+ // throw new IOException("unknown format specified");
-+ // }
-+ //
-+ // ccmParams = CCMParameters.getInstance(params);
-+ // }
-+ //
-+ // protected byte[] engineGetEncoded()
-+ // throws IOException
-+ // {
-+ // return ccmParams.getEncoded();
-+ // }
-+ //
-+ // protected byte[] engineGetEncoded(String format)
-+ // throws IOException
-+ // {
-+ // if (!isASN1FormatString(format))
-+ // {
-+ // throw new IOException("unknown format specified");
-+ // }
-+ //
-+ // return ccmParams.getEncoded();
-+ // }
-+ //
-+ // protected String engineToString()
-+ // {
-+ // return "CCM";
-+ // }
-+ //
-+ // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
-+ // throws InvalidParameterSpecException
-+ // {
-+ // if (gcmSpecClass != null)
-+ // {
-+ // try
-+ // {
-+ // Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class });
-+ //
-+ // return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() });
-+ // }
-+ // catch (NoSuchMethodException e)
-+ // {
-+ // throw new InvalidParameterSpecException("no constructor found!"); // should never happen
-+ // }
-+ // catch (Exception e)
-+ // {
-+ // throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen
-+ // }
-+ // }
-+ //
-+ // throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName());
-+ // }
-+ // }
-+ // END android-removed
-
- public static class Mappings
- extends SymmetricAlgorithmProvider
-@@ -652,92 +693,101 @@
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
--
-- provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
--
-- provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
-+ //
-+ // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
-+ // END android-removed
-
- provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB");
- provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES");
- provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES");
- provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB");
-- provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB");
-+ // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB");
-+ // END android-removed
- provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP");
- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP");
-
-- provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap");
-- provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap");
--
-- provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
--
-- provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM");
-- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
-- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
-- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
--
-- provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
--
-- provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM");
-- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
-- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
-- provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap");
-+ // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap");
-+ //
-+ // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
-+ //
-+ // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM");
-+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
-+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
-+ // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
-+ //
-+ // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
-+ // END android-removed
-+
-+ // BEGIN android-changed
-+ provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM");
-+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING");
-+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING");
-+ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING");
-+ // END android-changed
-
- provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen");
-- provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128");
-- provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192");
-- provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256");
-- provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192");
-- provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256");
--
-- provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128");
-+ // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192");
-+ // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256");
-+ // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192");
-+ // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256");
-+ //
-+ // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC");
-+ // END android-removed
-
- provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC");
- provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC");
-@@ -816,8 +866,10 @@
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE");
-
-- addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
-- addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-+ // BEGIN android-removed
-+ // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
-+ // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-+ // END android-removed
- }
- }
-
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/ARC4.java 2013-05-25 02:14:15.000000000 +0000
-@@ -29,7 +29,9 @@
- {
- public KeyGen()
- {
-- super("RC4", 128, new CipherKeyGenerator());
-+ // BEGIN android-changed
-+ super("ARC4", 128, new CipherKeyGenerator());
-+ // END android-changed
- }
- }
-
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java 2012-09-17 23:04:47.000000000 +0000
-@@ -64,7 +64,9 @@
- {
-
- provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB");
-- provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC");
-+ // END android-removed
- provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen");
- provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH");
- provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams");
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DES.java 2015-04-09 13:10:16.000000000 +0000
-@@ -19,12 +19,16 @@
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.KeyGenerationParameters;
- import org.bouncycastle.crypto.engines.DESEngine;
--import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-+// END android-removed
- import org.bouncycastle.crypto.generators.DESKeyGenerator;
- import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
--import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
--import org.bouncycastle.crypto.macs.CMac;
--import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-+// import org.bouncycastle.crypto.macs.CMac;
-+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
-+// END android-removed
- import org.bouncycastle.crypto.modes.CBCBlockCipher;
- import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
- import org.bouncycastle.crypto.params.DESParameters;
-@@ -65,17 +69,19 @@
- }
- }
-
-- /**
-- * DES CFB8
-- */
-- public static class DESCFB8
-- extends BaseMac
-- {
-- public DESCFB8()
-- {
-- super(new CFBBlockCipherMac(new DESEngine()));
-- }
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * DES CFB8
-+ // */
-+ // public static class DESCFB8
-+ // extends BaseMac
-+ // {
-+ // public DESCFB8()
-+ // {
-+ // super(new CFBBlockCipherMac(new DESEngine()));
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * DES64
-@@ -110,47 +116,49 @@
- }
- }
-
-- static public class CMAC
-- extends BaseMac
-- {
-- public CMAC()
-- {
-- super(new CMac(new DESEngine()));
-- }
-- }
--
-- /**
-- * DES9797Alg3with7816-4Padding
-- */
-- public static class DES9797Alg3with7816d4
-- extends BaseMac
-- {
-- public DES9797Alg3with7816d4()
-- {
-- super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding()));
-- }
-- }
--
-- /**
-- * DES9797Alg3
-- */
-- public static class DES9797Alg3
-- extends BaseMac
-- {
-- public DES9797Alg3()
-- {
-- super(new ISO9797Alg3Mac(new DESEngine()));
-- }
-- }
--
-- public static class RFC3211
-- extends BaseWrapCipher
-- {
-- public RFC3211()
-- {
-- super(new RFC3211WrapEngine(new DESEngine()), 8);
-- }
-- }
-+ // BEGIN android-removed
-+ // static public class CMAC
-+ // extends BaseMac
-+ // {
-+ // public CMAC()
-+ // {
-+ // super(new CMac(new DESEngine()));
-+ // }
-+ // }
-+ //
-+ // /**
-+ // * DES9797Alg3with7816-4Padding
-+ // */
-+ // public static class DES9797Alg3with7816d4
-+ // extends BaseMac
-+ // {
-+ // public DES9797Alg3with7816d4()
-+ // {
-+ // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding()));
-+ // }
-+ // }
-+ //
-+ // /**
-+ // * DES9797Alg3
-+ // */
-+ // public static class DES9797Alg3
-+ // extends BaseMac
-+ // {
-+ // public DES9797Alg3()
-+ // {
-+ // super(new ISO9797Alg3Mac(new DESEngine()));
-+ // }
-+ // }
-+ //
-+ // public static class RFC3211
-+ // extends BaseWrapCipher
-+ // {
-+ // public RFC3211()
-+ // {
-+ // super(new RFC3211WrapEngine(new DESEngine()), 8);
-+ // }
-+ // }
-+ // END android-removed
-
- public static class AlgParamGen
- extends BaseAlgorithmParameterGenerator
-@@ -350,17 +358,19 @@
- }
- }
-
-- /**
-- * PBEWithMD2AndDES
-- */
-- static public class PBEWithMD2KeyFactory
-- extends DESPBEKeyFactory
-- {
-- public PBEWithMD2KeyFactory()
-- {
-- super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64);
-- }
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * PBEWithMD2AndDES
-+ // */
-+ // static public class PBEWithMD2KeyFactory
-+ // extends DESPBEKeyFactory
-+ // {
-+ // public PBEWithMD2KeyFactory()
-+ // {
-+ // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64);
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * PBEWithMD5AndDES
-@@ -386,17 +396,19 @@
- }
- }
-
-- /**
-- * PBEWithMD2AndDES
-- */
-- static public class PBEWithMD2
-- extends BaseBlockCipher
-- {
-- public PBEWithMD2()
-- {
-- super(new CBCBlockCipher(new DESEngine()));
-- }
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * PBEWithMD2AndDES
-+ // */
-+ // static public class PBEWithMD2
-+ // extends BaseBlockCipher
-+ // {
-+ // public PBEWithMD2()
-+ // {
-+ // super(new CBCBlockCipher(new DESEngine()));
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * PBEWithMD5AndDES
-@@ -436,61 +448,75 @@
- {
-
- provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB");
-- provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC");
--
-- addAlias(provider, OIWObjectIdentifiers.desCBC, "DES");
--
-- provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC");
-+ //
-+ // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES");
-+ //
-+ // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211");
-+ // END android-removed
-
- provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator");
-
- provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory");
-
-- provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC");
-- provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC");
-- provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC");
--
-- provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8");
-- provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8");
--
-- provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64");
-- provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64");
--
-- provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4");
-- provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
-- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
-- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
--
-- provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3");
-- provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797");
--
-- provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3");
-- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC");
-- provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4");
-- provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC");
-+ // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC");
-+ //
-+ // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8");
-+ //
-+ // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64");
-+ //
-+ // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
-+ //
-+ // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797");
-+ //
-+ // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3");
-+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC");
-+ // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4");
-+ // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING");
-+ // END android-removed
-
- provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES");
-
-- provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES");
--
-- provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES");
-+ //
-+ // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2");
-+ // END android-removed
- provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5");
- provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1");
-
-- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
-+ // END android-removed
- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
-
-- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory");
-+ // END android-removed
- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory");
- provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory");
-
-- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
-+ // END android-removed
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES");
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES");
-- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
-+ // END android-removed
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/DESede.java 2015-04-09 13:10:16.000000000 +0000
-@@ -1,30 +1,42 @@
- package org.bouncycastle.jcajce.provider.symmetric;
-
--import java.security.AlgorithmParameters;
--import java.security.InvalidAlgorithmParameterException;
-+// BEGIN android-removed
-+// import java.security.AlgorithmParameters;
-+// import java.security.InvalidAlgorithmParameterException;
-+// END android-removed
- import java.security.SecureRandom;
--import java.security.spec.AlgorithmParameterSpec;
-+// BEGIN android-removed
-+// import java.security.spec.AlgorithmParameterSpec;
-+// END android-removed
- import java.security.spec.InvalidKeySpecException;
- import java.security.spec.KeySpec;
-
- import javax.crypto.SecretKey;
- import javax.crypto.spec.DESedeKeySpec;
--import javax.crypto.spec.IvParameterSpec;
-+// BEGIN android-removed
-+// import javax.crypto.spec.IvParameterSpec;
-+// END android-removed
- import javax.crypto.spec.SecretKeySpec;
-
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
- import org.bouncycastle.crypto.KeyGenerationParameters;
- import org.bouncycastle.crypto.engines.DESedeEngine;
- import org.bouncycastle.crypto.engines.DESedeWrapEngine;
--import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-+// END android-removed
- import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
- import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
--import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
--import org.bouncycastle.crypto.macs.CMac;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-+// import org.bouncycastle.crypto.macs.CMac;
-+// END android-removed
- import org.bouncycastle.crypto.modes.CBCBlockCipher;
- import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
- import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-+// BEGIN android-removed
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-@@ -56,17 +68,19 @@
- }
- }
-
-- /**
-- * DESede CFB8
-- */
-- public static class DESedeCFB8
-- extends BaseMac
-- {
-- public DESedeCFB8()
-- {
-- super(new CFBBlockCipherMac(new DESedeEngine()));
-- }
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * DESede CFB8
-+ // */
-+ // public static class DESedeCFB8
-+ // extends BaseMac
-+ // {
-+ // public DESedeCFB8()
-+ // {
-+ // super(new CFBBlockCipherMac(new DESedeEngine()));
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * DESede64
-@@ -101,15 +115,17 @@
- }
- }
-
-- static public class CMAC
-- extends BaseMac
-- {
-- public CMAC()
-- {
-- super(new CMac(new DESedeEngine()));
-- }
-- }
--
-+ // BEGIN android-removed
-+ // static public class CMAC
-+ // extends BaseMac
-+ // {
-+ // public CMAC()
-+ // {
-+ // super(new CMac(new DESedeEngine()));
-+ // }
-+ // }
-+ // END android-removed
-+
- public static class Wrap
- extends BaseWrapCipher
- {
-@@ -118,15 +134,17 @@
- super(new DESedeWrapEngine());
- }
- }
--
-- public static class RFC3211
-- extends BaseWrapCipher
-- {
-- public RFC3211()
-- {
-- super(new RFC3211WrapEngine(new DESedeEngine()), 8);
-- }
-- }
-+
-+ // BEGIN android-removed
-+ // public static class RFC3211
-+ // extends BaseWrapCipher
-+ // {
-+ // public RFC3211()
-+ // {
-+ // super(new RFC3211WrapEngine(new DESedeEngine()), 8);
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * DESede - the default for this is to generate a key in
-@@ -240,43 +258,45 @@
- }
- }
-
-- public static class AlgParamGen
-- extends BaseAlgorithmParameterGenerator
-- {
-- protected void engineInit(
-- AlgorithmParameterSpec genParamSpec,
-- SecureRandom random)
-- throws InvalidAlgorithmParameterException
-- {
-- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation.");
-- }
--
-- protected AlgorithmParameters engineGenerateParameters()
-- {
-- byte[] iv = new byte[8];
--
-- if (random == null)
-- {
-- random = new SecureRandom();
-- }
--
-- random.nextBytes(iv);
--
-- AlgorithmParameters params;
--
-- try
-- {
-- params = createParametersInstance("DES");
-- params.init(new IvParameterSpec(iv));
-- }
-- catch (Exception e)
-- {
-- throw new RuntimeException(e.getMessage());
-- }
--
-- return params;
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class AlgParamGen
-+ // extends BaseAlgorithmParameterGenerator
-+ // {
-+ // protected void engineInit(
-+ // AlgorithmParameterSpec genParamSpec,
-+ // SecureRandom random)
-+ // throws InvalidAlgorithmParameterException
-+ // {
-+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation.");
-+ // }
-+
-+ // protected AlgorithmParameters engineGenerateParameters()
-+ // {
-+ // byte[] iv = new byte[8];
-+
-+ // if (random == null)
-+ // {
-+ // random = new SecureRandom();
-+ // }
-+
-+ // random.nextBytes(iv);
-+
-+ // AlgorithmParameters params;
-+
-+ // try
-+ // {
-+ // params = createParametersInstance("DES");
-+ // params.init(new IvParameterSpec(iv));
-+ // }
-+ // catch (Exception e)
-+ // {
-+ // throw new RuntimeException(e.getMessage());
-+ // }
-+
-+ // return params;
-+ // }
-+ // }
-+ // END android-removed
-
- static public class KeyFactory
- extends BaseSecretKeyFactory
-@@ -360,25 +380,37 @@
- public void configure(ConfigurableProvider provider)
- {
- provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB");
-- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC");
-+ // END android-removed
- provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap");
-- provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap");
-- provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211");
-+ // BEGIN android-changed
-+ provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP");
-+ // END android-changed
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211");
-+ // END android-removed
-
- provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE");
- provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP");
- provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE");
-+ // END android-removed
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE");
-
- if (provider.hasAlgorithm("MessageDigest", "SHA-1"))
- {
- provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key");
-- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key");
-- provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key");
-+ // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key");
-+ // END android-removed
- provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key");
-- provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key");
-+ // END android-removed
- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
- provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
-@@ -387,31 +419,37 @@
- }
-
- provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator");
-- provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3");
-- provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3");
-+ // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator");
-+ // END android-removed
-
- provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory");
-
-- provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC");
-- provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC");
-- provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC");
--
-- provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8");
-- provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8");
--
-- provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64");
-- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64");
--
-- provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4");
-- provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
-- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
-- provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC");
-+ // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC");
-+ //
-+ // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8");
-+ //
-+ // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64");
-+ //
-+ // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
-+ // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
-+ // END android-removed
-
- provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
-
-- provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen");
-- provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen");
-+ // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
-+ // END android-removed
-
- provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory");
- provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory");
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/RC2.java 2015-04-09 13:10:16.000000000 +0000
-@@ -12,20 +12,28 @@
-
- import org.bouncycastle.asn1.ASN1Primitive;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
--import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
--import org.bouncycastle.crypto.CipherKeyGenerator;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-+// import org.bouncycastle.crypto.CipherKeyGenerator;
-+// END android-removed
- import org.bouncycastle.crypto.engines.RC2Engine;
--import org.bouncycastle.crypto.engines.RC2WrapEngine;
--import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
--import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.engines.RC2WrapEngine;
-+// import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-+// END android-removed
- import org.bouncycastle.crypto.modes.CBCBlockCipher;
- import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-+// BEGIN android-removed
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
-+// BEGIN android-removed
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
- import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
- import org.bouncycastle.util.Arrays;
-@@ -36,59 +44,61 @@
- {
- }
-
-- /**
-- * RC2
-- */
-- static public class ECB
-- extends BaseBlockCipher
-- {
-- public ECB()
-- {
-- super(new RC2Engine());
-- }
-- }
--
-- /**
-- * RC2CBC
-- */
-- static public class CBC
-- extends BaseBlockCipher
-- {
-- public CBC()
-- {
-- super(new CBCBlockCipher(new RC2Engine()), 64);
-- }
-- }
--
-- public static class Wrap
-- extends BaseWrapCipher
-- {
-- public Wrap()
-- {
-- super(new RC2WrapEngine());
-- }
-- }
--
-- /**
-- * RC2
-- */
-- public static class CBCMAC
-- extends BaseMac
-- {
-- public CBCMAC()
-- {
-- super(new CBCBlockCipherMac(new RC2Engine()));
-- }
-- }
--
-- public static class CFB8MAC
-- extends BaseMac
-- {
-- public CFB8MAC()
-- {
-- super(new CFBBlockCipherMac(new RC2Engine()));
-- }
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * RC2
-+ // */
-+ // static public class ECB
-+ // extends BaseBlockCipher
-+ // {
-+ // public ECB()
-+ // {
-+ // super(new RC2Engine());
-+ // }
-+ // }
-+ //
-+ // /**
-+ // * RC2CBC
-+ // */
-+ // static public class CBC
-+ // extends BaseBlockCipher
-+ // {
-+ // public CBC()
-+ // {
-+ // super(new CBCBlockCipher(new RC2Engine()), 64);
-+ // }
-+ // }
-+ //
-+ // public static class Wrap
-+ // extends BaseWrapCipher
-+ // {
-+ // public Wrap()
-+ // {
-+ // super(new RC2WrapEngine());
-+ // }
-+ // }
-+ //
-+ // /**
-+ // * RC2
-+ // */
-+ // public static class CBCMAC
-+ // extends BaseMac
-+ // {
-+ // public CBCMAC()
-+ // {
-+ // super(new CBCBlockCipherMac(new RC2Engine()));
-+ // }
-+ // }
-+ //
-+ // public static class CFB8MAC
-+ // extends BaseMac
-+ // {
-+ // public CFB8MAC()
-+ // {
-+ // super(new CFBBlockCipherMac(new RC2Engine()));
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * PBEWithSHA1AndRC2
-@@ -174,17 +184,19 @@
- }
- }
-
-- /**
-- * PBEWithMD2AndRC2
-- */
-- static public class PBEWithMD2KeyFactory
-- extends PBESecretKeyFactory
-- {
-- public PBEWithMD2KeyFactory()
-- {
-- super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64);
-- }
-- }
-+ // BEGIN android-removed
-+ // /**
-+ // * PBEWithMD2AndRC2
-+ // */
-+ // static public class PBEWithMD2KeyFactory
-+ // extends PBESecretKeyFactory
-+ // {
-+ // public PBEWithMD2KeyFactory()
-+ // {
-+ // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64);
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * PBEWithMD5AndRC2
-@@ -198,247 +210,249 @@
- }
- }
-
-- public static class AlgParamGen
-- extends BaseAlgorithmParameterGenerator
-- {
-- RC2ParameterSpec spec = null;
--
-- protected void engineInit(
-- AlgorithmParameterSpec genParamSpec,
-- SecureRandom random)
-- throws InvalidAlgorithmParameterException
-- {
-- if (genParamSpec instanceof RC2ParameterSpec)
-- {
-- spec = (RC2ParameterSpec)genParamSpec;
-- return;
-- }
--
-- throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation.");
-- }
--
-- protected AlgorithmParameters engineGenerateParameters()
-- {
-- AlgorithmParameters params;
--
-- if (spec == null)
-- {
-- byte[] iv = new byte[8];
--
-- if (random == null)
-- {
-- random = new SecureRandom();
-- }
--
-- random.nextBytes(iv);
--
-- try
-- {
-- params = createParametersInstance("RC2");
-- params.init(new IvParameterSpec(iv));
-- }
-- catch (Exception e)
-- {
-- throw new RuntimeException(e.getMessage());
-- }
-- }
-- else
-- {
-- try
-- {
-- params = createParametersInstance("RC2");
-- params.init(spec);
-- }
-- catch (Exception e)
-- {
-- throw new RuntimeException(e.getMessage());
-- }
-- }
--
-- return params;
-- }
-- }
--
-- public static class KeyGenerator
-- extends BaseKeyGenerator
-- {
-- public KeyGenerator()
-- {
-- super("RC2", 128, new CipherKeyGenerator());
-- }
-- }
--
-- public static class AlgParams
-- extends BaseAlgorithmParameters
-- {
-- private static final short[] table = {
-- 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
-- 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
-- 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
-- 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
-- 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
-- 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
-- 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
-- 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
-- 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
-- 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
-- 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
-- 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
-- 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
-- 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
-- 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
-- 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
-- };
--
-- private static final short[] ekb = {
-- 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
-- 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
-- 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
-- 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
-- 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
-- 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
-- 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
-- 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
-- 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
-- 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
-- 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
-- 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
-- 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
-- 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
-- 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
-- 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
-- };
--
-- private byte[] iv;
-- private int parameterVersion = 58;
--
-- protected byte[] engineGetEncoded()
-- {
-- return Arrays.clone(iv);
-- }
--
-- protected byte[] engineGetEncoded(
-- String format)
-- throws IOException
-- {
-- if (this.isASN1FormatString(format))
-- {
-- if (parameterVersion == -1)
-- {
-- return new RC2CBCParameter(engineGetEncoded()).getEncoded();
-- }
-- else
-- {
-- return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded();
-- }
-- }
--
-- if (format.equals("RAW"))
-- {
-- return engineGetEncoded();
-- }
--
-- return null;
-- }
--
-- protected AlgorithmParameterSpec localEngineGetParameterSpec(
-- Class paramSpec)
-- throws InvalidParameterSpecException
-- {
-- if (paramSpec == RC2ParameterSpec.class)
-- {
-- if (parameterVersion != -1)
-- {
-- if (parameterVersion < 256)
-- {
-- return new RC2ParameterSpec(ekb[parameterVersion], iv);
-- }
-- else
-- {
-- return new RC2ParameterSpec(parameterVersion, iv);
-- }
-- }
-- }
--
-- if (paramSpec == IvParameterSpec.class)
-- {
-- return new IvParameterSpec(iv);
-- }
--
-- throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object.");
-- }
--
-- protected void engineInit(
-- AlgorithmParameterSpec paramSpec)
-- throws InvalidParameterSpecException
-- {
-- if (paramSpec instanceof IvParameterSpec)
-- {
-- this.iv = ((IvParameterSpec)paramSpec).getIV();
-- }
-- else if (paramSpec instanceof RC2ParameterSpec)
-- {
-- int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits();
-- if (effKeyBits != -1)
-- {
-- if (effKeyBits < 256)
-- {
-- parameterVersion = table[effKeyBits];
-- }
-- else
-- {
-- parameterVersion = effKeyBits;
-- }
-- }
--
-- this.iv = ((RC2ParameterSpec)paramSpec).getIV();
-- }
-- else
-- {
-- throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object");
-- }
-- }
--
-- protected void engineInit(
-- byte[] params)
-- throws IOException
-- {
-- this.iv = Arrays.clone(params);
-- }
--
-- protected void engineInit(
-- byte[] params,
-- String format)
-- throws IOException
-- {
-- if (this.isASN1FormatString(format))
-- {
-- RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params));
--
-- if (p.getRC2ParameterVersion() != null)
-- {
-- parameterVersion = p.getRC2ParameterVersion().intValue();
-- }
--
-- iv = p.getIV();
--
-- return;
-- }
--
-- if (format.equals("RAW"))
-- {
-- engineInit(params);
-- return;
-- }
--
-- throw new IOException("Unknown parameters format in IV parameters object");
-- }
--
-- protected String engineToString()
-- {
-- return "RC2 Parameters";
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class AlgParamGen
-+ // extends BaseAlgorithmParameterGenerator
-+ // {
-+ // RC2ParameterSpec spec = null;
-+ //
-+ // protected void engineInit(
-+ // AlgorithmParameterSpec genParamSpec,
-+ // SecureRandom random)
-+ // throws InvalidAlgorithmParameterException
-+ // {
-+ // if (genParamSpec instanceof RC2ParameterSpec)
-+ // {
-+ // spec = (RC2ParameterSpec)genParamSpec;
-+ // return;
-+ // }
-+ //
-+ // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation.");
-+ // }
-+ //
-+ // protected AlgorithmParameters engineGenerateParameters()
-+ // {
-+ // AlgorithmParameters params;
-+ //
-+ // if (spec == null)
-+ // {
-+ // byte[] iv = new byte[8];
-+ //
-+ // if (random == null)
-+ // {
-+ // random = new SecureRandom();
-+ // }
-+ //
-+ // random.nextBytes(iv);
-+ //
-+ // try
-+ // {
-+ // params = createParametersInstance("RC2");
-+ // params.init(new IvParameterSpec(iv));
-+ // }
-+ // catch (Exception e)
-+ // {
-+ // throw new RuntimeException(e.getMessage());
-+ // }
-+ // }
-+ // else
-+ // {
-+ // try
-+ // {
-+ // params = createParametersInstance("RC2");
-+ // params.init(spec);
-+ // }
-+ // catch (Exception e)
-+ // {
-+ // throw new RuntimeException(e.getMessage());
-+ // }
-+ // }
-+ //
-+ // return params;
-+ // }
-+ // }
-+ //
-+ // public static class KeyGenerator
-+ // extends BaseKeyGenerator
-+ // {
-+ // public KeyGenerator()
-+ // {
-+ // super("RC2", 128, new CipherKeyGenerator());
-+ // }
-+ // }
-+ //
-+ // public static class AlgParams
-+ // extends BaseAlgorithmParameters
-+ // {
-+ // private static final short[] table = {
-+ // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
-+ // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
-+ // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
-+ // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
-+ // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
-+ // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
-+ // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
-+ // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
-+ // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
-+ // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
-+ // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
-+ // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
-+ // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
-+ // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
-+ // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
-+ // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
-+ // };
-+ //
-+ // private static final short[] ekb = {
-+ // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
-+ // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
-+ // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
-+ // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
-+ // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
-+ // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
-+ // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
-+ // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
-+ // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
-+ // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
-+ // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
-+ // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
-+ // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
-+ // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
-+ // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
-+ // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
-+ // };
-+ //
-+ // private byte[] iv;
-+ // private int parameterVersion = 58;
-+ //
-+ // protected byte[] engineGetEncoded()
-+ // {
-+ // return Arrays.clone(iv);
-+ // }
-+ //
-+ // protected byte[] engineGetEncoded(
-+ // String format)
-+ // throws IOException
-+ // {
-+ // if (this.isASN1FormatString(format))
-+ // {
-+ // if (parameterVersion == -1)
-+ // {
-+ // return new RC2CBCParameter(engineGetEncoded()).getEncoded();
-+ // }
-+ // else
-+ // {
-+ // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded();
-+ // }
-+ // }
-+ //
-+ // if (format.equals("RAW"))
-+ // {
-+ // return engineGetEncoded();
-+ // }
-+ //
-+ // return null;
-+ // }
-+ //
-+ // protected AlgorithmParameterSpec localEngineGetParameterSpec(
-+ // Class paramSpec)
-+ // throws InvalidParameterSpecException
-+ // {
-+ // if (paramSpec == RC2ParameterSpec.class)
-+ // {
-+ // if (parameterVersion != -1)
-+ // {
-+ // if (parameterVersion < 256)
-+ // {
-+ // return new RC2ParameterSpec(ekb[parameterVersion], iv);
-+ // }
-+ // else
-+ // {
-+ // return new RC2ParameterSpec(parameterVersion, iv);
-+ // }
-+ // }
-+ // }
-+ //
-+ // if (paramSpec == IvParameterSpec.class)
-+ // {
-+ // return new IvParameterSpec(iv);
-+ // }
-+ //
-+ // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object.");
-+ // }
-+ //
-+ // protected void engineInit(
-+ // AlgorithmParameterSpec paramSpec)
-+ // throws InvalidParameterSpecException
-+ // {
-+ // if (paramSpec instanceof IvParameterSpec)
-+ // {
-+ // this.iv = ((IvParameterSpec)paramSpec).getIV();
-+ // }
-+ // else if (paramSpec instanceof RC2ParameterSpec)
-+ // {
-+ // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits();
-+ // if (effKeyBits != -1)
-+ // {
-+ // if (effKeyBits < 256)
-+ // {
-+ // parameterVersion = table[effKeyBits];
-+ // }
-+ // else
-+ // {
-+ // parameterVersion = effKeyBits;
-+ // }
-+ // }
-+ //
-+ // this.iv = ((RC2ParameterSpec)paramSpec).getIV();
-+ // }
-+ // else
-+ // {
-+ // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object");
-+ // }
-+ // }
-+ //
-+ // protected void engineInit(
-+ // byte[] params)
-+ // throws IOException
-+ // {
-+ // this.iv = Arrays.clone(params);
-+ // }
-+ //
-+ // protected void engineInit(
-+ // byte[] params,
-+ // String format)
-+ // throws IOException
-+ // {
-+ // if (this.isASN1FormatString(format))
-+ // {
-+ // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params));
-+ //
-+ // if (p.getRC2ParameterVersion() != null)
-+ // {
-+ // parameterVersion = p.getRC2ParameterVersion().intValue();
-+ // }
-+ //
-+ // iv = p.getIV();
-+ //
-+ // return;
-+ // }
-+ //
-+ // if (format.equals("RAW"))
-+ // {
-+ // engineInit(params);
-+ // return;
-+ // }
-+ //
-+ // throw new IOException("Unknown parameters format in IV parameters object");
-+ // }
-+ //
-+ // protected String engineToString()
-+ // {
-+ // return "RC2 Parameters";
-+ // }
-+ // }
-+ // END android-removed
-
- public static class Mappings
- extends AlgorithmProvider
-@@ -452,32 +466,36 @@
- public void configure(ConfigurableProvider provider)
- {
-
-- provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen");
-- provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen");
--
-- provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator");
-- provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator");
--
-- provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams");
-- provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams");
--
-- provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB");
-- provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap");
-- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP");
-- provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC");
--
-- provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC");
-- provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC");
-- provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC");
-- provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8");
--
-- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen");
-+ // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen");
-+ //
-+ // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator");
-+ // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator");
-+ //
-+ // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams");
-+ // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams");
-+ //
-+ // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB");
-+ // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap");
-+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP");
-+ // provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC");
-+ //
-+ // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC");
-+ // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC");
-+ // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC");
-+ // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8");
-+ //
-+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2");
-+ // END android-removed
-
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2");
-
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2");
-
-- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
-+ // END android-removed
-
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
-
-@@ -485,14 +503,18 @@
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC");
- provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC");
-
-- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory");
-+ // END android-removed
- provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory");
- provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory");
-
- provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory");
- provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory");
-
-- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
-+ // END android-removed
-
- provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
-
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java 2013-12-12 00:35:05.000000000 +0000
-@@ -6,29 +6,31 @@
- abstract class SymmetricAlgorithmProvider
- extends AlgorithmProvider
- {
-- protected void addGMacAlgorithm(
-- ConfigurableProvider provider,
-- String algorithm,
-- String algorithmClassName,
-- String keyGeneratorClassName)
-- {
-- provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName);
-- provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC");
--
-- provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName);
-- provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC");
-- }
--
-- protected void addPoly1305Algorithm(ConfigurableProvider provider,
-- String algorithm,
-- String algorithmClassName,
-- String keyGeneratorClassName)
-- {
-- provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName);
-- provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm);
--
-- provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName);
-- provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm);
-- }
-+ // BEGIN android-removed
-+ // protected void addGMacAlgorithm(
-+ // ConfigurableProvider provider,
-+ // String algorithm,
-+ // String algorithmClassName,
-+ // String keyGeneratorClassName)
-+ // {
-+ // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName);
-+ // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC");
-+ //
-+ // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName);
-+ // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC");
-+ // }
-+ //
-+ // protected void addPoly1305Algorithm(ConfigurableProvider provider,
-+ // String algorithm,
-+ // String algorithmClassName,
-+ // String keyGeneratorClassName)
-+ // {
-+ // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName);
-+ // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm);
-+ //
-+ // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName);
-+ // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm);
-+ // }
-+ // END android-removed
-
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/Twofish.java 2013-12-12 00:35:05.000000000 +0000
-@@ -1,18 +1,26 @@
- package org.bouncycastle.jcajce.provider.symmetric;
-
--import org.bouncycastle.crypto.BlockCipher;
--import org.bouncycastle.crypto.CipherKeyGenerator;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.BlockCipher;
-+// import org.bouncycastle.crypto.CipherKeyGenerator;
-+// END android-removed
- import org.bouncycastle.crypto.engines.TwofishEngine;
--import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
--import org.bouncycastle.crypto.macs.GMac;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-+// import org.bouncycastle.crypto.macs.GMac;
-+// END android-removed
- import org.bouncycastle.crypto.modes.CBCBlockCipher;
--import org.bouncycastle.crypto.modes.GCMBlockCipher;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.modes.GCMBlockCipher;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
- import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
--import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
--import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
--import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-+// BEGIN android-removed
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-+// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-+// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-+// END android-removed
- import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
-
- public final class Twofish
-@@ -21,56 +29,58 @@
- {
- }
-
-- public static class ECB
-- extends BaseBlockCipher
-- {
-- public ECB()
-- {
-- super(new BlockCipherProvider()
-- {
-- public BlockCipher get()
-- {
-- return new TwofishEngine();
-- }
-- });
-- }
-- }
--
-- public static class KeyGen
-- extends BaseKeyGenerator
-- {
-- public KeyGen()
-- {
-- super("Twofish", 256, new CipherKeyGenerator());
-- }
-- }
--
-- public static class GMAC
-- extends BaseMac
-- {
-- public GMAC()
-- {
-- super(new GMac(new GCMBlockCipher(new TwofishEngine())));
-- }
-- }
--
-- public static class Poly1305
-- extends BaseMac
-- {
-- public Poly1305()
-- {
-- super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine()));
-- }
-- }
--
-- public static class Poly1305KeyGen
-- extends BaseKeyGenerator
-- {
-- public Poly1305KeyGen()
-- {
-- super("Poly1305-Twofish", 256, new Poly1305KeyGenerator());
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class ECB
-+ // extends BaseBlockCipher
-+ // {
-+ // public ECB()
-+ // {
-+ // super(new BlockCipherProvider()
-+ // {
-+ // public BlockCipher get()
-+ // {
-+ // return new TwofishEngine();
-+ // }
-+ // });
-+ // }
-+ // }
-+ //
-+ // public static class KeyGen
-+ // extends BaseKeyGenerator
-+ // {
-+ // public KeyGen()
-+ // {
-+ // super("Twofish", 256, new CipherKeyGenerator());
-+ // }
-+ // }
-+ //
-+ // public static class GMAC
-+ // extends BaseMac
-+ // {
-+ // public GMAC()
-+ // {
-+ // super(new GMac(new GCMBlockCipher(new TwofishEngine())));
-+ // }
-+ // }
-+ //
-+ // public static class Poly1305
-+ // extends BaseMac
-+ // {
-+ // public Poly1305()
-+ // {
-+ // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine()));
-+ // }
-+ // }
-+ //
-+ // public static class Poly1305KeyGen
-+ // extends BaseKeyGenerator
-+ // {
-+ // public Poly1305KeyGen()
-+ // {
-+ // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator());
-+ // }
-+ // }
-+ // END android-removed
-
- /**
- * PBEWithSHAAndTwofish-CBC
-@@ -96,14 +106,16 @@
- }
- }
-
-- public static class AlgParams
-- extends IvAlgorithmParameters
-- {
-- protected String engineToString()
-- {
-- return "Twofish IV";
-- }
-- }
-+ // BEGIN android-removed
-+ // public static class AlgParams
-+ // extends IvAlgorithmParameters
-+ // {
-+ // protected String engineToString()
-+ // {
-+ // return "Twofish IV";
-+ // }
-+ // }
-+ // END android-removed
-
- public static class Mappings
- extends SymmetricAlgorithmProvider
-@@ -116,17 +128,21 @@
-
- public void configure(ConfigurableProvider provider)
- {
-- provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB");
-- provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen");
-- provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams");
-+ // BEGIN android-removed
-+ // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB");
-+ // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen");
-+ // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams");
-+ // END android-removed
-
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE");
- provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE");
- provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA");
- provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory");
-
-- addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-- addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-+ // BEGIN android-removed
-+ // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-+ // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-+ // END android-removed
- }
- }
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java 2015-04-09 13:10:16.000000000 +0000
-@@ -20,8 +20,10 @@
- import javax.crypto.ShortBufferException;
- import javax.crypto.spec.IvParameterSpec;
- import javax.crypto.spec.PBEParameterSpec;
--import javax.crypto.spec.RC2ParameterSpec;
--import javax.crypto.spec.RC5ParameterSpec;
-+// BEGIN android-removed
-+// import javax.crypto.spec.RC2ParameterSpec;
-+// import javax.crypto.spec.RC5ParameterSpec;
-+// END android-removed
-
- import org.bouncycastle.asn1.cms.GCMParameters;
- import org.bouncycastle.crypto.BlockCipher;
-@@ -35,14 +37,20 @@
- import org.bouncycastle.crypto.modes.CCMBlockCipher;
- import org.bouncycastle.crypto.modes.CFBBlockCipher;
- import org.bouncycastle.crypto.modes.CTSBlockCipher;
--import org.bouncycastle.crypto.modes.EAXBlockCipher;
--import org.bouncycastle.crypto.modes.GCFBBlockCipher;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.modes.EAXBlockCipher;
-+// import org.bouncycastle.crypto.modes.GCFBBlockCipher;
-+// END android-removed
- import org.bouncycastle.crypto.modes.GCMBlockCipher;
--import org.bouncycastle.crypto.modes.GOFBBlockCipher;
--import org.bouncycastle.crypto.modes.OCBBlockCipher;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.modes.GOFBBlockCipher;
-+// import org.bouncycastle.crypto.modes.OCBBlockCipher;
-+// END android-removed
- import org.bouncycastle.crypto.modes.OFBBlockCipher;
--import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
--import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
-+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
-+// END android-removed
- import org.bouncycastle.crypto.modes.SICBlockCipher;
- import org.bouncycastle.crypto.paddings.BlockCipherPadding;
- import org.bouncycastle.crypto.paddings.ISO10126d2Padding;
-@@ -55,11 +63,15 @@
- import org.bouncycastle.crypto.params.KeyParameter;
- import org.bouncycastle.crypto.params.ParametersWithIV;
- import org.bouncycastle.crypto.params.ParametersWithRandom;
--import org.bouncycastle.crypto.params.ParametersWithSBox;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.params.ParametersWithSBox;
-+// END android-removed
- import org.bouncycastle.crypto.params.RC2Parameters;
--import org.bouncycastle.crypto.params.RC5Parameters;
--import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
--import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.params.RC5Parameters;
-+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-+// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
-+// END android-removed
- import org.bouncycastle.jce.provider.BouncyCastleProvider;
- import org.bouncycastle.util.Strings;
-
-@@ -74,11 +86,15 @@
- //
- private Class[] availableSpecs =
- {
-- RC2ParameterSpec.class,
-- RC5ParameterSpec.class,
-+ // BEGIN android-removed
-+ // RC2ParameterSpec.class,
-+ // RC5ParameterSpec.class,
-+ // END android-removed
- IvParameterSpec.class,
- PBEParameterSpec.class,
-- GOST28147ParameterSpec.class,
-+ // BEGIN android-removed
-+ // GOST28147ParameterSpec.class,
-+ // END android-removed
- gcmSpecClass
- };
-
-@@ -284,48 +300,52 @@
- new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
- }
- }
-- else if (modeName.startsWith("PGP"))
-- {
-- boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV");
--
-- ivLength = baseEngine.getBlockSize();
-- cipher = new BufferedGenericBlockCipher(
-- new PGPCFBBlockCipher(baseEngine, inlineIV));
-- }
-- else if (modeName.equalsIgnoreCase("OpenPGPCFB"))
-- {
-- ivLength = 0;
-- cipher = new BufferedGenericBlockCipher(
-- new OpenPGPCFBBlockCipher(baseEngine));
-- }
-- else if (modeName.startsWith("SIC"))
-- {
-- ivLength = baseEngine.getBlockSize();
-- if (ivLength < 16)
-- {
-- throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
-- }
-- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
-- new SICBlockCipher(baseEngine)));
-- }
-+ // BEGIN android-removed
-+ // else if (modeName.startsWith("PGP"))
-+ // {
-+ // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV");
-+ //
-+ // ivLength = baseEngine.getBlockSize();
-+ // cipher = new BufferedGenericBlockCipher(
-+ // new PGPCFBBlockCipher(baseEngine, inlineIV));
-+ // }
-+ // else if (modeName.equalsIgnoreCase("OpenPGPCFB"))
-+ // {
-+ // ivLength = 0;
-+ // cipher = new BufferedGenericBlockCipher(
-+ // new OpenPGPCFBBlockCipher(baseEngine));
-+ // }
-+ // else if (modeName.startsWith("SIC"))
-+ // {
-+ // ivLength = baseEngine.getBlockSize();
-+ // if (ivLength < 16)
-+ // {
-+ // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
-+ // }
-+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
-+ // new SICBlockCipher(baseEngine)));
-+ // }
-+ // END android-removed
- else if (modeName.startsWith("CTR"))
- {
- ivLength = baseEngine.getBlockSize();
- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
- new SICBlockCipher(baseEngine)));
- }
-- else if (modeName.startsWith("GOFB"))
-- {
-- ivLength = baseEngine.getBlockSize();
-- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
-- new GOFBBlockCipher(baseEngine)));
-- }
-- else if (modeName.startsWith("GCFB"))
-- {
-- ivLength = baseEngine.getBlockSize();
-- cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
-- new GCFBBlockCipher(baseEngine)));
-- }
-+ // BEGIN android-removed
-+ // else if (modeName.startsWith("GOFB"))
-+ // {
-+ // ivLength = baseEngine.getBlockSize();
-+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
-+ // new GOFBBlockCipher(baseEngine)));
-+ // }
-+ // else if (modeName.startsWith("GCFB"))
-+ // {
-+ // ivLength = baseEngine.getBlockSize();
-+ // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
-+ // new GCFBBlockCipher(baseEngine)));
-+ // }
-+ // END android-removed
- else if (modeName.startsWith("CTS"))
- {
- ivLength = baseEngine.getBlockSize();
-@@ -336,26 +356,28 @@
- ivLength = 13; // CCM nonce 7..13 bytes
- cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine));
- }
-- else if (modeName.startsWith("OCB"))
-- {
-- if (engineProvider != null)
-- {
-- /*
-- * RFC 7253 4.2. Nonce is a string of no more than 120 bits
-- */
-- ivLength = 15;
-- cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
-- }
-- else
-- {
-- throw new NoSuchAlgorithmException("can't support mode " + mode);
-- }
-- }
-- else if (modeName.startsWith("EAX"))
-- {
-- ivLength = baseEngine.getBlockSize();
-- cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
-- }
-+ // BEGIN android-removed
-+ // else if (modeName.startsWith("OCB"))
-+ // {
-+ // if (engineProvider != null)
-+ // {
-+ // /*
-+ // * RFC 7253 4.2. Nonce is a string of no more than 120 bits
-+ // */
-+ // ivLength = 15;
-+ // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
-+ // }
-+ // else
-+ // {
-+ // throw new NoSuchAlgorithmException("can't support mode " + mode);
-+ // }
-+ // }
-+ // else if (modeName.startsWith("EAX"))
-+ // {
-+ // ivLength = baseEngine.getBlockSize();
-+ // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
-+ // }
-+ // END android-removed
- else if (modeName.startsWith("GCM"))
- {
- ivLength = baseEngine.getBlockSize();
-@@ -478,18 +500,20 @@
-
- param = new ParametersWithIV(param, iv.getIV());
- }
-- else if (params instanceof GOST28147ParameterSpec)
-- {
-- // need to pick up IV and SBox.
-- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
--
-- param = new ParametersWithSBox(param, gost28147Param.getSbox());
--
-- if (gost28147Param.getIV() != null && ivLength != 0)
-- {
-- param = new ParametersWithIV(param, gost28147Param.getIV());
-- }
-- }
-+ // BEGIN android-removed
-+ // else if (params instanceof GOST28147ParameterSpec)
-+ // {
-+ // // need to pick up IV and SBox.
-+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
-+ //
-+ // param = new ParametersWithSBox(param, gost28147Param.getSbox());
-+ //
-+ // if (gost28147Param.getIV() != null && ivLength != 0)
-+ // {
-+ // param = new ParametersWithIV(param, gost28147Param.getIV());
-+ // }
-+ // }
-+ // END android-removed
- }
- else if (params instanceof PBEParameterSpec)
- {
-@@ -521,12 +545,14 @@
- throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long.");
- }
-
-- if (key instanceof RepeatedSecretKeySpec)
-- {
-- param = new ParametersWithIV(null, p.getIV());
-- ivParam = (ParametersWithIV)param;
-- }
-- else
-+ // BEGIN android-removed
-+ // if (key instanceof RepeatedSecretKeySpec)
-+ // {
-+ // param = new ParametersWithIV(null, p.getIV());
-+ // ivParam = (ParametersWithIV)param;
-+ // }
-+ // else
-+ // END android-removed
- {
- param = new ParametersWithIV(new KeyParameter(key.getEncoded()), p.getIV());
- ivParam = (ParametersWithIV)param;
-@@ -542,63 +568,65 @@
- param = new KeyParameter(key.getEncoded());
- }
- }
-- else if (params instanceof GOST28147ParameterSpec)
-- {
-- GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
--
-- param = new ParametersWithSBox(
-- new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox());
--
-- if (gost28147Param.getIV() != null && ivLength != 0)
-- {
-- param = new ParametersWithIV(param, gost28147Param.getIV());
-- ivParam = (ParametersWithIV)param;
-- }
-- }
-- else if (params instanceof RC2ParameterSpec)
-- {
-- RC2ParameterSpec rc2Param = (RC2ParameterSpec)params;
--
-- param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits());
--
-- if (rc2Param.getIV() != null && ivLength != 0)
-- {
-- param = new ParametersWithIV(param, rc2Param.getIV());
-- ivParam = (ParametersWithIV)param;
-- }
-- }
-- else if (params instanceof RC5ParameterSpec)
-- {
-- RC5ParameterSpec rc5Param = (RC5ParameterSpec)params;
--
-- param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds());
-- if (baseEngine.getAlgorithmName().startsWith("RC5"))
-- {
-- if (baseEngine.getAlgorithmName().equals("RC5-32"))
-- {
-- if (rc5Param.getWordSize() != 32)
-- {
-- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + ".");
-- }
-- }
-- else if (baseEngine.getAlgorithmName().equals("RC5-64"))
-- {
-- if (rc5Param.getWordSize() != 64)
-- {
-- throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + ".");
-- }
-- }
-- }
-- else
-- {
-- throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5.");
-- }
-- if ((rc5Param.getIV() != null) && (ivLength != 0))
-- {
-- param = new ParametersWithIV(param, rc5Param.getIV());
-- ivParam = (ParametersWithIV)param;
-- }
-- }
-+ // BEGIN android-removed
-+ // else if (params instanceof GOST28147ParameterSpec)
-+ // {
-+ // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
-+ //
-+ // param = new ParametersWithSBox(
-+ // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox());
-+ //
-+ // if (gost28147Param.getIV() != null && ivLength != 0)
-+ // {
-+ // param = new ParametersWithIV(param, gost28147Param.getIV());
-+ // ivParam = (ParametersWithIV)param;
-+ // }
-+ // }
-+ // else if (params instanceof RC2ParameterSpec)
-+ // {
-+ // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params;
-+ //
-+ // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits());
-+ //
-+ // if (rc2Param.getIV() != null && ivLength != 0)
-+ // {
-+ // param = new ParametersWithIV(param, rc2Param.getIV());
-+ // ivParam = (ParametersWithIV)param;
-+ // }
-+ // }
-+ // else if (params instanceof RC5ParameterSpec)
-+ // {
-+ // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params;
-+ //
-+ // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds());
-+ // if (baseEngine.getAlgorithmName().startsWith("RC5"))
-+ // {
-+ // if (baseEngine.getAlgorithmName().equals("RC5-32"))
-+ // {
-+ // if (rc5Param.getWordSize() != 32)
-+ // {
-+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + ".");
-+ // }
-+ // }
-+ // else if (baseEngine.getAlgorithmName().equals("RC5-64"))
-+ // {
-+ // if (rc5Param.getWordSize() != 64)
-+ // {
-+ // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + ".");
-+ // }
-+ // }
-+ // }
-+ // else
-+ // {
-+ // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5.");
-+ // }
-+ // if ((rc5Param.getIV() != null) && (ivLength != 0))
-+ // {
-+ // param = new ParametersWithIV(param, rc5Param.getIV());
-+ // ivParam = (ParametersWithIV)param;
-+ // }
-+ // }
-+ // END android-removed
- else if (gcmSpecClass != null && gcmSpecClass.isInstance(params))
- {
- if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher))
-@@ -611,11 +639,13 @@
- Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]);
- Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]);
-
-- if (key instanceof RepeatedSecretKeySpec)
-- {
-- param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0]));
-- }
-- else
-+ // BEGIN android-removed
-+ // if (key instanceof RepeatedSecretKeySpec)
-+ // {
-+ // param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0]));
-+ // }
-+ // else
-+ // END android-removed
- {
- param = aeadParams = new AEADParameters(new KeyParameter(key.getEncoded()), ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0]));
- }
-@@ -867,7 +897,9 @@
- private boolean isAEADModeName(
- String modeName)
- {
-- return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName);
-+ // BEGIN android-changed
-+ return "CCM".equals(modeName) || "GCM".equals(modeName);
-+ // END android-changed
- }
-
- /*
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java 2013-12-12 00:35:05.000000000 +0000
-@@ -16,8 +16,10 @@
- import org.bouncycastle.crypto.Mac;
- import org.bouncycastle.crypto.params.KeyParameter;
- import org.bouncycastle.crypto.params.ParametersWithIV;
--import org.bouncycastle.crypto.params.SkeinParameters;
--import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.params.SkeinParameters;
-+// import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
-+// END android-removed
-
- public class BaseMac
- extends MacSpi implements PBE
-@@ -79,10 +81,12 @@
- {
- param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV());
- }
-- else if (params instanceof SkeinParameterSpec)
-- {
-- param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build();
-- }
-+ // BEGIN android-removed
-+ // else if (params instanceof SkeinParameterSpec)
-+ // {
-+ // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build();
-+ // }
-+ // END android-removed
- else if (params == null)
- {
- param = new KeyParameter(key.getEncoded());
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java 2015-04-09 13:10:16.000000000 +0000
-@@ -15,8 +15,10 @@
- import javax.crypto.ShortBufferException;
- import javax.crypto.spec.IvParameterSpec;
- import javax.crypto.spec.PBEParameterSpec;
--import javax.crypto.spec.RC2ParameterSpec;
--import javax.crypto.spec.RC5ParameterSpec;
-+// BEGIN android-removed
-+// import javax.crypto.spec.RC2ParameterSpec;
-+// import javax.crypto.spec.RC5ParameterSpec;
-+// END android-removed
-
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.DataLengthException;
-@@ -34,8 +36,10 @@
- //
- private Class[] availableSpecs =
- {
-- RC2ParameterSpec.class,
-- RC5ParameterSpec.class,
-+ // BEGIN android-removed
-+ // RC2ParameterSpec.class,
-+ // RC5ParameterSpec.class,
-+ // END android-removed
- IvParameterSpec.class,
- PBEParameterSpec.class
- };
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java 2015-04-09 13:10:16.000000000 +0000
-@@ -24,8 +24,10 @@
- import javax.crypto.ShortBufferException;
- import javax.crypto.spec.IvParameterSpec;
- import javax.crypto.spec.PBEParameterSpec;
--import javax.crypto.spec.RC2ParameterSpec;
--import javax.crypto.spec.RC5ParameterSpec;
-+// BEGIN android-removed
-+// import javax.crypto.spec.RC2ParameterSpec;
-+// import javax.crypto.spec.RC5ParameterSpec;
-+// END android-removed
- import javax.crypto.spec.SecretKeySpec;
-
- import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-@@ -50,8 +52,10 @@
- {
- IvParameterSpec.class,
- PBEParameterSpec.class,
-- RC2ParameterSpec.class,
-- RC5ParameterSpec.class
-+ // BEGIN android-removed
-+ // RC2ParameterSpec.class,
-+ // RC5ParameterSpec.class
-+ // END android-removed
- };
-
- protected int pbeType = PKCS12;
-@@ -276,6 +280,8 @@
- return null;
- }
-
-+ // BEGIN android-changed
-+ // added ShortBufferException to throws statement
- protected int engineDoFinal(
- byte[] input,
- int inputOffset,
-@@ -286,6 +292,7 @@
- {
- return 0;
- }
-+ // END android-changed
-
- protected byte[] engineWrap(
- Key key)
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java 2013-12-12 00:35:05.000000000 +0000
-@@ -7,13 +7,18 @@
-
- import org.bouncycastle.crypto.CipherParameters;
- import org.bouncycastle.crypto.PBEParametersGenerator;
--import org.bouncycastle.crypto.digests.GOST3411Digest;
--import org.bouncycastle.crypto.digests.MD2Digest;
--import org.bouncycastle.crypto.digests.MD5Digest;
--import org.bouncycastle.crypto.digests.RIPEMD160Digest;
--import org.bouncycastle.crypto.digests.SHA1Digest;
--import org.bouncycastle.crypto.digests.SHA256Digest;
--import org.bouncycastle.crypto.digests.TigerDigest;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.digests.GOST3411Digest;
-+// import org.bouncycastle.crypto.digests.MD2Digest;
-+// import org.bouncycastle.crypto.digests.MD5Digest;
-+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-+// import org.bouncycastle.crypto.digests.SHA1Digest;
-+// import org.bouncycastle.crypto.digests.SHA256Digest;
-+// import org.bouncycastle.crypto.digests.TigerDigest;
-+// END android-removed
-+// BEGIN android-added
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-added
- import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
- import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
- import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator;
-@@ -29,11 +34,15 @@
- //
- static final int MD5 = 0;
- static final int SHA1 = 1;
-- static final int RIPEMD160 = 2;
-- static final int TIGER = 3;
-+ // BEGIN android-removed
-+ // static final int RIPEMD160 = 2;
-+ // static final int TIGER = 3;
-+ // END android-removed
- static final int SHA256 = 4;
-- static final int MD2 = 5;
-- static final int GOST3411 = 6;
-+ // BEGIN android-removed
-+ // static final int MD2 = 5;
-+ // static final int GOST3411 = 6;
-+ // END android-removed
-
- static final int PKCS5S1 = 0;
- static final int PKCS5S2 = 1;
-@@ -57,14 +66,20 @@
- {
- switch (hash)
- {
-- case MD2:
-- generator = new PKCS5S1ParametersGenerator(new MD2Digest());
-- break;
-+ // BEGIN android-removed
-+ // case MD2:
-+ // generator = new PKCS5S1ParametersGenerator(new MD2Digest());
-+ // break;
-+ // END android-removed
- case MD5:
-- generator = new PKCS5S1ParametersGenerator(new MD5Digest());
-+ // BEGIN android-changed
-+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5());
-+ // END android-changed
- break;
- case SHA1:
-- generator = new PKCS5S1ParametersGenerator(new SHA1Digest());
-+ // BEGIN android-changed
-+ generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1());
-+ // END android-changed
- break;
- default:
- throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1.");
-@@ -74,27 +89,39 @@
- {
- switch (hash)
- {
-- case MD2:
-- generator = new PKCS5S2ParametersGenerator(new MD2Digest());
-- break;
-+ // BEGIN android-removed
-+ // case MD2:
-+ // generator = new PKCS5S2ParametersGenerator(new MD2Digest());
-+ // break;
-+ // END android-removed
- case MD5:
-- generator = new PKCS5S2ParametersGenerator(new MD5Digest());
-+ // BEGIN android-changed
-+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5());
-+ // END android-changed
- break;
- case SHA1:
-- generator = new PKCS5S2ParametersGenerator(new SHA1Digest());
-- break;
-- case RIPEMD160:
-- generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest());
-- break;
-- case TIGER:
-- generator = new PKCS5S2ParametersGenerator(new TigerDigest());
-- break;
-+ // BEGIN android-changed
-+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1());
-+ // END android-changed
-+ break;
-+ // BEGIN android-removed
-+ // case RIPEMD160:
-+ // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest());
-+ // break;
-+ // case TIGER:
-+ // generator = new PKCS5S2ParametersGenerator(new TigerDigest());
-+ // break;
-+ // END android-removed
- case SHA256:
-- generator = new PKCS5S2ParametersGenerator(new SHA256Digest());
-- break;
-- case GOST3411:
-- generator = new PKCS5S2ParametersGenerator(new GOST3411Digest());
-- break;
-+ // BEGIN android-changed
-+ generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256());
-+ // END android-changed
-+ break;
-+ // BEGIN android-removed
-+ // case GOST3411:
-+ // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest());
-+ // break;
-+ // END android-removed
- default:
- throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption.");
- }
-@@ -103,27 +130,39 @@
- {
- switch (hash)
- {
-- case MD2:
-- generator = new PKCS12ParametersGenerator(new MD2Digest());
-- break;
-+ // BEGIN android-removed
-+ // case MD2:
-+ // generator = new PKCS12ParametersGenerator(new MD2Digest());
-+ // break;
-+ // END android-removed
- case MD5:
-- generator = new PKCS12ParametersGenerator(new MD5Digest());
-+ // BEGIN android-changed
-+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5());
-+ // END android-changed
- break;
- case SHA1:
-- generator = new PKCS12ParametersGenerator(new SHA1Digest());
-- break;
-- case RIPEMD160:
-- generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
-- break;
-- case TIGER:
-- generator = new PKCS12ParametersGenerator(new TigerDigest());
-- break;
-+ // BEGIN android-changed
-+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1());
-+ // END android-changed
-+ break;
-+ // BEGIN android-removed
-+ // case RIPEMD160:
-+ // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
-+ // break;
-+ // case TIGER:
-+ // generator = new PKCS12ParametersGenerator(new TigerDigest());
-+ // break;
-+ // END android-removed
- case SHA256:
-- generator = new PKCS12ParametersGenerator(new SHA256Digest());
-- break;
-- case GOST3411:
-- generator = new PKCS12ParametersGenerator(new GOST3411Digest());
-- break;
-+ // BEGIN android-changed
-+ generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256());
-+ // END android-changed
-+ break;
-+ // BEGIN android-removed
-+ // case GOST3411:
-+ // generator = new PKCS12ParametersGenerator(new GOST3411Digest());
-+ // break;
-+ // END android-removed
- default:
- throw new IllegalStateException("unknown digest scheme for PBE encryption.");
- }
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-09-26 18:06:21.000000000 +0000
-@@ -10,12 +10,17 @@
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
- import org.bouncycastle.crypto.Digest;
--import org.bouncycastle.crypto.digests.MD5Digest;
--import org.bouncycastle.crypto.digests.SHA1Digest;
--import org.bouncycastle.crypto.digests.SHA224Digest;
--import org.bouncycastle.crypto.digests.SHA256Digest;
--import org.bouncycastle.crypto.digests.SHA384Digest;
--import org.bouncycastle.crypto.digests.SHA512Digest;
-+// BEGIN android-removed
-+// import org.bouncycastle.crypto.digests.MD5Digest;
-+// import org.bouncycastle.crypto.digests.SHA1Digest;
-+// import org.bouncycastle.crypto.digests.SHA224Digest;
-+// import org.bouncycastle.crypto.digests.SHA256Digest;
-+// import org.bouncycastle.crypto.digests.SHA384Digest;
-+// import org.bouncycastle.crypto.digests.SHA512Digest;
-+// END android-removed
-+// BEGIN android-added
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+// END android-added
- import org.bouncycastle.util.Strings;
-
- public class DigestFactory
-@@ -85,27 +90,39 @@
-
- if (sha1.contains(digestName))
- {
-- return new SHA1Digest();
-+ // BEGIN android-changed
-+ return AndroidDigestFactory.getSHA1();
-+ // END android-changed
- }
- if (md5.contains(digestName))
- {
-- return new MD5Digest();
-+ // BEGIN android-changed
-+ return AndroidDigestFactory.getMD5();
-+ // END android-changed
- }
- if (sha224.contains(digestName))
- {
-- return new SHA224Digest();
-+ // BEGIN android-changed
-+ return AndroidDigestFactory.getSHA224();
-+ // END android-changed
- }
- if (sha256.contains(digestName))
- {
-- return new SHA256Digest();
-+ // BEGIN android-changed
-+ return AndroidDigestFactory.getSHA256();
-+ // END android-changed
- }
- if (sha384.contains(digestName))
- {
-- return new SHA384Digest();
-+ // BEGIN android-changed
-+ return AndroidDigestFactory.getSHA384();
-+ // END android-changed
- }
- if (sha512.contains(digestName))
- {
-- return new SHA512Digest();
-+ // BEGIN android-changed
-+ return AndroidDigestFactory.getSHA512();
-+ // END android-changed
- }
-
- return null;
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/util/JcaJceUtils.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/util/JcaJceUtils.java 2014-07-28 19:51:54.000000000 +0000
-@@ -6,11 +6,15 @@
- import org.bouncycastle.asn1.ASN1Encodable;
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.ASN1Primitive;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
--import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// END android-removed
-
- /**
- * General JCA/JCE utility methods.
-@@ -100,22 +104,24 @@
- {
- return "SHA512";
- }
-- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
-- {
-- return "RIPEMD128";
-- }
-- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
-- {
-- return "RIPEMD160";
-- }
-- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
-- {
-- return "RIPEMD256";
-- }
-- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
-- {
-- return "GOST3411";
-- }
-+ // BEGIN android-removed
-+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD128";
-+ // }
-+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD160";
-+ // }
-+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD256";
-+ // }
-+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
-+ // {
-+ // return "GOST3411";
-+ // }
-+ // END android-removed
- else
- {
- return digestAlgOID.getId();
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/PKCS10CertificationRequest.java 2014-07-28 19:51:54.000000000 +0000
-@@ -30,14 +30,18 @@
- import org.bouncycastle.asn1.ASN1Set;
- import org.bouncycastle.asn1.DERBitString;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.CertificationRequest;
- import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
--import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
- import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
- import org.bouncycastle.asn1.x509.X509Name;
-@@ -81,8 +85,11 @@
-
- static
- {
-- algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
-- algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
-+ // BEGIN android-removed
-+ // Dropping MD2
-+ // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
-+ // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
-+ // END android-removed
- algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
- algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
- algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
-@@ -102,12 +109,14 @@
- algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"));
-- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // BEGIN android-removed
-+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // END android-removed
- algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
- algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
-@@ -120,11 +129,13 @@
- algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
- algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
- algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
-- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // BEGIN android-removed
-+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // END android-removed
-
- //
- // reverse mappings
-@@ -134,11 +145,15 @@
- oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
- oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
- oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
-- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
-- oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
-+ // BEGIN android-removed
-+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
-+ // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
-+ // END android-removed
-
- oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
-- oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
-+ // BEGIN android-removed
-+ // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
-+ // END android-removed
- oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
- oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
- oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
-@@ -172,8 +187,10 @@
- //
- // RFC 4491
- //
-- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // BEGIN android-removed
-+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // END android-removed
- //
- // explicit params
- //
-@@ -616,22 +633,24 @@
- {
- return "SHA512";
- }
-- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
-- {
-- return "RIPEMD128";
-- }
-- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
-- {
-- return "RIPEMD160";
-- }
-- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
-- {
-- return "RIPEMD256";
-- }
-- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
-- {
-- return "GOST3411";
-- }
-+ // BEGIN android-removed
-+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD128";
-+ // }
-+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD160";
-+ // }
-+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD256";
-+ // }
-+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
-+ // {
-+ // return "GOST3411";
-+ // }
-+ // END android-removed
- else
- {
- return digestAlgOID.getId();
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2015-04-09 13:10:16.000000000 +0000
-@@ -64,15 +64,22 @@
-
- private static final String[] SYMMETRIC_MACS =
- {
-- "SipHash"
-+ // BEGIN android-removed
-+ // "SipHash"
-+ // END android-removed
- };
-
- private static final String[] SYMMETRIC_CIPHERS =
- {
-- "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede",
-- "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5",
-- "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish",
-- "VMPC", "VMPCKSA3", "XTEA", "XSalsa20"
-+ // BEGIN android-removed
-+ // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede",
-+ // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5",
-+ // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "TEA", "Twofish", "Threefish",
-+ // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20"
-+ // END android-removed
-+ // BEGIN android-added
-+ "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish",
-+ // END android-added
- };
-
- /*
-@@ -84,12 +91,22 @@
- // later ones configure it.
- private static final String[] ASYMMETRIC_GENERIC =
- {
-- "X509", "IES"
-+ // BEGIN android-removed
-+ // "X509", "IES"
-+ // END android-removed
-+ // BEGIN android-added
-+ "X509"
-+ // END android-added
- };
-
- private static final String[] ASYMMETRIC_CIPHERS =
- {
-- "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145"
-+ // BEGIN android-removed
-+ // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145"
-+ // END android-removed
-+ // BEGIN android-added
-+ "DSA", "DH", "EC", "RSA",
-+ // END android-added
- };
-
- /*
-@@ -98,7 +115,12 @@
- private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest.";
- private static final String[] DIGESTS =
- {
-- "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool"
-+ // BEGIN android-removed
-+ // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool"
-+ // END android-removed
-+ // BEGIN android-added
-+ "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512",
-+ // END android-added
- };
-
- /*
-@@ -145,48 +167,52 @@
-
- loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES);
-
-- //
-- // X509Store
-- //
-- put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection");
-- put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection");
-- put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection");
-- put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection");
--
-- put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts");
-- put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs");
-- put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts");
-- put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs");
--
-- //
-- // X509StreamParser
-- //
-- put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser");
-- put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser");
-- put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser");
-- put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser");
--
-- //
-- // cipher engines
-- //
-- put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES");
--
-- put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES");
--
--
-- put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish");
--
-- // Certification Path API
-- put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi");
-- put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi");
-- put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
-- put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
-+ // BEGIN android-removed
-+ // //
-+ // // X509Store
-+ // //
-+ // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection");
-+ // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection");
-+ // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection");
-+ // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection");
-+ //
-+ // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts");
-+ // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs");
-+ // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts");
-+ // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs");
-+ //
-+ // //
-+ // // X509StreamParser
-+ // //
-+ // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser");
-+ // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser");
-+ // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser");
-+ // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser");
-+ //
-+ // //
-+ // // cipher engines
-+ // //
-+ // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES");
-+ //
-+ // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES");
-+ //
-+ //
-+ // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish");
-+ //
-+ // // Certification Path API
-+ // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi");
-+ // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi");
-+ // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
-+ // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
-+ // END android-removed
- put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
- put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
- put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi");
-- put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi");
-- put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi");
-- put("Alg.Alias.CertStore.X509LDAP", "LDAP");
-+ // BEGIN android-removed
-+ // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi");
-+ // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi");
-+ // put("Alg.Alias.CertStore.X509LDAP", "LDAP");
-+ // END android-removed
- }
-
- private void loadAlgorithms(String packageName, String[] names)
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertBlacklist.java 2015-06-10 22:51:41.000000000 +0000
-@@ -0,0 +1,233 @@
-+/*
-+ * Copyright (C) 2012 The Android Open Source Project
-+ *
-+ * Licensed under the Apache License, Version 2.0 (the "License");
-+ * you may not use this file except in compliance with the License.
-+ * You may obtain a copy of the License at
-+ *
-+ * http://www.apache.org/licenses/LICENSE-2.0
-+ *
-+ * Unless required by applicable law or agreed to in writing, software
-+ * distributed under the License is distributed on an "AS IS" BASIS,
-+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-+ * See the License for the specific language governing permissions and
-+ * limitations under the License.
-+ */
-+
-+package org.bouncycastle.jce.provider;
-+
-+import java.io.Closeable;
-+import java.io.ByteArrayOutputStream;
-+import java.io.FileNotFoundException;
-+import java.io.IOException;
-+import java.io.RandomAccessFile;
-+import java.math.BigInteger;
-+import java.security.PublicKey;
-+import java.util.Arrays;
-+import java.util.Collections;
-+import java.util.HashSet;
-+import java.util.Set;
-+import java.util.logging.Level;
-+import java.util.logging.Logger;
-+import org.bouncycastle.crypto.Digest;
-+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
-+import org.bouncycastle.util.encoders.Hex;
-+
-+public class CertBlacklist {
-+ private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName());
-+
-+ // public for testing
-+ public final Set<BigInteger> serialBlacklist;
-+ public final Set<byte[]> pubkeyBlacklist;
-+
-+ public CertBlacklist() {
-+ String androidData = System.getenv("ANDROID_DATA");
-+ String blacklistRoot = androidData + "/misc/keychain/";
-+ String defaultPubkeyBlacklistPath = blacklistRoot + "pubkey_blacklist.txt";
-+ String defaultSerialBlacklistPath = blacklistRoot + "serial_blacklist.txt";
-+
-+ pubkeyBlacklist = readPublicKeyBlackList(defaultPubkeyBlacklistPath);
-+ serialBlacklist = readSerialBlackList(defaultSerialBlacklistPath);
-+ }
-+
-+ /** Test only interface, not for public use */
-+ public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) {
-+ pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath);
-+ serialBlacklist = readSerialBlackList(serialBlacklistPath);
-+ }
-+
-+ private static boolean isHex(String value) {
-+ try {
-+ new BigInteger(value, 16);
-+ return true;
-+ } catch (NumberFormatException e) {
-+ logger.log(Level.WARNING, "Could not parse hex value " + value, e);
-+ return false;
-+ }
-+ }
-+
-+ private static boolean isPubkeyHash(String value) {
-+ if (value.length() != 40) {
-+ logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length());
-+ return false;
-+ }
-+ return isHex(value);
-+ }
-+
-+ private static String readBlacklist(String path) {
-+ try {
-+ return readFileAsString(path);
-+ } catch (FileNotFoundException ignored) {
-+ } catch (IOException e) {
-+ logger.log(Level.WARNING, "Could not read blacklist", e);
-+ }
-+ return "";
-+ }
-+
-+ // From IoUtils.readFileAsString
-+ private static String readFileAsString(String path) throws IOException {
-+ return readFileAsBytes(path).toString("UTF-8");
-+ }
-+
-+ // Based on IoUtils.readFileAsBytes
-+ private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException {
-+ RandomAccessFile f = null;
-+ try {
-+ f = new RandomAccessFile(path, "r");
-+ ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length());
-+ byte[] buffer = new byte[8192];
-+ while (true) {
-+ int byteCount = f.read(buffer);
-+ if (byteCount == -1) {
-+ return bytes;
-+ }
-+ bytes.write(buffer, 0, byteCount);
-+ }
-+ } finally {
-+ closeQuietly(f);
-+ }
-+ }
-+
-+ // Base on IoUtils.closeQuietly
-+ private static void closeQuietly(Closeable closeable) {
-+ if (closeable != null) {
-+ try {
-+ closeable.close();
-+ } catch (RuntimeException rethrown) {
-+ throw rethrown;
-+ } catch (Exception ignored) {
-+ }
-+ }
-+ }
-+
-+ private static final Set<BigInteger> readSerialBlackList(String path) {
-+
-+ /* Start out with a base set of known bad values.
-+ *
-+ * WARNING: Do not add short serials to this list!
-+ *
-+ * Since this currently doesn't compare the serial + issuer, you
-+ * should only add serials that have enough entropy here. Short
-+ * serials may inadvertently match a certificate that was issued
-+ * not in compliance with the Baseline Requirements.
-+ */
-+ Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList(
-+ // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup
-+ // Not a real certificate. For testing only.
-+ new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16),
-+ new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16),
-+ new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16),
-+ new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16),
-+ new BigInteger("9239d5348f40d1695a745470e1f23f43", 16),
-+ new BigInteger("e9028b9578e415dc1a710a2b88154447", 16),
-+ new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16),
-+ new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16),
-+ new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16),
-+ new BigInteger("3e75ced46b693021218830ae86a82a71", 16)
-+ ));
-+
-+ // attempt to augment it with values taken from gservices
-+ String serialBlacklist = readBlacklist(path);
-+ if (!serialBlacklist.equals("")) {
-+ for(String value : serialBlacklist.split(",")) {
-+ try {
-+ bl.add(new BigInteger(value, 16));
-+ } catch (NumberFormatException e) {
-+ logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e);
-+ }
-+ }
-+ }
-+
-+ // whether that succeeds or fails, send it on its merry way
-+ return Collections.unmodifiableSet(bl);
-+ }
-+
-+ private static final Set<byte[]> readPublicKeyBlackList(String path) {
-+
-+ // start out with a base set of known bad values
-+ Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList(
-+ // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750
-+ // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl
-+ "410f36363258f30b347d12ce4863e433437806a8".getBytes(),
-+ // Subject: CN=DigiNotar Cyber CA
-+ // Issuer: CN=GTE CyberTrust Global Root
-+ "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(),
-+ // Subject: CN=DigiNotar Services 1024 CA
-+ // Issuer: CN=Entrust.net
-+ "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(),
-+ // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2
-+ // Issuer: CN=Staat der Nederlanden Organisatie CA - G2
-+ "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(),
-+ // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
-+ // Issuer: CN=Staat der Nederlanden Overheid CA
-+ "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(),
-+ // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479
-+ // Subject: O=Digicert Sdn. Bhd.
-+ // Issuer: CN=GTE CyberTrust Global Root
-+ "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(),
-+ // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org
-+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri
-+ "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(),
-+ // Subject: CN=*.EGO.GOV.TR 93
-+ // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri
-+ "783333c9687df63377efceddd82efa9101913e8e".getBytes(),
-+ // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL
-+ // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification
-+ "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes()
-+ ));
-+
-+ // attempt to augment it with values taken from gservices
-+ String pubkeyBlacklist = readBlacklist(path);
-+ if (!pubkeyBlacklist.equals("")) {
-+ for (String value : pubkeyBlacklist.split(",")) {
-+ value = value.trim();
-+ if (isPubkeyHash(value)) {
-+ bl.add(value.getBytes());
-+ } else {
-+ logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value);
-+ }
-+ }
-+ }
-+
-+ return bl;
-+ }
-+
-+ public boolean isPublicKeyBlackListed(PublicKey publicKey) {
-+ byte[] encoded = publicKey.getEncoded();
-+ Digest digest = AndroidDigestFactory.getSHA1();
-+ digest.update(encoded, 0, encoded.length);
-+ byte[] out = new byte[digest.getDigestSize()];
-+ digest.doFinal(out, 0);
-+ for (byte[] blacklisted : pubkeyBlacklist) {
-+ if (Arrays.equals(blacklisted, Hex.encode(out))) {
-+ return true;
-+ }
-+ }
-+ return false;
-+ }
-+
-+ public boolean isSerialNumberBlackListed(BigInteger serial) {
-+ return serialBlacklist.contains(serial);
-+ }
-+
-+}
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2015-04-09 13:10:16.000000000 +0000
-@@ -35,6 +35,7 @@
- import java.util.List;
- import java.util.Map;
- import java.util.Set;
-+import javax.security.auth.x500.X500Principal;
-
- import org.bouncycastle.asn1.ASN1Encodable;
- import org.bouncycastle.asn1.ASN1Enumerated;
-@@ -73,7 +74,9 @@
- import org.bouncycastle.util.Store;
- import org.bouncycastle.util.StoreException;
- import org.bouncycastle.x509.X509AttributeCertificate;
--import org.bouncycastle.x509.extension.X509ExtensionUtil;
-+// BEGIN android-removed
-+// import org.bouncycastle.x509.extension.X509ExtensionUtil;
-+// END android-removed
-
- class CertPathValidatorUtilities
- {
-@@ -653,20 +656,22 @@
- {
- Object obj = iter.next();
-
-- if (obj instanceof Store)
-- {
-- Store certStore = (Store)obj;
-- try
-- {
-- certs.addAll(certStore.getMatches(certSelect));
-- }
-- catch (StoreException e)
-- {
-- throw new AnnotatedException(
-- "Problem while picking certificates from X.509 store.", e);
-- }
-- }
-- else
-+ // BEGIN android-removed
-+ // if (obj instanceof X509Store)
-+ // {
-+ // X509Store certStore = (X509Store)obj;
-+ // try
-+ // {
-+ // certs.addAll(certStore.getMatches(certSelect));
-+ // }
-+ // catch (StoreException e)
-+ // {
-+ // throw new AnnotatedException(
-+ // "Problem while picking certificates from X.509 store.", e);
-+ // }
-+ // }
-+ // else
-+ // END android-removed
- {
- CertStore certStore = (CertStore)obj;
-
-@@ -715,7 +720,14 @@
-
- for (int j = 0; j < genNames.length; j++)
- {
-- PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]);
-+ // BEGIN android-removed
-+ // PKIXCRLStore store = namedCRLStoreMap.get(genNames[i]);
-+ // END android-removed
-+ // BEGIN android-added
-+ // Seems like a bug, unless there should be a guarantee that j < i,
-+ // However, it's breaking the tests.
-+ PKIXCRLStore store = namedCRLStoreMap.get(genNames[j]);
-+ // END android-added
- if (store != null)
- {
- stores.add(store);
-@@ -888,8 +900,20 @@
- {
- return;
- }
--
-- X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded());
-+ // BEGIN android-removed
-+ // X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded());
-+ // END android-removed
-+ // BEGIN android-added
-+ // The original code throws null pointer exception for OpenSSLX509CRL,
-+ // which uses the implementation for getCertificateIssuer() in X509CRL, method
-+ // whose reference implementation has the following JavaDoc: "If the certificate
-+ // issuer is also the CRL issuer, this method returns null."
-+ X500Name certIssuer = null;
-+ X500Principal certificateIssuerPrincipal = crl_entry.getCertificateIssuer();
-+ if (certificateIssuerPrincipal != null) {
-+ certIssuer = X500Name.getInstance(certificateIssuerPrincipal.getEncoded());
-+ }
-+ // END android-added
-
- if (certIssuer == null)
- {
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2014-07-28 19:51:54.000000000 +0000
-@@ -19,8 +19,10 @@
- import org.bouncycastle.asn1.ASN1Sequence;
- import org.bouncycastle.asn1.DERBitString;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
--import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-+// END android-removed
- import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
- import org.bouncycastle.asn1.sec.ECPrivateKeyStructure;
- import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-@@ -202,21 +204,23 @@
- ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
- X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
-
-- if (ecP == null) // GOST Curve
-- {
-- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
-- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
--
-- ecSpec = new ECNamedCurveSpec(
-- ECGOST3410NamedCurves.getName(oid),
-- ellipticCurve,
-- new ECPoint(
-- gParam.getG().getAffineXCoord().toBigInteger(),
-- gParam.getG().getAffineYCoord().toBigInteger()),
-- gParam.getN(),
-- gParam.getH());
-- }
-- else
-+ // BEGIN android-removed
-+ // if (ecP == null) // GOST Curve
-+ // {
-+ // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
-+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
-+ //
-+ // ecSpec = new ECNamedCurveSpec(
-+ // ECGOST3410NamedCurves.getName(oid),
-+ // ellipticCurve,
-+ // new ECPoint(
-+ // gParam.getG().getAffineXCoord().toBigInteger(),
-+ // gParam.getG().getAffineYCoord().toBigInteger()),
-+ // gParam.getN(),
-+ // gParam.getH());
-+ // }
-+ // else
-+ // END android-removed
- {
- EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
-
-@@ -330,11 +334,13 @@
-
- try
- {
-- if (algorithm.equals("ECGOST3410"))
-- {
-- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
-- }
-- else
-+ // BEGIN android-removed
-+ // if (algorithm.equals("ECGOST3410"))
-+ // {
-+ // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
-+ // }
-+ // else
-+ // END android-removed
- {
-
- info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/JCEECPublicKey.java 2014-07-28 19:51:54.000000000 +0000
-@@ -18,9 +18,11 @@
- import org.bouncycastle.asn1.DERBitString;
- import org.bouncycastle.asn1.DERNull;
- import org.bouncycastle.asn1.DEROctetString;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
--import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
--import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-+// END android-removed
- import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
- import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
- import org.bouncycastle.asn1.x9.X962Parameters;
-@@ -33,9 +35,13 @@
- import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
- import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
- import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
--import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-+// BEGIN android-removed
-+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-+// END android-removed
- import org.bouncycastle.jce.interfaces.ECPointEncoder;
--import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-+// BEGIN android-removed
-+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-+// END android-removed
- import org.bouncycastle.jce.spec.ECNamedCurveSpec;
- import org.bouncycastle.math.ec.ECCurve;
- import org.bouncycastle.math.ec.custom.sec.SecP256K1Point;
-@@ -48,7 +54,9 @@
- private org.bouncycastle.math.ec.ECPoint q;
- private ECParameterSpec ecSpec;
- private boolean withCompression;
-- private GOST3410PublicKeyAlgParameters gostParams;
-+ // BEGIN android-removed
-+ // private GOST3410PublicKeyAlgParameters gostParams;
-+ // END android-removed
-
- public JCEECPublicKey(
- String algorithm,
-@@ -58,7 +66,9 @@
- this.q = key.q;
- this.ecSpec = key.ecSpec;
- this.withCompression = key.withCompression;
-- this.gostParams = key.gostParams;
-+ // BEGIN android-removed
-+ // this.gostParams = key.gostParams;
-+ // END android-removed
- }
-
- public JCEECPublicKey(
-@@ -181,54 +191,55 @@
-
- private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
- {
-- if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001))
-- {
-- DERBitString bits = info.getPublicKeyData();
-- ASN1OctetString key;
-- this.algorithm = "ECGOST3410";
--
-- try
-- {
-- key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
-- }
-- catch (IOException ex)
-- {
-- throw new IllegalArgumentException("error recovering public key");
-- }
--
-- byte[] keyEnc = key.getOctets();
-- byte[] x = new byte[32];
-- byte[] y = new byte[32];
--
-- for (int i = 0; i != x.length; i++)
-- {
-- x[i] = keyEnc[32 - 1 - i];
-- }
--
-- for (int i = 0; i != y.length; i++)
-- {
-- y[i] = keyEnc[64 - 1 - i];
-- }
--
-- gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters());
--
-- ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
--
-- ECCurve curve = spec.getCurve();
-- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
--
-- this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
--
-- ecSpec = new ECNamedCurveSpec(
-- ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
-- ellipticCurve,
-- new ECPoint(
-- spec.getG().getAffineXCoord().toBigInteger(),
-- spec.getG().getAffineYCoord().toBigInteger()),
-- spec.getN(), spec.getH());
--
-- }
-- else
-+ // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001))
-+ // {
-+ // DERBitString bits = info.getPublicKeyData();
-+ // ASN1OctetString key;
-+ // this.algorithm = "ECGOST3410";
-+ //
-+ // try
-+ // {
-+ // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
-+ // }
-+ // catch (IOException ex)
-+ // {
-+ // throw new IllegalArgumentException("error recovering public key");
-+ // }
-+ //
-+ // byte[] keyEnc = key.getOctets();
-+ // byte[] x = new byte[32];
-+ // byte[] y = new byte[32];
-+ //
-+ // for (int i = 0; i != x.length; i++)
-+ // {
-+ // x[i] = keyEnc[32 - 1 - i];
-+ // }
-+ //
-+ // for (int i = 0; i != y.length; i++)
-+ // {
-+ // y[i] = keyEnc[64 - 1 - i];
-+ // }
-+ //
-+ // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters());
-+ //
-+ // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
-+ //
-+ // ECCurve curve = spec.getCurve();
-+ // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
-+ //
-+ // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
-+ //
-+ // ecSpec = new ECNamedCurveSpec(
-+ // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
-+ // ellipticCurve,
-+ // new ECPoint(
-+ // spec.getG().getAffineXCoord().toBigInteger(),
-+ // spec.getG().getAffineYCoord().toBigInteger()),
-+ // spec.getN(), spec.getH());
-+ //
-+ // }
-+ // else
-+ // END android-removed
- {
- X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters());
- ECCurve curve;
-@@ -317,52 +328,54 @@
- ASN1Encodable params;
- SubjectPublicKeyInfo info;
-
-- if (algorithm.equals("ECGOST3410"))
-- {
-- if (gostParams != null)
-- {
-- params = gostParams;
-- }
-- else
-- {
-- if (ecSpec instanceof ECNamedCurveSpec)
-- {
-- params = new GOST3410PublicKeyAlgParameters(
-- ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
-- CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
-- }
-- else
-- { // strictly speaking this may not be applicable...
-- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
--
-- X9ECParameters ecP = new X9ECParameters(
-- curve,
-- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
-- ecSpec.getOrder(),
-- BigInteger.valueOf(ecSpec.getCofactor()),
-- ecSpec.getCurve().getSeed());
--
-- params = new X962Parameters(ecP);
-- }
-- }
--
-- BigInteger bX = this.q.getAffineXCoord().toBigInteger();
-- BigInteger bY = this.q.getAffineYCoord().toBigInteger();
-- byte[] encKey = new byte[64];
--
-- extractBytes(encKey, 0, bX);
-- extractBytes(encKey, 32, bY);
--
-- try
-- {
-- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
-- }
-- catch (IOException e)
-- {
-- return null;
-- }
-- }
-- else
-+ // BEGIN android-removed
-+ // if (algorithm.equals("ECGOST3410"))
-+ // {
-+ // if (gostParams != null)
-+ // {
-+ // params = gostParams;
-+ // }
-+ // else
-+ // {
-+ // if (ecSpec instanceof ECNamedCurveSpec)
-+ // {
-+ // params = new GOST3410PublicKeyAlgParameters(
-+ // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
-+ // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
-+ // }
-+ // else
-+ // { // strictly speaking this may not be applicable...
-+ // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-+ //
-+ // X9ECParameters ecP = new X9ECParameters(
-+ // curve,
-+ // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
-+ // ecSpec.getOrder(),
-+ // BigInteger.valueOf(ecSpec.getCofactor()),
-+ // ecSpec.getCurve().getSeed());
-+ //
-+ // params = new X962Parameters(ecP);
-+ // }
-+ // }
-+ //
-+ // BigInteger bX = this.q.getAffineXCoord().toBigInteger();
-+ // BigInteger bY = this.q.getAffineYCoord().toBigInteger();
-+ // byte[] encKey = new byte[64];
-+ //
-+ // extractBytes(encKey, 0, bX);
-+ // extractBytes(encKey, 32, bY);
-+ //
-+ // try
-+ // {
-+ // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
-+ // }
-+ // catch (IOException e)
-+ // {
-+ // return null;
-+ // }
-+ // }
-+ // else
-+ // END android-removed
- {
- if (ecSpec instanceof ECNamedCurveSpec)
- {
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCRLUtil.java 2015-04-09 13:10:16.000000000 +0000
-@@ -88,22 +88,24 @@
- {
- Object obj = iter.next();
-
-- if (obj instanceof Store)
-- {
-- Store store = (Store)obj;
-+ // BEGIN android-removed
-+ // if (obj instanceof Store)
-+ // {
-+ // Store store = (Store)obj;
-
-- try
-- {
-- crls.addAll(store.getMatches(crlSelect));
-- foundValidStore = true;
-- }
-- catch (StoreException e)
-- {
-- lastException = new AnnotatedException(
-- "Exception searching in X.509 CRL store.", e);
-- }
-- }
-- else
-+ // try
-+ // {
-+ // crls.addAll(store.getMatches(crlSelect));
-+ // foundValidStore = true;
-+ // }
-+ // catch (StoreException e)
-+ // {
-+ // lastException = new AnnotatedException(
-+ // "Exception searching in X.509 CRL store.", e);
-+ // }
-+ // }
-+ // else
-+ // END android-removed
- {
- CertStore store = (CertStore)obj;
-
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-04-24 13:59:41.000000000 +0000
-@@ -1,5 +1,8 @@
- package org.bouncycastle.jce.provider;
-
-+// BEGIN android-added
-+import java.math.BigInteger;
-+// END android-added
- import java.security.InvalidAlgorithmParameterException;
- import java.security.PublicKey;
- import java.security.cert.CertPath;
-@@ -41,6 +44,11 @@
- public PKIXCertPathValidatorSpi()
- {
- }
-+ // BEGIN android-added
-+ private static class NoPreloadHolder {
-+ private final static CertBlacklist blacklist = new CertBlacklist();
-+ }
-+ // END android-added
-
- public CertPathValidatorResult engineValidate(
- CertPath certPath,
-@@ -73,10 +81,18 @@
- {
- paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters();
- }
-- else
-+ // BEGIN android-changed
-+ // else
-+ else if (params instanceof PKIXExtendedParameters)
-+ // END android-changed
- {
- paramsPKIX = (PKIXExtendedParameters)params;
- }
-+ // BEGIN android-added
-+ else {
-+ throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters");
-+ }
-+ // END android-added
-
- if (paramsPKIX.getTrustAnchors() == null)
- {
-@@ -98,6 +114,22 @@
- {
- throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0);
- }
-+ // BEGIN android-added
-+ {
-+ X509Certificate cert = (X509Certificate) certs.get(0);
-+
-+ if (cert != null) {
-+ BigInteger serial = cert.getSerialNumber();
-+ if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) {
-+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
-+ String message = "Certificate revocation of serial 0x" + serial.toString(16);
-+ System.out.println(message);
-+ AnnotatedException e = new AnnotatedException(message);
-+ throw new CertPathValidatorException(e.getMessage(), e, certPath, 0);
-+ }
-+ }
-+ }
-+ // END android-added
-
- //
- // (b)
-@@ -277,6 +309,15 @@
-
- for (index = certs.size() - 1; index >= 0; index--)
- {
-+ // BEGIN android-added
-+ if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) {
-+ // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
-+ String message = "Certificate revocation of public key " + workingPublicKey;
-+ System.out.println(message);
-+ AnnotatedException e = new AnnotatedException(message);
-+ throw new CertPathValidatorException(e.getMessage(), e, certPath, index);
-+ }
-+ // END android-added
- // try
- // {
- //
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509CertificateObject.java 2013-01-31 02:26:40.000000000 +0000
-@@ -57,6 +57,9 @@
- import org.bouncycastle.asn1.x509.Extensions;
- import org.bouncycastle.asn1.x509.GeneralName;
- import org.bouncycastle.asn1.x509.KeyUsage;
-+// BEGIN android-added
-+import org.bouncycastle.asn1.x509.X509Name;
-+// END android-added
- import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
- import org.bouncycastle.jce.X509Principal;
- import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-@@ -562,12 +565,20 @@
- }
- }
-
-+ // BEGIN android-changed
-+ private byte[] encoded;
-+ // END android-changed
- public byte[] getEncoded()
- throws CertificateEncodingException
- {
- try
- {
-- return c.getEncoded(ASN1Encoding.DER);
-+ // BEGIN android-changed
-+ if (encoded == null) {
-+ encoded = c.getEncoded(ASN1Encoding.DER);
-+ }
-+ return encoded;
-+ // END android-changed
- }
- catch (IOException e)
- {
-@@ -858,7 +869,9 @@
- list.add(genName.getEncoded());
- break;
- case GeneralName.directoryName:
-- list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
-+ // BEGIN android-changed
-+ list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
-+ // END android-changed
- break;
- case GeneralName.dNSName:
- case GeneralName.rfc822Name:
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/X509SignatureUtil.java 2014-07-28 19:51:54.000000000 +0000
-@@ -14,7 +14,9 @@
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.ASN1Sequence;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-@@ -66,12 +68,14 @@
-
- if (params != null && !derNull.equals(params))
- {
-- if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
-- {
-- RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
--
-- return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
-- }
-+ // BEGIN android-removed
-+ // if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
-+ // {
-+ // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
-+ //
-+ // return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
-+ // }
-+ // END android-removed
- if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2))
- {
- ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params);
-@@ -114,22 +118,24 @@
- {
- return "SHA512";
- }
-- else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
-- {
-- return "RIPEMD128";
-- }
-- else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
-- {
-- return "RIPEMD160";
-- }
-- else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
-- {
-- return "RIPEMD256";
-- }
-- else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
-- {
-- return "GOST3411";
-- }
-+ // BEGIN android-removed
-+ // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD128";
-+ // }
-+ // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD160";
-+ // }
-+ // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
-+ // {
-+ // return "RIPEMD256";
-+ // }
-+ // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
-+ // {
-+ // return "GOST3411";
-+ // }
-+ // END android-removed
- else
- {
- return digestAlgOID.getId();
-diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java
---- bcprov-jdk15on-152.orig/org/bouncycastle/x509/X509Util.java 2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/x509/X509Util.java 2014-07-28 19:51:54.000000000 +0000
-@@ -25,12 +25,16 @@
- import org.bouncycastle.asn1.ASN1Integer;
- import org.bouncycastle.asn1.ASN1ObjectIdentifier;
- import org.bouncycastle.asn1.DERNull;
--import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
- import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
- import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
--import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// BEGIN android-removed
-+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-+// END android-removed
- import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
- import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
- import org.bouncycastle.jce.X509Principal;
-@@ -44,8 +48,10 @@
-
- static
- {
-- algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
-- algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
-+ // BEGIN android-removed
-+ // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
-+ // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
-+ // END android-removed
- algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
- algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
- algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
-@@ -63,12 +69,14 @@
- algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
- algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
-- algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-- algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-- algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-- algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // BEGIN android-removed
-+ // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-+ // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-+ // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-+ // END android-removed
- algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
- algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
-@@ -81,11 +89,13 @@
- algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
- algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
- algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
-- algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-- algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-- algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // BEGIN android-removed
-+ // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // END android-removed
-
- //
- // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
-@@ -105,8 +115,10 @@
- //
- // RFC 4491
- //
-- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-- noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // BEGIN android-removed
-+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-+ // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-+ // END android-removed
-
- //
- // explicit params