diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1InputStream.java bcprov-jdk16-146/org/bouncycastle/asn1/ASN1InputStream.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1InputStream.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/ASN1InputStream.java 2011-09-08 21:28:50.000000000 +0000 @@ -363,7 +363,9 @@ case BMP_STRING: return new DERBMPString(bytes); case BOOLEAN: - return new ASN1Boolean(bytes); + // BEGIN android-changed + return DERBoolean.getInstance(bytes); + // END android-changed case ENUMERATED: return new ASN1Enumerated(bytes); case GENERALIZED_TIME: diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk16-146/org/bouncycastle/asn1/ASN1Null.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1Null.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/ASN1Null.java 2011-09-08 21:28:50.000000000 +0000 @@ -8,9 +8,11 @@ public abstract class ASN1Null extends ASN1Object { - public ASN1Null() + // BEGIN android-changed + /*package*/ ASN1Null() { } + // END android-changed public int hashCode() { diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERBoolean.java bcprov-jdk16-146/org/bouncycastle/asn1/DERBoolean.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERBoolean.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/DERBoolean.java 2011-09-08 21:28:50.000000000 +0000 @@ -5,7 +5,9 @@ public class DERBoolean extends ASN1Object { - byte value; + // BEGIN android-changed + private final byte value; + // END android-changed public static final DERBoolean FALSE = new DERBoolean(false); public static final DERBoolean TRUE = new DERBoolean(true); @@ -35,6 +37,17 @@ return (value ? TRUE : FALSE); } + // BEGIN android-added + /** + * return a DERBoolean from the passed in array. + */ + public static DERBoolean getInstance( + byte[] octets) + { + return (octets[0] != 0) ? TRUE : FALSE; + } + // END android-added + /** * return a Boolean from a tagged object. * @@ -56,23 +69,29 @@ } else { - return new DERBoolean(((ASN1OctetString)o).getOctets()); + // BEGIN android-changed + return getInstance(((ASN1OctetString)o).getOctets()); + // END android-changed } } - public DERBoolean( - byte[] value) - { - if (value.length != 1) - { - throw new IllegalArgumentException("byte value should have 1 byte in it"); - } - - this.value = value[0]; - } + // BEGIN android-removed + // public DERBoolean( + // byte[] value) + // { + // if (value.length != 1) + // { + // throw new IllegalArgumentException("byte value should have 1 byte in it"); + // } + // + // this.value = value[0]; + // } + // END android-removed - public DERBoolean( + // BEGIN android-changed + protected DERBoolean( boolean value) + // END android-changed { this.value = (value) ? (byte)0xff : (byte)0; } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk16-146/org/bouncycastle/asn1/DERNull.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERNull.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/DERNull.java 2011-09-08 21:28:50.000000000 +0000 @@ -10,9 +10,13 @@ { public static final DERNull INSTANCE = new DERNull(); - byte[] zeroBytes = new byte[0]; + // BEGIN android-changed + private static final byte[] zeroBytes = new byte[0]; + // END android-changed - public DERNull() + // BEGIN android-changed + protected DERNull() + // END android-changed { } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERObjectIdentifier.java bcprov-jdk16-146/org/bouncycastle/asn1/DERObjectIdentifier.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERObjectIdentifier.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/DERObjectIdentifier.java 2011-09-08 21:28:50.000000000 +0000 @@ -110,7 +110,13 @@ } } - this.identifier = objId.toString(); + // BEGIN android-changed + /* + * Intern the identifier so there aren't hundreds of duplicates + * (in practice). + */ + this.identifier = objId.toString().intern(); + // END android-changed } public DERObjectIdentifier( @@ -121,7 +127,13 @@ throw new IllegalArgumentException("string " + identifier + " not an OID"); } - this.identifier = identifier; + // BEGIN android-changed + /* + * Intern the identifier so there aren't hundreds of duplicates + * (in practice). + */ + this.identifier = identifier.intern(); + // END android-changed } public String getId() diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk16-146/org/bouncycastle/asn1/DERPrintableString.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERPrintableString.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/DERPrintableString.java 2011-09-08 21:28:50.000000000 +0000 @@ -9,7 +9,9 @@ extends ASN1Object implements DERString { - String string; + // BEGIN android-changed + private final String string; + // END android-changed /** * return a printable string from the passed in object. @@ -65,7 +67,9 @@ cs[i] = (char)(string[i] & 0xff); } - this.string = new String(cs); + // BEGIN android-changed + this.string = new String(cs).intern(); + // END android-changed } /** @@ -94,7 +98,9 @@ throw new IllegalArgumentException("string contains illegal characters"); } - this.string = string; + // BEGIN android-changed + this.string = string.intern(); + // END android-changed } public String getString() diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk16-146/org/bouncycastle/asn1/cms/ContentInfo.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/cms/ContentInfo.java 2011-09-08 21:28:50.000000000 +0000 @@ -12,7 +12,9 @@ public class ContentInfo extends ASN1Encodable - implements CMSObjectIdentifiers + // BEGIN android-removed + // implements CMSObjectIdentifiers + // END android-removed { private ASN1ObjectIdentifier contentType; private DEREncodable content; diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java 2011-09-08 21:28:50.000000000 +0000 @@ -37,10 +37,13 @@ public static EncryptedPrivateKeyInfo getInstance( Object obj) { - if (obj instanceof EncryptedData) + // BEGIN android-changed + // fix copy and paste error in instanceof call + if (obj instanceof EncryptedPrivateKeyInfo) { return (EncryptedPrivateKeyInfo)obj; } + // END android-changed else if (obj instanceof ASN1Sequence) { return new EncryptedPrivateKeyInfo((ASN1Sequence)obj); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2011-09-08 21:28:50.000000000 +0000 @@ -10,8 +10,10 @@ // static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); - static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); - static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); + // BEGIN android-removed + // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); + // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); + // END android-removed static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); static final ASN1ObjectIdentifier sha1WithRSAEncryption = pkcs_1.branch("5"); static final ASN1ObjectIdentifier srsaOAEPEncryptionSET = pkcs_1.branch("6"); @@ -22,7 +24,9 @@ static final ASN1ObjectIdentifier sha256WithRSAEncryption = pkcs_1.branch("11"); static final ASN1ObjectIdentifier sha384WithRSAEncryption = pkcs_1.branch("12"); static final ASN1ObjectIdentifier sha512WithRSAEncryption = pkcs_1.branch("13"); - static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); + // BEGIN android-removed + // static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); + // END android-removed // // pkcs-3 OBJECT IDENTIFIER ::= { @@ -65,13 +69,17 @@ // md2 OBJECT IDENTIFIER ::= // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} // - static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); + // BEGIN android-removed + // static final ASN1ObjectIdentifier md2 = digestAlgorithm.branch("2"); + // END android-removed // // md4 OBJECT IDENTIFIER ::= // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4} // - static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); + // BEGIN android-removed + // static final ASN1ObjectIdentifier md4 = digestAlgorithm.branch("4"); + // END android-removed // // md5 OBJECT IDENTIFIER ::= @@ -80,7 +88,9 @@ static final ASN1ObjectIdentifier md5 = digestAlgorithm.branch("5"); static final ASN1ObjectIdentifier id_hmacWithSHA1 = digestAlgorithm.branch("7"); - static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); + // BEGIN android-removed + // static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); + // END android-removed static final ASN1ObjectIdentifier id_hmacWithSHA256 = digestAlgorithm.branch("9"); static final ASN1ObjectIdentifier id_hmacWithSHA384 = digestAlgorithm.branch("10"); static final ASN1ObjectIdentifier id_hmacWithSHA512 = digestAlgorithm.branch("11"); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java 2011-09-08 21:28:50.000000000 +0000 @@ -19,7 +19,9 @@ private AlgorithmIdentifier maskGenAlgorithm; private AlgorithmIdentifier pSourceAlgorithm; - public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, new DERNull()); + // BEGIN android-changed + public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); + // END android-changed public final static AlgorithmIdentifier DEFAULT_MASK_GEN_FUNCTION = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, DEFAULT_HASH_ALGORITHM); public final static AlgorithmIdentifier DEFAULT_P_SOURCE_ALGORITHM = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0])); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java 2011-09-08 21:28:50.000000000 +0000 @@ -20,7 +20,9 @@ private DERInteger saltLength; private DERInteger trailerField; - public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, new DERNull()); + // BEGIN android-changed + public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); + // END android-changed public final static AlgorithmIdentifier DEFAULT_MASK_GEN_FUNCTION = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, DEFAULT_HASH_ALGORITHM); public final static DERInteger DEFAULT_SALT_LENGTH = new DERInteger(20); public final static DERInteger DEFAULT_TRAILER_FIELD = new DERInteger(1); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/util/ASN1Dump.java bcprov-jdk16-146/org/bouncycastle/asn1/util/ASN1Dump.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/util/ASN1Dump.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/util/ASN1Dump.java 2011-09-08 21:28:50.000000000 +0000 @@ -79,7 +79,9 @@ { Object o = e.nextElement(); - if (o == null || o.equals(new DERNull())) + // BEGIN android-changed + if (o == null || o.equals(DERNull.INSTANCE)) + // END android-changed { buf.append(tab); buf.append("NULL"); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/AttCertIssuer.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/AttCertIssuer.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/AttCertIssuer.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/AttCertIssuer.java 2011-09-08 21:28:50.000000000 +0000 @@ -45,7 +45,7 @@ ASN1TaggedObject obj, boolean explicit) { - return getInstance(obj.getObject()); // must be explictly tagged + return getInstance(obj.getObject()); // must be explicitly tagged } /** diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/BasicConstraints.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/BasicConstraints.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/BasicConstraints.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/BasicConstraints.java 2011-09-08 21:28:50.000000000 +0000 @@ -14,7 +14,9 @@ public class BasicConstraints extends ASN1Encodable { - DERBoolean cA = new DERBoolean(false); + // BEGIN android-changed + DERBoolean cA = DERBoolean.FALSE; + // END android-changed DERInteger pathLenConstraint = null; public static BasicConstraints getInstance( @@ -89,7 +91,9 @@ { if (cA) { - this.cA = new DERBoolean(cA); + // BEGIN android-changed + this.cA = DERBoolean.getInstance(cA); + // END android-changed this.pathLenConstraint = new DERInteger(pathLenConstraint); } else @@ -104,7 +108,9 @@ { if (cA) { - this.cA = new DERBoolean(true); + // BEGIN android-changed + this.cA = DERBoolean.TRUE; + // END android-changed } else { @@ -121,7 +127,9 @@ public BasicConstraints( int pathLenConstraint) { - this.cA = new DERBoolean(true); + // BEGIN android-changed + this.cA = DERBoolean.TRUE; + // END android-changed this.pathLenConstraint = new DERInteger(pathLenConstraint); } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java 2011-09-08 21:28:50.000000000 +0000 @@ -96,11 +96,15 @@ } if (onlyContainsUserCerts) { - vec.add(new DERTaggedObject(false, 1, new DERBoolean(true))); + // BEGIN android-changed + vec.add(new DERTaggedObject(false, 1, DERBoolean.TRUE)); + // END android-changed } if (onlyContainsCACerts) { - vec.add(new DERTaggedObject(false, 2, new DERBoolean(true))); + // BEGIN android-changed + vec.add(new DERTaggedObject(false, 2, DERBoolean.TRUE)); + // END android-changed } if (onlySomeReasons != null) { @@ -108,11 +112,15 @@ } if (indirectCRL) { - vec.add(new DERTaggedObject(false, 4, new DERBoolean(true))); + // BEGIN android-changed + vec.add(new DERTaggedObject(false, 4, DERBoolean.TRUE)); + // END android-changed } if (onlyContainsAttributeCerts) { - vec.add(new DERTaggedObject(false, 5, new DERBoolean(true))); + // BEGIN android-changed + vec.add(new DERTaggedObject(false, 5, DERBoolean.TRUE)); + // END android-changed } seq = new DERSequence(vec); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Extensions.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Extensions.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Extensions.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Extensions.java 2011-09-08 21:28:50.000000000 +0000 @@ -400,7 +400,9 @@ if (ext.isCritical()) { - v.add(new DERBoolean(true)); + // BEGIN android-changed + v.add(DERBoolean.TRUE); + // END android-changed } v.add(ext.getValue()); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Name.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Name.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Name.java 2011-09-08 21:28:50.000000000 +0000 @@ -249,8 +249,10 @@ */ public static final Hashtable SymbolLookUp = DefaultLookUp; - private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility - private static final Boolean FALSE = new Boolean(false); + // BEGIN android-changed + private static final Boolean TRUE = Boolean.TRUE; + private static final Boolean FALSE = Boolean.FALSE; + // END android-changed static { @@ -432,7 +434,9 @@ { values.addElement("#" + bytesToString(Hex.encode(value.getDERObject().getDEREncoded()))); } - added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility + // BEGIN android-changed + added.addElement(Boolean.valueOf(i != 0)); + // END android-changed } } } @@ -689,7 +693,9 @@ if (index == -1) { - throw new IllegalArgumentException("badly formated directory string"); + // BEGIN android-changed + throw new IllegalArgumentException("badly formatted directory string"); + // END android-changed } String name = token.substring(0, index); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509NameTokenizer.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2011-09-08 21:28:50.000000000 +0000 @@ -58,6 +58,17 @@ } else { + // BEGIN android-added + // copied from a newer version of BouncyCastle + if (c == '#' && buf.charAt(buf.length() - 1) == '=') + { + buf.append('\\'); + } + else if (c == '+' && seperator != '+') + { + buf.append('\\'); + } + // END android-added buf.append(c); } escaped = false; @@ -96,4 +107,4 @@ index = end; return buf.toString().trim(); } -} +} \ No newline at end of file diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/PBEParametersGenerator.java bcprov-jdk16-146/org/bouncycastle/crypto/PBEParametersGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/PBEParametersGenerator.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/crypto/PBEParametersGenerator.java 2011-09-08 21:28:49.000000000 +0000 @@ -136,7 +136,8 @@ public static byte[] PKCS12PasswordToBytes( char[] password) { - if (password.length > 0) + // BEGIN android-changed + if (password != null && password.length > 0) { // +1 for extra 2 pad bytes. byte[] bytes = new byte[(password.length + 1) * 2]; @@ -153,5 +154,6 @@ { return new byte[0]; } + // END android-changed } } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk16-146/org/bouncycastle/crypto/digests/OpenSSLDigest.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2011-09-08 21:28:49.000000000 +0000 @@ -0,0 +1,159 @@ +/* + * Copyright (C) 2008 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.bouncycastle.crypto.digests; + +import org.apache.harmony.xnet.provider.jsse.NativeCrypto; +import org.bouncycastle.crypto.ExtendedDigest; + +/** + * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. + */ +public class OpenSSLDigest implements ExtendedDigest { + + /** + * Holds the standard name of the hashing algorithm, e.g. "SHA-1"; + */ + private final String algorithm; + + /** + * Holds the EVP_MD for the hashing algorithm, e.g. EVP_get_digestbyname("sha1"); + */ + private final int evp_md; + + /** + * Holds the output size of the message digest. + */ + private final int size; + + /** + * Holds the block size of the message digest. + */ + private final int blockSize; + + /** + * Holds a pointer to the native message digest context. It is + * lazily initialized to avoid having to reallocate on reset when + * its unlikely to be reused. + */ + private int ctx; + + /** + * Holds a dummy buffer for writing single bytes to the digest. + */ + private final byte[] singleByte = new byte[1]; + + /** + * Creates a new OpenSSLMessageDigest instance for the given algorithm + * name. + */ + private OpenSSLDigest(String algorithm, int evp_md, int size, int blockSize) { + this.algorithm = algorithm; + this.evp_md = evp_md; + this.size = size; + this.blockSize = blockSize; + } + + public String getAlgorithmName() { + return algorithm; + } + + public int getDigestSize() { + return size; + } + + public int getByteLength() { + return blockSize; + } + + public void reset() { + free(); + } + + public void update(byte in) { + singleByte[0] = in; + update(singleByte, 0, 1); + } + + public void update(byte[] in, int inOff, int len) { + NativeCrypto.EVP_DigestUpdate(getCtx(), in, inOff, len); + } + + public int doFinal(byte[] out, int outOff) { + int i = NativeCrypto.EVP_DigestFinal(getCtx(), out, outOff); + ctx = 0; // EVP_DigestFinal frees the context as a side effect + reset(); + return i; + } + + private int getCtx() { + if (ctx == 0) { + ctx = NativeCrypto.EVP_DigestInit(evp_md); + } + return ctx; + } + + private void free() { + if (ctx != 0) { + NativeCrypto.EVP_MD_CTX_destroy(ctx); + ctx = 0; + } + } + + @Override + protected void finalize() throws Throwable { + try { + free(); + } finally { + super.finalize(); + } + } + + public static class MD5 extends OpenSSLDigest { + private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("md5"); + private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); + private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); + public MD5() { super("MD5", EVP_MD, SIZE, BLOCK_SIZE); } + } + + public static class SHA1 extends OpenSSLDigest { + private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("sha1"); + private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); + private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); + public SHA1() { super("SHA-1", EVP_MD, SIZE, BLOCK_SIZE); } + } + + public static class SHA256 extends OpenSSLDigest { + private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("sha256"); + private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); + private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); + public SHA256() { super("SHA-256", EVP_MD, SIZE, BLOCK_SIZE); } + } + + public static class SHA384 extends OpenSSLDigest { + private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("sha384"); + private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); + private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); + public SHA384() { super("SHA-384", EVP_MD, SIZE, BLOCK_SIZE); } + } + + public static class SHA512 extends OpenSSLDigest { + private static final int EVP_MD = NativeCrypto.EVP_get_digestbyname("sha512"); + private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); + private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); + public SHA512() { super("SHA-512", EVP_MD, SIZE, BLOCK_SIZE); } + } +} diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/engines/RC2Engine.java bcprov-jdk16-146/org/bouncycastle/crypto/engines/RC2Engine.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/engines/RC2Engine.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/crypto/engines/RC2Engine.java 2011-09-08 21:28:49.000000000 +0000 @@ -313,4 +313,4 @@ out[outOff + 6] = (byte)x76; out[outOff + 7] = (byte)(x76 >> 8); } -} +} \ No newline at end of file diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk16-146/org/bouncycastle/crypto/generators/DHParametersHelper.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/crypto/generators/DHParametersHelper.java 2011-09-08 21:28:49.000000000 +0000 @@ -3,10 +3,17 @@ import java.math.BigInteger; import java.security.SecureRandom; +// BEGIN android-added +import java.util.logging.Logger; +// END android-added import org.bouncycastle.util.BigIntegers; class DHParametersHelper { + // BEGIN android-added + private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); + // END android-added + private static final BigInteger ONE = BigInteger.valueOf(1); private static final BigInteger TWO = BigInteger.valueOf(2); @@ -17,11 +24,19 @@ */ static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) { + // BEGIN android-added + logger.info("Generating safe primes. This may take a long time."); + long start = System.currentTimeMillis(); + int tries = 0; + // END android-added BigInteger p, q; int qLength = size - 1; for (;;) { + // BEGIN android-added + tries++; + // END android-added q = new BigInteger(qLength, 2, random); // p <- 2q + 1 @@ -32,6 +47,11 @@ break; } } + // BEGIN android-added + long end = System.currentTimeMillis(); + long duration = end - start; + logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); + // END android-added return new BigInteger[] { p, q }; } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk16-146/org/bouncycastle/crypto/macs/HMac.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/macs/HMac.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/crypto/macs/HMac.java 2011-09-08 21:28:49.000000000 +0000 @@ -32,23 +32,23 @@ { blockLengths = new Hashtable(); - blockLengths.put("GOST3411", new Integer(32)); + blockLengths.put("GOST3411", Integer.valueOf(32)); - blockLengths.put("MD2", new Integer(16)); - blockLengths.put("MD4", new Integer(64)); - blockLengths.put("MD5", new Integer(64)); - - blockLengths.put("RIPEMD128", new Integer(64)); - blockLengths.put("RIPEMD160", new Integer(64)); - - blockLengths.put("SHA-1", new Integer(64)); - blockLengths.put("SHA-224", new Integer(64)); - blockLengths.put("SHA-256", new Integer(64)); - blockLengths.put("SHA-384", new Integer(128)); - blockLengths.put("SHA-512", new Integer(128)); + blockLengths.put("MD2", Integer.valueOf(16)); + blockLengths.put("MD4", Integer.valueOf(64)); + blockLengths.put("MD5", Integer.valueOf(64)); + + blockLengths.put("RIPEMD128", Integer.valueOf(64)); + blockLengths.put("RIPEMD160", Integer.valueOf(64)); + + blockLengths.put("SHA-1", Integer.valueOf(64)); + blockLengths.put("SHA-224", Integer.valueOf(64)); + blockLengths.put("SHA-256", Integer.valueOf(64)); + blockLengths.put("SHA-384", Integer.valueOf(128)); + blockLengths.put("SHA-512", Integer.valueOf(128)); - blockLengths.put("Tiger", new Integer(64)); - blockLengths.put("Whirlpool", new Integer(64)); + blockLengths.put("Tiger", Integer.valueOf(64)); + blockLengths.put("Whirlpool", Integer.valueOf(64)); } private static int getByteLength( diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk16-146/org/bouncycastle/crypto/signers/RSADigestSigner.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/crypto/signers/RSADigestSigner.java 2011-09-08 21:28:49.000000000 +0000 @@ -46,8 +46,10 @@ oidMap.put("SHA-384", NISTObjectIdentifiers.id_sha384); oidMap.put("SHA-512", NISTObjectIdentifiers.id_sha512); - oidMap.put("MD2", PKCSObjectIdentifiers.md2); - oidMap.put("MD4", PKCSObjectIdentifiers.md4); + // BEGIN android-removed + // oidMap.put("MD2", PKCSObjectIdentifiers.md2); + // oidMap.put("MD4", PKCSObjectIdentifiers.md4); + // END android-removed oidMap.put("MD5", PKCSObjectIdentifiers.md5); } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk16-146/org/bouncycastle/crypto/util/PrivateKeyFactory.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2011-09-08 21:28:49.000000000 +0000 @@ -12,7 +12,9 @@ import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.nist.NISTNamedCurves; -import org.bouncycastle.asn1.oiw.ElGamalParameter; +// BEGIN android-removed +// import org.bouncycastle.asn1.oiw.ElGamalParameter; +// END android-removed import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.DHParameter; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; @@ -20,7 +22,9 @@ import org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure; import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; import org.bouncycastle.asn1.sec.SECNamedCurves; -import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// BEGIN android-removed +// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.DSAParameter; import org.bouncycastle.asn1.x9.X962NamedCurves; @@ -34,8 +38,10 @@ import org.bouncycastle.crypto.params.DSAPrivateKeyParameters; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; -import org.bouncycastle.crypto.params.ElGamalParameters; -import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; +// BEGIN android-removed +// import org.bouncycastle.crypto.params.ElGamalParameters; +// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; +// END android-removed import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; /** @@ -103,15 +109,17 @@ return new DHPrivateKeyParameters(derX.getValue(), dhParams); } - else if (algId.getObjectId().equals(OIWObjectIdentifiers.elGamalAlgorithm)) - { - ElGamalParameter params = new ElGamalParameter( - (ASN1Sequence)keyInfo.getAlgorithmId().getParameters()); - DERInteger derX = (DERInteger)keyInfo.getPrivateKey(); - - return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( - params.getP(), params.getG())); - } + // BEGIN android-removed + // else if (algId.getObjectId().equals(OIWObjectIdentifiers.elGamalAlgorithm)) + // { + // ElGamalParameter params = new ElGamalParameter( + // (ASN1Sequence)keyInfo.getAlgorithmId().getParameters()); + // DERInteger derX = (DERInteger)keyInfo.getPrivateKey(); + // + // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( + // params.getP(), params.getG())); + // } + // END android-removed else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa)) { DERInteger derX = (DERInteger)keyInfo.getPrivateKey(); @@ -145,10 +153,12 @@ { ecP = NISTNamedCurves.getByOID(oid); - if (ecP == null) - { - ecP = TeleTrusTNamedCurves.getByOID(oid); - } + // BEGIN android-removed + // if (ecP == null) + // { + // ecP = TeleTrusTNamedCurves.getByOID(oid); + // } + // END android-removed } } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk16-146/org/bouncycastle/crypto/util/PublicKeyFactory.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/crypto/util/PublicKeyFactory.java 2011-09-08 21:28:49.000000000 +0000 @@ -15,12 +15,16 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.nist.NISTNamedCurves; -import org.bouncycastle.asn1.oiw.ElGamalParameter; +// BEGIN android-removed +// import org.bouncycastle.asn1.oiw.ElGamalParameter; +// END android-removed import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.DHParameter; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.sec.SECNamedCurves; -import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// BEGIN android-removed +// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.DSAParameter; import org.bouncycastle.asn1.x509.RSAPublicKeyStructure; @@ -42,8 +46,10 @@ import org.bouncycastle.crypto.params.DSAPublicKeyParameters; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -import org.bouncycastle.crypto.params.ElGamalParameters; -import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; +// BEGIN android-removed +// import org.bouncycastle.crypto.params.ElGamalParameters; +// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; +// END android-removed import org.bouncycastle.crypto.params.RSAKeyParameters; /** @@ -139,15 +145,17 @@ return new DHPublicKeyParameters(derY.getValue(), dhParams); } - else if (algId.getObjectId().equals(OIWObjectIdentifiers.elGamalAlgorithm)) - { - ElGamalParameter params = new ElGamalParameter( - (ASN1Sequence)keyInfo.getAlgorithmId().getParameters()); - DERInteger derY = (DERInteger)keyInfo.getPublicKey(); - - return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( - params.getP(), params.getG())); - } + // BEGIN android-removed + // else if (algId.getObjectId().equals(OIWObjectIdentifiers.elGamalAlgorithm)) + // { + // ElGamalParameter params = new ElGamalParameter( + // (ASN1Sequence)keyInfo.getAlgorithmId().getParameters()); + // DERInteger derY = (DERInteger)keyInfo.getPublicKey(); + // + // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( + // params.getP(), params.getG())); + // } + // END android-removed else if (algId.getObjectId().equals(X9ObjectIdentifiers.id_dsa) || algId.getObjectId().equals(OIWObjectIdentifiers.dsaWithSHA1)) { @@ -182,10 +190,12 @@ { ecP = NISTNamedCurves.getByOID(oid); - if (ecP == null) - { - ecP = TeleTrusTNamedCurves.getByOID(oid); - } + // BEGIN android-removed + // if (ecP == null) + // { + // ecP = TeleTrusTNamedCurves.getByOID(oid); + // } + // END android-removed } } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/ECNamedCurveTable.java bcprov-jdk16-146/org/bouncycastle/jce/ECNamedCurveTable.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/ECNamedCurveTable.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/ECNamedCurveTable.java 2011-09-08 21:28:49.000000000 +0000 @@ -3,7 +3,9 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.sec.SECNamedCurves; -import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// BEGIN android-removed +// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// END android-removed import org.bouncycastle.asn1.x9.X962NamedCurves; import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; @@ -55,21 +57,23 @@ } } - if (ecP == null) - { - ecP = TeleTrusTNamedCurves.getByName(name); - if (ecP == null) - { - try - { - ecP = TeleTrusTNamedCurves.getByOID(new DERObjectIdentifier(name)); - } - catch (IllegalArgumentException e) - { - // ignore - not an oid - } - } - } + // BEGIN android-removed + // if (ecP == null) + // { + // ecP = TeleTrusTNamedCurves.getByName(name); + // if (ecP == null) + // { + // try + // { + // ecP = TeleTrusTNamedCurves.getByOID(new DERObjectIdentifier(name)); + // } + // catch (IllegalArgumentException e) + // { + // // ignore - not an oid + // } + // } + // } + // END android-removed if (ecP == null) { @@ -102,7 +106,9 @@ addEnumeration(v, X962NamedCurves.getNames()); addEnumeration(v, SECNamedCurves.getNames()); addEnumeration(v, NISTNamedCurves.getNames()); - addEnumeration(v, TeleTrusTNamedCurves.getNames()); + // BEGIN android-removed + // addEnumeration(v, TeleTrusTNamedCurves.getNames()); + // END android-removed return v.elements(); } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk16-146/org/bouncycastle/jce/PKCS10CertificationRequest.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/PKCS10CertificationRequest.java 2011-09-08 21:28:49.000000000 +0000 @@ -80,15 +80,20 @@ static { - algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); - algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); + // BEGIN android-removed + // Dropping MD2 + // algorithms.put("MD2WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.2")); + // algorithms.put("MD2WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.2")); + // END android-removed algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("RSAWITHMD5", new DERObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("SHA1WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.5")); algorithms.put("SHA1WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.5")); - algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); - algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); + // BEGIN android-removed + // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); + // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); + // END android-removed algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); @@ -96,57 +101,78 @@ algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); - algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); + // BEGIN android-removed + // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); + // END android-removed algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("RSAWITHSHA1", new DERObjectIdentifier("1.2.840.113549.1.1.5")); - algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + // BEGIN android-removed + // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); + // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); + // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); + // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); + // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + // END android-removed algorithms.put("SHA1WITHDSA", new DERObjectIdentifier("1.2.840.10040.4.3")); algorithms.put("DSAWITHSHA1", new DERObjectIdentifier("1.2.840.10040.4.3")); - algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); + // BEGIN android-removed + // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); + // END android-removed algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); + // BEGIN android-removed + // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); + // END android-removed algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // BEGIN android-removed + // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); + // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); + // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // END android-removed // // reverse mappings // oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA"); - oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); + // BEGIN android-removed + // oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); + // END android-removed oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); - oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); - oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); + // BEGIN android-removed + // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); + // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); + // END android-removed oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); - oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); + // BEGIN android-removed + // Dropping MD2 + // oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); + // END android-removed oids.put(new DERObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); + // BEGIN android-removed + // oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); + // END android-removed oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA"); oids.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); oids.put(OIWObjectIdentifiers.dsaWithSHA1, "SHA1WITHDSA"); - oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); + // BEGIN android-removed + // oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); + // END android-removed oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA"); // @@ -160,35 +186,53 @@ // The parameters field SHALL be NULL for RSA based signature algorithms. // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); + // BEGIN android-removed + // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); + // END android-removed noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); - noParams.add(NISTObjectIdentifiers.dsa_with_sha224); + // BEGIN android-removed + // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); + // END android-removed noParams.add(NISTObjectIdentifiers.dsa_with_sha256); // // RFC 4491 // - noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // BEGIN android-removed + // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); + // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // END android-removed // // explicit params // - AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, new DERNull()); + // BEGIN android-changed + AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); + // END android-changed params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); - AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, new DERNull()); - params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); - - AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, new DERNull()); + // BEGIN android-removed + // // BEGIN android-changed + // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); + // // END android-changed + // params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); + // END android-removed + + // BEGIN android-changed + AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); + // END android-changed params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); - AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, new DERNull()); + // BEGIN android-changed + AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE); + // END android-changed params.put("SHA384WITHRSAANDMGF1", creatPSSParams(sha384AlgId, 48)); - AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, new DERNull()); + // BEGIN android-changed + AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE); + // END android-changed params.put("SHA512WITHRSAANDMGF1", creatPSSParams(sha512AlgId, 64)); } @@ -594,10 +638,12 @@ { return "SHA1"; } - else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) - { - return "SHA224"; - } + // BEGIN android-removed + // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) + // { + // return "SHA224"; + // } + // END android-removed else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) { return "SHA256"; @@ -610,22 +656,24 @@ { return "SHA512"; } - else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - { - return "RIPEMD128"; - } - else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - { - return "RIPEMD160"; - } - else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - { - return "RIPEMD256"; - } - else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - { - return "GOST3411"; - } + // BEGIN android-removed + // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + // { + // return "RIPEMD128"; + // } + // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + // { + // return "RIPEMD160"; + // } + // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + // { + // return "RIPEMD256"; + // } + // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + // { + // return "GOST3411"; + // } + // END android-removed else { return digestAlgOID.getId(); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk16-146/org/bouncycastle/jce/provider/BouncyCastleProvider.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2011-09-08 21:28:49.000000000 +0000 @@ -45,7 +45,10 @@ { private static String info = "BouncyCastle Security Provider v1.46"; - public static String PROVIDER_NAME = "BC"; + // BEGIN android-changed + // this constant should be final + public static final String PROVIDER_NAME = "BC"; + // END android-changed /* * Configurable symmetric ciphers @@ -53,8 +56,14 @@ private static final String SYMMETRIC_CIPHER_PACKAGE = "org.bouncycastle.jce.provider.symmetric."; private static final String[] SYMMETRIC_CIPHERS = { - "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "DESede", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", - "Noekeon", "RC5", "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Skipjack", "TEA", "Twofish", "VMPC", "VMPCKSA3", "XTEA" + // BEGIN android-removed + // "AES", "ARC4", "Blowfish", "Camellia", "CAST5", "CAST6", "DESede", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", + // "Noekeon", "RC5", "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Skipjack", "TEA", "Twofish", "VMPC", "VMPCKSA3", "XTEA" + // END android-removed + // BEGIN android-added + "AES", "ARC4", "Blowfish", "DESede", + // END android-added + }; /* @@ -90,26 +99,28 @@ loadAlgorithms(SYMMETRIC_CIPHER_PACKAGE, SYMMETRIC_CIPHERS); loadAlgorithms(ASYMMETRIC_CIPHER_PACKAGE, ASYMMETRIC_CIPHERS); - // - // X509Store - // - put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); - put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); - put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); - put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); - - put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); - put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); - put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); - put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); - - // - // X509StreamParser - // - put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); - put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); - put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); - put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); + // BEGIN android-removed + // // + // // X509Store + // // + // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); + // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); + // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); + // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); + // + // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); + // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); + // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); + // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); + // + // // + // // X509StreamParser + // // + // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); + // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); + // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); + // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); + // END android-removed // @@ -118,14 +129,24 @@ put("KeyStore.BKS", "org.bouncycastle.jce.provider.JDKKeyStore"); put("KeyStore.BouncyCastle", "org.bouncycastle.jce.provider.JDKKeyStore$BouncyCastleStore"); put("KeyStore.PKCS12", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); - put("KeyStore.BCPKCS12", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); - put("KeyStore.PKCS12-DEF", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); - - put("KeyStore.PKCS12-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore"); - put("KeyStore.PKCS12-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore3DES"); - - put("KeyStore.PKCS12-DEF-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); - put("KeyStore.PKCS12-DEF-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore3DES"); + // BEGIN android-changed + put("Alg.Alias.KeyStore.BCPKCS12", "PKCS12"); + // END android-changed + // BEGIN android-removed + // put("KeyStore.PKCS12-DEF", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); + // END android-removed + + // BEGIN android-changed + put("Alg.Alias.KeyStore.PKCS12-3DES-40RC2", "PKCS12"); + // END android-changed + // BEGIN android-removed + // put("KeyStore.PKCS12-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$BCPKCS12KeyStore3DES"); + // END android-removed + + // BEGIN android-removed + // put("KeyStore.PKCS12-DEF-3DES-40RC2", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore"); + // put("KeyStore.PKCS12-DEF-3DES-3DES", "org.bouncycastle.jce.provider.JDKPKCS12KeyStore$DefPKCS12KeyStore3DES"); + // END android-removed put("Alg.Alias.KeyStore.UBER", "BouncyCastle"); put("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); @@ -142,44 +163,63 @@ // put("AlgorithmParameterGenerator.DH", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DH"); put("AlgorithmParameterGenerator.DSA", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DSA"); - put("AlgorithmParameterGenerator.GOST3410", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$GOST3410"); - put("AlgorithmParameterGenerator.ELGAMAL", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$ElGamal"); - put("AlgorithmParameterGenerator.DES", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DES"); - put("AlgorithmParameterGenerator.DESEDE", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DES"); - put("AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DES"); - put("AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DES"); - put("AlgorithmParameterGenerator.RC2", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$RC2"); - put("AlgorithmParameterGenerator.1.2.840.113549.3.2", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$RC2"); + // BEGIN android-removed + // put("AlgorithmParameterGenerator.GOST3410", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$GOST3410"); + // put("AlgorithmParameterGenerator.ELGAMAL", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$ElGamal"); + // put("AlgorithmParameterGenerator.DES", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DES"); + // put("AlgorithmParameterGenerator.DESEDE", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DES"); + // put("AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DES"); + // put("AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$DES"); + // put("AlgorithmParameterGenerator.RC2", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$RC2"); + // put("AlgorithmParameterGenerator.1.2.840.113549.3.2", "org.bouncycastle.jce.provider.JDKAlgorithmParameterGenerator$RC2"); + // END android-removed put("Alg.Alias.AlgorithmParameterGenerator.DIFFIEHELLMAN", "DH"); - put("Alg.Alias.AlgorithmParameterGenerator.GOST-3410", "GOST3410"); + // BEGIN android-removed + // put("Alg.Alias.AlgorithmParameterGenerator.GOST-3410", "GOST3410"); + // END android-removed // // algorithm parameters // put("AlgorithmParameters.OAEP", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$OAEP"); - put("AlgorithmParameters.PSS", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PSS"); + // BEGIN android-removed + // put("AlgorithmParameters.PSS", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PSS"); + // END android-removed put("AlgorithmParameters.DH", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$DH"); put("Alg.Alias.AlgorithmParameters.DIFFIEHELLMAN", "DH"); put("AlgorithmParameters.DSA", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$DSA"); - put("AlgorithmParameters.ELGAMAL", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$ElGamal"); - put("AlgorithmParameters.IES", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IES"); + // BEGIN android-removed + // put("AlgorithmParameters.ELGAMAL", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$ElGamal"); + // put("AlgorithmParameters.IES", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IES"); + // END android-removed put("AlgorithmParameters.PKCS12PBE", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PKCS12PBE"); - put("AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IVAlgorithmParameters"); - put("AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PBKDF2"); - - put("AlgorithmParameters.GOST3410", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$GOST3410"); - put("Alg.Alias.AlgorithmParameters.GOST-3410", "GOST3410"); + // BEGIN android-changed + // redundant with below + // put("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESede"); + // END android-changed + // BEGIN android-removed + // put("AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "org.bouncycastle.jce.provider.JDKAlgorithmParameters$PBKDF2"); + // + // put("AlgorithmParameters.GOST3410", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$GOST3410"); + // put("Alg.Alias.AlgorithmParameters.GOST-3410", "GOST3410"); + // END android-removed put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2", "PKCS12PBE"); - put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES", "PKCS12PBE"); - put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES", "PKCS12PBE"); - put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC2", "PKCS12PBE"); - put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC4", "PKCS12PBE"); + // BEGIN android-removed + // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES", "PKCS12PBE"); + // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES", "PKCS12PBE"); + // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC2", "PKCS12PBE"); + // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC4", "PKCS12PBE"); + // END android-removed put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); - put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2-CBC", "PKCS12PBE"); + // BEGIN android-removed + // put("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2-CBC", "PKCS12PBE"); + // END android-removed put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PKCS12PBE"); put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PKCS12PBE"); - put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES3KEY-CBC", "PKCS12PBE"); - put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES2KEY-CBC", "PKCS12PBE"); + // BEGIN android-removed + // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES3KEY-CBC", "PKCS12PBE"); + // put("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES2KEY-CBC", "PKCS12PBE"); + // END android-removed put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND40BITRC2-CBC", "PKCS12PBE"); put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND40BITRC4", "PKCS12PBE"); put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITRC2-CBC", "PKCS12PBE"); @@ -193,7 +233,7 @@ put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.5", "PKCS12PBE"); put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.6", "PKCS12PBE"); put("Alg.Alias.AlgorithmParameters.PBEWithSHAAnd3KeyTripleDES", "PKCS12PBE"); - + put("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PKCS12PBE"); put("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); put("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); @@ -203,22 +243,24 @@ put("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); - put("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); - put("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); - put("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); - put("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); - put("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); - put("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); - put("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); + // BEGIN android-removed + // put("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); + // put("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); + // put("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); + // put("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); + // END android-removed put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITAES-CBC-BC", "PKCS12PBE"); put("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND192BITAES-CBC-BC", "PKCS12PBE"); @@ -235,12 +277,14 @@ put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND128BITAES-CBC-BC","PKCS12PBE"); put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND192BITAES-CBC-BC","PKCS12PBE"); put("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND256BITAES-CBC-BC","PKCS12PBE"); - - put("AlgorithmParameters.SHA1WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); - put("AlgorithmParameters.SHA224WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); - put("AlgorithmParameters.SHA256WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); - put("AlgorithmParameters.SHA384WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); - put("AlgorithmParameters.SHA512WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); + + // BEGIN android-removed + // put("AlgorithmParameters.SHA1WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); + // put("AlgorithmParameters.SHA224WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); + // put("AlgorithmParameters.SHA256WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); + // put("AlgorithmParameters.SHA384WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); + // put("AlgorithmParameters.SHA512WITHECDSA", "org.bouncycastle.jce.provider.JDKECDSAAlgParameters$SigAlgParameters"); + // END android-removed // // key agreement @@ -252,71 +296,91 @@ // cipher engines // put("Cipher.DES", "org.bouncycastle.jce.provider.JCEBlockCipher$DES"); - put("Cipher." + OIWObjectIdentifiers.desCBC, "org.bouncycastle.jce.provider.JCEBlockCipher$DESCBC"); - - put("Cipher.RC2", "org.bouncycastle.jce.provider.JCEBlockCipher$RC2"); - put("Cipher.RC2WRAP", "org.bouncycastle.jce.provider.WrapCipherSpi$RC2Wrap"); - put("Cipher.1.2.840.113549.1.9.16.3.7", "org.bouncycastle.jce.provider.WrapCipherSpi$RC2Wrap"); - - put("Cipher.1.2.840.113549.3.2", "org.bouncycastle.jce.provider.JCEBlockCipher$RC2CBC"); + // BEGIN android-removed + // put("Cipher." + OIWObjectIdentifiers.desCBC, "org.bouncycastle.jce.provider.JCEBlockCipher$DESCBC"); + // + // put("Cipher.RC2", "org.bouncycastle.jce.provider.JCEBlockCipher$RC2"); + // put("Cipher.RC2WRAP", "org.bouncycastle.jce.provider.WrapCipherSpi$RC2Wrap"); + // put("Cipher.1.2.840.113549.1.9.16.3.7", "org.bouncycastle.jce.provider.WrapCipherSpi$RC2Wrap"); + // + // put("Cipher.1.2.840.113549.3.2", "org.bouncycastle.jce.provider.JCEBlockCipher$RC2CBC"); + // END android-removed put("Alg.Alias.Cipher.PBEWithSHAAnd3KeyTripleDES", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); - put("Cipher.GOST28147", "org.bouncycastle.jce.provider.JCEBlockCipher$GOST28147"); - put("Alg.Alias.Cipher.GOST", "GOST28147"); - put("Alg.Alias.Cipher.GOST-28147", "GOST28147"); - put("Cipher." + CryptoProObjectIdentifiers.gostR28147_cbc, "org.bouncycastle.jce.provider.JCEBlockCipher$GOST28147cbc"); + // BEGIN android-removed + // put("Cipher.GOST28147", "org.bouncycastle.jce.provider.JCEBlockCipher$GOST28147"); + // put("Alg.Alias.Cipher.GOST", "GOST28147"); + // put("Alg.Alias.Cipher.GOST-28147", "GOST28147"); + // put("Cipher." + CryptoProObjectIdentifiers.gostR28147_cbc, "org.bouncycastle.jce.provider.JCEBlockCipher$GOST28147cbc"); + // END android-removed put("Cipher.RSA", "org.bouncycastle.jce.provider.JCERSACipher$NoPadding"); - put("Cipher.RSA/RAW", "org.bouncycastle.jce.provider.JCERSACipher$NoPadding"); - put("Cipher.RSA/PKCS1", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding"); - put("Cipher.1.2.840.113549.1.1.1", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding"); - put("Cipher.2.5.8.1.1", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding"); - put("Cipher.RSA/1", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding_PrivateOnly"); - put("Cipher.RSA/2", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding_PublicOnly"); - put("Cipher.RSA/OAEP", "org.bouncycastle.jce.provider.JCERSACipher$OAEPPadding"); - put("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, "org.bouncycastle.jce.provider.JCERSACipher$OAEPPadding"); - put("Cipher.RSA/ISO9796-1", "org.bouncycastle.jce.provider.JCERSACipher$ISO9796d1Padding"); - - put("Cipher.ECIES", "org.bouncycastle.jce.provider.JCEIESCipher$ECIES"); - put("Cipher.BrokenECIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenECIES"); - put("Cipher.IES", "org.bouncycastle.jce.provider.JCEIESCipher$IES"); - put("Cipher.BrokenIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenIES"); - put("Cipher.ELGAMAL", "org.bouncycastle.jce.provider.JCEElGamalCipher$NoPadding"); - put("Cipher.ELGAMAL/PKCS1", "org.bouncycastle.jce.provider.JCEElGamalCipher$PKCS1v1_5Padding"); + // BEGIN android-changed + put("Alg.Alias.Cipher.RSA/RAW", "RSA"); + // END android-changed + // BEGIN android-removed + // put("Cipher.RSA/PKCS1", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding"); + // put("Cipher.1.2.840.113549.1.1.1", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding"); + // put("Cipher.2.5.8.1.1", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding"); + // put("Cipher.RSA/1", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding_PrivateOnly"); + // put("Cipher.RSA/2", "org.bouncycastle.jce.provider.JCERSACipher$PKCS1v1_5Padding_PublicOnly"); + // put("Cipher.RSA/OAEP", "org.bouncycastle.jce.provider.JCERSACipher$OAEPPadding"); + // put("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, "org.bouncycastle.jce.provider.JCERSACipher$OAEPPadding"); + // put("Cipher.RSA/ISO9796-1", "org.bouncycastle.jce.provider.JCERSACipher$ISO9796d1Padding"); + // + // put("Cipher.ECIES", "org.bouncycastle.jce.provider.JCEIESCipher$ECIES"); + // put("Cipher.BrokenECIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenECIES"); + // put("Cipher.IES", "org.bouncycastle.jce.provider.JCEIESCipher$IES"); + // put("Cipher.BrokenIES", "org.bouncycastle.jce.provider.JCEIESCipher$BrokenIES"); + // put("Cipher.ELGAMAL", "org.bouncycastle.jce.provider.JCEElGamalCipher$NoPadding"); + // put("Cipher.ELGAMAL/PKCS1", "org.bouncycastle.jce.provider.JCEElGamalCipher$PKCS1v1_5Padding"); + // END android-removed put("Alg.Alias.Cipher.RSA//RAW", "RSA"); put("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); - put("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); - put("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); - put("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); - - put("Alg.Alias.Cipher.ELGAMAL/ECB/PKCS1PADDING", "ELGAMAL/PKCS1"); - put("Alg.Alias.Cipher.ELGAMAL/NONE/PKCS1PADDING", "ELGAMAL/PKCS1"); - put("Alg.Alias.Cipher.ELGAMAL/NONE/NOPADDING", "ELGAMAL"); + // BEGIN android-removed + // put("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); + // put("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); + // put("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); + // + // put("Alg.Alias.Cipher.ELGAMAL/ECB/PKCS1PADDING", "ELGAMAL/PKCS1"); + // put("Alg.Alias.Cipher.ELGAMAL/NONE/PKCS1PADDING", "ELGAMAL/PKCS1"); + // put("Alg.Alias.Cipher.ELGAMAL/NONE/NOPADDING", "ELGAMAL"); + // END android-removed put("Cipher.PBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithMD5AndDES"); - put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); + // BEGIN android-removed + // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); + // END android-removed put("Cipher.PBEWITHMD5ANDRC2", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithMD5AndRC2"); put("Cipher.PBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHA1AndDES"); - put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); + // BEGIN android-removed + // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); + // END android-removed put("Cipher.PBEWITHSHA1ANDRC2", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHA1AndRC2"); put("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAndDES3Key"); - put("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHAAndDES3Key"); - put("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndDES3Key"); + // BEGIN android-removed + // put("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHAAndDES3Key"); + // put("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndDES3Key"); + // END android-removed put("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAndDES2Key"); - put("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHAAndDES2Key"); + // BEGIN android-removed + // put("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHAAndDES2Key"); + // END android-removed put("Cipher.PBEWITHSHAAND128BITRC2-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAnd128BitRC2"); put("Cipher.PBEWITHSHAAND40BITRC2-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAnd40BitRC2"); put("Cipher.PBEWITHSHAAND128BITRC4", "org.bouncycastle.jce.provider.JCEStreamCipher$PBEWithSHAAnd128BitRC4"); put("Cipher.PBEWITHSHAAND40BITRC4", "org.bouncycastle.jce.provider.JCEStreamCipher$PBEWithSHAAnd40BitRC4"); - put("Alg.Alias.Cipher.PBEWITHSHA1AND3-KEYTRIPLEDES-CBC", "Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); - put("Alg.Alias.Cipher.PBEWITHSHA1AND2-KEYTRIPLEDES-CBC", "Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); - put("Alg.Alias.Cipher.PBEWITHSHA1AND128BITRC2-CBC", "Cipher.PBEWITHSHAAND128BITRC2-CBC"); - put("Alg.Alias.Cipher.PBEWITHSHA1AND40BITRC2-CBC", "Cipher.PBEWITHSHAAND40BITRC2-CBC"); - put("Alg.Alias.Cipher.PBEWITHSHA1AND128BITRC4", "Cipher.PBEWITHSHAAND128BITRC4"); - put("Alg.Alias.Cipher.PBEWITHSHA1AND40BITRC4", "Cipher.PBEWITHSHAAND40BITRC4"); + // BEGIN android-changed + put("Alg.Alias.Cipher.PBEWITHSHA1AND3-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); + put("Alg.Alias.Cipher.PBEWITHSHA1AND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); + put("Alg.Alias.Cipher.PBEWITHSHA1AND128BITRC2-CBC", "PBEWITHSHAAND128BITRC2-CBC"); + put("Alg.Alias.Cipher.PBEWITHSHA1AND40BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC"); + put("Alg.Alias.Cipher.PBEWITHSHA1AND128BITRC4", "PBEWITHSHAAND128BITRC4"); + put("Alg.Alias.Cipher.PBEWITHSHA1AND40BITRC4", "PBEWITHSHAAND40BITRC4"); + // END android-changed put("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC"); put("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC"); @@ -324,7 +388,7 @@ put("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.getId(), "PBEWITHSHA256AND128BITAES-CBC-BC"); put("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PBEWITHSHA256AND192BITAES-CBC-BC"); put("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PBEWITHSHA256AND256BITAES-CBC-BC"); - + put("Cipher.PBEWITHSHAAND128BITAES-CBC-BC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithAESCBC"); put("Cipher.PBEWITHSHAAND192BITAES-CBC-BC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithAESCBC"); put("Cipher.PBEWITHSHAAND256BITAES-CBC-BC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithAESCBC"); @@ -346,10 +410,12 @@ put("Cipher.PBEWITHMD5AND256BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithAESCBC"); put("Cipher.PBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.JCEBlockCipher$PBEWithSHAAndTwofish"); - put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); - - put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); + // BEGIN android-removed + // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); + // + // put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); + // put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); + // END android-removed put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDDES"); put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); @@ -368,13 +434,15 @@ put("KeyGenerator.DES", "org.bouncycastle.jce.provider.JCEKeyGenerator$DES"); put("Alg.Alias.KeyGenerator." + OIWObjectIdentifiers.desCBC, "DES"); - put("KeyGenerator.RC2", "org.bouncycastle.jce.provider.JCEKeyGenerator$RC2"); - put("KeyGenerator.1.2.840.113549.3.2", "org.bouncycastle.jce.provider.JCEKeyGenerator$RC2"); - - put("KeyGenerator.GOST28147", "org.bouncycastle.jce.provider.JCEKeyGenerator$GOST28147"); - put("Alg.Alias.KeyGenerator.GOST", "GOST28147"); - put("Alg.Alias.KeyGenerator.GOST-28147", "GOST28147"); - put("Alg.Alias.KeyGenerator." + CryptoProObjectIdentifiers.gostR28147_cbc, "GOST28147"); + // BEGIN android-removed + // put("KeyGenerator.RC2", "org.bouncycastle.jce.provider.JCEKeyGenerator$RC2"); + // put("KeyGenerator.1.2.840.113549.3.2", "org.bouncycastle.jce.provider.JCEKeyGenerator$RC2"); + // + // put("KeyGenerator.GOST28147", "org.bouncycastle.jce.provider.JCEKeyGenerator$GOST28147"); + // put("Alg.Alias.KeyGenerator.GOST", "GOST28147"); + // put("Alg.Alias.KeyGenerator.GOST-28147", "GOST28147"); + // put("Alg.Alias.KeyGenerator." + CryptoProObjectIdentifiers.gostR28147_cbc, "GOST28147"); + // END android-removed // // key pair generators. @@ -382,14 +450,18 @@ put("KeyPairGenerator.RSA", "org.bouncycastle.jce.provider.JDKKeyPairGenerator$RSA"); put("KeyPairGenerator.DH", "org.bouncycastle.jce.provider.JDKKeyPairGenerator$DH"); put("KeyPairGenerator.DSA", "org.bouncycastle.jce.provider.JDKKeyPairGenerator$DSA"); - put("KeyPairGenerator.ELGAMAL", "org.bouncycastle.jce.provider.JDKKeyPairGenerator$ElGamal"); + // BEGIN android-removed + // put("KeyPairGenerator.ELGAMAL", "org.bouncycastle.jce.provider.JDKKeyPairGenerator$ElGamal"); + // END android-removed put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1.1", "RSA"); put("Alg.Alias.KeyPairGenerator.DIFFIEHELLMAN", "DH"); - put("KeyPairGenerator.GOST3410", "org.bouncycastle.jce.provider.JDKKeyPairGenerator$GOST3410"); - put("Alg.Alias.KeyPairGenerator.GOST-3410", "GOST3410"); - put("Alg.Alias.KeyPairGenerator.GOST-3410-94", "GOST3410"); + // BEGIN android-removed + // put("KeyPairGenerator.GOST3410", "org.bouncycastle.jce.provider.JDKKeyPairGenerator$GOST3410"); + // put("Alg.Alias.KeyPairGenerator.GOST-3410", "GOST3410"); + // put("Alg.Alias.KeyPairGenerator.GOST-3410-94", "GOST3410"); + // END android-removed // // key factories @@ -397,20 +469,24 @@ put("KeyFactory.RSA", "org.bouncycastle.jce.provider.JDKKeyFactory$RSA"); put("KeyFactory.DH", "org.bouncycastle.jce.provider.JDKKeyFactory$DH"); put("KeyFactory.DSA", "org.bouncycastle.jce.provider.JDKKeyFactory$DSA"); - put("KeyFactory.ELGAMAL", "org.bouncycastle.jce.provider.JDKKeyFactory$ElGamal"); - put("KeyFactory.ElGamal", "org.bouncycastle.jce.provider.JDKKeyFactory$ElGamal"); - - put("KeyFactory.X.509", "org.bouncycastle.jce.provider.JDKKeyFactory$X509"); + // BEGIN android-removed + // put("KeyFactory.ELGAMAL", "org.bouncycastle.jce.provider.JDKKeyFactory$ElGamal"); + // put("KeyFactory.ElGamal", "org.bouncycastle.jce.provider.JDKKeyFactory$ElGamal"); + // + // put("KeyFactory.X.509", "org.bouncycastle.jce.provider.JDKKeyFactory$X509"); + // END android-removed put("Alg.Alias.KeyFactory.1.2.840.113549.1.1.1", "RSA"); put("Alg.Alias.KeyFactory.1.2.840.10040.4.1", "DSA"); put("Alg.Alias.KeyFactory.DIFFIEHELLMAN", "DH"); - put("KeyFactory.GOST3410", "org.bouncycastle.jce.provider.JDKKeyFactory$GOST3410"); - put("Alg.Alias.KeyFactory.GOST-3410", "GOST3410"); - put("Alg.Alias.KeyFactory.GOST-3410-94", "GOST3410"); - put("Alg.Alias.KeyFactory." + CryptoProObjectIdentifiers.gostR3410_94, "GOST3410"); + // BEGIN android-removed + // put("KeyFactory.GOST3410", "org.bouncycastle.jce.provider.JDKKeyFactory$GOST3410"); + // put("Alg.Alias.KeyFactory.GOST-3410", "GOST3410"); + // put("Alg.Alias.KeyFactory.GOST-3410-94", "GOST3410"); + // put("Alg.Alias.KeyFactory." + CryptoProObjectIdentifiers.gostR3410_94, "GOST3410"); + // END android-removed // // Algorithm parameters @@ -418,24 +494,34 @@ put("AlgorithmParameters.DES", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IVAlgorithmParameters"); put("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES"); put("AlgorithmParameters.DESEDE", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IVAlgorithmParameters"); - put("AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "org.bouncycastle.jce.provider.JDKAlgorithmParameters$IVAlgorithmParameters"); - put("AlgorithmParameters.RC2", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$RC2AlgorithmParameters"); - put("AlgorithmParameters.1.2.840.113549.3.2", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$RC2AlgorithmParameters"); + // BEGIN android-changed + put("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); + // END android-changed + // BEGIN android-removed + // put("AlgorithmParameters.RC2", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$RC2AlgorithmParameters"); + // put("AlgorithmParameters.1.2.840.113549.3.2", "org.bouncycastle.jce.provider.JDKAlgorithmParameters$RC2AlgorithmParameters"); + // END android-removed // // secret key factories. // put("SecretKeyFactory.DES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$DES"); - put("SecretKeyFactory.PBEWITHMD2ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndDES"); - - put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); + // BEGIN android-removed + // put("SecretKeyFactory.PBEWITHMD2ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndDES"); + // END android-removed + + // BEGIN android-removed + // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); + // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); + // END android-removed put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDDES"); put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC, "PBEWITHSHA1ANDRC2"); - put("SecretKeyFactory.PBEWITHMD2ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndRC2"); + // BEGIN android-removed + // put("SecretKeyFactory.PBEWITHMD2ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD2AndRC2"); + // END android-removed put("SecretKeyFactory.PBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5AndDES"); put("SecretKeyFactory.PBEWITHMD5ANDRC2", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5AndRC2"); put("SecretKeyFactory.PBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHA1AndDES"); @@ -447,31 +533,41 @@ put("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAnd128BitRC2"); put("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAnd40BitRC2"); put("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHAAndTwofish"); - put("SecretKeyFactory.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithRIPEMD160"); + // BEGIN android-removed + // put("SecretKeyFactory.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithRIPEMD160"); + // END android-removed put("SecretKeyFactory.PBEWITHHMACSHA1", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithSHA"); - put("SecretKeyFactory.PBEWITHHMACTIGER", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithTiger"); + // BEGIN android-removed + // put("SecretKeyFactory.PBEWITHHMACTIGER", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithTiger"); + // END android-removed put("SecretKeyFactory.PBEWITHMD5AND128BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And128BitAESCBCOpenSSL"); put("SecretKeyFactory.PBEWITHMD5AND192BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And192BitAESCBCOpenSSL"); put("SecretKeyFactory.PBEWITHMD5AND256BITAES-CBC-OPENSSL", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBEWithMD5And256BitAESCBCOpenSSL"); - put("Alg.Alias.SecretKeyFactory.PBE", "PBE/PKCS5"); - - put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHMD5ANDDES", "PBE/PKCS5"); - put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHA1ANDDES", "PBE/PKCS5"); - put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); - put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); - put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBE/PKCS12"); - put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAANDTWOFISH-CBC", "PBE/PKCS12"); - - put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); - put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); + // BEGIN android-removed + // put("Alg.Alias.SecretKeyFactory.PBE", "PBE/PKCS5"); + // + // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHMD5ANDDES", "PBE/PKCS5"); + // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHA1ANDDES", "PBE/PKCS5"); + // put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); + // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PBE/PKCS12"); + // put("Alg.Alias.SecretKeyFactory.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBE/PKCS12"); + // put("Alg.Alias.SecretKeyFactory.OLDPBEWITHSHAANDTWOFISH-CBC", "PBE/PKCS12"); + // END android-removed + + // BEGIN android-removed + // put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); + // put("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); + // END android-removed put("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); put("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); put("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); put("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); - put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); + // BEGIN android-removed + // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); + // put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); + // END android-removed put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); put("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); @@ -508,6 +604,10 @@ put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.getId(), "PBEWITHSHA256AND128BITAES-CBC-BC"); put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PBEWITHSHA256AND192BITAES-CBC-BC"); put("Alg.Alias.SecretKeyFactory." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PBEWITHSHA256AND256BITAES-CBC-BC"); + // BEGIN android-added + + put("SecretKeyFactory.PBKDF2WithHmacSHA1", "org.bouncycastle.jce.provider.JCESecretKeyFactory$PBKDF2WithHmacSHA1"); + // END android-added addMacAlgorithms(); @@ -516,16 +616,23 @@ addSignatureAlgorithms(); // Certification Path API - put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); - put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); - put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); - put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); + // BEGIN android-removed + // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); + // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); + // END android-removed + // BEGIN android-changed + // Use Alg.Alias so RFC3280 doesn't show up when iterating provider services, only PKIX + put("Alg.Alias.CertPathValidator.RFC3280", "PKIX"); + put("Alg.Alias.CertPathBuilder.RFC3280", "PKIX"); + // END android-changed put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); - put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); - put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); - put("Alg.Alias.CertStore.X509LDAP", "LDAP"); + // BEGIN android-removed + // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); + // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); + // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); + // END android-removed } private void loadAlgorithms(String packageName, String[] names) @@ -586,42 +693,46 @@ // private void addMacAlgorithms() { - put("Mac.DESMAC", "org.bouncycastle.jce.provider.JCEMac$DES"); - put("Alg.Alias.Mac.DES", "DESMAC"); - put("Mac.DESMAC/CFB8", "org.bouncycastle.jce.provider.JCEMac$DESCFB8"); - put("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); - - put("Mac.DESWITHISO9797", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); - put("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); - - put("Mac.ISO9797ALG3MAC", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); - put("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); - put("Mac.ISO9797ALG3WITHISO7816-4PADDING", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3with7816d4"); - put("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); - - put("Mac.RC2MAC", "org.bouncycastle.jce.provider.JCEMac$RC2"); - put("Alg.Alias.Mac.RC2", "RC2MAC"); - put("Mac.RC2MAC/CFB8", "org.bouncycastle.jce.provider.JCEMac$RC2CFB8"); - put("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); - - - put("Mac.GOST28147MAC", "org.bouncycastle.jce.provider.JCEMac$GOST28147"); - put("Alg.Alias.Mac.GOST28147", "GOST28147MAC"); - - put("Mac.OLDHMACSHA384", "org.bouncycastle.jce.provider.JCEMac$OldSHA384"); - - put("Mac.OLDHMACSHA512", "org.bouncycastle.jce.provider.JCEMac$OldSHA512"); - - addHMACAlgorithm("MD2", "org.bouncycastle.jce.provider.JCEMac$MD2", "org.bouncycastle.jce.provider.JCEKeyGenerator$MD2HMAC"); - addHMACAlgorithm("MD4", "org.bouncycastle.jce.provider.JCEMac$MD4", "org.bouncycastle.jce.provider.JCEKeyGenerator$MD4HMAC"); + // BEGIN android-removed + // put("Mac.DESMAC", "org.bouncycastle.jce.provider.JCEMac$DES"); + // put("Alg.Alias.Mac.DES", "DESMAC"); + // put("Mac.DESMAC/CFB8", "org.bouncycastle.jce.provider.JCEMac$DESCFB8"); + // put("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); + // + // put("Mac.DESWITHISO9797", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); + // put("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); + // + // put("Mac.ISO9797ALG3MAC", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3"); + // put("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); + // put("Mac.ISO9797ALG3WITHISO7816-4PADDING", "org.bouncycastle.jce.provider.JCEMac$DES9797Alg3with7816d4"); + // put("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); + // + // put("Mac.RC2MAC", "org.bouncycastle.jce.provider.JCEMac$RC2"); + // put("Alg.Alias.Mac.RC2", "RC2MAC"); + // put("Mac.RC2MAC/CFB8", "org.bouncycastle.jce.provider.JCEMac$RC2CFB8"); + // put("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); + // + // + // put("Mac.GOST28147MAC", "org.bouncycastle.jce.provider.JCEMac$GOST28147"); + // put("Alg.Alias.Mac.GOST28147", "GOST28147MAC"); + // + // put("Mac.OLDHMACSHA384", "org.bouncycastle.jce.provider.JCEMac$OldSHA384"); + // + // put("Mac.OLDHMACSHA512", "org.bouncycastle.jce.provider.JCEMac$OldSHA512"); + // + // addHMACAlgorithm("MD2", "org.bouncycastle.jce.provider.JCEMac$MD2", "org.bouncycastle.jce.provider.JCEKeyGenerator$MD2HMAC"); + // addHMACAlgorithm("MD4", "org.bouncycastle.jce.provider.JCEMac$MD4", "org.bouncycastle.jce.provider.JCEKeyGenerator$MD4HMAC"); + // END android-removed addHMACAlgorithm("MD5", "org.bouncycastle.jce.provider.JCEMac$MD5", "org.bouncycastle.jce.provider.JCEKeyGenerator$MD5HMAC"); addHMACAlias("MD5", IANAObjectIdentifiers.hmacMD5); addHMACAlgorithm("SHA1", "org.bouncycastle.jce.provider.JCEMac$SHA1", "org.bouncycastle.jce.provider.JCEKeyGenerator$HMACSHA1"); addHMACAlias("SHA1", PKCSObjectIdentifiers.id_hmacWithSHA1); addHMACAlias("SHA1", IANAObjectIdentifiers.hmacSHA1); - addHMACAlgorithm("SHA224", "org.bouncycastle.jce.provider.JCEMac$SHA224", "org.bouncycastle.jce.provider.JCEKeyGenerator$HMACSHA224"); - addHMACAlias("SHA224", PKCSObjectIdentifiers.id_hmacWithSHA224); + // BEGIN android-removed + // addHMACAlgorithm("SHA224", "org.bouncycastle.jce.provider.JCEMac$SHA224", "org.bouncycastle.jce.provider.JCEKeyGenerator$HMACSHA224"); + // addHMACAlias("SHA224", PKCSObjectIdentifiers.id_hmacWithSHA224); + // END android-removed addHMACAlgorithm("SHA256", "org.bouncycastle.jce.provider.JCEMac$SHA256", "org.bouncycastle.jce.provider.JCEKeyGenerator$HMACSHA256"); addHMACAlias("SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256); addHMACAlgorithm("SHA384", "org.bouncycastle.jce.provider.JCEMac$SHA384", "org.bouncycastle.jce.provider.JCEKeyGenerator$HMACSHA384"); @@ -629,16 +740,20 @@ addHMACAlgorithm("SHA512", "org.bouncycastle.jce.provider.JCEMac$SHA512", "org.bouncycastle.jce.provider.JCEKeyGenerator$HMACSHA512"); addHMACAlias("SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512); - addHMACAlgorithm("RIPEMD128", "org.bouncycastle.jce.provider.JCEMac$RIPEMD128", "org.bouncycastle.jce.provider.JCEKeyGenerator$RIPEMD128HMAC"); - addHMACAlgorithm("RIPEMD160", "org.bouncycastle.jce.provider.JCEMac$RIPEMD160", "org.bouncycastle.jce.provider.JCEKeyGenerator$RIPEMD160HMAC"); - addHMACAlias("RIPEMD160", IANAObjectIdentifiers.hmacRIPEMD160); - - addHMACAlgorithm("TIGER", "org.bouncycastle.jce.provider.JCEMac$Tiger", "org.bouncycastle.jce.provider.JCEKeyGenerator$HMACTIGER"); - addHMACAlias("TIGER", IANAObjectIdentifiers.hmacTIGER); + // BEGIN android-removed + // addHMACAlgorithm("RIPEMD128", "org.bouncycastle.jce.provider.JCEMac$RIPEMD128", "org.bouncycastle.jce.provider.JCEKeyGenerator$RIPEMD128HMAC"); + // addHMACAlgorithm("RIPEMD160", "org.bouncycastle.jce.provider.JCEMac$RIPEMD160", "org.bouncycastle.jce.provider.JCEKeyGenerator$RIPEMD160HMAC"); + // addHMACAlias("RIPEMD160", IANAObjectIdentifiers.hmacRIPEMD160); + // + // addHMACAlgorithm("TIGER", "org.bouncycastle.jce.provider.JCEMac$Tiger", "org.bouncycastle.jce.provider.JCEKeyGenerator$HMACTIGER"); + // addHMACAlias("TIGER", IANAObjectIdentifiers.hmacTIGER); + // END android-removed put("Mac.PBEWITHHMACSHA", "org.bouncycastle.jce.provider.JCEMac$PBEWithSHA"); put("Mac.PBEWITHHMACSHA1", "org.bouncycastle.jce.provider.JCEMac$PBEWithSHA"); - put("Mac.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCEMac$PBEWithRIPEMD160"); + // BEGIN android-removed + // put("Mac.PBEWITHHMACRIPEMD160", "org.bouncycastle.jce.provider.JCEMac$PBEWithRIPEMD160"); + // END android-removed put("Alg.Alias.Mac.1.3.14.3.2.26", "PBEWITHHMACSHA"); } @@ -676,9 +791,11 @@ put("Alg.Alias.MessageDigest.SHA1", "SHA-1"); put("Alg.Alias.MessageDigest.SHA", "SHA-1"); put("Alg.Alias.MessageDigest." + OIWObjectIdentifiers.idSHA1, "SHA-1"); - put("MessageDigest.SHA-224", "org.bouncycastle.jce.provider.JDKMessageDigest$SHA224"); - put("Alg.Alias.MessageDigest.SHA224", "SHA-224"); - put("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha224, "SHA-224"); + // BEGIN android-removed + // put("MessageDigest.SHA-224", "org.bouncycastle.jce.provider.JDKMessageDigest$SHA224"); + // put("Alg.Alias.MessageDigest.SHA224", "SHA-224"); + // put("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha224, "SHA-224"); + // END android-removed put("MessageDigest.SHA-256", "org.bouncycastle.jce.provider.JDKMessageDigest$SHA256"); put("Alg.Alias.MessageDigest.SHA256", "SHA-256"); put("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256"); @@ -689,27 +806,31 @@ put("Alg.Alias.MessageDigest.SHA512", "SHA-512"); put("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512"); - put("MessageDigest.MD2", "org.bouncycastle.jce.provider.JDKMessageDigest$MD2"); - put("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md2, "MD2"); - put("MessageDigest.MD4", "org.bouncycastle.jce.provider.JDKMessageDigest$MD4"); - put("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md4, "MD4"); + // BEGIN android-removed + // put("MessageDigest.MD2", "org.bouncycastle.jce.provider.JDKMessageDigest$MD2"); + // put("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md2, "MD2"); + // put("MessageDigest.MD4", "org.bouncycastle.jce.provider.JDKMessageDigest$MD4"); + // put("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md4, "MD4"); + // END android-removed put("MessageDigest.MD5", "org.bouncycastle.jce.provider.JDKMessageDigest$MD5"); put("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md5, "MD5"); - put("MessageDigest.RIPEMD128", "org.bouncycastle.jce.provider.JDKMessageDigest$RIPEMD128"); - put("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128"); - put("MessageDigest.RIPEMD160", "org.bouncycastle.jce.provider.JDKMessageDigest$RIPEMD160"); - put("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160"); - put("MessageDigest.RIPEMD256", "org.bouncycastle.jce.provider.JDKMessageDigest$RIPEMD256"); - put("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256"); - put("MessageDigest.RIPEMD320", "org.bouncycastle.jce.provider.JDKMessageDigest$RIPEMD320"); - put("MessageDigest.Tiger", "org.bouncycastle.jce.provider.JDKMessageDigest$Tiger"); - - put("MessageDigest.WHIRLPOOL", "org.bouncycastle.jce.provider.JDKMessageDigest$Whirlpool"); - - put("MessageDigest.GOST3411", "org.bouncycastle.jce.provider.JDKMessageDigest$GOST3411"); - put("Alg.Alias.MessageDigest.GOST", "GOST3411"); - put("Alg.Alias.MessageDigest.GOST-3411", "GOST3411"); - put("Alg.Alias.MessageDigest." + CryptoProObjectIdentifiers.gostR3411, "GOST3411"); + // BEGIN android-removed + // put("MessageDigest.RIPEMD128", "org.bouncycastle.jce.provider.JDKMessageDigest$RIPEMD128"); + // put("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128"); + // put("MessageDigest.RIPEMD160", "org.bouncycastle.jce.provider.JDKMessageDigest$RIPEMD160"); + // put("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160"); + // put("MessageDigest.RIPEMD256", "org.bouncycastle.jce.provider.JDKMessageDigest$RIPEMD256"); + // put("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256"); + // put("MessageDigest.RIPEMD320", "org.bouncycastle.jce.provider.JDKMessageDigest$RIPEMD320"); + // put("MessageDigest.Tiger", "org.bouncycastle.jce.provider.JDKMessageDigest$Tiger"); + + // put("MessageDigest.WHIRLPOOL", "org.bouncycastle.jce.provider.JDKMessageDigest$Whirlpool"); + + // put("MessageDigest.GOST3411", "org.bouncycastle.jce.provider.JDKMessageDigest$GOST3411"); + // put("Alg.Alias.MessageDigest.GOST", "GOST3411"); + // put("Alg.Alias.MessageDigest.GOST-3411", "GOST3411"); + // put("Alg.Alias.MessageDigest." + CryptoProObjectIdentifiers.gostR3411, "GOST3411"); + // END android-removed } // @@ -717,55 +838,70 @@ // private void addSignatureAlgorithms() { - put("Signature.MD2WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$MD2WithRSAEncryption"); - put("Signature.MD4WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$MD4WithRSAEncryption"); + // BEGIN android-removed + // Dropping MD2 + // put("Signature.MD2WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$MD2WithRSAEncryption"); + // put("Signature.MD4WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$MD4WithRSAEncryption"); + // END android-removed put("Signature.MD5WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$MD5WithRSAEncryption"); put("Signature.SHA1WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$SHA1WithRSAEncryption"); - put("Signature.SHA224WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$SHA224WithRSAEncryption"); + // BEGIN android-removed + // put("Signature.SHA224WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$SHA224WithRSAEncryption"); + // END android-removed put("Signature.SHA256WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$SHA256WithRSAEncryption"); put("Signature.SHA384WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$SHA384WithRSAEncryption"); put("Signature.SHA512WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$SHA512WithRSAEncryption"); - put("Signature.RIPEMD160WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$RIPEMD160WithRSAEncryption"); - put("Signature.RIPEMD128WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$RIPEMD128WithRSAEncryption"); - put("Signature.RIPEMD256WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$RIPEMD256WithRSAEncryption"); - put("Signature.DSA", "org.bouncycastle.jce.provider.JDKDSASigner$stdDSA"); + // BEGIN android-removed + // put("Signature.RIPEMD160WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$RIPEMD160WithRSAEncryption"); + // put("Signature.RIPEMD128WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$RIPEMD128WithRSAEncryption"); + // put("Signature.RIPEMD256WithRSAEncryption", "org.bouncycastle.jce.provider.JDKDigestSignature$RIPEMD256WithRSAEncryption"); + // END android-removed + // BEGIN android-changed + put("Signature.SHA1withDSA", "org.bouncycastle.jce.provider.JDKDSASigner$stdDSA"); + // END android-changed put("Signature.NONEWITHDSA", "org.bouncycastle.jce.provider.JDKDSASigner$noneDSA"); - put("Signature.SHA1withRSA/ISO9796-2", "org.bouncycastle.jce.provider.JDKISOSignature$SHA1WithRSAEncryption"); - put("Signature.MD5withRSA/ISO9796-2", "org.bouncycastle.jce.provider.JDKISOSignature$MD5WithRSAEncryption"); - put("Signature.RIPEMD160withRSA/ISO9796-2", "org.bouncycastle.jce.provider.JDKISOSignature$RIPEMD160WithRSAEncryption"); - - put("Signature.RSASSA-PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$PSSwithRSA"); - put("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, "org.bouncycastle.jce.provider.JDKPSSSigner$PSSwithRSA"); - put("Signature.SHA1withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA1withRSA"); - put("Signature.SHA224withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA224withRSA"); - put("Signature.SHA256withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA256withRSA"); - put("Signature.SHA384withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA384withRSA"); - put("Signature.SHA512withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA512withRSA"); - - put("Signature.RSA", "org.bouncycastle.jce.provider.JDKDigestSignature$noneRSA"); - put("Signature.RAWRSASSA-PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$nonePSS"); + // BEGIN android-removed + // put("Signature.SHA1withRSA/ISO9796-2", "org.bouncycastle.jce.provider.JDKISOSignature$SHA1WithRSAEncryption"); + // put("Signature.MD5withRSA/ISO9796-2", "org.bouncycastle.jce.provider.JDKISOSignature$MD5WithRSAEncryption"); + // put("Signature.RIPEMD160withRSA/ISO9796-2", "org.bouncycastle.jce.provider.JDKISOSignature$RIPEMD160WithRSAEncryption"); + // + // put("Signature.RSASSA-PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$PSSwithRSA"); + // put("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, "org.bouncycastle.jce.provider.JDKPSSSigner$PSSwithRSA"); + // put("Signature.SHA1withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA1withRSA"); + // put("Signature.SHA224withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA224withRSA"); + // put("Signature.SHA256withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA256withRSA"); + // put("Signature.SHA384withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA384withRSA"); + // put("Signature.SHA512withRSA/PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$SHA512withRSA"); + // + // put("Signature.RSA", "org.bouncycastle.jce.provider.JDKDigestSignature$noneRSA"); + // put("Signature.RAWRSASSA-PSS", "org.bouncycastle.jce.provider.JDKPSSSigner$nonePSS"); + // END android-removed put("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); - put("Alg.Alias.Signature.RAWRSA", "RSA"); - put("Alg.Alias.Signature.NONEWITHRSA", "RSA"); - put("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); - put("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); - put("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); - - put("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); - - put("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); - put("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); - put("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); - put("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); - put("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); - - put("Alg.Alias.Signature.MD2withRSAEncryption", "MD2WithRSAEncryption"); - put("Alg.Alias.Signature.MD4withRSAEncryption", "MD4WithRSAEncryption"); + // BEGIN android-removed + // put("Alg.Alias.Signature.RAWRSA", "RSA"); + // put("Alg.Alias.Signature.NONEWITHRSA", "RSA"); + // put("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); + // put("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); + // put("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); + // + // put("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); + // + // put("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); + // put("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); + // put("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); + // put("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); + // put("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); + // + // put("Alg.Alias.Signature.MD2withRSAEncryption", "MD2WithRSAEncryption"); + // put("Alg.Alias.Signature.MD4withRSAEncryption", "MD4WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature.MD5withRSAEncryption", "MD5WithRSAEncryption"); put("Alg.Alias.Signature.SHA1withRSAEncryption", "SHA1WithRSAEncryption"); - put("Alg.Alias.Signature.SHA224withRSAEncryption", "SHA224WithRSAEncryption"); + // BEGIN android-removed + // put("Alg.Alias.Signature.SHA224withRSAEncryption", "SHA224WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature.SHA256withRSAEncryption", "SHA256WithRSAEncryption"); put("Alg.Alias.Signature.SHA384withRSAEncryption", "SHA384WithRSAEncryption"); @@ -779,24 +915,30 @@ put("Alg.Alias.Signature.SHA384WITHRSAENCRYPTION", "SHA384WithRSAEncryption"); put("Alg.Alias.Signature.SHA512WITHRSAENCRYPTION", "SHA512WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD160withRSAEncryption", "RIPEMD160WithRSAEncryption"); - - put("Alg.Alias.Signature." + PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2WithRSAEncryption"); - put("Alg.Alias.Signature.MD2WithRSA", "MD2WithRSAEncryption"); - put("Alg.Alias.Signature.MD2withRSA", "MD2WithRSAEncryption"); - put("Alg.Alias.Signature.MD2/RSA", "MD2WithRSAEncryption"); + // BEGIN android-removed + // Dropping MD2 + // put("Alg.Alias.Signature.RIPEMD160withRSAEncryption", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature." + PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2WithRSAEncryption"); + // put("Alg.Alias.Signature.MD2WithRSA", "MD2WithRSAEncryption"); + // put("Alg.Alias.Signature.MD2withRSA", "MD2WithRSAEncryption"); + // put("Alg.Alias.Signature.MD2/RSA", "MD2WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature.MD5WithRSA", "MD5WithRSAEncryption"); put("Alg.Alias.Signature.MD5withRSA", "MD5WithRSAEncryption"); put("Alg.Alias.Signature.MD5/RSA", "MD5WithRSAEncryption"); put("Alg.Alias.Signature." + PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5WithRSAEncryption"); - put("Alg.Alias.Signature.MD4WithRSA", "MD4WithRSAEncryption"); - put("Alg.Alias.Signature.MD4withRSA", "MD4WithRSAEncryption"); - put("Alg.Alias.Signature.MD4/RSA", "MD4WithRSAEncryption"); - put("Alg.Alias.Signature." + PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4WithRSAEncryption"); + // BEGIN android-removed + // put("Alg.Alias.Signature.MD4WithRSA", "MD4WithRSAEncryption"); + // put("Alg.Alias.Signature.MD4withRSA", "MD4WithRSAEncryption"); + // put("Alg.Alias.Signature.MD4/RSA", "MD4WithRSAEncryption"); + // put("Alg.Alias.Signature." + PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature.SHA1WithRSA", "SHA1WithRSAEncryption"); put("Alg.Alias.Signature.SHA1withRSA", "SHA1WithRSAEncryption"); - put("Alg.Alias.Signature.SHA224WithRSA", "SHA224WithRSAEncryption"); - put("Alg.Alias.Signature.SHA224withRSA", "SHA224WithRSAEncryption"); + // BEGIN android-removed + // put("Alg.Alias.Signature.SHA224WithRSA", "SHA224WithRSAEncryption"); + // put("Alg.Alias.Signature.SHA224withRSA", "SHA224WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature.SHA256WithRSA", "SHA256WithRSAEncryption"); put("Alg.Alias.Signature.SHA256withRSA", "SHA256WithRSAEncryption"); put("Alg.Alias.Signature.SHA384WithRSA", "SHA384WithRSAEncryption"); @@ -806,92 +948,110 @@ put("Alg.Alias.Signature.SHA1/RSA", "SHA1WithRSAEncryption"); put("Alg.Alias.Signature.SHA-1/RSA", "SHA1WithRSAEncryption"); put("Alg.Alias.Signature." + PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1WithRSAEncryption"); - put("Alg.Alias.Signature." + PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WithRSAEncryption"); + // BEGIN android-removed + // put("Alg.Alias.Signature." + PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature." + PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WithRSAEncryption"); put("Alg.Alias.Signature." + PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WithRSAEncryption"); put("Alg.Alias.Signature." + PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WithRSAEncryption"); put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.1", "SHA1WithRSAEncryption"); put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.5", "SHA1WithRSAEncryption"); put("Alg.Alias.Signature.1.2.840.113549.2.5with1.2.840.113549.1.1.1", "MD5WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD160WithRSA", "RIPEMD160WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD160withRSA", "RIPEMD160WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD128WithRSA", "RIPEMD128WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD128withRSA", "RIPEMD128WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD256WithRSA", "RIPEMD256WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD256withRSA", "RIPEMD256WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD-160/RSA", "RIPEMD160WithRSAEncryption"); - put("Alg.Alias.Signature.RMD160withRSA", "RIPEMD160WithRSAEncryption"); - put("Alg.Alias.Signature.RMD160/RSA", "RIPEMD160WithRSAEncryption"); - put("Alg.Alias.Signature.1.3.36.3.3.1.2", "RIPEMD160WithRSAEncryption"); - put("Alg.Alias.Signature.1.3.36.3.3.1.3", "RIPEMD128WithRSAEncryption"); - put("Alg.Alias.Signature.1.3.36.3.3.1.4", "RIPEMD256WithRSAEncryption"); + // BEGIN android-removed + // put("Alg.Alias.Signature.RIPEMD160WithRSA", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature.RIPEMD160withRSA", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature.RIPEMD128WithRSA", "RIPEMD128WithRSAEncryption"); + // put("Alg.Alias.Signature.RIPEMD128withRSA", "RIPEMD128WithRSAEncryption"); + // put("Alg.Alias.Signature.RIPEMD256WithRSA", "RIPEMD256WithRSAEncryption"); + // put("Alg.Alias.Signature.RIPEMD256withRSA", "RIPEMD256WithRSAEncryption"); + // put("Alg.Alias.Signature.RIPEMD-160/RSA", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature.RMD160withRSA", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature.RMD160/RSA", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature.1.3.36.3.3.1.2", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature.1.3.36.3.3.1.3", "RIPEMD128WithRSAEncryption"); + // put("Alg.Alias.Signature.1.3.36.3.3.1.4", "RIPEMD256WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WithRSAEncryption"); - put("Alg.Alias.Signature.MD2WITHRSAENCRYPTION", "MD2WithRSAEncryption"); + // BEGIN android-removed + // put("Alg.Alias.Signature.MD2WITHRSAENCRYPTION", "MD2WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature.MD5WITHRSAENCRYPTION", "MD5WithRSAEncryption"); put("Alg.Alias.Signature.SHA1WITHRSAENCRYPTION", "SHA1WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD160WITHRSAENCRYPTION", "RIPEMD160WithRSAEncryption"); + // BEGIN android-removed + // put("Alg.Alias.Signature.RIPEMD160WITHRSAENCRYPTION", "RIPEMD160WithRSAEncryption"); + // END android-removed put("Alg.Alias.Signature.MD5WITHRSA", "MD5WithRSAEncryption"); put("Alg.Alias.Signature.SHA1WITHRSA", "SHA1WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD160WITHRSA", "RIPEMD160WithRSAEncryption"); - put("Alg.Alias.Signature.RMD160WITHRSA", "RIPEMD160WithRSAEncryption"); - put("Alg.Alias.Signature.RIPEMD160WITHRSA", "RIPEMD160WithRSAEncryption"); - - addSignatureAlgorithm("SHA224", "DSA", "org.bouncycastle.jce.provider.JDKDSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); - addSignatureAlgorithm("SHA256", "DSA", "org.bouncycastle.jce.provider.JDKDSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); - addSignatureAlgorithm("SHA384", "DSA", "org.bouncycastle.jce.provider.JDKDSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); - addSignatureAlgorithm("SHA512", "DSA", "org.bouncycastle.jce.provider.JDKDSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); - - put("Alg.Alias.Signature.SHA/DSA", "DSA"); - put("Alg.Alias.Signature.SHA1withDSA", "DSA"); - put("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); - put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); - put("Alg.Alias.Signature.DSAwithSHA1", "DSA"); - put("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); - put("Alg.Alias.Signature.SHA1WithDSA", "DSA"); - put("Alg.Alias.Signature.DSAWithSHA1", "DSA"); - put("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); - put("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); - put("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); - put("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); - - put("Signature.ECGOST3410", "org.bouncycastle.jce.provider.JDKGOST3410Signer$ecgost3410"); - put("Alg.Alias.Signature.ECGOST-3410", "ECGOST3410"); - put("Alg.Alias.Signature.GOST-3410-2001", "ECGOST3410"); - put("Alg.Alias.Signature.GOST3411withECGOST3410", "ECGOST3410"); - put("Alg.Alias.Signature.GOST3411WITHECGOST3410", "ECGOST3410"); - put("Alg.Alias.Signature.GOST3411WithECGOST3410", "ECGOST3410"); - put("Alg.Alias.Signature." + CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "ECGOST3410"); - - put("Signature.GOST3410", "org.bouncycastle.jce.provider.JDKGOST3410Signer$gost3410"); - put("Alg.Alias.Signature.GOST-3410", "GOST3410"); - put("Alg.Alias.Signature.GOST-3410-94", "GOST3410"); - put("Alg.Alias.Signature.GOST3411withGOST3410", "GOST3410"); - put("Alg.Alias.Signature.GOST3411WITHGOST3410", "GOST3410"); - put("Alg.Alias.Signature.GOST3411WithGOST3410", "GOST3410"); - put("Alg.Alias.Signature." + CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410"); - } - - private void addSignatureAlgorithm( - String digest, - String algorithm, - String className, - DERObjectIdentifier oid) - { - String mainName = digest + "WITH" + algorithm; - String jdk11Variation1 = digest + "with" + algorithm; - String jdk11Variation2 = digest + "With" + algorithm; - String alias = digest + "/" + algorithm; - - put("Signature." + mainName, className); - put("Alg.Alias.Signature." + jdk11Variation1, mainName); - put("Alg.Alias.Signature." + jdk11Variation2, mainName); - put("Alg.Alias.Signature." + alias, mainName); - put("Alg.Alias.Signature." + oid, mainName); - put("Alg.Alias.Signature.OID." + oid, mainName); - } + // BEGIN android-removed + // put("Alg.Alias.Signature.RIPEMD160WITHRSA", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature.RMD160WITHRSA", "RIPEMD160WithRSAEncryption"); + // put("Alg.Alias.Signature.RIPEMD160WITHRSA", "RIPEMD160WithRSAEncryption"); + // END android-removed + + // BEGIN android-removed + // addSignatureAlgorithm("SHA224", "DSA", "org.bouncycastle.jce.provider.JDKDSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); + // addSignatureAlgorithm("SHA256", "DSA", "org.bouncycastle.jce.provider.JDKDSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); + // addSignatureAlgorithm("SHA384", "DSA", "org.bouncycastle.jce.provider.JDKDSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); + // addSignatureAlgorithm("SHA512", "DSA", "org.bouncycastle.jce.provider.JDKDSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); + // END android-removed + + // BEGIN android-changed + put("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.DSA", "SHA1withDSA"); + put("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); + put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); + put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); + put("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); + put("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); + put("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); + put("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); + put("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); + // END android-changed + // BEGIN android-removed + // put("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); + // put("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); + // put("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); + // + // put("Signature.ECGOST3410", "org.bouncycastle.jce.provider.JDKGOST3410Signer$ecgost3410"); + // put("Alg.Alias.Signature.ECGOST-3410", "ECGOST3410"); + // put("Alg.Alias.Signature.GOST-3410-2001", "ECGOST3410"); + // put("Alg.Alias.Signature.GOST3411withECGOST3410", "ECGOST3410"); + // put("Alg.Alias.Signature.GOST3411WITHECGOST3410", "ECGOST3410"); + // put("Alg.Alias.Signature.GOST3411WithECGOST3410", "ECGOST3410"); + // put("Alg.Alias.Signature." + CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "ECGOST3410"); + // + // put("Signature.GOST3410", "org.bouncycastle.jce.provider.JDKGOST3410Signer$gost3410"); + // put("Alg.Alias.Signature.GOST-3410", "GOST3410"); + // put("Alg.Alias.Signature.GOST-3410-94", "GOST3410"); + // put("Alg.Alias.Signature.GOST3411withGOST3410", "GOST3410"); + // put("Alg.Alias.Signature.GOST3411WITHGOST3410", "GOST3410"); + // put("Alg.Alias.Signature.GOST3411WithGOST3410", "GOST3410"); + // put("Alg.Alias.Signature." + CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410"); + // END android-removed + } + + // BEGIN android-removed + // private void addSignatureAlgorithm( + // String digest, + // String algorithm, + // String className, + // DERObjectIdentifier oid) + // { + // String mainName = digest + "WITH" + algorithm; + // String jdk11Variation1 = digest + "with" + algorithm; + // String jdk11Variation2 = digest + "With" + algorithm; + // String alias = digest + "/" + algorithm; + // + // put("Signature." + mainName, className); + // put("Alg.Alias.Signature." + jdk11Variation1, mainName); + // put("Alg.Alias.Signature." + jdk11Variation2, mainName); + // put("Alg.Alias.Signature." + alias, mainName); + // put("Alg.Alias.Signature." + oid, mainName); + // put("Alg.Alias.Signature.OID." + oid, mainName); + // } + // END android-removed public void setParameter(String parameterName, Object parameter) { diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk16-146/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2011-09-08 21:28:49.000000000 +0000 @@ -24,6 +24,7 @@ import java.security.spec.DSAPublicKeySpec; import java.text.ParseException; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collection; import java.util.Date; import java.util.Enumeration; @@ -59,13 +60,17 @@ import org.bouncycastle.asn1.x509.PolicyInformation; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.X509Extensions; -import org.bouncycastle.jce.X509LDAPCertStoreParameters; +// BEGIN android-removed +// import org.bouncycastle.jce.X509LDAPCertStoreParameters; +// END android-removed import org.bouncycastle.jce.exception.ExtCertPathValidatorException; import org.bouncycastle.util.Selector; import org.bouncycastle.util.StoreException; import org.bouncycastle.x509.ExtendedPKIXBuilderParameters; import org.bouncycastle.x509.ExtendedPKIXParameters; -import org.bouncycastle.x509.X509AttributeCertStoreSelector; +// BEGIN android-removed +// import org.bouncycastle.x509.X509AttributeCertStoreSelector; +// END android-removed import org.bouncycastle.x509.X509AttributeCertificate; import org.bouncycastle.x509.X509CRLStoreSelector; import org.bouncycastle.x509.X509CertStoreSelector; @@ -250,7 +255,9 @@ { // look for URI List list = (List) it.next(); - if (list.get(0).equals(new Integer(GeneralName.uniformResourceIdentifier))) + // BEGIN android-changed + if (list.get(0).equals(Integer.valueOf(GeneralName.uniformResourceIdentifier))) + // END android-changed { // found String temp = (String) list.get(1); @@ -660,38 +667,40 @@ { try { - if (location.startsWith("ldap://")) - { - // ldap://directory.d-trust.net/CN=D-TRUST - // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE - // skip "ldap://" - location = location.substring(7); - // after first / baseDN starts - String base = null; - String url = null; - if (location.indexOf("/") != -1) - { - base = location.substring(location.indexOf("/")); - // URL - url = "ldap://" - + location.substring(0, location.indexOf("/")); - } - else - { - url = "ldap://" + location; - } - // use all purpose parameters - X509LDAPCertStoreParameters params = new X509LDAPCertStoreParameters.Builder( - url, base).build(); - pkixParams.addAdditionalStore(X509Store.getInstance( - "CERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); - pkixParams.addAdditionalStore(X509Store.getInstance( - "CRL/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); - pkixParams.addAdditionalStore(X509Store.getInstance( - "ATTRIBUTECERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); - pkixParams.addAdditionalStore(X509Store.getInstance( - "CERTIFICATEPAIR/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); - } + // BEGIN android-removed + // if (location.startsWith("ldap://")) + // { + // // ldap://directory.d-trust.net/CN=D-TRUST + // // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE + // // skip "ldap://" + // location = location.substring(7); + // // after first / baseDN starts + // String base = null; + // String url = null; + // if (location.indexOf("/") != -1) + // { + // base = location.substring(location.indexOf("/")); + // // URL + // url = "ldap://" + // + location.substring(0, location.indexOf("/")); + // } + // else + // { + // url = "ldap://" + location; + // } + // // use all purpose parameters + // X509LDAPCertStoreParameters params = new X509LDAPCertStoreParameters.Builder( + // url, base).build(); + // pkixParams.addAdditionalStore(X509Store.getInstance( + // "CERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); + // pkixParams.addAdditionalStore(X509Store.getInstance( + // "CRL/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); + // pkixParams.addAdditionalStore(X509Store.getInstance( + // "ATTRIBUTECERTIFICATE/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); + // pkixParams.addAdditionalStore(X509Store.getInstance( + // "CERTIFICATEPAIR/LDAP", params, BouncyCastleProvider.PROVIDER_NAME)); + // } + // END android-removed } catch (Exception e) { @@ -758,35 +767,37 @@ return certs; } - protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect, - List certStores) - throws AnnotatedException - { - Set certs = new HashSet(); - Iterator iter = certStores.iterator(); - - while (iter.hasNext()) - { - Object obj = iter.next(); - - if (obj instanceof X509Store) - { - X509Store certStore = (X509Store)obj; - try - { - certs.addAll(certStore.getMatches(certSelect)); - } - catch (StoreException e) - { - throw - - new AnnotatedException( - "Problem while picking certificates from X.509 store.", e); - } - } - } - return certs; - } + // BEGIN android-removed + // protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect, + // List certStores) + // throws AnnotatedException + // { + // Set certs = new HashSet(); + // Iterator iter = certStores.iterator(); + // + // while (iter.hasNext()) + // { + // Object obj = iter.next(); + // + // if (obj instanceof X509Store) + // { + // X509Store certStore = (X509Store)obj; + // try + // { + // certs.addAll(certStore.getMatches(certSelect)); + // } + // catch (StoreException e) + // { + // throw + // + // new AnnotatedException( + // "Problem while picking certificates from X.509 store.", e); + // } + // } + // } + // return certs; + // } + // END android-removed protected static void addAdditionalStoresFromCRLDistributionPoint( CRLDistPoint crldp, ExtendedPKIXParameters pkixParams) diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEBlockCipher.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEBlockCipher.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEBlockCipher.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEBlockCipher.java 2011-09-08 21:28:49.000000000 +0000 @@ -17,8 +17,10 @@ import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -import javax.crypto.spec.RC2ParameterSpec; -import javax.crypto.spec.RC5ParameterSpec; +// BEGIN android-removed +// import javax.crypto.spec.RC2ParameterSpec; +// import javax.crypto.spec.RC5ParameterSpec; +// END android-removed import org.bouncycastle.crypto.BlockCipher; import org.bouncycastle.crypto.BufferedBlockCipher; @@ -28,7 +30,9 @@ import org.bouncycastle.crypto.engines.AESFastEngine; import org.bouncycastle.crypto.engines.DESEngine; import org.bouncycastle.crypto.engines.DESedeEngine; -import org.bouncycastle.crypto.engines.GOST28147Engine; +// BEGIN android-removed +// import org.bouncycastle.crypto.engines.GOST28147Engine; +// END android-removed import org.bouncycastle.crypto.engines.RC2Engine; import org.bouncycastle.crypto.engines.TwofishEngine; import org.bouncycastle.crypto.modes.AEADBlockCipher; @@ -36,12 +40,16 @@ import org.bouncycastle.crypto.modes.CCMBlockCipher; import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.CTSBlockCipher; -import org.bouncycastle.crypto.modes.EAXBlockCipher; +// BEGIN android-removed +// import org.bouncycastle.crypto.modes.EAXBlockCipher; +// END android-removed import org.bouncycastle.crypto.modes.GCMBlockCipher; import org.bouncycastle.crypto.modes.GOFBBlockCipher; import org.bouncycastle.crypto.modes.OFBBlockCipher; -import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; -import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; +// BEGIN android-removed +// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; +// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; +// END android-removed import org.bouncycastle.crypto.modes.SICBlockCipher; import org.bouncycastle.crypto.paddings.BlockCipherPadding; import org.bouncycastle.crypto.paddings.ISO10126d2Padding; @@ -53,10 +61,12 @@ import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; import org.bouncycastle.crypto.params.ParametersWithRandom; -import org.bouncycastle.crypto.params.ParametersWithSBox; -import org.bouncycastle.crypto.params.RC2Parameters; -import org.bouncycastle.crypto.params.RC5Parameters; -import org.bouncycastle.jce.spec.GOST28147ParameterSpec; +// BEGIN android-removed +// import org.bouncycastle.crypto.params.ParametersWithSBox; +// import org.bouncycastle.crypto.params.RC2Parameters; +// import org.bouncycastle.crypto.params.RC5Parameters; +// import org.bouncycastle.jce.spec.GOST28147ParameterSpec; +// END android-removed import org.bouncycastle.util.Strings; public class JCEBlockCipher extends WrapCipherSpi @@ -67,11 +77,15 @@ // private Class[] availableSpecs = { - RC2ParameterSpec.class, - RC5ParameterSpec.class, + // BEGIN android-removed + // RC2ParameterSpec.class, + // RC5ParameterSpec.class, + // END android-removed IvParameterSpec.class, PBEParameterSpec.class, - GOST28147ParameterSpec.class + // BEGIN android-removed + // GOST28147ParameterSpec.class + // END android-removed }; private BlockCipher baseEngine; @@ -226,20 +240,22 @@ new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); } } - else if (modeName.startsWith("PGP")) - { - boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); - - ivLength = baseEngine.getBlockSize(); - cipher = new BufferedGenericBlockCipher( - new PGPCFBBlockCipher(baseEngine, inlineIV)); - } - else if (modeName.equalsIgnoreCase("OpenPGPCFB")) - { - ivLength = 0; - cipher = new BufferedGenericBlockCipher( - new OpenPGPCFBBlockCipher(baseEngine)); - } + // BEGIN android-removed + // else if (modeName.startsWith("PGP")) + // { + // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); + // + // ivLength = baseEngine.getBlockSize(); + // cipher = new BufferedGenericBlockCipher( + // new PGPCFBBlockCipher(baseEngine, inlineIV)); + // } + // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) + // { + // ivLength = 0; + // cipher = new BufferedGenericBlockCipher( + // new OpenPGPCFBBlockCipher(baseEngine)); + // } + // END android-removed else if (modeName.startsWith("SIC")) { ivLength = baseEngine.getBlockSize(); @@ -272,11 +288,13 @@ ivLength = baseEngine.getBlockSize(); cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); } - else if (modeName.startsWith("EAX")) - { - ivLength = baseEngine.getBlockSize(); - cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); - } + // BEGIN android-removed + // else if (modeName.startsWith("EAX")) + // { + // ivLength = baseEngine.getBlockSize(); + // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); + // } + // END android-removed else if (modeName.startsWith("GCM")) { ivLength = baseEngine.getBlockSize(); @@ -365,13 +383,15 @@ throw new InvalidKeyException("Key for algorithm " + key.getAlgorithm() + " not suitable for symmetric enryption."); } - // - // for RC5-64 we must have some default parameters - // - if (params == null && baseEngine.getAlgorithmName().startsWith("RC5-64")) - { - throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in."); - } + // BEGIN android-removed + // // + // // for RC5-64 we must have some default parameters + // // + // if (params == null && baseEngine.getAlgorithmName().startsWith("RC5-64")) + // { + // throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in."); + // } + // END android-removed // // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it). @@ -437,63 +457,65 @@ param = new KeyParameter(key.getEncoded()); } } - else if (params instanceof GOST28147ParameterSpec) - { - GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - - param = new ParametersWithSBox( - new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); - - if (gost28147Param.getIV() != null && ivLength != 0) - { - param = new ParametersWithIV(param, gost28147Param.getIV()); - ivParam = (ParametersWithIV)param; - } - } - else if (params instanceof RC2ParameterSpec) - { - RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; - - param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); - - if (rc2Param.getIV() != null && ivLength != 0) - { - param = new ParametersWithIV(param, rc2Param.getIV()); - ivParam = (ParametersWithIV)param; - } - } - else if (params instanceof RC5ParameterSpec) - { - RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; - - param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); - if (baseEngine.getAlgorithmName().startsWith("RC5")) - { - if (baseEngine.getAlgorithmName().equals("RC5-32")) - { - if (rc5Param.getWordSize() != 32) - { - throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); - } - } - else if (baseEngine.getAlgorithmName().equals("RC5-64")) - { - if (rc5Param.getWordSize() != 64) - { - throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); - } - } - } - else - { - throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); - } - if ((rc5Param.getIV() != null) && (ivLength != 0)) - { - param = new ParametersWithIV(param, rc5Param.getIV()); - ivParam = (ParametersWithIV)param; - } - } + // BEGIN android-removed + // else if (params instanceof GOST28147ParameterSpec) + // { + // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + // + // param = new ParametersWithSBox( + // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); + // + // if (gost28147Param.getIV() != null && ivLength != 0) + // { + // param = new ParametersWithIV(param, gost28147Param.getIV()); + // ivParam = (ParametersWithIV)param; + // } + // } + // else if (params instanceof RC2ParameterSpec) + // { + // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; + // + // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); + // + // if (rc2Param.getIV() != null && ivLength != 0) + // { + // param = new ParametersWithIV(param, rc2Param.getIV()); + // ivParam = (ParametersWithIV)param; + // } + // } + // else if (params instanceof RC5ParameterSpec) + // { + // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; + // + // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); + // if (baseEngine.getAlgorithmName().startsWith("RC5")) + // { + // if (baseEngine.getAlgorithmName().equals("RC5-32")) + // { + // if (rc5Param.getWordSize() != 32) + // { + // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); + // } + // } + // else if (baseEngine.getAlgorithmName().equals("RC5-64")) + // { + // if (rc5Param.getWordSize() != 64) + // { + // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); + // } + // } + // } + // else + // { + // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); + // } + // if ((rc5Param.getIV() != null) && (ivLength != 0)) + // { + // param = new ParametersWithIV(param, rc5Param.getIV()); + // ivParam = (ParametersWithIV)param; + // } + // } + // END android-removed else { throw new InvalidAlgorithmParameterException("unknown parameter type."); @@ -697,10 +719,21 @@ int inputLen, byte[] output, int outputOffset) - throws IllegalBlockSizeException, BadPaddingException + throws IllegalBlockSizeException, BadPaddingException, ShortBufferException { + // BEGIN android-note + // added ShortBufferException to the throws statement + // END android-note int len = 0; + // BEGIN android-added + int outputLen = cipher.getOutputSize(inputLen); + + if (outputLen + outputOffset > output.length) { + throw new ShortBufferException("need at least " + outputLen + " bytes"); + } + // BEGIN android-added + if (inputLen != 0) { len = cipher.processBytes(input, inputOffset, inputLen, output, outputOffset); @@ -742,62 +775,64 @@ } } - /** - * DESCBC - */ - static public class DESCBC - extends JCEBlockCipher - { - public DESCBC() - { - super(new CBCBlockCipher(new DESEngine()), 64); - } - } - - /** - * GOST28147 - */ - static public class GOST28147 - extends JCEBlockCipher - { - public GOST28147() - { - super(new GOST28147Engine()); - } - } - - static public class GOST28147cbc - extends JCEBlockCipher - { - public GOST28147cbc() - { - super(new CBCBlockCipher(new GOST28147Engine()), 64); - } - } - - /** - * RC2 - */ - static public class RC2 - extends JCEBlockCipher - { - public RC2() - { - super(new RC2Engine()); - } - } - - /** - * RC2CBC - */ - static public class RC2CBC - extends JCEBlockCipher - { - public RC2CBC() - { - super(new CBCBlockCipher(new RC2Engine()), 64); - } - } + // BEGIN android-removed + // /** + // * DESCBC + // */ + // static public class DESCBC + // extends JCEBlockCipher + // { + // public DESCBC() + // { + // super(new CBCBlockCipher(new DESEngine()), 64); + // } + // } + // + // /** + // * GOST28147 + // */ + // static public class GOST28147 + // extends JCEBlockCipher + // { + // public GOST28147() + // { + // super(new GOST28147Engine()); + // } + // } + // + // static public class GOST28147cbc + // extends JCEBlockCipher + // { + // public GOST28147cbc() + // { + // super(new CBCBlockCipher(new GOST28147Engine()), 64); + // } + // } + // + // /** + // * RC2 + // */ + // static public class RC2 + // extends JCEBlockCipher + // { + // public RC2() + // { + // super(new RC2Engine()); + // } + // } + // + // /** + // * RC2CBC + // */ + // static public class RC2CBC + // extends JCEBlockCipher + // { + // public RC2CBC() + // { + // super(new CBCBlockCipher(new RC2Engine()), 64); + // } + // } + // END android-removed /** * PBEWithMD5AndDES @@ -822,7 +857,7 @@ super(new CBCBlockCipher(new RC2Engine())); } } - + /** * PBEWithSHA1AndDES */ @@ -870,7 +905,7 @@ super(new CBCBlockCipher(new DESedeEngine())); } } - + /** * PBEWithSHAAnd128BitRC2-CBC */ @@ -894,7 +929,7 @@ super(new CBCBlockCipher(new RC2Engine())); } } - + /** * PBEWithSHAAndTwofish-CBC */ @@ -906,7 +941,7 @@ super(new CBCBlockCipher(new TwofishEngine())); } } - + /** * PBEWithAES-CBC */ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java 2011-09-08 21:28:49.000000000 +0000 @@ -36,10 +36,12 @@ static { - Integer i64 = new Integer(64); - Integer i192 = new Integer(192); - Integer i128 = new Integer(128); - Integer i256 = new Integer(256); + // BEGIN android-changed + Integer i64 = Integer.valueOf(64); + Integer i192 = Integer.valueOf(192); + Integer i128 = Integer.valueOf(128); + Integer i256 = Integer.valueOf(256); + // END android-changed algorithms.put("DES", i64); algorithms.put("DESEDE", i192); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDigestUtil.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDigestUtil.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDigestUtil.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDigestUtil.java 2011-09-08 21:28:49.000000000 +0000 @@ -12,7 +12,9 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.MD5Digest; import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.crypto.digests.SHA224Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.SHA224Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA256Digest; import org.bouncycastle.crypto.digests.SHA384Digest; import org.bouncycastle.crypto.digests.SHA512Digest; @@ -22,7 +24,9 @@ { private static Set md5 = new HashSet(); private static Set sha1 = new HashSet(); - private static Set sha224 = new HashSet(); + // BEGIN android-removed + // private static Set sha224 = new HashSet(); + // END android-removed private static Set sha256 = new HashSet(); private static Set sha384 = new HashSet(); private static Set sha512 = new HashSet(); @@ -38,9 +42,11 @@ sha1.add("SHA-1"); sha1.add(OIWObjectIdentifiers.idSHA1.getId()); - sha224.add("SHA224"); - sha224.add("SHA-224"); - sha224.add(NISTObjectIdentifiers.id_sha224.getId()); + // BEGIN android-removed + // sha224.add("SHA224"); + // sha224.add("SHA-224"); + // sha224.add(NISTObjectIdentifiers.id_sha224.getId()); + // END android-removed sha256.add("SHA256"); sha256.add("SHA-256"); @@ -61,9 +67,11 @@ oids.put("SHA-1", OIWObjectIdentifiers.idSHA1); oids.put(OIWObjectIdentifiers.idSHA1.getId(), OIWObjectIdentifiers.idSHA1); - oids.put("SHA224", NISTObjectIdentifiers.id_sha224); - oids.put("SHA-224", NISTObjectIdentifiers.id_sha224); - oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224); + // BEGIN android-removed + // oids.put("SHA224", NISTObjectIdentifiers.id_sha224); + // oids.put("SHA-224", NISTObjectIdentifiers.id_sha224); + // oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224); + // END android-removed oids.put("SHA256", NISTObjectIdentifiers.id_sha256); oids.put("SHA-256", NISTObjectIdentifiers.id_sha256); @@ -91,10 +99,12 @@ { return new MD5Digest(); } - if (sha224.contains(digestName)) - { - return new SHA224Digest(); - } + // BEGIN android-removed + // if (sha224.contains(digestName)) + // { + // return new SHA224Digest(); + // } + // END android-removed if (sha256.contains(digestName)) { return new SHA256Digest(); @@ -116,7 +126,9 @@ String digest2) { return (sha1.contains(digest1) && sha1.contains(digest2)) - || (sha224.contains(digest1) && sha224.contains(digest2)) + // BEGIN android-removed + // || (sha224.contains(digest1) && sha224.contains(digest2)) + // END android-removed || (sha256.contains(digest1) && sha256.contains(digest2)) || (sha384.contains(digest1) && sha384.contains(digest2)) || (sha512.contains(digest1) && sha512.contains(digest2)) diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPrivateKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2011-09-08 21:28:49.000000000 +0000 @@ -20,7 +20,9 @@ import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +// BEGIN android-removed +// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +// END android-removed import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; @@ -199,21 +201,23 @@ DERObjectIdentifier oid = (DERObjectIdentifier)params.getParameters(); X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); - if (ecP == null) // GOST Curve - { - ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); - EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); - - ecSpec = new ECNamedCurveSpec( - ECGOST3410NamedCurves.getName(oid), - ellipticCurve, - new ECPoint( - gParam.getG().getX().toBigInteger(), - gParam.getG().getY().toBigInteger()), - gParam.getN(), - gParam.getH()); - } - else + // BEGIN android-removed + // if (ecP == null) // GOST Curve + // { + // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); + // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); + // + // ecSpec = new ECNamedCurveSpec( + // ECGOST3410NamedCurves.getName(oid), + // ellipticCurve, + // new ECPoint( + // gParam.getG().getX().toBigInteger(), + // gParam.getG().getY().toBigInteger()), + // gParam.getN(), + // gParam.getH()); + // } + // else + // END android-removed { EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); @@ -324,11 +328,13 @@ keyStructure = new ECPrivateKeyStructure(this.getS(), params); } - if (algorithm.equals("ECGOST3410")) - { - info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.getDERObject()), keyStructure.getDERObject()); - } - else + // BEGIN android-removed + // if (algorithm.equals("ECGOST3410")) + // { + // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.getDERObject()), keyStructure.getDERObject()); + // } + // else + // END android-removed { info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), keyStructure.getDERObject()); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPublicKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPublicKey.java 2011-09-08 21:28:49.000000000 +0000 @@ -20,8 +20,10 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; -import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +// BEGIN android-removed +// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x9.X962Parameters; @@ -31,11 +33,15 @@ import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -import org.bouncycastle.jce.ECGOST3410NamedCurveTable; +// BEGIN android-removed +// import org.bouncycastle.jce.ECGOST3410NamedCurveTable; +// END android-removed import org.bouncycastle.jce.interfaces.ECPointEncoder; import org.bouncycastle.jce.provider.asymmetric.ec.EC5Util; import org.bouncycastle.jce.provider.asymmetric.ec.ECUtil; -import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; +// BEGIN android-removed +// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; +// END android-removed import org.bouncycastle.jce.spec.ECNamedCurveSpec; import org.bouncycastle.math.ec.ECCurve; @@ -46,7 +52,9 @@ private org.bouncycastle.math.ec.ECPoint q; private ECParameterSpec ecSpec; private boolean withCompression; - private GOST3410PublicKeyAlgParameters gostParams; + // BEGIN android-removed + // private GOST3410PublicKeyAlgParameters gostParams; + // END android-removed public JCEECPublicKey( String algorithm, @@ -56,7 +64,9 @@ this.q = key.q; this.ecSpec = key.ecSpec; this.withCompression = key.withCompression; - this.gostParams = key.gostParams; + // BEGIN android-removed + // this.gostParams = key.gostParams; + // END android-removed } public JCEECPublicKey( @@ -179,54 +189,56 @@ private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) { - if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) - { - DERBitString bits = info.getPublicKeyData(); - ASN1OctetString key; - this.algorithm = "ECGOST3410"; - - try - { - key = (ASN1OctetString) ASN1Object.fromByteArray(bits.getBytes()); - } - catch (IOException ex) - { - throw new IllegalArgumentException("error recovering public key"); - } - - byte[] keyEnc = key.getOctets(); - byte[] x = new byte[32]; - byte[] y = new byte[32]; - - for (int i = 0; i != x.length; i++) - { - x[i] = keyEnc[32 - 1 - i]; - } - - for (int i = 0; i != y.length; i++) - { - y[i] = keyEnc[64 - 1 - i]; - } - - gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); - - ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); - - ECCurve curve = spec.getCurve(); - EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); - - this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); - - ecSpec = new ECNamedCurveSpec( - ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), - ellipticCurve, - new ECPoint( - spec.getG().getX().toBigInteger(), - spec.getG().getY().toBigInteger()), - spec.getN(), spec.getH()); - - } - else + // BEGIN android-removed + // if (info.getAlgorithmId().getObjectId().equals(CryptoProObjectIdentifiers.gostR3410_2001)) + // { + // DERBitString bits = info.getPublicKeyData(); + // ASN1OctetString key; + // this.algorithm = "ECGOST3410"; + // + // try + // { + // key = (ASN1OctetString) ASN1Object.fromByteArray(bits.getBytes()); + // } + // catch (IOException ex) + // { + // throw new IllegalArgumentException("error recovering public key"); + // } + // + // byte[] keyEnc = key.getOctets(); + // byte[] x = new byte[32]; + // byte[] y = new byte[32]; + // + // for (int i = 0; i != x.length; i++) + // { + // x[i] = keyEnc[32 - 1 - i]; + // } + // + // for (int i = 0; i != y.length; i++) + // { + // y[i] = keyEnc[64 - 1 - i]; + // } + // + // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); + // + // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); + // + // ECCurve curve = spec.getCurve(); + // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); + // + // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); + // + // ecSpec = new ECNamedCurveSpec( + // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), + // ellipticCurve, + // new ECPoint( + // spec.getG().getX().toBigInteger(), + // spec.getG().getY().toBigInteger()), + // spec.getN(), spec.getH()); + // + // } + // else + // END android-removed { X962Parameters params = new X962Parameters((DERObject)info.getAlgorithmId().getParameters()); ECCurve curve; @@ -315,45 +327,47 @@ ASN1Encodable params; SubjectPublicKeyInfo info; - if (algorithm.equals("ECGOST3410")) - { - if (gostParams != null) - { - params = gostParams; - } - else - { - if (ecSpec instanceof ECNamedCurveSpec) - { - params = new GOST3410PublicKeyAlgParameters( - ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), - CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); - } - else - { // strictly speaking this may not be applicable... - ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); - - X9ECParameters ecP = new X9ECParameters( - curve, - EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), - ecSpec.getOrder(), - BigInteger.valueOf(ecSpec.getCofactor()), - ecSpec.getCurve().getSeed()); - - params = new X962Parameters(ecP); - } - } - - BigInteger bX = this.q.getX().toBigInteger(); - BigInteger bY = this.q.getY().toBigInteger(); - byte[] encKey = new byte[64]; - - extractBytes(encKey, 0, bX); - extractBytes(encKey, 32, bY); - - info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.getDERObject()), new DEROctetString(encKey)); - } - else + // BEGIN android-removed + // if (algorithm.equals("ECGOST3410")) + // { + // if (gostParams != null) + // { + // params = gostParams; + // } + // else + // { + // if (ecSpec instanceof ECNamedCurveSpec) + // { + // params = new GOST3410PublicKeyAlgParameters( + // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), + // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); + // } + // else + // { // strictly speaking this may not be applicable... + // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + // + // X9ECParameters ecP = new X9ECParameters( + // curve, + // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + // ecSpec.getOrder(), + // BigInteger.valueOf(ecSpec.getCofactor()), + // ecSpec.getCurve().getSeed()); + // + // params = new X962Parameters(ecP); + // } + // } + // + // BigInteger bX = this.q.getX().toBigInteger(); + // BigInteger bY = this.q.getY().toBigInteger(); + // byte[] encKey = new byte[64]; + // + // extractBytes(encKey, 0, bX); + // extractBytes(encKey, 32, bY); + // + // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.getDERObject()), new DEROctetString(encKey)); + // } + // else + // END android-removed { if (ecSpec instanceof ECNamedCurveSpec) { diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEKeyGenerator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEKeyGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEKeyGenerator.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEKeyGenerator.java 2011-09-08 21:28:49.000000000 +0000 @@ -57,6 +57,11 @@ { try { + // BEGIN android-added + if (random == null) { + random = new SecureRandom(); + } + // END android-added engine.init(new KeyGenerationParameters(random, keySize)); uninitialised = false; } @@ -93,56 +98,60 @@ } } - /** - * RC2 - */ - public static class RC2 - extends JCEKeyGenerator - { - public RC2() - { - super("RC2", 128, new CipherKeyGenerator()); - } - } - - /** - * GOST28147 - */ - public static class GOST28147 - extends JCEKeyGenerator - { - public GOST28147() - { - super("GOST28147", 256, new CipherKeyGenerator()); - } - } + // BEGIN android-removed + // /** + // * RC2 + // */ + // public static class RC2 + // extends JCEKeyGenerator + // { + // public RC2() + // { + // super("RC2", 128, new CipherKeyGenerator()); + // } + // } + // + // /** + // * GOST28147 + // */ + // public static class GOST28147 + // extends JCEKeyGenerator + // { + // public GOST28147() + // { + // super("GOST28147", 256, new CipherKeyGenerator()); + // } + // } + // END android-removed // HMAC Related secret keys.. - /** - * MD2HMAC - */ - public static class MD2HMAC - extends JCEKeyGenerator - { - public MD2HMAC() - { - super("HMACMD2", 128, new CipherKeyGenerator()); - } - } - - - /** - * MD4HMAC - */ - public static class MD4HMAC - extends JCEKeyGenerator - { - public MD4HMAC() - { - super("HMACMD4", 128, new CipherKeyGenerator()); - } - } + // BEGIN android-removed + // /** + // * MD2HMAC + // */ + // public static class MD2HMAC + // extends JCEKeyGenerator + // { + // public MD2HMAC() + // { + // super("HMACMD2", 128, new CipherKeyGenerator()); + // } + // } + // + // + // /** + // * MD4HMAC + // */ + // public static class MD4HMAC + // extends JCEKeyGenerator + // { + // public MD4HMAC() + // { + // super("HMACMD4", 128, new CipherKeyGenerator()); + // } + // } + // END android-removed /** * MD5HMAC @@ -157,29 +166,29 @@ } - /** - * RIPE128HMAC - */ - public static class RIPEMD128HMAC - extends JCEKeyGenerator - { - public RIPEMD128HMAC() - { - super("HMACRIPEMD128", 128, new CipherKeyGenerator()); - } - } - - /** - * RIPE160HMAC - */ - public static class RIPEMD160HMAC - extends JCEKeyGenerator - { - public RIPEMD160HMAC() - { - super("HMACRIPEMD160", 160, new CipherKeyGenerator()); - } - } + // /** + // * RIPE128HMAC + // */ + // public static class RIPEMD128HMAC + // extends JCEKeyGenerator + // { + // public RIPEMD128HMAC() + // { + // super("HMACRIPEMD128", 128, new CipherKeyGenerator()); + // } + // } + + // /** + // * RIPE160HMAC + // */ + // public static class RIPEMD160HMAC + // extends JCEKeyGenerator + // { + // public RIPEMD160HMAC() + // { + // super("HMACRIPEMD160", 160, new CipherKeyGenerator()); + // } + // } /** @@ -194,17 +203,19 @@ } } - /** - * HMACSHA224 - */ - public static class HMACSHA224 - extends JCEKeyGenerator - { - public HMACSHA224() - { - super("HMACSHA224", 224, new CipherKeyGenerator()); - } - } + // BEGIN android-removed + // /** + // * HMACSHA224 + // */ + // public static class HMACSHA224 + // extends JCEKeyGenerator + // { + // public HMACSHA224() + // { + // super("HMACSHA224", 224, new CipherKeyGenerator()); + // } + // } + // END android-removed /** * HMACSHA256 @@ -242,15 +253,17 @@ } } - /** - * HMACTIGER - */ - public static class HMACTIGER - extends JCEKeyGenerator - { - public HMACTIGER() - { - super("HMACTIGER", 192, new CipherKeyGenerator()); - } - } + // BEGIN android-removed + // /** + // * HMACTIGER + // */ + // public static class HMACTIGER + // extends JCEKeyGenerator + // { + // public HMACTIGER() + // { + // super("HMACTIGER", 192, new CipherKeyGenerator()); + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEMac.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEMac.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEMac.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEMac.java 2011-09-08 21:28:49.000000000 +0000 @@ -11,25 +11,39 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Mac; -import org.bouncycastle.crypto.digests.MD2Digest; -import org.bouncycastle.crypto.digests.MD4Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.MD2Digest; +// import org.bouncycastle.crypto.digests.MD4Digest; +// END android-removed import org.bouncycastle.crypto.digests.MD5Digest; -import org.bouncycastle.crypto.digests.RIPEMD128Digest; -import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.RIPEMD128Digest; +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.crypto.digests.SHA224Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.SHA224Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA256Digest; import org.bouncycastle.crypto.digests.SHA384Digest; import org.bouncycastle.crypto.digests.SHA512Digest; -import org.bouncycastle.crypto.digests.TigerDigest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.TigerDigest; +// END android-removed import org.bouncycastle.crypto.engines.DESEngine; -import org.bouncycastle.crypto.engines.RC2Engine; +// BEGIN android-removed +// import org.bouncycastle.crypto.engines.RC2Engine; +// END android-removed import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -import org.bouncycastle.crypto.macs.CFBBlockCipherMac; -import org.bouncycastle.crypto.macs.GOST28147Mac; +// BEGIN android-removed +// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; +// import org.bouncycastle.crypto.macs.GOST28147Mac; +// END android-removed import org.bouncycastle.crypto.macs.HMac; -import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; -import org.bouncycastle.crypto.macs.OldHMac; +// BEGIN android-removed +// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; +// import org.bouncycastle.crypto.macs.OldHMac; +// END android-removed import org.bouncycastle.crypto.paddings.ISO7816d4Padding; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; @@ -143,115 +157,117 @@ * the classes that extend directly off us. */ - /** - * DES - */ - public static class DES - extends JCEMac - { - public DES() - { - super(new CBCBlockCipherMac(new DESEngine())); - } - } - - /** - * RC2 - */ - public static class RC2 - extends JCEMac - { - public RC2() - { - super(new CBCBlockCipherMac(new RC2Engine())); - } - } - - /** - * GOST28147 - */ - public static class GOST28147 - extends JCEMac - { - public GOST28147() - { - super(new GOST28147Mac()); - } - } - - - - /** - * DES - */ - public static class DESCFB8 - extends JCEMac - { - public DESCFB8() - { - super(new CFBBlockCipherMac(new DESEngine())); - } - } - - /** - * RC2CFB8 - */ - public static class RC2CFB8 - extends JCEMac - { - public RC2CFB8() - { - super(new CFBBlockCipherMac(new RC2Engine())); - } - } - - /** - * DES9797Alg3with7816-4Padding - */ - public static class DES9797Alg3with7816d4 - extends JCEMac - { - public DES9797Alg3with7816d4() - { - super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); - } - } - - /** - * DES9797Alg3 - */ - public static class DES9797Alg3 - extends JCEMac - { - public DES9797Alg3() - { - super(new ISO9797Alg3Mac(new DESEngine())); - } - } - - /** - * MD2 HMac - */ - public static class MD2 - extends JCEMac - { - public MD2() - { - super(new HMac(new MD2Digest())); - } - } - - /** - * MD4 HMac - */ - public static class MD4 - extends JCEMac - { - public MD4() - { - super(new HMac(new MD4Digest())); - } - } + // BEGIN android-removed + // /** + // * DES + // */ + // public static class DES + // extends JCEMac + // { + // public DES() + // { + // super(new CBCBlockCipherMac(new DESEngine())); + // } + // } + // + // /** + // * RC2 + // */ + // public static class RC2 + // extends JCEMac + // { + // public RC2() + // { + // super(new CBCBlockCipherMac(new RC2Engine())); + // } + // } + // + // /** + // * GOST28147 + // */ + // public static class GOST28147 + // extends JCEMac + // { + // public GOST28147() + // { + // super(new GOST28147Mac()); + // } + // } + // + // + // + // /** + // * DES + // */ + // public static class DESCFB8 + // extends JCEMac + // { + // public DESCFB8() + // { + // super(new CFBBlockCipherMac(new DESEngine())); + // } + // } + // + // /** + // * RC2CFB8 + // */ + // public static class RC2CFB8 + // extends JCEMac + // { + // public RC2CFB8() + // { + // super(new CFBBlockCipherMac(new RC2Engine())); + // } + // } + // + // /** + // * DES9797Alg3with7816-4Padding + // */ + // public static class DES9797Alg3with7816d4 + // extends JCEMac + // { + // public DES9797Alg3with7816d4() + // { + // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); + // } + // } + // + // /** + // * DES9797Alg3 + // */ + // public static class DES9797Alg3 + // extends JCEMac + // { + // public DES9797Alg3() + // { + // super(new ISO9797Alg3Mac(new DESEngine())); + // } + // } + // + // /** + // * MD2 HMac + // */ + // public static class MD2 + // extends JCEMac + // { + // public MD2() + // { + // super(new HMac(new MD2Digest())); + // } + // } + // + // /** + // * MD4 HMac + // */ + // public static class MD4 + // extends JCEMac + // { + // public MD4() + // { + // super(new HMac(new MD4Digest())); + // } + // } + // END android-removed /** * MD5 HMac @@ -264,7 +280,7 @@ super(new HMac(new MD5Digest())); } } - + /** * SHA1 HMac */ @@ -276,18 +292,20 @@ super(new HMac(new SHA1Digest())); } } - - /** - * SHA-224 HMac - */ - public static class SHA224 - extends JCEMac - { - public SHA224() - { - super(new HMac(new SHA224Digest())); - } - } + + // BEGIN android-removed + // /** + // * SHA-224 HMac + // */ + // public static class SHA224 + // extends JCEMac + // { + // public SHA224() + // { + // super(new HMac(new SHA224Digest())); + // } + // } + // END android-removed /** * SHA-256 HMac @@ -300,7 +318,7 @@ super(new HMac(new SHA256Digest())); } } - + /** * SHA-384 HMac */ @@ -312,15 +330,17 @@ super(new HMac(new SHA384Digest())); } } - - public static class OldSHA384 - extends JCEMac - { - public OldSHA384() - { - super(new OldHMac(new SHA384Digest())); - } - } + + // BEGIN android-removed + // public static class OldSHA384 + // extends JCEMac + // { + // public OldSHA384() + // { + // super(new OldHMac(new SHA384Digest())); + // } + // } + // END android-removed /** * SHA-512 HMac @@ -333,73 +353,75 @@ super(new HMac(new SHA512Digest())); } } - - /** - * SHA-512 HMac - */ - public static class OldSHA512 - extends JCEMac - { - public OldSHA512() - { - super(new OldHMac(new SHA512Digest())); - } - } - /** - * RIPEMD128 HMac - */ - public static class RIPEMD128 - extends JCEMac - { - public RIPEMD128() - { - super(new HMac(new RIPEMD128Digest())); - } - } - - /** - * RIPEMD160 HMac - */ - public static class RIPEMD160 - extends JCEMac - { - public RIPEMD160() - { - super(new HMac(new RIPEMD160Digest())); - } - } - - /** - * Tiger HMac - */ - public static class Tiger - extends JCEMac - { - public Tiger() - { - super(new HMac(new TigerDigest())); - } - } - + // BEGIN android-removed + // /** + // * SHA-512 HMac + // */ + // public static class OldSHA512 + // extends JCEMac + // { + // public OldSHA512() + // { + // super(new OldHMac(new SHA512Digest())); + // } + // } // - // PKCS12 states that the same algorithm should be used - // for the key generation as is used in the HMAC, so that - // is what we do here. + // /** + // * RIPEMD128 HMac + // */ + // public static class RIPEMD128 + // extends JCEMac + // { + // public RIPEMD128() + // { + // super(new HMac(new RIPEMD128Digest())); + // } + // } // - - /** - * PBEWithHmacRIPEMD160 - */ - public static class PBEWithRIPEMD160 - extends JCEMac - { - public PBEWithRIPEMD160() - { - super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); - } - } - + // /** + // * RIPEMD160 HMac + // */ + // public static class RIPEMD160 + // extends JCEMac + // { + // public RIPEMD160() + // { + // super(new HMac(new RIPEMD160Digest())); + // } + // } + // + // /** + // * Tiger HMac + // */ + // public static class Tiger + // extends JCEMac + // { + // public Tiger() + // { + // super(new HMac(new TigerDigest())); + // } + // } + // + // // + // // PKCS12 states that the same algorithm should be used + // // for the key generation as is used in the HMAC, so that + // // is what we do here. + // // + // + // /** + // * PBEWithHmacRIPEMD160 + // */ + // public static class PBEWithRIPEMD160 + // extends JCEMac + // { + // public PBEWithRIPEMD160() + // { + // super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); + // } + // } + // END android-removed + /** * PBEWithHmacSHA */ @@ -411,16 +433,18 @@ super(new HMac(new SHA1Digest()), PKCS12, SHA1, 160); } } - - /** - * PBEWithHmacTiger - */ - public static class PBEWithTiger - extends JCEMac - { - public PBEWithTiger() - { - super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); - } - } + + // BEGIN android-removed + // /** + // * PBEWithHmacTiger + // */ + // public static class PBEWithTiger + // extends JCEMac + // { + // public PBEWithTiger() + // { + // super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSACipher.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSACipher.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSACipher.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSACipher.java 2011-09-08 21:28:49.000000000 +0000 @@ -535,48 +535,50 @@ } } - static public class PKCS1v1_5Padding - extends JCERSACipher - { - public PKCS1v1_5Padding() - { - super(new PKCS1Encoding(new RSABlindedEngine())); - } - } - - static public class PKCS1v1_5Padding_PrivateOnly - extends JCERSACipher - { - public PKCS1v1_5Padding_PrivateOnly() - { - super(false, true, new PKCS1Encoding(new RSABlindedEngine())); - } - } - - static public class PKCS1v1_5Padding_PublicOnly - extends JCERSACipher - { - public PKCS1v1_5Padding_PublicOnly() - { - super(true, false, new PKCS1Encoding(new RSABlindedEngine())); - } - } - - static public class OAEPPadding - extends JCERSACipher - { - public OAEPPadding() - { - super(OAEPParameterSpec.DEFAULT); - } - } - - static public class ISO9796d1Padding - extends JCERSACipher - { - public ISO9796d1Padding() - { - super(new ISO9796d1Encoding(new RSABlindedEngine())); - } - } + // BEGIN android-removed + // static public class PKCS1v1_5Padding + // extends JCERSACipher + // { + // public PKCS1v1_5Padding() + // { + // super(new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // + // static public class PKCS1v1_5Padding_PrivateOnly + // extends JCERSACipher + // { + // public PKCS1v1_5Padding_PrivateOnly() + // { + // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // + // static public class PKCS1v1_5Padding_PublicOnly + // extends JCERSACipher + // { + // public PKCS1v1_5Padding_PublicOnly() + // { + // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // + // static public class OAEPPadding + // extends JCERSACipher + // { + // public OAEPPadding() + // { + // super(OAEPParameterSpec.DEFAULT); + // } + // } + // + // static public class ISO9796d1Padding + // extends JCERSACipher + // { + // public ISO9796d1Padding() + // { + // super(new ISO9796d1Encoding(new RSABlindedEngine())); + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java 2011-09-08 21:28:49.000000000 +0000 @@ -125,7 +125,9 @@ */ public byte[] getEncoded() { - PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPrivateKeyStructure(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient()).getDERObject()); + // BEGIN android-changed + PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPrivateKeyStructure(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient()).getDERObject()); + // END android-changed return info.getDEREncoded(); } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateKey.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateKey.java 2011-09-08 21:28:49.000000000 +0000 @@ -77,7 +77,9 @@ public byte[] getEncoded() { - PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPrivateKeyStructure(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO).getDERObject()); + // BEGIN android-changed + PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPrivateKeyStructure(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO).getDERObject()); + // END android-changed return info.getDEREncoded(); } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPublicKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPublicKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPublicKey.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPublicKey.java 2011-09-08 21:28:49.000000000 +0000 @@ -90,7 +90,9 @@ public byte[] getEncoded() { - SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPublicKeyStructure(getModulus(), getPublicExponent()).getDERObject()); + // BEGIN android-changed + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKeyStructure(getModulus(), getPublicExponent()).getDERObject()); + // END android-changed return info.getDEREncoded(); } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCESecretKeyFactory.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCESecretKeyFactory.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2011-09-08 21:28:49.000000000 +0000 @@ -250,29 +250,31 @@ } } - /** - * PBEWithMD2AndDES - */ - static public class PBEWithMD2AndDES - extends DESPBEKeyFactory - { - public PBEWithMD2AndDES() - { - super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); - } - } - - /** - * PBEWithMD2AndRC2 - */ - static public class PBEWithMD2AndRC2 - extends PBEKeyFactory - { - public PBEWithMD2AndRC2() - { - super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); - } - } + // BEGIN android-removed + // /** + // * PBEWithMD2AndDES + // */ + // static public class PBEWithMD2AndDES + // extends DESPBEKeyFactory + // { + // public PBEWithMD2AndDES() + // { + // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); + // } + // } + // + // /** + // * PBEWithMD2AndRC2 + // */ + // static public class PBEWithMD2AndRC2 + // extends PBEKeyFactory + // { + // public PBEWithMD2AndRC2() + // { + // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); + // } + // } + // END android-removed /** * PBEWithMD5AndDES @@ -406,17 +408,19 @@ } } - /** - * PBEWithHmacRIPEMD160 - */ - public static class PBEWithRIPEMD160 - extends PBEKeyFactory - { - public PBEWithRIPEMD160() - { - super("PBEwithHmacRIPEMD160", null, false, PKCS12, RIPEMD160, 160, 0); - } - } + // BEGIN android-removed + // /** + // * PBEWithHmacRIPEMD160 + // */ + // public static class PBEWithRIPEMD160 + // extends PBEKeyFactory + // { + // public PBEWithRIPEMD160() + // { + // super("PBEwithHmacRIPEMD160", null, false, PKCS12, RIPEMD160, 160, 0); + // } + // } + // END android-removed /** * PBEWithHmacSHA @@ -430,17 +434,19 @@ } } - /** - * PBEWithHmacTiger - */ - public static class PBEWithTiger - extends PBEKeyFactory - { - public PBEWithTiger() - { - super("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192, 0); - } - } + // BEGIN android-removed + // /** + // * PBEWithHmacTiger + // */ + // public static class PBEWithTiger + // extends PBEKeyFactory + // { + // public PBEWithTiger() + // { + // super("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192, 0); + // } + // } + // END android-removed /** * PBEWithSHA1And128BitAES-BC @@ -549,4 +555,56 @@ super("PBEWithMD5And256BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 256, 128); } } + // BEGIN android-added + static public class PBKDF2WithHmacSHA1 + extends JCESecretKeyFactory + { + public PBKDF2WithHmacSHA1() + { + super("PBKDF2WithHmacSHA1", PKCSObjectIdentifiers.id_PBKDF2); + } + + protected SecretKey engineGenerateSecret( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof PBEKeySpec) + { + PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; + + if (pbeSpec.getSalt() == null) + { + throw new InvalidKeySpecException("missing required salt"); + } + + if (pbeSpec.getIterationCount() <= 0) + { + throw new InvalidKeySpecException("positive iteration count required: " + + pbeSpec.getIterationCount()); + } + + if (pbeSpec.getKeyLength() <= 0) + { + throw new InvalidKeySpecException("positive key length required: " + + pbeSpec.getKeyLength()); + } + + if (pbeSpec.getPassword().length == 0) + { + throw new IllegalArgumentException("password empty"); + } + + int scheme = PKCS5S2; + int digest = SHA1; + int keySize = pbeSpec.getKeyLength(); + int ivSize = -1; + CipherParameters param = Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); + + return new JCEPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); + } + + throw new InvalidKeySpecException("Invalid KeySpec"); + } + } + // END android-added } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEStreamCipher.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEStreamCipher.java 2011-09-08 21:28:49.000000000 +0000 @@ -13,20 +13,26 @@ import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -import javax.crypto.spec.RC2ParameterSpec; -import javax.crypto.spec.RC5ParameterSpec; +// BEGIN android-removed +// import javax.crypto.spec.RC2ParameterSpec; +// import javax.crypto.spec.RC5ParameterSpec; +// END android-removed import org.bouncycastle.crypto.BlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DataLengthException; import org.bouncycastle.crypto.StreamBlockCipher; import org.bouncycastle.crypto.StreamCipher; -import org.bouncycastle.crypto.engines.BlowfishEngine; -import org.bouncycastle.crypto.engines.DESEngine; -import org.bouncycastle.crypto.engines.DESedeEngine; +// BEGIN android-removed +// import org.bouncycastle.crypto.engines.BlowfishEngine; +// import org.bouncycastle.crypto.engines.DESEngine; +// import org.bouncycastle.crypto.engines.DESedeEngine; +// END android-removed import org.bouncycastle.crypto.engines.RC4Engine; -import org.bouncycastle.crypto.engines.SkipjackEngine; -import org.bouncycastle.crypto.engines.TwofishEngine; +// BEGIN android-removed +// import org.bouncycastle.crypto.engines.SkipjackEngine; +// import org.bouncycastle.crypto.engines.TwofishEngine; +// END android-removed import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.OFBBlockCipher; import org.bouncycastle.crypto.params.KeyParameter; @@ -40,8 +46,10 @@ // private Class[] availableSpecs = { - RC2ParameterSpec.class, - RC5ParameterSpec.class, + // BEGIN android-removed + // RC2ParameterSpec.class, + // RC5ParameterSpec.class, + // END android-removed IvParameterSpec.class, PBEParameterSpec.class }; @@ -370,125 +378,127 @@ * The ciphers that inherit from us. */ - /** - * DES - */ - static public class DES_CFB8 - extends JCEStreamCipher - { - public DES_CFB8() - { - super(new CFBBlockCipher(new DESEngine(), 8), 64); - } - } - - /** - * DESede - */ - static public class DESede_CFB8 - extends JCEStreamCipher - { - public DESede_CFB8() - { - super(new CFBBlockCipher(new DESedeEngine(), 8), 64); - } - } - - /** - * SKIPJACK - */ - static public class Skipjack_CFB8 - extends JCEStreamCipher - { - public Skipjack_CFB8() - { - super(new CFBBlockCipher(new SkipjackEngine(), 8), 64); - } - } - - /** - * Blowfish - */ - static public class Blowfish_CFB8 - extends JCEStreamCipher - { - public Blowfish_CFB8() - { - super(new CFBBlockCipher(new BlowfishEngine(), 8), 64); - } - } - - /** - * Twofish - */ - static public class Twofish_CFB8 - extends JCEStreamCipher - { - public Twofish_CFB8() - { - super(new CFBBlockCipher(new TwofishEngine(), 8), 128); - } - } - - /** - * DES - */ - static public class DES_OFB8 - extends JCEStreamCipher - { - public DES_OFB8() - { - super(new OFBBlockCipher(new DESEngine(), 8), 64); - } - } - - /** - * DESede - */ - static public class DESede_OFB8 - extends JCEStreamCipher - { - public DESede_OFB8() - { - super(new OFBBlockCipher(new DESedeEngine(), 8), 64); - } - } - - /** - * SKIPJACK - */ - static public class Skipjack_OFB8 - extends JCEStreamCipher - { - public Skipjack_OFB8() - { - super(new OFBBlockCipher(new SkipjackEngine(), 8), 64); - } - } - - /** - * Blowfish - */ - static public class Blowfish_OFB8 - extends JCEStreamCipher - { - public Blowfish_OFB8() - { - super(new OFBBlockCipher(new BlowfishEngine(), 8), 64); - } - } - - /** - * Twofish - */ - static public class Twofish_OFB8 - extends JCEStreamCipher - { - public Twofish_OFB8() - { - super(new OFBBlockCipher(new TwofishEngine(), 8), 128); - } - } + // BEGIN android-removed + // /** + // * DES + // */ + // static public class DES_CFB8 + // extends JCEStreamCipher + // { + // public DES_CFB8() + // { + // super(new CFBBlockCipher(new DESEngine(), 8), 64); + // } + // } + // + // /** + // * DESede + // */ + // static public class DESede_CFB8 + // extends JCEStreamCipher + // { + // public DESede_CFB8() + // { + // super(new CFBBlockCipher(new DESedeEngine(), 8), 64); + // } + // } + // + // /** + // * SKIPJACK + // */ + // static public class Skipjack_CFB8 + // extends JCEStreamCipher + // { + // public Skipjack_CFB8() + // { + // super(new CFBBlockCipher(new SkipjackEngine(), 8), 64); + // } + // } + // + // /** + // * Blowfish + // */ + // static public class Blowfish_CFB8 + // extends JCEStreamCipher + // { + // public Blowfish_CFB8() + // { + // super(new CFBBlockCipher(new BlowfishEngine(), 8), 64); + // } + // } + // + // /** + // * Twofish + // */ + // static public class Twofish_CFB8 + // extends JCEStreamCipher + // { + // public Twofish_CFB8() + // { + // super(new CFBBlockCipher(new TwofishEngine(), 8), 128); + // } + // } + // + // /** + // * DES + // */ + // static public class DES_OFB8 + // extends JCEStreamCipher + // { + // public DES_OFB8() + // { + // super(new OFBBlockCipher(new DESEngine(), 8), 64); + // } + // } + // + // /** + // * DESede + // */ + // static public class DESede_OFB8 + // extends JCEStreamCipher + // { + // public DESede_OFB8() + // { + // super(new OFBBlockCipher(new DESedeEngine(), 8), 64); + // } + // } + // + // /** + // * SKIPJACK + // */ + // static public class Skipjack_OFB8 + // extends JCEStreamCipher + // { + // public Skipjack_OFB8() + // { + // super(new OFBBlockCipher(new SkipjackEngine(), 8), 64); + // } + // } + // + // /** + // * Blowfish + // */ + // static public class Blowfish_OFB8 + // extends JCEStreamCipher + // { + // public Blowfish_OFB8() + // { + // super(new OFBBlockCipher(new BlowfishEngine(), 8), 64); + // } + // } + // + // /** + // * Twofish + // */ + // static public class Twofish_OFB8 + // extends JCEStreamCipher + // { + // public Twofish_OFB8() + // { + // super(new OFBBlockCipher(new TwofishEngine(), 8), 128); + // } + // } + // END android-removed /** * PBEWithSHAAnd128BitRC4 @@ -501,7 +511,7 @@ super(new RC4Engine(), 0); } } - + /** * PBEWithSHAAnd40BitRC4 */ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java 2011-09-08 21:28:49.000000000 +0000 @@ -11,18 +11,24 @@ import javax.crypto.spec.DHGenParameterSpec; import javax.crypto.spec.DHParameterSpec; import javax.crypto.spec.IvParameterSpec; -import javax.crypto.spec.RC2ParameterSpec; +// BEGIN android-removed +// import javax.crypto.spec.RC2ParameterSpec; +// END android-removed import org.bouncycastle.crypto.generators.DHParametersGenerator; import org.bouncycastle.crypto.generators.DSAParametersGenerator; -import org.bouncycastle.crypto.generators.ElGamalParametersGenerator; -import org.bouncycastle.crypto.generators.GOST3410ParametersGenerator; +// BEGIN android-removed +// import org.bouncycastle.crypto.generators.ElGamalParametersGenerator; +// import org.bouncycastle.crypto.generators.GOST3410ParametersGenerator; +// END android-removed import org.bouncycastle.crypto.params.DHParameters; import org.bouncycastle.crypto.params.DSAParameters; -import org.bouncycastle.crypto.params.ElGamalParameters; -import org.bouncycastle.crypto.params.GOST3410Parameters; -import org.bouncycastle.jce.spec.GOST3410ParameterSpec; -import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; +// BEGIN android-removed +// import org.bouncycastle.crypto.params.ElGamalParameters; +// import org.bouncycastle.crypto.params.GOST3410Parameters; +// import org.bouncycastle.jce.spec.GOST3410ParameterSpec; +// import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; +// END android-removed public abstract class JDKAlgorithmParameterGenerator extends AlgorithmParameterGeneratorSpi @@ -145,196 +151,198 @@ } } - public static class GOST3410 - extends JDKAlgorithmParameterGenerator - { - protected void engineInit( - AlgorithmParameterSpec genParamSpec, - SecureRandom random) - throws InvalidAlgorithmParameterException - { - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for GOST3410 parameter generation."); - } - - protected AlgorithmParameters engineGenerateParameters() - { - GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator(); - - if (random != null) - { - pGen.init(strength, 2, random); - } - else - { - pGen.init(strength, 2, new SecureRandom()); - } - - GOST3410Parameters p = pGen.generateParameters(); - - AlgorithmParameters params; - - try - { - params = AlgorithmParameters.getInstance("GOST3410", BouncyCastleProvider.PROVIDER_NAME); - params.init(new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec(p.getP(), p.getQ(), p.getA()))); - } - catch (Exception e) - { - throw new RuntimeException(e.getMessage()); - } - - return params; - } - } - - public static class ElGamal - extends JDKAlgorithmParameterGenerator - { - private int l = 0; - - protected void engineInit( - AlgorithmParameterSpec genParamSpec, - SecureRandom random) - throws InvalidAlgorithmParameterException - { - if (!(genParamSpec instanceof DHGenParameterSpec)) - { - throw new InvalidAlgorithmParameterException("DH parameter generator requires a DHGenParameterSpec for initialisation"); - } - DHGenParameterSpec spec = (DHGenParameterSpec)genParamSpec; - - this.strength = spec.getPrimeSize(); - this.l = spec.getExponentSize(); - this.random = random; - } - - protected AlgorithmParameters engineGenerateParameters() - { - ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); - - if (random != null) - { - pGen.init(strength, 20, random); - } - else - { - pGen.init(strength, 20, new SecureRandom()); - } - - ElGamalParameters p = pGen.generateParameters(); - - AlgorithmParameters params; - - try - { - params = AlgorithmParameters.getInstance("ElGamal", BouncyCastleProvider.PROVIDER_NAME); - params.init(new DHParameterSpec(p.getP(), p.getG(), l)); - } - catch (Exception e) - { - throw new RuntimeException(e.getMessage()); - } - - return params; - } - } - - public static class DES - extends JDKAlgorithmParameterGenerator - { - protected void engineInit( - AlgorithmParameterSpec genParamSpec, - SecureRandom random) - throws InvalidAlgorithmParameterException - { - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); - } - - protected AlgorithmParameters engineGenerateParameters() - { - byte[] iv = new byte[8]; - - if (random == null) - { - random = new SecureRandom(); - } - - random.nextBytes(iv); - - AlgorithmParameters params; - - try - { - params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); - params.init(new IvParameterSpec(iv)); - } - catch (Exception e) - { - throw new RuntimeException(e.getMessage()); - } - - return params; - } - } - - public static class RC2 - extends JDKAlgorithmParameterGenerator - { - RC2ParameterSpec spec = null; - - protected void engineInit( - AlgorithmParameterSpec genParamSpec, - SecureRandom random) - throws InvalidAlgorithmParameterException - { - if (genParamSpec instanceof RC2ParameterSpec) - { - spec = (RC2ParameterSpec)genParamSpec; - return; - } - - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); - } - - protected AlgorithmParameters engineGenerateParameters() - { - AlgorithmParameters params; - - if (spec == null) - { - byte[] iv = new byte[8]; - - if (random == null) - { - random = new SecureRandom(); - } - - random.nextBytes(iv); - - try - { - params = AlgorithmParameters.getInstance("RC2", BouncyCastleProvider.PROVIDER_NAME); - params.init(new IvParameterSpec(iv)); - } - catch (Exception e) - { - throw new RuntimeException(e.getMessage()); - } - } - else - { - try - { - params = AlgorithmParameters.getInstance("RC2", BouncyCastleProvider.PROVIDER_NAME); - params.init(spec); - } - catch (Exception e) - { - throw new RuntimeException(e.getMessage()); - } - } - - return params; - } - } + // BEGIN android-removed + // public static class GOST3410 + // extends JDKAlgorithmParameterGenerator + // { + // protected void engineInit( + // AlgorithmParameterSpec genParamSpec, + // SecureRandom random) + // throws InvalidAlgorithmParameterException + // { + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for GOST3410 parameter generation."); + // } + // + // protected AlgorithmParameters engineGenerateParameters() + // { + // GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator(); + // + // if (random != null) + // { + // pGen.init(strength, 2, random); + // } + // else + // { + // pGen.init(strength, 2, new SecureRandom()); + // } + // + // GOST3410Parameters p = pGen.generateParameters(); + // + // AlgorithmParameters params; + // + // try + // { + // params = AlgorithmParameters.getInstance("GOST3410", BouncyCastleProvider.PROVIDER_NAME); + // params.init(new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec(p.getP(), p.getQ(), p.getA()))); + // } + // catch (Exception e) + // { + // throw new RuntimeException(e.getMessage()); + // } + // + // return params; + // } + // } + // + // public static class ElGamal + // extends JDKAlgorithmParameterGenerator + // { + // private int l = 0; + // + // protected void engineInit( + // AlgorithmParameterSpec genParamSpec, + // SecureRandom random) + // throws InvalidAlgorithmParameterException + // { + // if (!(genParamSpec instanceof DHGenParameterSpec)) + // { + // throw new InvalidAlgorithmParameterException("DH parameter generator requires a DHGenParameterSpec for initialisation"); + // } + // DHGenParameterSpec spec = (DHGenParameterSpec)genParamSpec; + // + // this.strength = spec.getPrimeSize(); + // this.l = spec.getExponentSize(); + // this.random = random; + // } + // + // protected AlgorithmParameters engineGenerateParameters() + // { + // ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); + // + // if (random != null) + // { + // pGen.init(strength, 20, random); + // } + // else + // { + // pGen.init(strength, 20, new SecureRandom()); + // } + // + // ElGamalParameters p = pGen.generateParameters(); + // + // AlgorithmParameters params; + // + // try + // { + // params = AlgorithmParameters.getInstance("ElGamal", BouncyCastleProvider.PROVIDER_NAME); + // params.init(new DHParameterSpec(p.getP(), p.getG(), l)); + // } + // catch (Exception e) + // { + // throw new RuntimeException(e.getMessage()); + // } + // + // return params; + // } + // } + // + // public static class DES + // extends JDKAlgorithmParameterGenerator + // { + // protected void engineInit( + // AlgorithmParameterSpec genParamSpec, + // SecureRandom random) + // throws InvalidAlgorithmParameterException + // { + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); + // } + // + // protected AlgorithmParameters engineGenerateParameters() + // { + // byte[] iv = new byte[8]; + // + // if (random == null) + // { + // random = new SecureRandom(); + // } + // + // random.nextBytes(iv); + // + // AlgorithmParameters params; + // + // try + // { + // params = AlgorithmParameters.getInstance("DES", BouncyCastleProvider.PROVIDER_NAME); + // params.init(new IvParameterSpec(iv)); + // } + // catch (Exception e) + // { + // throw new RuntimeException(e.getMessage()); + // } + // + // return params; + // } + // } + // + // public static class RC2 + // extends JDKAlgorithmParameterGenerator + // { + // RC2ParameterSpec spec = null; + // + // protected void engineInit( + // AlgorithmParameterSpec genParamSpec, + // SecureRandom random) + // throws InvalidAlgorithmParameterException + // { + // if (genParamSpec instanceof RC2ParameterSpec) + // { + // spec = (RC2ParameterSpec)genParamSpec; + // return; + // } + // + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); + // } + // + // protected AlgorithmParameters engineGenerateParameters() + // { + // AlgorithmParameters params; + // + // if (spec == null) + // { + // byte[] iv = new byte[8]; + // + // if (random == null) + // { + // random = new SecureRandom(); + // } + // + // random.nextBytes(iv); + // + // try + // { + // params = AlgorithmParameters.getInstance("RC2", BouncyCastleProvider.PROVIDER_NAME); + // params.init(new IvParameterSpec(iv)); + // } + // catch (Exception e) + // { + // throw new RuntimeException(e.getMessage()); + // } + // } + // else + // { + // try + // { + // params = AlgorithmParameters.getInstance("RC2", BouncyCastleProvider.PROVIDER_NAME); + // params.init(spec); + // } + // catch (Exception e) + // { + // throw new RuntimeException(e.getMessage()); + // } + // } + // + // return params; + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2011-09-08 21:28:49.000000000 +0000 @@ -10,21 +10,27 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; -import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; -import org.bouncycastle.asn1.oiw.ElGamalParameter; +// BEGIN android-removed +// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +// import org.bouncycastle.asn1.oiw.ElGamalParameter; +// END android-removed import org.bouncycastle.asn1.pkcs.DHParameter; import org.bouncycastle.asn1.pkcs.PKCS12PBEParams; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -import org.bouncycastle.asn1.pkcs.RC2CBCParameter; +// BEGIN android-removed +// import org.bouncycastle.asn1.pkcs.RC2CBCParameter; +// END android-removed import org.bouncycastle.asn1.pkcs.RSAESOAEPparams; import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; import org.bouncycastle.asn1.pkcs.PBKDF2Params; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.DSAParameter; -import org.bouncycastle.jce.spec.ElGamalParameterSpec; -import org.bouncycastle.jce.spec.GOST3410ParameterSpec; -import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; -import org.bouncycastle.jce.spec.IESParameterSpec; +// BEGIN android-removed +// import org.bouncycastle.jce.spec.ElGamalParameterSpec; +// import org.bouncycastle.jce.spec.GOST3410ParameterSpec; +// import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; +// import org.bouncycastle.jce.spec.IESParameterSpec; +// END android-removed import org.bouncycastle.util.Arrays; import javax.crypto.spec.DHParameterSpec; @@ -32,7 +38,9 @@ import javax.crypto.spec.OAEPParameterSpec; import javax.crypto.spec.PBEParameterSpec; import javax.crypto.spec.PSource; -import javax.crypto.spec.RC2ParameterSpec; +// BEGIN android-removed +// import javax.crypto.spec.RC2ParameterSpec; +// END android-removed import java.io.IOException; import java.security.AlgorithmParametersSpi; import java.security.spec.AlgorithmParameterSpec; @@ -68,13 +76,13 @@ extends JDKAlgorithmParameters { private byte[] iv; - + protected byte[] engineGetEncoded() throws IOException { return engineGetEncoded("ASN.1"); } - + protected byte[] engineGetEncoded( String format) throws IOException @@ -83,15 +91,15 @@ { return new DEROctetString(engineGetEncoded("RAW")).getEncoded(); } - + if (format.equals("RAW")) { return Arrays.clone(iv); } - + return null; } - + protected AlgorithmParameterSpec localEngineGetParameterSpec( Class paramSpec) throws InvalidParameterSpecException @@ -100,10 +108,10 @@ { return new IvParameterSpec(iv); } - + throw new InvalidParameterSpecException("unknown parameter spec passed to IV parameters object."); } - + protected void engineInit( AlgorithmParameterSpec paramSpec) throws InvalidParameterSpecException @@ -112,10 +120,10 @@ { throw new InvalidParameterSpecException("IvParameterSpec required to initialise a IV parameters algorithm parameters object"); } - + this.iv = ((IvParameterSpec)paramSpec).getIV(); } - + protected void engineInit( byte[] params) throws IOException @@ -127,13 +135,13 @@ && params[0] == 0x04 && params[1] == params.length - 2) { ASN1OctetString oct = (ASN1OctetString)ASN1Object.fromByteArray(params); - + params = oct.getOctets(); } - + this.iv = Arrays.clone(params); } - + protected void engineInit( byte[] params, String format) @@ -144,204 +152,206 @@ try { ASN1OctetString oct = (ASN1OctetString)ASN1Object.fromByteArray(params); - + engineInit(oct.getOctets()); } catch (Exception e) { throw new IOException("Exception decoding: " + e); } - + return; } - + if (format.equals("RAW")) { engineInit(params); return; } - + throw new IOException("Unknown parameters format in IV parameters object"); } - + protected String engineToString() { return "IV Parameters"; } } - - public static class RC2AlgorithmParameters - extends JDKAlgorithmParameters - { - private static final short[] table = { - 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, - 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, - 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, - 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, - 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, - 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, - 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, - 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, - 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, - 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, - 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, - 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, - 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, - 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, - 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, - 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab - }; - - private static final short[] ekb = { - 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, - 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, - 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, - 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, - 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, - 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, - 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, - 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, - 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, - 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, - 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, - 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, - 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, - 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, - 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, - 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd - }; - - private byte[] iv; - private int parameterVersion = 58; - - protected byte[] engineGetEncoded() - { - return Arrays.clone(iv); - } - - protected byte[] engineGetEncoded( - String format) - throws IOException - { - if (isASN1FormatString(format)) - { - if (parameterVersion == -1) - { - return new RC2CBCParameter(engineGetEncoded()).getEncoded(); - } - else - { - return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); - } - } - - if (format.equals("RAW")) - { - return engineGetEncoded(); - } - - return null; - } - - protected AlgorithmParameterSpec localEngineGetParameterSpec( - Class paramSpec) - throws InvalidParameterSpecException - { - if (paramSpec == RC2ParameterSpec.class) - { - if (parameterVersion != -1) - { - if (parameterVersion < 256) - { - return new RC2ParameterSpec(ekb[parameterVersion], iv); - } - else - { - return new RC2ParameterSpec(parameterVersion, iv); - } - } - } - - if (paramSpec == IvParameterSpec.class) - { - return new IvParameterSpec(iv); - } - - throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); - } - - protected void engineInit( - AlgorithmParameterSpec paramSpec) - throws InvalidParameterSpecException - { - if (paramSpec instanceof IvParameterSpec) - { - this.iv = ((IvParameterSpec)paramSpec).getIV(); - } - else if (paramSpec instanceof RC2ParameterSpec) - { - int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); - if (effKeyBits != -1) - { - if (effKeyBits < 256) - { - parameterVersion = table[effKeyBits]; - } - else - { - parameterVersion = effKeyBits; - } - } - - this.iv = ((RC2ParameterSpec)paramSpec).getIV(); - } - else - { - throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); - } - } - - protected void engineInit( - byte[] params) - throws IOException - { - this.iv = Arrays.clone(params); - } - - protected void engineInit( - byte[] params, - String format) - throws IOException - { - if (isASN1FormatString(format)) - { - RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Object.fromByteArray(params)); - - if (p.getRC2ParameterVersion() != null) - { - parameterVersion = p.getRC2ParameterVersion().intValue(); - } - - iv = p.getIV(); - - return; - } - - if (format.equals("RAW")) - { - engineInit(params); - return; - } - - throw new IOException("Unknown parameters format in IV parameters object"); - } - - protected String engineToString() - { - return "RC2 Parameters"; - } - } - + + // BEGIN android-removed + // public static class RC2AlgorithmParameters + // extends JDKAlgorithmParameters + // { + // private static final short[] table = { + // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, + // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, + // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, + // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, + // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, + // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, + // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, + // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, + // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, + // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, + // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, + // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, + // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, + // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, + // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, + // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab + // }; + // + // private static final short[] ekb = { + // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, + // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, + // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, + // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, + // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, + // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, + // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, + // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, + // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, + // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, + // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, + // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, + // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, + // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, + // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, + // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd + // }; + // + // private byte[] iv; + // private int parameterVersion = 58; + // + // protected byte[] engineGetEncoded() + // { + // return Arrays.clone(iv); + // } + // + // protected byte[] engineGetEncoded( + // String format) + // throws IOException + // { + // if (isASN1FormatString(format)) + // { + // if (parameterVersion == -1) + // { + // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); + // } + // else + // { + // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); + // } + // } + // + // if (format.equals("RAW")) + // { + // return engineGetEncoded(); + // } + // + // return null; + // } + // + // protected AlgorithmParameterSpec localEngineGetParameterSpec( + // Class paramSpec) + // throws InvalidParameterSpecException + // { + // if (paramSpec == RC2ParameterSpec.class) + // { + // if (parameterVersion != -1) + // { + // if (parameterVersion < 256) + // { + // return new RC2ParameterSpec(ekb[parameterVersion], iv); + // } + // else + // { + // return new RC2ParameterSpec(parameterVersion, iv); + // } + // } + // } + // + // if (paramSpec == IvParameterSpec.class) + // { + // return new IvParameterSpec(iv); + // } + // + // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); + // } + // + // protected void engineInit( + // AlgorithmParameterSpec paramSpec) + // throws InvalidParameterSpecException + // { + // if (paramSpec instanceof IvParameterSpec) + // { + // this.iv = ((IvParameterSpec)paramSpec).getIV(); + // } + // else if (paramSpec instanceof RC2ParameterSpec) + // { + // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); + // if (effKeyBits != -1) + // { + // if (effKeyBits < 256) + // { + // parameterVersion = table[effKeyBits]; + // } + // else + // { + // parameterVersion = effKeyBits; + // } + // } + // + // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); + // } + // else + // { + // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); + // } + // } + // + // protected void engineInit( + // byte[] params) + // throws IOException + // { + // this.iv = Arrays.clone(params); + // } + // + // protected void engineInit( + // byte[] params, + // String format) + // throws IOException + // { + // if (isASN1FormatString(format)) + // { + // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Object.fromByteArray(params)); + // + // if (p.getRC2ParameterVersion() != null) + // { + // parameterVersion = p.getRC2ParameterVersion().intValue(); + // } + // + // iv = p.getIV(); + // + // return; + // } + // + // if (format.equals("RAW")) + // { + // engineInit(params); + // return; + // } + // + // throw new IOException("Unknown parameters format in IV parameters object"); + // } + // + // protected String engineToString() + // { + // return "RC2 Parameters"; + // } + // } + // END android-removed + public static class PBKDF2 extends JDKAlgorithmParameters { @@ -429,7 +439,7 @@ extends JDKAlgorithmParameters { PKCS12PBEParams params; - + protected byte[] engineGetEncoded() { try @@ -441,7 +451,7 @@ throw new RuntimeException("Oooops! " + e.toString()); } } - + protected byte[] engineGetEncoded( String format) { @@ -449,10 +459,10 @@ { return engineGetEncoded(); } - + return null; } - + protected AlgorithmParameterSpec localEngineGetParameterSpec( Class paramSpec) throws InvalidParameterSpecException @@ -462,10 +472,10 @@ return new PBEParameterSpec(params.getIV(), params.getIterations().intValue()); } - + throw new InvalidParameterSpecException("unknown parameter spec passed to PKCS12 PBE parameters object."); } - + protected void engineInit( AlgorithmParameterSpec paramSpec) throws InvalidParameterSpecException @@ -474,20 +484,20 @@ { throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PKCS12 PBE parameters algorithm parameters object"); } - + PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec; - + this.params = new PKCS12PBEParams(pbeSpec.getSalt(), pbeSpec.getIterationCount()); } - + protected void engineInit( byte[] params) throws IOException { this.params = PKCS12PBEParams.getInstance(ASN1Object.fromByteArray(params)); } - + protected void engineInit( byte[] params, String format) @@ -498,10 +508,10 @@ engineInit(params); return; } - + throw new IOException("Unknown parameters format in PKCS12 PBE parameters object"); } - + protected String engineToString() { return "PKCS12 PBE Parameters"; @@ -725,334 +735,336 @@ } } - public static class GOST3410 - extends JDKAlgorithmParameters - { - GOST3410ParameterSpec currentSpec; - - /** - * Return the X.509 ASN.1 structure GOST3410Parameter. - *

- * 

-         *  GOST3410Parameter ::= SEQUENCE {
-         *                   prime INTEGER, -- p
-         *                   subprime INTEGER, -- q
-         *                   base INTEGER, -- a}
-         *
- */ - protected byte[] engineGetEncoded() - { - GOST3410PublicKeyAlgParameters gost3410P = new GOST3410PublicKeyAlgParameters(new DERObjectIdentifier(currentSpec.getPublicKeyParamSetOID()), new DERObjectIdentifier(currentSpec.getDigestParamSetOID()), new DERObjectIdentifier(currentSpec.getEncryptionParamSetOID())); - - try - { - return gost3410P.getEncoded(ASN1Encodable.DER); - } - catch (IOException e) - { - throw new RuntimeException("Error encoding GOST3410Parameters"); - } - } - - protected byte[] engineGetEncoded( - String format) - { - if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) - { - return engineGetEncoded(); - } - - return null; - } - - protected AlgorithmParameterSpec localEngineGetParameterSpec( - Class paramSpec) - throws InvalidParameterSpecException - { - if (paramSpec == GOST3410PublicKeyParameterSetSpec.class) - { - return currentSpec; - } - - throw new InvalidParameterSpecException("unknown parameter spec passed to GOST3410 parameters object."); - } - - protected void engineInit( - AlgorithmParameterSpec paramSpec) - throws InvalidParameterSpecException - { - if (!(paramSpec instanceof GOST3410ParameterSpec)) - { - throw new InvalidParameterSpecException("GOST3410ParameterSpec required to initialise a GOST3410 algorithm parameters object"); - } - - this.currentSpec = (GOST3410ParameterSpec)paramSpec; - } - - protected void engineInit( - byte[] params) - throws IOException - { - try - { - ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(params); - - this.currentSpec = GOST3410ParameterSpec.fromPublicKeyAlg( - new GOST3410PublicKeyAlgParameters(seq)); - } - catch (ClassCastException e) - { - throw new IOException("Not a valid GOST3410 Parameter encoding."); - } - catch (ArrayIndexOutOfBoundsException e) - { - throw new IOException("Not a valid GOST3410 Parameter encoding."); - } - } - - protected void engineInit( - byte[] params, - String format) - throws IOException - { - if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) - { - engineInit(params); - } - else - { - throw new IOException("Unknown parameter format " + format); - } - } - - protected String engineToString() - { - return "GOST3410 Parameters"; - } - } - - public static class ElGamal - extends JDKAlgorithmParameters - { - ElGamalParameterSpec currentSpec; - - /** - * Return the X.509 ASN.1 structure ElGamalParameter. - *

- * 

-         *  ElGamalParameter ::= SEQUENCE {
-         *                   prime INTEGER, -- p
-         *                   base INTEGER, -- g}
-         *
- */ - protected byte[] engineGetEncoded() - { - ElGamalParameter elP = new ElGamalParameter(currentSpec.getP(), currentSpec.getG()); - - try - { - return elP.getEncoded(ASN1Encodable.DER); - } - catch (IOException e) - { - throw new RuntimeException("Error encoding ElGamalParameters"); - } - } - - protected byte[] engineGetEncoded( - String format) - { - if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) - { - return engineGetEncoded(); - } - - return null; - } - - protected AlgorithmParameterSpec localEngineGetParameterSpec( - Class paramSpec) - throws InvalidParameterSpecException - { - if (paramSpec == ElGamalParameterSpec.class) - { - return currentSpec; - } - else if (paramSpec == DHParameterSpec.class) - { - return new DHParameterSpec(currentSpec.getP(), currentSpec.getG()); - } - - throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); - } - - protected void engineInit( - AlgorithmParameterSpec paramSpec) - throws InvalidParameterSpecException - { - if (!(paramSpec instanceof ElGamalParameterSpec) && !(paramSpec instanceof DHParameterSpec)) - { - throw new InvalidParameterSpecException("DHParameterSpec required to initialise a ElGamal algorithm parameters object"); - } - - if (paramSpec instanceof ElGamalParameterSpec) - { - this.currentSpec = (ElGamalParameterSpec)paramSpec; - } - else - { - DHParameterSpec s = (DHParameterSpec)paramSpec; - - this.currentSpec = new ElGamalParameterSpec(s.getP(), s.getG()); - } - } - - protected void engineInit( - byte[] params) - throws IOException - { - try - { - ElGamalParameter elP = new ElGamalParameter((ASN1Sequence)ASN1Object.fromByteArray(params)); - - currentSpec = new ElGamalParameterSpec(elP.getP(), elP.getG()); - } - catch (ClassCastException e) - { - throw new IOException("Not a valid ElGamal Parameter encoding."); - } - catch (ArrayIndexOutOfBoundsException e) - { - throw new IOException("Not a valid ElGamal Parameter encoding."); - } - } - - protected void engineInit( - byte[] params, - String format) - throws IOException - { - if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) - { - engineInit(params); - } - else - { - throw new IOException("Unknown parameter format " + format); - } - } - - protected String engineToString() - { - return "ElGamal Parameters"; - } - } - - public static class IES - extends JDKAlgorithmParameters - { - IESParameterSpec currentSpec; - - /** - * in the absence of a standard way of doing it this will do for - * now... - */ - protected byte[] engineGetEncoded() - { - try - { - ASN1EncodableVector v = new ASN1EncodableVector(); - - v.add(new DEROctetString(currentSpec.getDerivationV())); - v.add(new DEROctetString(currentSpec.getEncodingV())); - v.add(new DERInteger(currentSpec.getMacKeySize())); - - return new DERSequence(v).getEncoded(ASN1Encodable.DER); - } - catch (IOException e) - { - throw new RuntimeException("Error encoding IESParameters"); - } - } - - protected byte[] engineGetEncoded( - String format) - { - if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) - { - return engineGetEncoded(); - } - - return null; - } - - protected AlgorithmParameterSpec localEngineGetParameterSpec( - Class paramSpec) - throws InvalidParameterSpecException - { - if (paramSpec == IESParameterSpec.class) - { - return currentSpec; - } - - throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); - } - - protected void engineInit( - AlgorithmParameterSpec paramSpec) - throws InvalidParameterSpecException - { - if (!(paramSpec instanceof IESParameterSpec)) - { - throw new InvalidParameterSpecException("IESParameterSpec required to initialise a IES algorithm parameters object"); - } - - this.currentSpec = (IESParameterSpec)paramSpec; - } - - protected void engineInit( - byte[] params) - throws IOException - { - try - { - ASN1Sequence s = (ASN1Sequence)ASN1Object.fromByteArray(params); - - this.currentSpec = new IESParameterSpec( - ((ASN1OctetString)s.getObjectAt(0)).getOctets(), - ((ASN1OctetString)s.getObjectAt(0)).getOctets(), - ((DERInteger)s.getObjectAt(0)).getValue().intValue()); - } - catch (ClassCastException e) - { - throw new IOException("Not a valid IES Parameter encoding."); - } - catch (ArrayIndexOutOfBoundsException e) - { - throw new IOException("Not a valid IES Parameter encoding."); - } - } - - protected void engineInit( - byte[] params, - String format) - throws IOException - { - if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) - { - engineInit(params); - } - else - { - throw new IOException("Unknown parameter format " + format); - } - } - - protected String engineToString() - { - return "IES Parameters"; - } - } + // BEGIN android-removed + // public static class GOST3410 + // extends JDKAlgorithmParameters + // { + // GOST3410ParameterSpec currentSpec; + // + // /** + // * Return the X.509 ASN.1 structure GOST3410Parameter. + // *

+ // * 

+    //      *  GOST3410Parameter ::= SEQUENCE {
+    //      *                   prime INTEGER, -- p
+    //      *                   subprime INTEGER, -- q
+    //      *                   base INTEGER, -- a}
+    //      *
+ // */ + // protected byte[] engineGetEncoded() + // { + // GOST3410PublicKeyAlgParameters gost3410P = new GOST3410PublicKeyAlgParameters(new DERObjectIdentifier(currentSpec.getPublicKeyParamSetOID()), new DERObjectIdentifier(currentSpec.getDigestParamSetOID()), new DERObjectIdentifier(currentSpec.getEncryptionParamSetOID())); + // + // try + // { + // return gost3410P.getEncoded(ASN1Encodable.DER); + // } + // catch (IOException e) + // { + // throw new RuntimeException("Error encoding GOST3410Parameters"); + // } + // } + // + // protected byte[] engineGetEncoded( + // String format) + // { + // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + // { + // return engineGetEncoded(); + // } + // + // return null; + // } + // + // protected AlgorithmParameterSpec localEngineGetParameterSpec( + // Class paramSpec) + // throws InvalidParameterSpecException + // { + // if (paramSpec == GOST3410PublicKeyParameterSetSpec.class) + // { + // return currentSpec; + // } + // + // throw new InvalidParameterSpecException("unknown parameter spec passed to GOST3410 parameters object."); + // } + // + // protected void engineInit( + // AlgorithmParameterSpec paramSpec) + // throws InvalidParameterSpecException + // { + // if (!(paramSpec instanceof GOST3410ParameterSpec)) + // { + // throw new InvalidParameterSpecException("GOST3410ParameterSpec required to initialise a GOST3410 algorithm parameters object"); + // } + // + // this.currentSpec = (GOST3410ParameterSpec)paramSpec; + // } + // + // protected void engineInit( + // byte[] params) + // throws IOException + // { + // try + // { + // ASN1Sequence seq = (ASN1Sequence) ASN1Object.fromByteArray(params); + // + // this.currentSpec = GOST3410ParameterSpec.fromPublicKeyAlg( + // new GOST3410PublicKeyAlgParameters(seq)); + // } + // catch (ClassCastException e) + // { + // throw new IOException("Not a valid GOST3410 Parameter encoding."); + // } + // catch (ArrayIndexOutOfBoundsException e) + // { + // throw new IOException("Not a valid GOST3410 Parameter encoding."); + // } + // } + // + // protected void engineInit( + // byte[] params, + // String format) + // throws IOException + // { + // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + // { + // engineInit(params); + // } + // else + // { + // throw new IOException("Unknown parameter format " + format); + // } + // } + // + // protected String engineToString() + // { + // return "GOST3410 Parameters"; + // } + // } + + // public static class ElGamal + // extends JDKAlgorithmParameters + // { + // ElGamalParameterSpec currentSpec; + // + // /** + // * Return the X.509 ASN.1 structure ElGamalParameter. + // *

+ // * 

+    //      *  ElGamalParameter ::= SEQUENCE {
+    //      *                   prime INTEGER, -- p
+    //      *                   base INTEGER, -- g}
+    //      *
+ // */ + // protected byte[] engineGetEncoded() + // { + // ElGamalParameter elP = new ElGamalParameter(currentSpec.getP(), currentSpec.getG()); + // + // try + // { + // return elP.getEncoded(ASN1Encodable.DER); + // } + // catch (IOException e) + // { + // throw new RuntimeException("Error encoding ElGamalParameters"); + // } + // } + // + // protected byte[] engineGetEncoded( + // String format) + // { + // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + // { + // return engineGetEncoded(); + // } + // + // return null; + // } + // + // protected AlgorithmParameterSpec localEngineGetParameterSpec( + // Class paramSpec) + // throws InvalidParameterSpecException + // { + // if (paramSpec == ElGamalParameterSpec.class) + // { + // return currentSpec; + // } + // else if (paramSpec == DHParameterSpec.class) + // { + // return new DHParameterSpec(currentSpec.getP(), currentSpec.getG()); + // } + // + // throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); + // } + // + // protected void engineInit( + // AlgorithmParameterSpec paramSpec) + // throws InvalidParameterSpecException + // { + // if (!(paramSpec instanceof ElGamalParameterSpec) && !(paramSpec instanceof DHParameterSpec)) + // { + // throw new InvalidParameterSpecException("DHParameterSpec required to initialise a ElGamal algorithm parameters object"); + // } + // + // if (paramSpec instanceof ElGamalParameterSpec) + // { + // this.currentSpec = (ElGamalParameterSpec)paramSpec; + // } + // else + // { + // DHParameterSpec s = (DHParameterSpec)paramSpec; + // + // this.currentSpec = new ElGamalParameterSpec(s.getP(), s.getG()); + // } + // } + // + // protected void engineInit( + // byte[] params) + // throws IOException + // { + // try + // { + // ElGamalParameter elP = new ElGamalParameter((ASN1Sequence)ASN1Object.fromByteArray(params)); + // + // currentSpec = new ElGamalParameterSpec(elP.getP(), elP.getG()); + // } + // catch (ClassCastException e) + // { + // throw new IOException("Not a valid ElGamal Parameter encoding."); + // } + // catch (ArrayIndexOutOfBoundsException e) + // { + // throw new IOException("Not a valid ElGamal Parameter encoding."); + // } + // } + // + // protected void engineInit( + // byte[] params, + // String format) + // throws IOException + // { + // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + // { + // engineInit(params); + // } + // else + // { + // throw new IOException("Unknown parameter format " + format); + // } + // } + // + // protected String engineToString() + // { + // return "ElGamal Parameters"; + // } + // } + // + // public static class IES + // extends JDKAlgorithmParameters + // { + // IESParameterSpec currentSpec; + // + // /** + // * in the absence of a standard way of doing it this will do for + // * now... + // */ + // protected byte[] engineGetEncoded() + // { + // try + // { + // ASN1EncodableVector v = new ASN1EncodableVector(); + // + // v.add(new DEROctetString(currentSpec.getDerivationV())); + // v.add(new DEROctetString(currentSpec.getEncodingV())); + // v.add(new DERInteger(currentSpec.getMacKeySize())); + // + // return new DERSequence(v).getEncoded(ASN1Encodable.DER); + // } + // catch (IOException e) + // { + // throw new RuntimeException("Error encoding IESParameters"); + // } + // } + // + // protected byte[] engineGetEncoded( + // String format) + // { + // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + // { + // return engineGetEncoded(); + // } + // + // return null; + // } + // + // protected AlgorithmParameterSpec localEngineGetParameterSpec( + // Class paramSpec) + // throws InvalidParameterSpecException + // { + // if (paramSpec == IESParameterSpec.class) + // { + // return currentSpec; + // } + // + // throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); + // } + // + // protected void engineInit( + // AlgorithmParameterSpec paramSpec) + // throws InvalidParameterSpecException + // { + // if (!(paramSpec instanceof IESParameterSpec)) + // { + // throw new InvalidParameterSpecException("IESParameterSpec required to initialise a IES algorithm parameters object"); + // } + // + // this.currentSpec = (IESParameterSpec)paramSpec; + // } + // + // protected void engineInit( + // byte[] params) + // throws IOException + // { + // try + // { + // ASN1Sequence s = (ASN1Sequence)ASN1Object.fromByteArray(params); + // + // this.currentSpec = new IESParameterSpec( + // ((ASN1OctetString)s.getObjectAt(0)).getOctets(), + // ((ASN1OctetString)s.getObjectAt(0)).getOctets(), + // ((DERInteger)s.getObjectAt(0)).getValue().intValue()); + // } + // catch (ClassCastException e) + // { + // throw new IOException("Not a valid IES Parameter encoding."); + // } + // catch (ArrayIndexOutOfBoundsException e) + // { + // throw new IOException("Not a valid IES Parameter encoding."); + // } + // } + // + // protected void engineInit( + // byte[] params, + // String format) + // throws IOException + // { + // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + // { + // engineInit(params); + // } + // else + // { + // throw new IOException("Unknown parameter format " + format); + // } + // } + // + // protected String engineToString() + // { + // return "IES Parameters"; + // } + // } + // END android-removed public static class OAEP extends JDKAlgorithmParameters @@ -1066,11 +1078,15 @@ { AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( JCEDigestUtil.getOID(currentSpec.getDigestAlgorithm()), - new DERNull()); + // BEGIN android-changed + DERNull.INSTANCE); + // END android-changed MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)currentSpec.getMGFParameters(); AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( PKCSObjectIdentifiers.id_mgf1, - new AlgorithmIdentifier(JCEDigestUtil.getOID(mgfSpec.getDigestAlgorithm()), new DERNull())); + // BEGIN android-changed + new AlgorithmIdentifier(JCEDigestUtil.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE)); + // END android-changed PSource.PSpecified pSource = (PSource.PSpecified)currentSpec.getPSource(); AlgorithmIdentifier pSourceAlgorithm = new AlgorithmIdentifier( PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(pSource.getValue())); @@ -1167,110 +1183,116 @@ } } - public static class PSS - extends JDKAlgorithmParameters - { - PSSParameterSpec currentSpec; - - /** - * Return the PKCS#1 ASN.1 structure RSASSA-PSS-params. - */ - protected byte[] engineGetEncoded() - throws IOException - { - PSSParameterSpec pssSpec = currentSpec; - AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( - JCEDigestUtil.getOID(pssSpec.getDigestAlgorithm()), - new DERNull()); - MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)pssSpec.getMGFParameters(); - AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( - PKCSObjectIdentifiers.id_mgf1, - new AlgorithmIdentifier(JCEDigestUtil.getOID(mgfSpec.getDigestAlgorithm()), new DERNull())); - RSASSAPSSparams pssP = new RSASSAPSSparams(hashAlgorithm, maskGenAlgorithm, new DERInteger(pssSpec.getSaltLength()), new DERInteger(pssSpec.getTrailerField())); - - return pssP.getEncoded("DER"); - } - - protected byte[] engineGetEncoded( - String format) - throws IOException - { - if (format.equalsIgnoreCase("X.509") - || format.equalsIgnoreCase("ASN.1")) - { - return engineGetEncoded(); - } - - return null; - } - - protected AlgorithmParameterSpec localEngineGetParameterSpec( - Class paramSpec) - throws InvalidParameterSpecException - { - if (paramSpec == PSSParameterSpec.class && currentSpec != null) - { - return currentSpec; - } - - throw new InvalidParameterSpecException("unknown parameter spec passed to PSS parameters object."); - } - - protected void engineInit( - AlgorithmParameterSpec paramSpec) - throws InvalidParameterSpecException - { - if (!(paramSpec instanceof PSSParameterSpec)) - { - throw new InvalidParameterSpecException("PSSParameterSpec required to initialise an PSS algorithm parameters object"); - } - - this.currentSpec = (PSSParameterSpec)paramSpec; - } - - protected void engineInit( - byte[] params) - throws IOException - { - try - { - RSASSAPSSparams pssP = new RSASSAPSSparams((ASN1Sequence)ASN1Object.fromByteArray(params)); - - currentSpec = new PSSParameterSpec( - pssP.getHashAlgorithm().getObjectId().getId(), - pssP.getMaskGenAlgorithm().getObjectId().getId(), - new MGF1ParameterSpec(AlgorithmIdentifier.getInstance(pssP.getMaskGenAlgorithm().getParameters()).getObjectId().getId()), - pssP.getSaltLength().getValue().intValue(), - pssP.getTrailerField().getValue().intValue()); - } - catch (ClassCastException e) - { - throw new IOException("Not a valid PSS Parameter encoding."); - } - catch (ArrayIndexOutOfBoundsException e) - { - throw new IOException("Not a valid PSS Parameter encoding."); - } - } - - protected void engineInit( - byte[] params, - String format) - throws IOException - { - if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) - { - engineInit(params); - } - else - { - throw new IOException("Unknown parameter format " + format); - } - } - - protected String engineToString() - { - return "PSS Parameters"; - } - } + // BEGIN android-removed + // public static class PSS + // extends JDKAlgorithmParameters + // { + // PSSParameterSpec currentSpec; + // + // /** + // * Return the PKCS#1 ASN.1 structure RSASSA-PSS-params. + // */ + // protected byte[] engineGetEncoded() + // throws IOException + // { + // PSSParameterSpec pssSpec = currentSpec; + // AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( + // JCEDigestUtil.getOID(pssSpec.getDigestAlgorithm()), + // // BEGIN android-changed + // DERNull.INSTANCE); + // // END android-changed + // MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)pssSpec.getMGFParameters(); + // AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( + // PKCSObjectIdentifiers.id_mgf1, + // // BEGIN android-changed + // new AlgorithmIdentifier(JCEDigestUtil.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE)); + // // END android-changed + // RSASSAPSSparams pssP = new RSASSAPSSparams(hashAlgorithm, maskGenAlgorithm, new DERInteger(pssSpec.getSaltLength()), new DERInteger(pssSpec.getTrailerField())); + // + // return pssP.getEncoded("DER"); + // } + // + // protected byte[] engineGetEncoded( + // String format) + // throws IOException + // { + // if (format.equalsIgnoreCase("X.509") + // || format.equalsIgnoreCase("ASN.1")) + // { + // return engineGetEncoded(); + // } + // + // return null; + // } + // + // protected AlgorithmParameterSpec localEngineGetParameterSpec( + // Class paramSpec) + // throws InvalidParameterSpecException + // { + // if (paramSpec == PSSParameterSpec.class && currentSpec != null) + // { + // return currentSpec; + // } + // + // throw new InvalidParameterSpecException("unknown parameter spec passed to PSS parameters object."); + // } + // + // protected void engineInit( + // AlgorithmParameterSpec paramSpec) + // throws InvalidParameterSpecException + // { + // if (!(paramSpec instanceof PSSParameterSpec)) + // { + // throw new InvalidParameterSpecException("PSSParameterSpec required to initialise an PSS algorithm parameters object"); + // } + // + // this.currentSpec = (PSSParameterSpec)paramSpec; + // } + // + // protected void engineInit( + // byte[] params) + // throws IOException + // { + // try + // { + // RSASSAPSSparams pssP = new RSASSAPSSparams((ASN1Sequence)ASN1Object.fromByteArray(params)); + // + // currentSpec = new PSSParameterSpec( + // pssP.getHashAlgorithm().getObjectId().getId(), + // pssP.getMaskGenAlgorithm().getObjectId().getId(), + // new MGF1ParameterSpec(AlgorithmIdentifier.getInstance(pssP.getMaskGenAlgorithm().getParameters()).getObjectId().getId()), + // pssP.getSaltLength().getValue().intValue(), + // pssP.getTrailerField().getValue().intValue()); + // } + // catch (ClassCastException e) + // { + // throw new IOException("Not a valid PSS Parameter encoding."); + // } + // catch (ArrayIndexOutOfBoundsException e) + // { + // throw new IOException("Not a valid PSS Parameter encoding."); + // } + // } + // + // protected void engineInit( + // byte[] params, + // String format) + // throws IOException + // { + // if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + // { + // engineInit(params); + // } + // else + // { + // throw new IOException("Unknown parameter format " + format); + // } + // } + // + // protected String engineToString() + // { + // return "PSS Parameters"; + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDSASigner.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDSASigner.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDSASigner.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDSASigner.java 2011-09-08 21:28:49.000000000 +0000 @@ -23,13 +23,17 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.crypto.digests.SHA224Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.SHA224Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA256Digest; import org.bouncycastle.crypto.digests.SHA384Digest; import org.bouncycastle.crypto.digests.SHA512Digest; import org.bouncycastle.crypto.params.ParametersWithRandom; import org.bouncycastle.crypto.signers.DSASigner; -import org.bouncycastle.jce.interfaces.GOST3410Key; +// BEGIN android-removed +// import org.bouncycastle.jce.interfaces.GOST3410Key; +// END android-removed public class JDKDSASigner extends SignatureSpi @@ -53,11 +57,16 @@ { CipherParameters param; - if (publicKey instanceof GOST3410Key) - { - param = GOST3410Util.generatePublicKeyParameter(publicKey); - } - else if (publicKey instanceof DSAKey) + // BEGIN android-removed + // if (publicKey instanceof GOST3410Key) + // { + // param = GOST3410Util.generatePublicKeyParameter(publicKey); + // } + // else if (publicKey instanceof DSAKey) + // END android-removed + // BEGIN android-added + if (publicKey instanceof DSAKey) + // END android-added { param = DSAUtil.generatePublicKeyParameter(publicKey); } @@ -103,14 +112,18 @@ { CipherParameters param; - if (privateKey instanceof GOST3410Key) - { - param = GOST3410Util.generatePrivateKeyParameter(privateKey); - } - else - { + // BEGIN android-removed + // if (privateKey instanceof GOST3410Key) + // { + // param = GOST3410Util.generatePrivateKeyParameter(privateKey); + // } + // else + // { + // END android-removed param = DSAUtil.generatePrivateKeyParameter(privateKey); - } + // BEGIN android-removed + // } + // END android-removed if (random != null) { @@ -231,42 +244,44 @@ super(new SHA1Digest(), new DSASigner()); } } - - static public class dsa224 - extends JDKDSASigner - { - public dsa224() - { - super(new SHA224Digest(), new DSASigner()); - } - } - - static public class dsa256 - extends JDKDSASigner - { - public dsa256() - { - super(new SHA256Digest(), new DSASigner()); - } - } - static public class dsa384 - extends JDKDSASigner - { - public dsa384() - { - super(new SHA384Digest(), new DSASigner()); - } - } - - static public class dsa512 - extends JDKDSASigner - { - public dsa512() - { - super(new SHA512Digest(), new DSASigner()); - } - } + // BEGIN android-removed + // static public class dsa224 + // extends JDKDSASigner + // { + // public dsa224() + // { + // super(new SHA224Digest(), new DSASigner()); + // } + // } + // + // static public class dsa256 + // extends JDKDSASigner + // { + // public dsa256() + // { + // super(new SHA256Digest(), new DSASigner()); + // } + // } + // + // static public class dsa384 + // extends JDKDSASigner + // { + // public dsa384() + // { + // super(new SHA384Digest(), new DSASigner()); + // } + // } + // + // static public class dsa512 + // extends JDKDSASigner + // { + // public dsa512() + // { + // super(new SHA512Digest(), new DSASigner()); + // } + // } + // END android-removed static public class noneDSA extends JDKDSASigner diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDigestSignature.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDigestSignature.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDigestSignature.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDigestSignature.java 2011-09-08 21:28:49.000000000 +0000 @@ -23,15 +23,21 @@ import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; -import org.bouncycastle.crypto.digests.MD2Digest; -import org.bouncycastle.crypto.digests.MD4Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.MD2Digest; +// import org.bouncycastle.crypto.digests.MD4Digest; +// END android-removed import org.bouncycastle.crypto.digests.MD5Digest; import org.bouncycastle.crypto.digests.NullDigest; -import org.bouncycastle.crypto.digests.RIPEMD128Digest; -import org.bouncycastle.crypto.digests.RIPEMD160Digest; -import org.bouncycastle.crypto.digests.RIPEMD256Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.RIPEMD128Digest; +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// import org.bouncycastle.crypto.digests.RIPEMD256Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.crypto.digests.SHA224Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.SHA224Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA256Digest; import org.bouncycastle.crypto.digests.SHA384Digest; import org.bouncycastle.crypto.digests.SHA512Digest; @@ -265,14 +271,16 @@ } } - static public class SHA224WithRSAEncryption - extends JDKDigestSignature - { - public SHA224WithRSAEncryption() - { - super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); - } - } + // BEGIN android-removed + // static public class SHA224WithRSAEncryption + // extends JDKDigestSignature + // { + // public SHA224WithRSAEncryption() + // { + // super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // END android-removed static public class SHA256WithRSAEncryption extends JDKDigestSignature @@ -301,23 +309,25 @@ } } - static public class MD2WithRSAEncryption - extends JDKDigestSignature - { - public MD2WithRSAEncryption() - { - super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); - } - } - - static public class MD4WithRSAEncryption - extends JDKDigestSignature - { - public MD4WithRSAEncryption() - { - super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); - } - } + // BEGIN android-removed + // static public class MD2WithRSAEncryption + // extends JDKDigestSignature + // { + // public MD2WithRSAEncryption() + // { + // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // + // static public class MD4WithRSAEncryption + // extends JDKDigestSignature + // { + // public MD4WithRSAEncryption() + // { + // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // END android-removed static public class MD5WithRSAEncryption extends JDKDigestSignature @@ -328,39 +338,41 @@ } } - static public class RIPEMD160WithRSAEncryption - extends JDKDigestSignature - { - public RIPEMD160WithRSAEncryption() - { - super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); - } - } - - static public class RIPEMD128WithRSAEncryption - extends JDKDigestSignature - { - public RIPEMD128WithRSAEncryption() - { - super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); - } - } - - static public class RIPEMD256WithRSAEncryption - extends JDKDigestSignature - { - public RIPEMD256WithRSAEncryption() - { - super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); - } - } - - static public class noneRSA - extends JDKDigestSignature - { - public noneRSA() - { - super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); - } - } + // BEGIN android-removed + // static public class RIPEMD160WithRSAEncryption + // extends JDKDigestSignature + // { + // public RIPEMD160WithRSAEncryption() + // { + // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // + // static public class RIPEMD128WithRSAEncryption + // extends JDKDigestSignature + // { + // public RIPEMD128WithRSAEncryption() + // { + // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // + // static public class RIPEMD256WithRSAEncryption + // extends JDKDigestSignature + // { + // public RIPEMD256WithRSAEncryption() + // { + // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // + // static public class noneRSA + // extends JDKDigestSignature + // { + // public noneRSA() + // { + // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyFactory.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyFactory.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyFactory.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyFactory.java 2011-09-08 21:28:49.000000000 +0000 @@ -36,17 +36,21 @@ import org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; -import org.bouncycastle.jce.interfaces.ElGamalPrivateKey; -import org.bouncycastle.jce.interfaces.ElGamalPublicKey; -import org.bouncycastle.jce.spec.ElGamalPrivateKeySpec; -import org.bouncycastle.jce.spec.ElGamalPublicKeySpec; -import org.bouncycastle.jce.spec.GOST3410PrivateKeySpec; -import org.bouncycastle.jce.spec.GOST3410PublicKeySpec; +// BEGIN android-removed +// import org.bouncycastle.jce.interfaces.ElGamalPrivateKey; +// import org.bouncycastle.jce.interfaces.ElGamalPublicKey; +// import org.bouncycastle.jce.spec.ElGamalPrivateKeySpec; +// import org.bouncycastle.jce.spec.ElGamalPublicKeySpec; +// import org.bouncycastle.jce.spec.GOST3410PrivateKeySpec; +// import org.bouncycastle.jce.spec.GOST3410PublicKeySpec; +// END android-removed public abstract class JDKKeyFactory extends KeyFactorySpi { - protected boolean elGamalFactory = false; + // BEGIN android-removed + // protected boolean elGamalFactory = false; + // END android-removed public JDKKeyFactory() { @@ -140,6 +144,20 @@ return new DHPublicKeySpec(k.getY(), k.getParams().getP(), k.getParams().getG()); } + // BEGIN android-added + else if (spec.isAssignableFrom(DSAPublicKeySpec.class) && key instanceof DSAPublicKey) + { + DSAPublicKey k = (DSAPublicKey)key; + + return new DSAPublicKeySpec(k.getY(), k.getParams().getP(), k.getParams().getQ(), k.getParams().getG()); + } + else if (spec.isAssignableFrom(DSAPrivateKeySpec.class) && key instanceof DSAPrivateKey) + { + DSAPrivateKey k = (DSAPrivateKey)key; + + return new DSAPrivateKeySpec(k.getX(), k.getParams().getP(), k.getParams().getQ(), k.getParams().getG()); + } + // END android-added throw new RuntimeException("not implemented yet " + key + " " + spec); } @@ -162,25 +180,33 @@ } else if (key instanceof DHPublicKey) { - if (elGamalFactory) - { - return new JCEElGamalPublicKey((DHPublicKey)key); - } - else - { + // BEGIN android-removed + // if (elGamalFactory) + // { + // return new JCEElGamalPublicKey((DHPublicKey)key); + // } + // else + // { + // END android-removed return new JCEDHPublicKey((DHPublicKey)key); - } + // BEGIN android-removed + // } + // END android-removed } else if (key instanceof DHPrivateKey) { - if (elGamalFactory) - { - return new JCEElGamalPrivateKey((DHPrivateKey)key); - } - else - { + // BEGIN android-removed + // if (elGamalFactory) + // { + // return new JCEElGamalPrivateKey((DHPrivateKey)key); + // } + // else + // { + // END android-removed return new JCEDHPrivateKey((DHPrivateKey)key); - } + // BEGIN android-removed + // } + // END android-removed } else if (key instanceof DSAPublicKey) { @@ -190,14 +216,16 @@ { return new JDKDSAPrivateKey((DSAPrivateKey)key); } - else if (key instanceof ElGamalPublicKey) - { - return new JCEElGamalPublicKey((ElGamalPublicKey)key); - } - else if (key instanceof ElGamalPrivateKey) - { - return new JCEElGamalPrivateKey((ElGamalPrivateKey)key); - } + // BEGIN android-removed + // else if (key instanceof ElGamalPublicKey) + // { + // return new JCEElGamalPublicKey((ElGamalPublicKey)key); + // } + // else if (key instanceof ElGamalPrivateKey) + // { + // return new JCEElGamalPrivateKey((ElGamalPrivateKey)key); + // } + // END android-removed throw new InvalidKeyException("key type unknown"); } @@ -233,10 +261,12 @@ { return new JCEDHPublicKey(info); } - else if (algOid.equals(OIWObjectIdentifiers.elGamalAlgorithm)) - { - return new JCEElGamalPublicKey(info); - } + // BEGIN android-removed + // else if (algOid.equals(OIWObjectIdentifiers.elGamalAlgorithm)) + // { + // return new JCEElGamalPublicKey(info); + // } + // END android-removed else if (algOid.equals(X9ObjectIdentifiers.id_dsa)) { return new JDKDSAPublicKey(info); @@ -249,14 +279,15 @@ { return new JCEECPublicKey(info); } - else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_94)) - { - return new JDKGOST3410PublicKey(info); - } - else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001)) - { - return new JCEECPublicKey(info); - } + // BEGIN android-removed + // else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_94)) + // { + // return new JDKGOST3410PublicKey(info); + // } + // else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001)) + // { + // return new JCEECPublicKey(info); + // } else { throw new RuntimeException("algorithm identifier " + algOid + " in key not recognised"); @@ -294,10 +325,12 @@ { return new JCEDHPrivateKey(info); } - else if (algOid.equals(OIWObjectIdentifiers.elGamalAlgorithm)) - { - return new JCEElGamalPrivateKey(info); - } + // BEGIN android-removed + // else if (algOid.equals(OIWObjectIdentifiers.elGamalAlgorithm)) + // { + // return new JCEElGamalPrivateKey(info); + // } + // END android-removed else if (algOid.equals(X9ObjectIdentifiers.id_dsa)) { return new JDKDSAPrivateKey(info); @@ -306,14 +339,16 @@ { return new JCEECPrivateKey(info); } - else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_94)) - { - return new JDKGOST3410PrivateKey(info); - } - else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001)) - { - return new JCEECPrivateKey(info); - } + // BEGIN android-removed + // else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_94)) + // { + // return new JDKGOST3410PrivateKey(info); + // } + // else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001)) + // { + // return new JCEECPrivateKey(info); + // } + // END android-removed else { throw new RuntimeException("algorithm identifier " + algOid + " in key not recognised"); @@ -444,89 +479,92 @@ } } - public static class GOST3410 - extends JDKKeyFactory - { - public GOST3410() - { - } - - protected PrivateKey engineGeneratePrivate( - KeySpec keySpec) - throws InvalidKeySpecException - { - if (keySpec instanceof GOST3410PrivateKeySpec) - { - return new JDKGOST3410PrivateKey((GOST3410PrivateKeySpec)keySpec); - } - - return super.engineGeneratePrivate(keySpec); - } - - protected PublicKey engineGeneratePublic( - KeySpec keySpec) - throws InvalidKeySpecException - { - if (keySpec instanceof GOST3410PublicKeySpec) - { - return new JDKGOST3410PublicKey((GOST3410PublicKeySpec)keySpec); - } - - return super.engineGeneratePublic(keySpec); - } - } - - public static class ElGamal - extends JDKKeyFactory - { - public ElGamal() - { - elGamalFactory = true; - } - - protected PrivateKey engineGeneratePrivate( - KeySpec keySpec) - throws InvalidKeySpecException - { - if (keySpec instanceof ElGamalPrivateKeySpec) - { - return new JCEElGamalPrivateKey((ElGamalPrivateKeySpec)keySpec); - } - else if (keySpec instanceof DHPrivateKeySpec) - { - return new JCEElGamalPrivateKey((DHPrivateKeySpec)keySpec); - } - - return super.engineGeneratePrivate(keySpec); - } + // BEGIN android-removed + // public static class GOST3410 + // extends JDKKeyFactory + // { + // public GOST3410() + // { + // } + // + // protected PrivateKey engineGeneratePrivate( + // KeySpec keySpec) + // throws InvalidKeySpecException + // { + // if (keySpec instanceof GOST3410PrivateKeySpec) + // { + // return new JDKGOST3410PrivateKey((GOST3410PrivateKeySpec)keySpec); + // } + // + // return super.engineGeneratePrivate(keySpec); + // } + // + // protected PublicKey engineGeneratePublic( + // KeySpec keySpec) + // throws InvalidKeySpecException + // { + // if (keySpec instanceof GOST3410PublicKeySpec) + // { + // return new JDKGOST3410PublicKey((GOST3410PublicKeySpec)keySpec); + // } + // + // return super.engineGeneratePublic(keySpec); + // } + // } - protected PublicKey engineGeneratePublic( - KeySpec keySpec) - throws InvalidKeySpecException - { - if (keySpec instanceof ElGamalPublicKeySpec) - { - return new JCEElGamalPublicKey((ElGamalPublicKeySpec)keySpec); - } - else if (keySpec instanceof DHPublicKeySpec) - { - return new JCEElGamalPublicKey((DHPublicKeySpec)keySpec); - } - - return super.engineGeneratePublic(keySpec); - } - } - - - /** - * This isn't really correct, however the class path project API seems to think such - * a key factory will exist. - */ - public static class X509 - extends JDKKeyFactory - { - public X509() - { - } - } + // public static class ElGamal + // extends JDKKeyFactory + // { + // public ElGamal() + // { + // elGamalFactory = true; + // } + // + // protected PrivateKey engineGeneratePrivate( + // KeySpec keySpec) + // throws InvalidKeySpecException + // { + // if (keySpec instanceof ElGamalPrivateKeySpec) + // { + // return new JCEElGamalPrivateKey((ElGamalPrivateKeySpec)keySpec); + // } + // else if (keySpec instanceof DHPrivateKeySpec) + // { + // return new JCEElGamalPrivateKey((DHPrivateKeySpec)keySpec); + // } + // + // return super.engineGeneratePrivate(keySpec); + // } + // + // protected PublicKey engineGeneratePublic( + // KeySpec keySpec) + // throws InvalidKeySpecException + // { + // if (keySpec instanceof ElGamalPublicKeySpec) + // { + // return new JCEElGamalPublicKey((ElGamalPublicKeySpec)keySpec); + // } + // else if (keySpec instanceof DHPublicKeySpec) + // { + // return new JCEElGamalPublicKey((DHPublicKeySpec)keySpec); + // } + // + // return super.engineGeneratePublic(keySpec); + // } + // } + // + // + // + // /** + // * This isn't really correct, however the class path project API seems to think such + // * a key factory will exist. + // */ + // public static class X509 + // extends JDKKeyFactory + // { + // public X509() + // { + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java 2011-09-08 21:28:49.000000000 +0000 @@ -6,9 +6,11 @@ import org.bouncycastle.crypto.generators.DHParametersGenerator; import org.bouncycastle.crypto.generators.DSAKeyPairGenerator; import org.bouncycastle.crypto.generators.DSAParametersGenerator; -import org.bouncycastle.crypto.generators.ElGamalKeyPairGenerator; -import org.bouncycastle.crypto.generators.ElGamalParametersGenerator; -import org.bouncycastle.crypto.generators.GOST3410KeyPairGenerator; +// BEGIN android-removed +// import org.bouncycastle.crypto.generators.ElGamalKeyPairGenerator; +// import org.bouncycastle.crypto.generators.ElGamalParametersGenerator; +// import org.bouncycastle.crypto.generators.GOST3410KeyPairGenerator; +// END android-removed import org.bouncycastle.crypto.generators.RSAKeyPairGenerator; import org.bouncycastle.crypto.params.DHKeyGenerationParameters; import org.bouncycastle.crypto.params.DHParameters; @@ -18,20 +20,24 @@ import org.bouncycastle.crypto.params.DSAParameters; import org.bouncycastle.crypto.params.DSAPrivateKeyParameters; import org.bouncycastle.crypto.params.DSAPublicKeyParameters; -import org.bouncycastle.crypto.params.ElGamalKeyGenerationParameters; -import org.bouncycastle.crypto.params.ElGamalParameters; -import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; -import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; -import org.bouncycastle.crypto.params.GOST3410KeyGenerationParameters; -import org.bouncycastle.crypto.params.GOST3410Parameters; -import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters; -import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters; +// BEGIN android-removed +// import org.bouncycastle.crypto.params.ElGamalKeyGenerationParameters; +// import org.bouncycastle.crypto.params.ElGamalParameters; +// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; +// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; +// import org.bouncycastle.crypto.params.GOST3410KeyGenerationParameters; +// import org.bouncycastle.crypto.params.GOST3410Parameters; +// import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters; +// import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters; +// END android-removed import org.bouncycastle.crypto.params.RSAKeyGenerationParameters; import org.bouncycastle.crypto.params.RSAKeyParameters; import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; -import org.bouncycastle.jce.spec.ElGamalParameterSpec; -import org.bouncycastle.jce.spec.GOST3410ParameterSpec; -import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; +// BEGIN android-removed +// import org.bouncycastle.jce.spec.ElGamalParameterSpec; +// import org.bouncycastle.jce.spec.GOST3410ParameterSpec; +// import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; +// END android-removed import java.math.BigInteger; import java.security.InvalidAlgorithmParameterException; @@ -163,7 +169,9 @@ { if (!initialised) { - Integer paramStrength = new Integer(strength); + // BEGIN android-changed + Integer paramStrength = Integer.valueOf(strength); + // END android-changed if (params.containsKey(paramStrength)) { @@ -260,139 +268,143 @@ } } - public static class ElGamal - extends JDKKeyPairGenerator - { - ElGamalKeyGenerationParameters param; - ElGamalKeyPairGenerator engine = new ElGamalKeyPairGenerator(); - int strength = 1024; - int certainty = 20; - SecureRandom random = new SecureRandom(); - boolean initialised = false; - - public ElGamal() - { - super("ElGamal"); - } - - public void initialize( - int strength, - SecureRandom random) - { - this.strength = strength; - this.random = random; - } - - public void initialize( - AlgorithmParameterSpec params, - SecureRandom random) - throws InvalidAlgorithmParameterException - { - if (!(params instanceof ElGamalParameterSpec) && !(params instanceof DHParameterSpec)) - { - throw new InvalidAlgorithmParameterException("parameter object not a DHParameterSpec or an ElGamalParameterSpec"); - } - - if (params instanceof ElGamalParameterSpec) - { - ElGamalParameterSpec elParams = (ElGamalParameterSpec)params; - - param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(elParams.getP(), elParams.getG())); - } - else - { - DHParameterSpec dhParams = (DHParameterSpec)params; - - param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(dhParams.getP(), dhParams.getG(), dhParams.getL())); - } - - engine.init(param); - initialised = true; - } - - public KeyPair generateKeyPair() - { - if (!initialised) - { - ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); - - pGen.init(strength, certainty, random); - param = new ElGamalKeyGenerationParameters(random, pGen.generateParameters()); - engine.init(param); - initialised = true; - } - - AsymmetricCipherKeyPair pair = engine.generateKeyPair(); - ElGamalPublicKeyParameters pub = (ElGamalPublicKeyParameters)pair.getPublic(); - ElGamalPrivateKeyParameters priv = (ElGamalPrivateKeyParameters)pair.getPrivate(); - - return new KeyPair(new JCEElGamalPublicKey(pub), - new JCEElGamalPrivateKey(priv)); - } - } - - public static class GOST3410 - extends JDKKeyPairGenerator - { - GOST3410KeyGenerationParameters param; - GOST3410KeyPairGenerator engine = new GOST3410KeyPairGenerator(); - GOST3410ParameterSpec gost3410Params; - int strength = 1024; - SecureRandom random = null; - boolean initialised = false; - - public GOST3410() - { - super("GOST3410"); - } - - public void initialize( - int strength, - SecureRandom random) - { - this.strength = strength; - this.random = random; - } - - private void init( - GOST3410ParameterSpec gParams, - SecureRandom random) - { - GOST3410PublicKeyParameterSetSpec spec = gParams.getPublicKeyParameters(); - - param = new GOST3410KeyGenerationParameters(random, new GOST3410Parameters(spec.getP(), spec.getQ(), spec.getA())); - - engine.init(param); - - initialised = true; - gost3410Params = gParams; - } - - public void initialize( - AlgorithmParameterSpec params, - SecureRandom random) - throws InvalidAlgorithmParameterException - { - if (!(params instanceof GOST3410ParameterSpec)) - { - throw new InvalidAlgorithmParameterException("parameter object not a GOST3410ParameterSpec"); - } - - init((GOST3410ParameterSpec)params, random); - } - - public KeyPair generateKeyPair() - { - if (!initialised) - { - init(new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A.getId()), new SecureRandom()); - } - - AsymmetricCipherKeyPair pair = engine.generateKeyPair(); - GOST3410PublicKeyParameters pub = (GOST3410PublicKeyParameters)pair.getPublic(); - GOST3410PrivateKeyParameters priv = (GOST3410PrivateKeyParameters)pair.getPrivate(); - - return new KeyPair(new JDKGOST3410PublicKey(pub, gost3410Params), new JDKGOST3410PrivateKey(priv, gost3410Params)); - } - } + // BEGIN android-removed + // public static class ElGamal + // extends JDKKeyPairGenerator + // { + // ElGamalKeyGenerationParameters param; + // ElGamalKeyPairGenerator engine = new ElGamalKeyPairGenerator(); + // int strength = 1024; + // int certainty = 20; + // SecureRandom random = new SecureRandom(); + // boolean initialised = false; + // + // public ElGamal() + // { + // super("ElGamal"); + // } + // + // public void initialize( + // int strength, + // SecureRandom random) + // { + // this.strength = strength; + // this.random = random; + // } + // + // public void initialize( + // AlgorithmParameterSpec params, + // SecureRandom random) + // throws InvalidAlgorithmParameterException + // { + // if (!(params instanceof ElGamalParameterSpec) && !(params instanceof DHParameterSpec)) + // { + // throw new InvalidAlgorithmParameterException("parameter object not a DHParameterSpec or an ElGamalParameterSpec"); + // } + // + // if (params instanceof ElGamalParameterSpec) + // { + // ElGamalParameterSpec elParams = (ElGamalParameterSpec)params; + + // param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(elParams.getP(), elParams.getG())); + // } + // else + // { + // DHParameterSpec dhParams = (DHParameterSpec)params; + // + // param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(dhParams.getP(), dhParams.getG(), dhParams.getL())); + // } + // + // engine.init(param); + // initialised = true; + // } + // + // public KeyPair generateKeyPair() + // { + // if (!initialised) + // { + // ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); + // + // pGen.init(strength, certainty, random); + // param = new ElGamalKeyGenerationParameters(random, pGen.generateParameters()); + // engine.init(param); + // initialised = true; + // } + // + // AsymmetricCipherKeyPair pair = engine.generateKeyPair(); + // ElGamalPublicKeyParameters pub = (ElGamalPublicKeyParameters)pair.getPublic(); + // ElGamalPrivateKeyParameters priv = (ElGamalPrivateKeyParameters)pair.getPrivate(); + // + // return new KeyPair(new JCEElGamalPublicKey(pub), + // new JCEElGamalPrivateKey(priv)); + // } + // } + // END android-removed + + // BEGIN android-removed + // public static class GOST3410 + // extends JDKKeyPairGenerator + // { + // GOST3410KeyGenerationParameters param; + // GOST3410KeyPairGenerator engine = new GOST3410KeyPairGenerator(); + // GOST3410ParameterSpec gost3410Params; + // int strength = 1024; + // SecureRandom random = null; + // boolean initialised = false; + // + // public GOST3410() + // { + // super("GOST3410"); + // } + // + // public void initialize( + // int strength, + // SecureRandom random) + // { + // this.strength = strength; + // this.random = random; + // } + // + // private void init( + // GOST3410ParameterSpec gParams, + // SecureRandom random) + // { + // GOST3410PublicKeyParameterSetSpec spec = gParams.getPublicKeyParameters(); + // + // param = new GOST3410KeyGenerationParameters(random, new GOST3410Parameters(spec.getP(), spec.getQ(), spec.getA())); + // + // engine.init(param); + // + // initialised = true; + // gost3410Params = gParams; + // } + // + // public void initialize( + // AlgorithmParameterSpec params, + // SecureRandom random) + // throws InvalidAlgorithmParameterException + // { + // if (!(params instanceof GOST3410ParameterSpec)) + // { + // throw new InvalidAlgorithmParameterException("parameter object not a GOST3410ParameterSpec"); + // } + // + // init((GOST3410ParameterSpec)params, random); + // } + // + // public KeyPair generateKeyPair() + // { + // if (!initialised) + // { + // init(new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A.getId()), new SecureRandom()); + // } + // + // AsymmetricCipherKeyPair pair = engine.generateKeyPair(); + // GOST3410PublicKeyParameters pub = (GOST3410PublicKeyParameters)pair.getPublic(); + // GOST3410PrivateKeyParameters priv = (GOST3410PrivateKeyParameters)pair.getPrivate(); + // + // return new KeyPair(new JDKGOST3410PublicKey(pub, gost3410Params), new JDKGOST3410PrivateKey(priv, gost3410Params)); + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyStore.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyStore.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyStore.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyStore.java 2011-09-08 21:28:49.000000000 +0000 @@ -39,7 +39,12 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.PBEParametersGenerator; -import org.bouncycastle.crypto.digests.SHA1Digest; +// BEGIN android-added +import org.bouncycastle.crypto.digests.OpenSSLDigest; +// END android-added +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.SHA1Digest; +// END android-removed import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; import org.bouncycastle.crypto.io.DigestInputStream; import org.bouncycastle.crypto.io.DigestOutputStream; @@ -442,6 +447,7 @@ } catch (Exception e) { + throw new IOException("Exception creating key: " + e.toString()); } } @@ -497,7 +503,13 @@ if (entry == null) { - throw new KeyStoreException("no such entry as " + alias); + // BEGIN android-removed + // Only throw if there is a problem removing, not if missing + // throw new KeyStoreException("no such entry as " + alias); + // END android-removed + // BEGIN android-added + return; + // END android-added } table.remove(alias); @@ -810,12 +822,16 @@ // // we only do an integrity check if the password is provided. // - HMac hMac = new HMac(new SHA1Digest()); + // BEGIN android-changed + HMac hMac = new HMac(new OpenSSLDigest.SHA1()); + // END android-changed if (password != null && password.length != 0) { byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password); - PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest()); + // BEGIN android-changed + PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new OpenSSLDigest.SHA1()); + // END android-changed pbeGen.init(passKey, salt, iterationCount); CipherParameters macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize()); Arrays.fill(passKey, (byte)0); @@ -866,9 +882,11 @@ dOut.write(salt); dOut.writeInt(iterationCount); - HMac hMac = new HMac(new SHA1Digest()); + // BEGIN android-changed + HMac hMac = new HMac(new OpenSSLDigest.SHA1()); MacOutputStream mOut = new MacOutputStream(dOut, hMac); - PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest()); + PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new OpenSSLDigest.SHA1()); + // END android-changed byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password); pbeGen.init(passKey, salt, iterationCount); @@ -956,7 +974,9 @@ Cipher cipher = this.makePBECipher(cipherAlg, Cipher.DECRYPT_MODE, password, salt, iterationCount); CipherInputStream cIn = new CipherInputStream(dIn, cipher); - Digest dig = new SHA1Digest(); + // BEGIN android-changed + Digest dig = new OpenSSLDigest.SHA1(); + // END android-changed DigestInputStream dgIn = new DigestInputStream(cIn, dig); this.loadStore(dgIn); @@ -996,8 +1016,9 @@ cipher = this.makePBECipher(STORE_CIPHER, Cipher.ENCRYPT_MODE, password, salt, iterationCount); CipherOutputStream cOut = new CipherOutputStream(dOut, cipher); - DigestOutputStream dgOut = new DigestOutputStream(cOut, new SHA1Digest()); - + // BEGIN android-changed + DigestOutputStream dgOut = new DigestOutputStream(cOut, new OpenSSLDigest.SHA1()); + // END android-changed this.saveStore(dgOut); Digest dig = dgOut.getDigest(); @@ -1009,5 +1030,5 @@ cOut.close(); } - } + } } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKMessageDigest.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKMessageDigest.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKMessageDigest.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKMessageDigest.java 2011-09-08 21:28:49.000000000 +0000 @@ -57,36 +57,38 @@ { super(new SHA1Digest()); } - + public Object clone() throws CloneNotSupportedException { SHA1 d = (SHA1)super.clone(); d.digest = new SHA1Digest((SHA1Digest)digest); - - return d; - } - } - - static public class SHA224 - extends JDKMessageDigest - implements Cloneable - { - public SHA224() - { - super(new SHA224Digest()); - } - - public Object clone() - throws CloneNotSupportedException - { - SHA224 d = (SHA224)super.clone(); - d.digest = new SHA224Digest((SHA224Digest)digest); - + return d; } } - + + // BEGIN android-removed + // static public class SHA224 + // extends JDKMessageDigest + // implements Cloneable + // { + // public SHA224() + // { + // super(new SHA224Digest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // SHA224 d = (SHA224)super.clone(); + // d.digest = new SHA224Digest((SHA224Digest)digest); + // + // return d; + // } + // } + // END android-removed + static public class SHA256 extends JDKMessageDigest implements Cloneable @@ -95,13 +97,13 @@ { super(new SHA256Digest()); } - + public Object clone() throws CloneNotSupportedException { SHA256 d = (SHA256)super.clone(); d.digest = new SHA256Digest((SHA256Digest)digest); - + return d; } } @@ -144,43 +146,45 @@ } } - static public class MD2 - extends JDKMessageDigest - implements Cloneable - { - public MD2() - { - super(new MD2Digest()); - } - - public Object clone() - throws CloneNotSupportedException - { - MD2 d = (MD2)super.clone(); - d.digest = new MD2Digest((MD2Digest)digest); - - return d; - } - } - - static public class MD4 - extends JDKMessageDigest - implements Cloneable - { - public MD4() - { - super(new MD4Digest()); - } - - public Object clone() - throws CloneNotSupportedException - { - MD4 d = (MD4)super.clone(); - d.digest = new MD4Digest((MD4Digest)digest); - - return d; - } - } + // BEGIN android-removed + // static public class MD2 + // extends JDKMessageDigest + // implements Cloneable + // { + // public MD2() + // { + // super(new MD2Digest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // MD2 d = (MD2)super.clone(); + // d.digest = new MD2Digest((MD2Digest)digest); + // + // return d; + // } + // } + // + // static public class MD4 + // extends JDKMessageDigest + // implements Cloneable + // { + // public MD4() + // { + // super(new MD4Digest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // MD4 d = (MD4)super.clone(); + // d.digest = new MD4Digest((MD4Digest)digest); + // + // return d; + // } + // } + // END android-removed static public class MD5 extends JDKMessageDigest @@ -190,147 +194,149 @@ { super(new MD5Digest()); } - + public Object clone() throws CloneNotSupportedException { MD5 d = (MD5)super.clone(); d.digest = new MD5Digest((MD5Digest)digest); - - return d; - } - } - - static public class RIPEMD128 - extends JDKMessageDigest - implements Cloneable - { - public RIPEMD128() - { - super(new RIPEMD128Digest()); - } - - public Object clone() - throws CloneNotSupportedException - { - RIPEMD128 d = (RIPEMD128)super.clone(); - d.digest = new RIPEMD128Digest((RIPEMD128Digest)digest); - + return d; } } - static public class RIPEMD160 - extends JDKMessageDigest - implements Cloneable - { - public RIPEMD160() - { - super(new RIPEMD160Digest()); - } - - public Object clone() - throws CloneNotSupportedException - { - RIPEMD160 d = (RIPEMD160)super.clone(); - d.digest = new RIPEMD160Digest((RIPEMD160Digest)digest); - - return d; - } - } - - static public class RIPEMD256 - extends JDKMessageDigest - implements Cloneable - { - public RIPEMD256() - { - super(new RIPEMD256Digest()); - } - - public Object clone() - throws CloneNotSupportedException - { - RIPEMD256 d = (RIPEMD256)super.clone(); - d.digest = new RIPEMD256Digest((RIPEMD256Digest)digest); - - return d; - } - } - - static public class RIPEMD320 - extends JDKMessageDigest - implements Cloneable - { - public RIPEMD320() - { - super(new RIPEMD320Digest()); - } - - public Object clone() - throws CloneNotSupportedException - { - RIPEMD320 d = (RIPEMD320)super.clone(); - d.digest = new RIPEMD320Digest((RIPEMD320Digest)digest); - - return d; - } - } - - static public class Tiger - extends JDKMessageDigest - implements Cloneable - { - public Tiger() - { - super(new TigerDigest()); - } - - public Object clone() - throws CloneNotSupportedException - { - Tiger d = (Tiger)super.clone(); - d.digest = new TigerDigest((TigerDigest)digest); - - return d; - } - } - - static public class GOST3411 - extends JDKMessageDigest - implements Cloneable - { - public GOST3411() - { - super(new GOST3411Digest()); - } - - public Object clone() - throws CloneNotSupportedException - { - GOST3411 d = (GOST3411)super.clone(); - d.digest = new GOST3411Digest((GOST3411Digest)digest); - - return d; - } - } - - static public class Whirlpool - extends JDKMessageDigest - implements Cloneable - { - public Whirlpool() - { - super(new WhirlpoolDigest()); - } - - public Object clone() - throws CloneNotSupportedException - { - Whirlpool d = (Whirlpool)super.clone(); - d.digest = new WhirlpoolDigest((WhirlpoolDigest)digest); - - return d; - } - } + // BEGIN android-removed + // static public class RIPEMD128 + // extends JDKMessageDigest + // implements Cloneable + // { + // public RIPEMD128() + // { + // super(new RIPEMD128Digest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // RIPEMD128 d = (RIPEMD128)super.clone(); + // d.digest = new RIPEMD128Digest((RIPEMD128Digest)digest); + // + // return d; + // } + // } + // + // static public class RIPEMD160 + // extends JDKMessageDigest + // implements Cloneable + // { + // public RIPEMD160() + // { + // super(new RIPEMD160Digest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // RIPEMD160 d = (RIPEMD160)super.clone(); + // d.digest = new RIPEMD160Digest((RIPEMD160Digest)digest); + // + // return d; + // } + // } + // + // static public class RIPEMD256 + // extends JDKMessageDigest + // implements Cloneable + // { + // public RIPEMD256() + // { + // super(new RIPEMD256Digest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // RIPEMD256 d = (RIPEMD256)super.clone(); + // d.digest = new RIPEMD256Digest((RIPEMD256Digest)digest); + // + // return d; + // } + // } + // + // static public class RIPEMD320 + // extends JDKMessageDigest + // implements Cloneable + // { + // public RIPEMD320() + // { + // super(new RIPEMD320Digest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // RIPEMD320 d = (RIPEMD320)super.clone(); + // d.digest = new RIPEMD320Digest((RIPEMD320Digest)digest); + // + // return d; + // } + // } + // + // static public class Tiger + // extends JDKMessageDigest + // implements Cloneable + // { + // public Tiger() + // { + // super(new TigerDigest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // Tiger d = (Tiger)super.clone(); + // d.digest = new TigerDigest((TigerDigest)digest); + // + // return d; + // } + // } + // + // static public class GOST3411 + // extends JDKMessageDigest + // implements Cloneable + // { + // public GOST3411() + // { + // super(new GOST3411Digest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // GOST3411 d = (GOST3411)super.clone(); + // d.digest = new GOST3411Digest((GOST3411Digest)digest); + // + // return d; + // } + // } + // + // static public class Whirlpool + // extends JDKMessageDigest + // implements Cloneable + // { + // public Whirlpool() + // { + // super(new WhirlpoolDigest()); + // } + // + // public Object clone() + // throws CloneNotSupportedException + // { + // Whirlpool d = (Whirlpool)super.clone(); + // d.digest = new WhirlpoolDigest((WhirlpoolDigest)digest); + // + // return d; + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2011-09-08 21:28:49.000000000 +0000 @@ -260,10 +260,13 @@ } } - if (c == null && k == null) - { - throw new KeyStoreException("no such entry as " + alias); - } + // BEGIN android-removed + // Only throw if there is a problem removing, not if missing + // if (c == null && k == null) + // { + // throw new KeyStoreException("no such entry as " + alias); + // } + // END android-removed } /** @@ -438,6 +441,14 @@ public Date engineGetCreationDate(String alias) { + // BEGIN android-added + if (alias == null) { + throw new NullPointerException("alias == null"); + } + if (keys.get(alias) == null && certs.get(alias) == null) { + return null; + } + // END android-added return new Date(); } @@ -496,6 +507,11 @@ Certificate[] chain) throws KeyStoreException { + // BEGIN android-added + if (!(key instanceof PrivateKey)) { + throw new KeyStoreException("PKCS12 does not support non-PrivateKeys"); + } + // END android-added if ((key instanceof PrivateKey) && (chain == null)) { throw new KeyStoreException("no certificate chain for private key"); @@ -507,12 +523,18 @@ } keys.put(alias, key); + // BEGIN android-added + if (chain != null) { + // END android-added certs.put(alias, chain[0]); for (int i = 0; i != chain.length; i++) { chainCerts.put(new CertId(chain[i].getPublicKey()), chain[i]); } + // BEGIN android-added + } + // END android-added } public int engineSize() @@ -1488,7 +1510,9 @@ { byte[] res = calculatePbeMac(id_SHA1, mSalt, itCount, password, false, data); - AlgorithmIdentifier algId = new AlgorithmIdentifier(id_SHA1, new DERNull()); + // BEGIN android-changed + AlgorithmIdentifier algId = new AlgorithmIdentifier(id_SHA1, DERNull.INSTANCE); + // END android-changed DigestInfo dInfo = new DigestInfo(algId, res); mData = new MacData(dInfo, mSalt, itCount); @@ -1545,32 +1569,34 @@ } } - public static class BCPKCS12KeyStore3DES - extends JDKPKCS12KeyStore - { - public BCPKCS12KeyStore3DES() - { - super(bcProvider, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); - } - } - - public static class DefPKCS12KeyStore - extends JDKPKCS12KeyStore - { - public DefPKCS12KeyStore() - { - super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbewithSHAAnd40BitRC2_CBC); - } - } - - public static class DefPKCS12KeyStore3DES - extends JDKPKCS12KeyStore - { - public DefPKCS12KeyStore3DES() - { - super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); - } - } + // BEGIN android-removed + // public static class BCPKCS12KeyStore3DES + // extends JDKPKCS12KeyStore + // { + // public BCPKCS12KeyStore3DES() + // { + // super(bcProvider, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); + // } + // } + // + // public static class DefPKCS12KeyStore + // extends JDKPKCS12KeyStore + // { + // public DefPKCS12KeyStore() + // { + // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbewithSHAAnd40BitRC2_CBC); + // } + // } + // + // public static class DefPKCS12KeyStore3DES + // extends JDKPKCS12KeyStore + // { + // public DefPKCS12KeyStore3DES() + // { + // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); + // } + // } + // END android-removed private static class IgnoresCaseHashtable { @@ -1579,7 +1605,7 @@ public void put(String key, Object value) { - String lower = Strings.toLowerCase(key); + String lower = (key == null) ? null : Strings.toLowerCase(key); String k = (String)keys.get(lower); if (k != null) { @@ -1597,7 +1623,9 @@ public Object remove(String alias) { - String k = (String)keys.remove(Strings.toLowerCase(alias)); + // BEGIN android-changed + String k = (String)keys.remove(alias == null ? null : Strings.toLowerCase(alias)); + // END android-changed if (k == null) { return null; @@ -1608,7 +1636,9 @@ public Object get(String alias) { - String k = (String)keys.get(Strings.toLowerCase(alias)); + // BEGIN android-changed + String k = (String)keys.get(alias == null ? null : Strings.toLowerCase(alias)); + // END android-changed if (k == null) { return null; diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PBE.java bcprov-jdk16-146/org/bouncycastle/jce/provider/PBE.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PBE.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PBE.java 2011-09-08 21:28:49.000000000 +0000 @@ -7,12 +7,18 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.PBEParametersGenerator; -import org.bouncycastle.crypto.digests.MD2Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.MD2Digest; +// END android-removed import org.bouncycastle.crypto.digests.MD5Digest; -import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.crypto.digests.SHA256Digest; -import org.bouncycastle.crypto.digests.TigerDigest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.TigerDigest; +// END android-removed import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; @@ -53,9 +59,11 @@ { switch (hash) { - case MD2: - generator = new PKCS5S1ParametersGenerator(new MD2Digest()); - break; + // BEGIN android-removed + // case MD2: + // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); + // break; + // END android-removed case MD5: generator = new PKCS5S1ParametersGenerator(new MD5Digest()); break; @@ -74,21 +82,25 @@ { switch (hash) { - case MD2: - generator = new PKCS12ParametersGenerator(new MD2Digest()); - break; + // BEGIN android-removed + // case MD2: + // generator = new PKCS12ParametersGenerator(new MD2Digest()); + // break; + // END android-removed case MD5: generator = new PKCS12ParametersGenerator(new MD5Digest()); break; case SHA1: generator = new PKCS12ParametersGenerator(new SHA1Digest()); break; - case RIPEMD160: - generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); - break; - case TIGER: - generator = new PKCS12ParametersGenerator(new TigerDigest()); - break; + // BEGIN android-removed + // case RIPEMD160: + // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); + // break; + // case TIGER: + // generator = new PKCS12ParametersGenerator(new TigerDigest()); + // break; + // END android-removed case SHA256: generator = new PKCS12ParametersGenerator(new SHA256Digest()); break; diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPath.java bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPath.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPath.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPath.java 2011-09-08 21:28:49.000000000 +0000 @@ -33,7 +33,9 @@ import org.bouncycastle.asn1.pkcs.ContentInfo; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.SignedData; -import org.bouncycastle.openssl.PEMWriter; +// BEGIN android-removed +// import org.bouncycastle.openssl.PEMWriter; +// END android-removed /** * CertPath implementation for X.509 certificates. @@ -295,27 +297,29 @@ return toDEREncoded(new ContentInfo( PKCSObjectIdentifiers.signedData, sd)); } - else if (encoding.equalsIgnoreCase("PEM")) - { - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - PEMWriter pWrt = new PEMWriter(new OutputStreamWriter(bOut)); - - try - { - for (int i = 0; i != certificates.size(); i++) - { - pWrt.writeObject(certificates.get(i)); - } - - pWrt.close(); - } - catch (Exception e) - { - throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); - } - - return bOut.toByteArray(); - } + // BEGIN android-removed + // else if (encoding.equalsIgnoreCase("PEM")) + // { + // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + // PEMWriter pWrt = new PEMWriter(new OutputStreamWriter(bOut)); + // + // try + // { + // for (int i = 0; i != certificates.size(); i++) + // { + // pWrt.writeObject(certificates.get(i)); + // } + // + // pWrt.close(); + // } + // catch (Exception e) + // { + // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); + // } + // + // return bOut.toByteArray(); + // } + // END android-removed else { throw new CertificateEncodingException("unsupported encoding: " + encoding); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2011-09-08 21:28:49.000000000 +0000 @@ -1,5 +1,8 @@ package org.bouncycastle.jce.provider; +// BEGIN android-added +import java.math.BigInteger; +// END android-added import java.security.InvalidAlgorithmParameterException; import java.security.PublicKey; import java.security.cert.CertPath; @@ -13,6 +16,7 @@ import java.security.cert.TrustAnchor; import java.security.cert.X509Certificate; import java.util.ArrayList; +import java.util.Arrays; import java.util.HashSet; import java.util.Iterator; import java.util.List; @@ -23,6 +27,10 @@ import org.bouncycastle.asn1.DEREncodable; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +// BEGIN android-added +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.OpenSSLDigest; +// END android-added import org.bouncycastle.jce.exception.ExtCertPathValidatorException; import org.bouncycastle.x509.ExtendedPKIXParameters; @@ -33,6 +41,63 @@ public class PKIXCertPathValidatorSpi extends CertPathValidatorSpi { + // BEGIN android-added + + // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup + private static final Set SERIAL_BLACKLIST = new HashSet(Arrays.asList( + // Not a real certificate. For testing only. + new BigInteger(1, new byte[] {(byte)0x07,(byte)0x7a,(byte)0x59,(byte)0xbc,(byte)0xd5,(byte)0x34,(byte)0x59,(byte)0x60,(byte)0x1c,(byte)0xa6,(byte)0x90,(byte)0x72,(byte)0x67,(byte)0xa6,(byte)0xdd,(byte)0x1c}), + + new BigInteger(1, new byte[] {(byte)0x04,(byte)0x7e,(byte)0xcb,(byte)0xe9,(byte)0xfc,(byte)0xa5,(byte)0x5f,(byte)0x7b,(byte)0xd0,(byte)0x9e,(byte)0xae,(byte)0x36,(byte)0xe1,(byte)0x0c,(byte)0xae,(byte)0x1e}), + new BigInteger(1, new byte[] {(byte)0xd8,(byte)0xf3,(byte)0x5f,(byte)0x4e,(byte)0xb7,(byte)0x87,(byte)0x2b,(byte)0x2d,(byte)0xab,(byte)0x06,(byte)0x92,(byte)0xe3,(byte)0x15,(byte)0x38,(byte)0x2f,(byte)0xb0}), + new BigInteger(1, new byte[] {(byte)0xb0,(byte)0xb7,(byte)0x13,(byte)0x3e,(byte)0xd0,(byte)0x96,(byte)0xf9,(byte)0xb5,(byte)0x6f,(byte)0xae,(byte)0x91,(byte)0xc8,(byte)0x74,(byte)0xbd,(byte)0x3a,(byte)0xc0}), + new BigInteger(1, new byte[] {(byte)0x92,(byte)0x39,(byte)0xd5,(byte)0x34,(byte)0x8f,(byte)0x40,(byte)0xd1,(byte)0x69,(byte)0x5a,(byte)0x74,(byte)0x54,(byte)0x70,(byte)0xe1,(byte)0xf2,(byte)0x3f,(byte)0x43}), + new BigInteger(1, new byte[] {(byte)0xe9,(byte)0x02,(byte)0x8b,(byte)0x95,(byte)0x78,(byte)0xe4,(byte)0x15,(byte)0xdc,(byte)0x1a,(byte)0x71,(byte)0x0a,(byte)0x2b,(byte)0x88,(byte)0x15,(byte)0x44,(byte)0x47}), + new BigInteger(1, new byte[] {(byte)0xd7,(byte)0x55,(byte)0x8f,(byte)0xda,(byte)0xf5,(byte)0xf1,(byte)0x10,(byte)0x5b,(byte)0xb2,(byte)0x13,(byte)0x28,(byte)0x2b,(byte)0x70,(byte)0x77,(byte)0x29,(byte)0xa3}), + new BigInteger(1, new byte[] {(byte)0xf5,(byte)0xc8,(byte)0x6a,(byte)0xf3,(byte)0x61,(byte)0x62,(byte)0xf1,(byte)0x3a,(byte)0x64,(byte)0xf5,(byte)0x4f,(byte)0x6d,(byte)0xc9,(byte)0x58,(byte)0x7c,(byte)0x06}), + new BigInteger(1, new byte[] {(byte)0x39,(byte)0x2a,(byte)0x43,(byte)0x4f,(byte)0x0e,(byte)0x07,(byte)0xdf,(byte)0x1f,(byte)0x8a,(byte)0xa3,(byte)0x05,(byte)0xde,(byte)0x34,(byte)0xe0,(byte)0xc2,(byte)0x29}), + new BigInteger(1, new byte[] {(byte)0x3e,(byte)0x75,(byte)0xce,(byte)0xd4,(byte)0x6b,(byte)0x69,(byte)0x30,(byte)0x21,(byte)0x21,(byte)0x88,(byte)0x30,(byte)0xae,(byte)0x86,(byte)0xa8,(byte)0x2a,(byte)0x71}) + )); + + // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750 + private static final byte[][] PUBLIC_KEY_SHA1_BLACKLIST = { + // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl + {(byte)0x41, (byte)0x0f, (byte)0x36, (byte)0x36, (byte)0x32, (byte)0x58, (byte)0xf3, (byte)0x0b, (byte)0x34, (byte)0x7d, + (byte)0x12, (byte)0xce, (byte)0x48, (byte)0x63, (byte)0xe4, (byte)0x33, (byte)0x43, (byte)0x78, (byte)0x06, (byte)0xa8}, + // Subject: CN=DigiNotar Cyber CA + // Issuer: CN=GTE CyberTrust Global Root + {(byte)0xba, (byte)0x3e, (byte)0x7b, (byte)0xd3, (byte)0x8c, (byte)0xd7, (byte)0xe1, (byte)0xe6, (byte)0xb9, (byte)0xcd, + (byte)0x4c, (byte)0x21, (byte)0x99, (byte)0x62, (byte)0xe5, (byte)0x9d, (byte)0x7a, (byte)0x2f, (byte)0x4e, (byte)0x37}, + // Subject: CN=DigiNotar Services 1024 CA + // Issuer: CN=Entrust.net + {(byte)0xe2, (byte)0x3b, (byte)0x8d, (byte)0x10, (byte)0x5f, (byte)0x87, (byte)0x71, (byte)0x0a, (byte)0x68, (byte)0xd9, + (byte)0x24, (byte)0x80, (byte)0x50, (byte)0xeb, (byte)0xef, (byte)0xc6, (byte)0x27, (byte)0xbe, (byte)0x4c, (byte)0xa6}, + // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2 + // Issuer: CN=Staat der Nederlanden Organisatie CA - G2 + {(byte)0x7b, (byte)0x2e, (byte)0x16, (byte)0xbc, (byte)0x39, (byte)0xbc, (byte)0xd7, (byte)0x2b, (byte)0x45, (byte)0x6e, + (byte)0x9f, (byte)0x05, (byte)0x5d, (byte)0x1d, (byte)0xe6, (byte)0x15, (byte)0xb7, (byte)0x49, (byte)0x45, (byte)0xdb}, + // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven + // Issuer: CN=Staat der Nederlanden Overheid CA + {(byte)0xe8, (byte)0xf9, (byte)0x12, (byte)0x00, (byte)0xc6, (byte)0x5c, (byte)0xee, (byte)0x16, (byte)0xe0, (byte)0x39, + (byte)0xb9, (byte)0xf8, (byte)0x83, (byte)0x84, (byte)0x16, (byte)0x61, (byte)0x63, (byte)0x5f, (byte)0x81, (byte)0xc5}, + }; + + private static boolean isPublicKeyBlackListed(PublicKey publicKey) { + byte[] encoded = publicKey.getEncoded(); + Digest digest = new OpenSSLDigest.SHA1(); + digest.update(encoded, 0, encoded.length); + byte[] out = new byte[digest.getDigestSize()]; + digest.doFinal(out, 0); + + for (byte[] sha1 : PUBLIC_KEY_SHA1_BLACKLIST) { + if (Arrays.equals(out, sha1)) { + return true; + } + } + return false; + } + + // END android-added public CertPathValidatorResult engineValidate( CertPath certPath, @@ -75,6 +140,22 @@ { throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); } + // BEGIN android-added + { + X509Certificate cert = (X509Certificate) certs.get(0); + + if (cert != null) { + BigInteger serial = cert.getSerialNumber(); + if (serial != null && SERIAL_BLACKLIST.contains(serial)) { + // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs + String message = "Certificate revocation of serial 0x" + serial.toString(16); + System.out.println(message); + AnnotatedException e = new AnnotatedException(message); + throw new CertPathValidatorException(e.getMessage(), e, certPath, 0); + } + } + } + // END android-added // // (b) @@ -251,6 +332,15 @@ for (index = certs.size() - 1; index >= 0; index--) { + // BEGIN android-added + if (isPublicKeyBlackListed(workingPublicKey)) { + // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs + String message = "Certificate revocation of public key " + workingPublicKey; + System.out.println(message); + AnnotatedException e = new AnnotatedException(message); + throw new CertPathValidatorException(e.getMessage(), e, certPath, index); + } + // END android-added // try // { // diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java 2011-09-08 21:28:49.000000000 +0000 @@ -1533,7 +1533,9 @@ for (Enumeration e = permitted.getObjects(); e.hasMoreElements();) { GeneralSubtree subtree = GeneralSubtree.getInstance(e.nextElement()); - Integer tagNo = new Integer(subtree.getBase().getTagNo()); + // BEGIN android-changed + Integer tagNo = Integer.valueOf(subtree.getBase().getTagNo()); + // END android-changed if (subtreesMap.get(tagNo) == null) { subtreesMap.put(tagNo, new HashSet()); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/WrapCipherSpi.java bcprov-jdk16-146/org/bouncycastle/jce/provider/WrapCipherSpi.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/WrapCipherSpi.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/WrapCipherSpi.java 2011-09-08 21:28:49.000000000 +0000 @@ -22,8 +22,10 @@ import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -import javax.crypto.spec.RC2ParameterSpec; -import javax.crypto.spec.RC5ParameterSpec; +// BEGIN android-removed +// import javax.crypto.spec.RC2ParameterSpec; +// import javax.crypto.spec.RC5ParameterSpec; +// END android-removed import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.ASN1InputStream; @@ -36,7 +38,9 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.InvalidCipherTextException; import org.bouncycastle.crypto.Wrapper; -import org.bouncycastle.crypto.engines.RC2WrapEngine; +// BEGIN android-removed +// import org.bouncycastle.crypto.engines.RC2WrapEngine; +// END android-removed import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; @@ -50,8 +54,10 @@ { IvParameterSpec.class, PBEParameterSpec.class, - RC2ParameterSpec.class, - RC5ParameterSpec.class + // BEGIN android-removed + // RC2ParameterSpec.class, + // RC5ParameterSpec.class + // END android-removed }; protected int pbeType = PKCS12; @@ -263,16 +269,19 @@ return null; } + // BEGIN android-changed + // added ShortBufferException to throws statement protected int engineDoFinal( byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) - throws IllegalBlockSizeException, BadPaddingException + throws IllegalBlockSizeException, BadPaddingException, ShortBufferException { return 0; } + // END android-changed protected byte[] engineWrap( Key key) @@ -305,7 +314,12 @@ byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType) - throws InvalidKeyException + // BEGIN android-removed + // throws InvalidKeyException + // END android-removed + // BEGIN android-added + throws InvalidKeyException, NoSuchAlgorithmException + // END android-added { byte[] encoded; try @@ -356,10 +370,12 @@ { privKey = new JCEECPrivateKey(in); } - else if (oid.equals(CryptoProObjectIdentifiers.gostR3410_94)) - { - privKey = new JDKGOST3410PrivateKey(in); - } + // BEGIN android-removed + // else if (oid.equals(CryptoProObjectIdentifiers.gostR3410_94)) + // { + // privKey = new JDKGOST3410PrivateKey(in); + // } + // END android-removed else if (oid.equals(X9ObjectIdentifiers.id_dsa)) { privKey = new JDKDSAPrivateKey(in); @@ -403,10 +419,12 @@ { throw new InvalidKeyException("Unknown key type " + e.getMessage()); } - catch (NoSuchAlgorithmException e) - { - throw new InvalidKeyException("Unknown key type " + e.getMessage()); - } + // BEGIN android-removed + // catch (NoSuchAlgorithmException e) + // { + // throw new InvalidKeyException("Unknown key type " + e.getMessage()); + // } + // END android-removed catch (InvalidKeySpecException e2) { throw new InvalidKeyException("Unknown key type " + e2.getMessage()); @@ -420,12 +438,14 @@ // classes that inherit directly from us // - public static class RC2Wrap - extends WrapCipherSpi - { - public RC2Wrap() - { - super(new RC2WrapEngine()); - } - } + // BEGIN android-removed + // public static class RC2Wrap + // extends WrapCipherSpi + // { + // public RC2Wrap() + // { + // super(new RC2WrapEngine()); + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk16-146/org/bouncycastle/jce/provider/X509CertificateObject.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/X509CertificateObject.java 2011-09-08 21:28:49.000000000 +0000 @@ -520,12 +520,20 @@ return JDKKeyFactory.createPublicKeyFromPublicKeyInfo(c.getSubjectPublicKeyInfo()); } + // BEGIN android-changed + private byte[] encoded; + // END android-changed public byte[] getEncoded() throws CertificateEncodingException { try { - return c.getEncoded(ASN1Encodable.DER); + // BEGIN android-changed + if (encoded == null) { + encoded = c.getEncoded(ASN1Encodable.DER); + } + return encoded; + // END android-changed } catch (IOException e) { @@ -711,7 +719,7 @@ { Signature signature; String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm()); - + try { signature = Signature.getInstance(sigName, BouncyCastleProvider.PROVIDER_NAME); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk16-146/org/bouncycastle/jce/provider/X509SignatureUtil.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/X509SignatureUtil.java 2011-09-08 21:28:49.000000000 +0000 @@ -25,7 +25,9 @@ class X509SignatureUtil { - private static final ASN1Null derNull = new DERNull(); + // BEGIN android-changed + private static final ASN1Null derNull = DERNull.INSTANCE; + // END android-changed static void setSignatureParameters( Signature signature, @@ -66,12 +68,14 @@ if (params != null && !derNull.equals(params)) { - if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) - { - RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); - - return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; - } + // BEGIN android-removed + // if (sigAlgId.getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) + // { + // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); + // + // return getDigestAlgName(rsaParams.getHashAlgorithm().getObjectId()) + "withRSAandMGF1"; + // } + // END android-removed if (sigAlgId.getObjectId().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) { ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); @@ -98,10 +102,12 @@ { return "SHA1"; } - else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) - { - return "SHA224"; - } + // BEGIN android-removed + // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) + // { + // return "SHA224"; + // } + // END android-removed else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) { return "SHA256"; @@ -114,22 +120,24 @@ { return "SHA512"; } - else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - { - return "RIPEMD128"; - } - else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - { - return "RIPEMD160"; - } - else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - { - return "RIPEMD256"; - } - else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - { - return "GOST3411"; - } + // BEGIN android-removed + // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + // { + // return "RIPEMD128"; + // } + // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + // { + // return "RIPEMD160"; + // } + // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + // { + // return "RIPEMD256"; + // } + // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + // { + // return "GOST3411"; + // } + // END android-removed else { return digestAlgOID.getId(); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/EC.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/EC.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/EC.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/EC.java 2011-09-08 21:28:49.000000000 +0000 @@ -4,8 +4,10 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -import org.bouncycastle.asn1.eac.EACObjectIdentifiers; -import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; +// BEGIN android-removed +// import org.bouncycastle.asn1.eac.EACObjectIdentifiers; +// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; +// END android-removed import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; public class EC @@ -16,39 +18,49 @@ public Mappings() { put("KeyAgreement.ECDH", "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$DH"); - put("KeyAgreement.ECDHC", "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$DHC"); - put("KeyAgreement.ECMQV", "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$MQV"); - put("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$DHwithSHA1KDF"); - put("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$MQVwithSHA1KDF"); + // BEGIN android-removed + // put("KeyAgreement.ECDHC", "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$DHC"); + // put("KeyAgreement.ECMQV", "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$MQV"); + // put("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$DHwithSHA1KDF"); + // put("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "org.bouncycastle.jce.provider.asymmetric.ec.KeyAgreement$MQVwithSHA1KDF"); + // END android-removed put("KeyFactory.EC", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$EC"); - put("KeyFactory.ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECDSA"); - put("KeyFactory.ECDH", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECDH"); - put("KeyFactory.ECDHC", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECDHC"); - put("KeyFactory.ECMQV", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECMQV"); + // BEGIN android-removed + // put("KeyFactory.ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECDSA"); + // put("KeyFactory.ECDH", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECDH"); + // put("KeyFactory.ECDHC", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECDHC"); + // put("KeyFactory.ECMQV", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECMQV"); + // END android-removed put("Alg.Alias.KeyFactory." + X9ObjectIdentifiers.id_ecPublicKey, "EC"); // TODO Should this be an alias for ECDH? put("Alg.Alias.KeyFactory." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); - put("Alg.Alias.KeyFactory." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV"); - - put("KeyFactory.ECGOST3410", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECGOST3410"); - put("Alg.Alias.KeyFactory.GOST-3410-2001", "ECGOST3410"); - put("Alg.Alias.KeyFactory.ECGOST-3410", "ECGOST3410"); - put("Alg.Alias.KeyFactory." + CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410"); + // BEGIN android-removed + // put("Alg.Alias.KeyFactory." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV"); + // + // put("KeyFactory.ECGOST3410", "org.bouncycastle.jce.provider.asymmetric.ec.KeyFactory$ECGOST3410"); + // put("Alg.Alias.KeyFactory.GOST-3410-2001", "ECGOST3410"); + // put("Alg.Alias.KeyFactory.ECGOST-3410", "ECGOST3410"); + // put("Alg.Alias.KeyFactory." + CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410"); + // END android-removed put("KeyPairGenerator.EC", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$EC"); - put("KeyPairGenerator.ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECDSA"); - put("KeyPairGenerator.ECDH", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECDH"); - put("KeyPairGenerator.ECDHC", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECDHC"); - put("KeyPairGenerator.ECIES", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECDH"); - put("KeyPairGenerator.ECMQV", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECMQV"); + // BEGIN android-removed + // put("KeyPairGenerator.ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECDSA"); + // put("KeyPairGenerator.ECDH", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECDH"); + // put("KeyPairGenerator.ECDHC", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECDHC"); + // put("KeyPairGenerator.ECIES", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECDH"); + // put("KeyPairGenerator.ECMQV", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECMQV"); + // END android-removed // TODO Should this be an alias for ECDH? put("Alg.Alias.KeyPairGenerator." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); - put("Alg.Alias.KeyPairGenerator." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV"); - - put("KeyPairGenerator.ECGOST3410", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECGOST3410"); - put("Alg.Alias.KeyPairGenerator.ECGOST-3410", "ECGOST3410"); - put("Alg.Alias.KeyPairGenerator.GOST-3410-2001", "ECGOST3410"); + // BEGIN android-removed + // put("Alg.Alias.KeyPairGenerator." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV"); + // + // put("KeyPairGenerator.ECGOST3410", "org.bouncycastle.jce.provider.asymmetric.ec.KeyPairGenerator$ECGOST3410"); + // put("Alg.Alias.KeyPairGenerator.ECGOST-3410", "ECGOST3410"); + // put("Alg.Alias.KeyPairGenerator.GOST-3410-2001", "ECGOST3410"); + // END android-removed put("Signature.ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSA"); put("Signature.NONEwithECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSAnone"); @@ -60,23 +72,27 @@ put("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); put("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); put("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); - put("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); - - addSignatureAlgorithm("SHA224", "ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); + // BEGIN android-removed + // put("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); + // + // addSignatureAlgorithm("SHA224", "ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); + // END android-removed addSignatureAlgorithm("SHA256", "ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); addSignatureAlgorithm("SHA384", "ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); addSignatureAlgorithm("SHA512", "ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); - addSignatureAlgorithm("RIPEMD160", "ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); - - put("Signature.SHA1WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR"); - put("Signature.SHA224WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR224"); - put("Signature.SHA256WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR256"); - put("Signature.SHA384WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR384"); - put("Signature.SHA512WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR512"); - - addSignatureAlgorithm("SHA1", "CVC-ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); - addSignatureAlgorithm("SHA224", "CVC-ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); - addSignatureAlgorithm("SHA256", "CVC-ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); + // BEGIN android-removed + // addSignatureAlgorithm("RIPEMD160", "ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); + // + // put("Signature.SHA1WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR"); + // put("Signature.SHA224WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR224"); + // put("Signature.SHA256WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR256"); + // put("Signature.SHA384WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR384"); + // put("Signature.SHA512WITHECNR", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecNR512"); + // + // addSignatureAlgorithm("SHA1", "CVC-ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); + // addSignatureAlgorithm("SHA224", "CVC-ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); + // addSignatureAlgorithm("SHA256", "CVC-ECDSA", "org.bouncycastle.jce.provider.asymmetric.ec.Signature$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); + // END android-removed } private void addSignatureAlgorithm( diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java 2011-09-08 21:28:49.000000000 +0000 @@ -1,10 +1,14 @@ package org.bouncycastle.jce.provider.asymmetric.ec; import org.bouncycastle.asn1.DERObjectIdentifier; -import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +// BEGIN android-removed +// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +// END android-removed import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.sec.SECNamedCurves; -import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// BEGIN android-removed +// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// END android-removed import org.bouncycastle.asn1.x9.X962NamedCurves; import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.crypto.params.AsymmetricKeyParameter; @@ -167,14 +171,16 @@ { oid = NISTNamedCurves.getOID(name); } - if (oid == null) - { - oid = TeleTrusTNamedCurves.getOID(name); - } - if (oid == null) - { - oid = ECGOST3410NamedCurves.getOID(name); - } + // BEGIN android-removed + // if (oid == null) + // { + // oid = TeleTrusTNamedCurves.getOID(name); + // } + // if (oid == null) + // { + // oid = ECGOST3410NamedCurves.getOID(name); + // } + // END android-removed } return oid; @@ -192,10 +198,12 @@ { params = NISTNamedCurves.getByOID(oid); } - if (params == null) - { - params = TeleTrusTNamedCurves.getByOID(oid); - } + // BEGIN android-removed + // if (params == null) + // { + // params = TeleTrusTNamedCurves.getByOID(oid); + // } + // END android-removed } return params; @@ -213,14 +221,16 @@ { name = NISTNamedCurves.getName(oid); } - if (name == null) - { - name = TeleTrusTNamedCurves.getName(oid); - } - if (name == null) - { - name = ECGOST3410NamedCurves.getName(oid); - } + // BEGIN android-removed + // if (name == null) + // { + // name = TeleTrusTNamedCurves.getName(oid); + // } + // if (name == null) + // { + // name = ECGOST3410NamedCurves.getName(oid); + // } + // END android-removed } return name; diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java 2011-09-08 21:28:49.000000000 +0000 @@ -24,20 +24,26 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DerivationFunction; import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; -import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; -import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; -import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; -import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; +// BEGIN android-removed +// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; +// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; +// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; +// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; +// END android-removed import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -import org.bouncycastle.crypto.params.MQVPrivateParameters; -import org.bouncycastle.crypto.params.MQVPublicParameters; +// BEGIN android-removed +// import org.bouncycastle.crypto.params.MQVPrivateParameters; +// import org.bouncycastle.crypto.params.MQVPublicParameters; +// END android-removed import org.bouncycastle.jce.interfaces.ECPrivateKey; import org.bouncycastle.jce.interfaces.ECPublicKey; -import org.bouncycastle.jce.interfaces.MQVPrivateKey; -import org.bouncycastle.jce.interfaces.MQVPublicKey; +// BEGIN android-removed +// import org.bouncycastle.jce.interfaces.MQVPrivateKey; +// import org.bouncycastle.jce.interfaces.MQVPublicKey; +// END android-removed /** * Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363 @@ -53,9 +59,11 @@ static { - Integer i128 = new Integer(128); - Integer i192 = new Integer(192); - Integer i256 = new Integer(256); + // BEGIN android-changed + Integer i128 = Integer.valueOf(128); + Integer i192 = Integer.valueOf(192); + Integer i256 = Integer.valueOf(256); + // END android-changed algorithms.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), i128); algorithms.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), i192); @@ -70,7 +78,9 @@ private BigInteger result; private ECDomainParameters parameters; private BasicAgreement agreement; - private DerivationFunction kdf; + // BEGIN android-removed + // private DerivationFunction kdf; + // END android-removed private byte[] bigIntToBytes( BigInteger r) @@ -85,7 +95,9 @@ { this.kaAlgorithm = kaAlgorithm; this.agreement = agreement; - this.kdf = kdf; + // BEGIN android-removed + // this.kdf = kdf; + // END android-removed } protected Key engineDoPhase( @@ -104,25 +116,27 @@ } CipherParameters pubKey; - if (agreement instanceof ECMQVBasicAgreement) - { - if (!(key instanceof MQVPublicKey)) - { - throw new InvalidKeyException(kaAlgorithm + " key agreement requires " - + getSimpleName(MQVPublicKey.class) + " for doPhase"); - } - - MQVPublicKey mqvPubKey = (MQVPublicKey)key; - ECPublicKeyParameters staticKey = (ECPublicKeyParameters) - ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); - ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) - ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); - - pubKey = new MQVPublicParameters(staticKey, ephemKey); - - // TODO Validate that all the keys are using the same parameters? - } - else + // BEGIN android-removed + // if (agreement instanceof ECMQVBasicAgreement) + // { + // if (!(key instanceof MQVPublicKey)) + // { + // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + // + getSimpleName(MQVPublicKey.class) + " for doPhase"); + // } + // + // MQVPublicKey mqvPubKey = (MQVPublicKey)key; + // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) + // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); + // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) + // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); + // + // pubKey = new MQVPublicParameters(staticKey, ephemKey); + // + // // TODO Validate that all the keys are using the same parameters? + // } + // else + // END android-removed { if (!(key instanceof ECPublicKey)) { @@ -143,11 +157,13 @@ protected byte[] engineGenerateSecret() throws IllegalStateException { - if (kdf != null) - { - throw new UnsupportedOperationException( - "KDF can only be used when algorithm is known"); - } + // BEGIN android-removed + // if (kdf != null) + // { + // throw new UnsupportedOperationException( + // "KDF can only be used when algorithm is known"); + // } + // END android-removed return bigIntToBytes(result); } @@ -175,23 +191,25 @@ { byte[] secret = bigIntToBytes(result); - if (kdf != null) - { - if (!algorithms.containsKey(algorithm)) - { - throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); - } - - int keySize = ((Integer)algorithms.get(algorithm)).intValue(); - - DHKDFParameters params = new DHKDFParameters(new DERObjectIdentifier(algorithm), keySize, secret); - - byte[] keyBytes = new byte[keySize / 8]; - kdf.init(params); - kdf.generateBytes(keyBytes, 0, keyBytes.length); - secret = keyBytes; - } - else + // BEGIN android-removed + // if (kdf != null) + // { + // if (!algorithms.containsKey(algorithm)) + // { + // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); + // } + // + // int keySize = ((Integer)algorithms.get(algorithm)).intValue(); + // + // DHKDFParameters params = new DHKDFParameters(new DERObjectIdentifier(algorithm), keySize, secret); + // + // byte[] keyBytes = new byte[keySize / 8]; + // kdf.init(params); + // kdf.generateBytes(keyBytes, 0, keyBytes.length); + // secret = keyBytes; + // } + // else + // END android-removed { // TODO Should we be ensuring the key is the right length? } @@ -219,35 +237,37 @@ private void initFromKey(Key key) throws InvalidKeyException { - if (agreement instanceof ECMQVBasicAgreement) - { - if (!(key instanceof MQVPrivateKey)) - { - throw new InvalidKeyException(kaAlgorithm + " key agreement requires " - + getSimpleName(MQVPrivateKey.class) + " for initialisation"); - } - - MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; - ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) - ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); - ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) - ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); - - ECPublicKeyParameters ephemPubKey = null; - if (mqvPrivKey.getEphemeralPublicKey() != null) - { - ephemPubKey = (ECPublicKeyParameters) - ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); - } - - MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); - this.parameters = staticPrivKey.getParameters(); - - // TODO Validate that all the keys are using the same parameters? - - agreement.init(localParams); - } - else + // BEGIN android-removed + // if (agreement instanceof ECMQVBasicAgreement) + // { + // if (!(key instanceof MQVPrivateKey)) + // { + // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); + // } + // + // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; + // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) + // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); + // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) + // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); + // + // ECPublicKeyParameters ephemPubKey = null; + // if (mqvPrivKey.getEphemeralPublicKey() != null) + // { + // ephemPubKey = (ECPublicKeyParameters) + // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); + // } + // + // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); + // this.parameters = staticPrivKey.getParameters(); + // + // // TODO Validate that all the keys are using the same parameters? + // + // agreement.init(localParams); + // } + // else + // END android-removed { if (!(key instanceof ECPrivateKey)) { @@ -278,39 +298,41 @@ } } - public static class DHC - extends KeyAgreement - { - public DHC() - { - super("ECDHC", new ECDHCBasicAgreement(), null); - } - } - - public static class MQV - extends KeyAgreement - { - public MQV() - { - super("ECMQV", new ECMQVBasicAgreement(), null); - } - } - - public static class DHwithSHA1KDF - extends KeyAgreement - { - public DHwithSHA1KDF() - { - super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); - } - } - - public static class MQVwithSHA1KDF - extends KeyAgreement - { - public MQVwithSHA1KDF() - { - super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); - } - } + // BEGIN android-removed + // public static class DHC + // extends KeyAgreement + // { + // public DHC() + // { + // super("ECDHC", new ECDHCBasicAgreement(), null); + // } + // } + // + // public static class MQV + // extends KeyAgreement + // { + // public MQV() + // { + // super("ECMQV", new ECMQVBasicAgreement(), null); + // } + // } + // + // public static class DHwithSHA1KDF + // extends KeyAgreement + // { + // public DHwithSHA1KDF() + // { + // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); + // } + // } + // + // public static class MQVwithSHA1KDF + // extends KeyAgreement + // { + // public MQVwithSHA1KDF() + // { + // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); + // } + // } + // END android-removed } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java 2011-09-08 21:28:49.000000000 +0000 @@ -10,10 +10,14 @@ import java.util.Hashtable; import org.bouncycastle.asn1.DERObjectIdentifier; -import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +// BEGIN android-removed +// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +// END android-removed import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.sec.SECNamedCurves; -import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// BEGIN android-removed +// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; +// END android-removed import org.bouncycastle.asn1.x9.X962NamedCurves; import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.crypto.AsymmetricCipherKeyPair; @@ -56,13 +60,15 @@ static { ecParameters = new Hashtable(); - ecParameters.put(new Integer(192), new ECGenParameterSpec("prime192v1")); // a.k.a P-192 - ecParameters.put(new Integer(239), new ECGenParameterSpec("prime239v1")); - ecParameters.put(new Integer(256), new ECGenParameterSpec("prime256v1")); // a.k.a P-256 - - ecParameters.put(new Integer(224), new ECGenParameterSpec("P-224")); - ecParameters.put(new Integer(384), new ECGenParameterSpec("P-384")); - ecParameters.put(new Integer(521), new ECGenParameterSpec("P-521")); + // BEGIN android-changed + ecParameters.put(Integer.valueOf(192), new ECGenParameterSpec("prime192v1")); // a.k.a P-192 + ecParameters.put(Integer.valueOf(239), new ECGenParameterSpec("prime239v1")); + ecParameters.put(Integer.valueOf(256), new ECGenParameterSpec("prime256v1")); // a.k.a P-256 + + ecParameters.put(Integer.valueOf(224), new ECGenParameterSpec("P-224")); + ecParameters.put(Integer.valueOf(384), new ECGenParameterSpec("P-384")); + ecParameters.put(Integer.valueOf(521), new ECGenParameterSpec("P-521")); + // END android-changed } public EC() @@ -83,8 +89,16 @@ SecureRandom random) { this.strength = strength; + // BEGIN android-added + if (random != null) { + // END android-added this.random = random; - this.ecParams = ecParameters.get(new Integer(strength)); + // BEGIN android-added + } + // END android-added + // BEGIN android-changed + this.ecParams = ecParameters.get(Integer.valueOf(strength)); + // END android-changed if (ecParams != null) { @@ -108,6 +122,11 @@ SecureRandom random) throws InvalidAlgorithmParameterException { + // BEGIN android-added + if (random == null) { + random = this.random; + } + // END android-added if (params instanceof ECParameterSpec) { ECParameterSpec p = (ECParameterSpec)params; @@ -135,23 +154,25 @@ { final String curveName = ((ECGenParameterSpec)params).getName(); - if (this.algorithm.equals("ECGOST3410")) - { - ECDomainParameters ecP = ECGOST3410NamedCurves.getByName(curveName); - if (ecP == null) - { - throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName); - } - - this.ecParams = new ECNamedCurveSpec( - curveName, - ecP.getCurve(), - ecP.getG(), - ecP.getN(), - ecP.getH(), - ecP.getSeed()); - } - else + // BEGIN android-removed + // if (this.algorithm.equals("ECGOST3410")) + // { + // ECDomainParameters ecP = ECGOST3410NamedCurves.getByName(curveName); + // if (ecP == null) + // { + // throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName); + // } + // + // this.ecParams = new ECNamedCurveSpec( + // curveName, + // ecP.getCurve(), + // ecP.getG(), + // ecP.getN(), + // ecP.getH(), + // ecP.getSeed()); + // } + // else + // END android-removed { X9ECParameters ecP = X962NamedCurves.getByName(curveName); if (ecP == null) @@ -161,10 +182,12 @@ { ecP = NISTNamedCurves.getByName(curveName); } - if (ecP == null) - { - ecP = TeleTrusTNamedCurves.getByName(curveName); - } + // BEGIN android-removed + // if (ecP == null) + // { + // ecP = TeleTrusTNamedCurves.getByName(curveName); + // } + // END android-removed if (ecP == null) { // See if it's actually an OID string (SunJSSE ServerHandshaker setupEphemeralECDHKeys bug) @@ -180,10 +203,12 @@ { ecP = NISTNamedCurves.getByOID(oid); } - if (ecP == null) - { - ecP = TeleTrusTNamedCurves.getByOID(oid); - } + // BEGIN android-removed + // if (ecP == null) + // { + // ecP = TeleTrusTNamedCurves.getByOID(oid); + // } + // END android-removed if (ecP == null) { throw new InvalidAlgorithmParameterException("unknown curve OID: " + curveName); @@ -239,7 +264,15 @@ { if (!initialised) { - throw new IllegalStateException("EC Key Pair Generator not initialised"); + // BEGIN android-removed + // throw new IllegalStateException("EC Key Pair Generator not initialised"); + // END android-removed + // BEGIN android-added + /* + * KeyPairGenerator documentation says that a default initialization must be provided + */ + initialize(192, random); + // END android-added } AsymmetricCipherKeyPair pair = engine.generateKeyPair(); @@ -279,14 +312,16 @@ } } - public static class ECGOST3410 - extends EC - { - public ECGOST3410() - { - super("ECGOST3410"); - } - } + // BEGIN android-removed + // public static class ECGOST3410 + // extends EC + // { + // public ECGOST3410() + // { + // super("ECGOST3410"); + // } + // } + // END android-removed public static class ECDH extends EC @@ -314,4 +349,4 @@ super("ECMQV"); } } -} \ No newline at end of file +} diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java 2011-09-08 21:28:49.000000000 +0000 @@ -18,15 +18,21 @@ import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; -import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.crypto.digests.SHA224Digest; +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.SHA224Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA256Digest; import org.bouncycastle.crypto.digests.SHA384Digest; import org.bouncycastle.crypto.digests.SHA512Digest; import org.bouncycastle.crypto.params.ParametersWithRandom; import org.bouncycastle.crypto.signers.ECDSASigner; -import org.bouncycastle.crypto.signers.ECNRSigner; +// BEGIN android-removed +// import org.bouncycastle.crypto.signers.ECNRSigner; +// END android-removed import org.bouncycastle.jce.interfaces.ECKey; import org.bouncycastle.jce.provider.DSABase; import org.bouncycastle.jce.provider.DSAEncoder; @@ -122,14 +128,16 @@ } } - static public class ecDSA224 - extends Signature - { - public ecDSA224() - { - super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); - } - } + // BEGIN android-removed + // static public class ecDSA224 + // extends Signature + // { + // public ecDSA224() + // { + // super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); + // } + // } + // END android-removed static public class ecDSA256 extends Signature @@ -158,86 +166,88 @@ } } - static public class ecDSARipeMD160 - extends Signature - { - public ecDSARipeMD160() - { - super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); - } - } - - static public class ecNR - extends Signature - { - public ecNR() - { - super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecNR224 - extends Signature - { - public ecNR224() - { - super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecNR256 - extends Signature - { - public ecNR256() - { - super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecNR384 - extends Signature - { - public ecNR384() - { - super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecNR512 - extends Signature - { - public ecNR512() - { - super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecCVCDSA - extends Signature - { - public ecCVCDSA() - { - super(new SHA1Digest(), new ECDSASigner(), new CVCDSAEncoder()); - } - } - - static public class ecCVCDSA224 - extends Signature - { - public ecCVCDSA224() - { - super(new SHA224Digest(), new ECDSASigner(), new CVCDSAEncoder()); - } - } - - static public class ecCVCDSA256 - extends Signature - { - public ecCVCDSA256() - { - super(new SHA256Digest(), new ECDSASigner(), new CVCDSAEncoder()); - } - } + // BEGIN android-removed + // static public class ecDSARipeMD160 + // extends Signature + // { + // public ecDSARipeMD160() + // { + // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR + // extends Signature + // { + // public ecNR() + // { + // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR224 + // extends Signature + // { + // public ecNR224() + // { + // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR256 + // extends Signature + // { + // public ecNR256() + // { + // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR384 + // extends Signature + // { + // public ecNR384() + // { + // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR512 + // extends Signature + // { + // public ecNR512() + // { + // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecCVCDSA + // extends Signature + // { + // public ecCVCDSA() + // { + // super(new SHA1Digest(), new ECDSASigner(), new CVCDSAEncoder()); + // } + // } + // + // static public class ecCVCDSA224 + // extends Signature + // { + // public ecCVCDSA224() + // { + // super(new SHA224Digest(), new ECDSASigner(), new CVCDSAEncoder()); + // } + // } + // + // static public class ecCVCDSA256 + // extends Signature + // { + // public ecCVCDSA256() + // { + // super(new SHA256Digest(), new ECDSASigner(), new CVCDSAEncoder()); + // } + // } + // END android-removed private static class StdDSAEncoder implements DSAEncoder @@ -331,4 +341,4 @@ return sig; } } -} \ No newline at end of file +} diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/AES.java bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/AES.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/AES.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/AES.java 2011-09-08 21:28:49.000000000 +0000 @@ -13,8 +13,10 @@ import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.engines.AESFastEngine; import org.bouncycastle.crypto.engines.AESWrapEngine; -import org.bouncycastle.crypto.engines.RFC3211WrapEngine; -import org.bouncycastle.crypto.macs.CMac; +// BEGIN android-removed +// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; +// import org.bouncycastle.crypto.macs.CMac; +// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.OFBBlockCipher; @@ -41,41 +43,43 @@ } } - public static class CBC - extends JCEBlockCipher - { - public CBC() - { - super(new CBCBlockCipher(new AESFastEngine()), 128); - } - } - - static public class CFB - extends JCEBlockCipher - { - public CFB() - { - super(new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 128)), 128); - } - } - - static public class OFB - extends JCEBlockCipher - { - public OFB() - { - super(new BufferedBlockCipher(new OFBBlockCipher(new AESFastEngine(), 128)), 128); - } - } - - public static class AESCMAC - extends JCEMac - { - public AESCMAC() - { - super(new CMac(new AESFastEngine())); - } - } + // BEGIN android-removed + // public static class CBC + // extends JCEBlockCipher + // { + // public CBC() + // { + // super(new CBCBlockCipher(new AESFastEngine()), 128); + // } + // } + // + // static public class CFB + // extends JCEBlockCipher + // { + // public CFB() + // { + // super(new BufferedBlockCipher(new CFBBlockCipher(new AESFastEngine(), 128)), 128); + // } + // } + // + // static public class OFB + // extends JCEBlockCipher + // { + // public OFB() + // { + // super(new BufferedBlockCipher(new OFBBlockCipher(new AESFastEngine(), 128)), 128); + // } + // } + // + // public static class AESCMAC + // extends JCEMac + // { + // public AESCMAC() + // { + // super(new CMac(new AESFastEngine())); + // } + // } + // END android-removed static public class Wrap extends WrapCipherSpi @@ -86,14 +90,16 @@ } } - public static class RFC3211Wrap - extends WrapCipherSpi - { - public RFC3211Wrap() - { - super(new RFC3211WrapEngine(new AESFastEngine()), 16); - } - } + // BEGIN android-removed + // public static class RFC3211Wrap + // extends WrapCipherSpi + // { + // public RFC3211Wrap() + // { + // super(new RFC3211WrapEngine(new AESFastEngine()), 16); + // } + // } + // END android-removed public static class KeyGen extends JCEKeyGenerator @@ -109,70 +115,72 @@ } } - public static class KeyGen128 - extends KeyGen - { - public KeyGen128() - { - super(128); - } - } - - public static class KeyGen192 - extends KeyGen - { - public KeyGen192() - { - super(192); - } - } - - public static class KeyGen256 - extends KeyGen - { - public KeyGen256() - { - super(256); - } - } - - public static class AlgParamGen - extends JDKAlgorithmParameterGenerator - { - protected void engineInit( - AlgorithmParameterSpec genParamSpec, - SecureRandom random) - throws InvalidAlgorithmParameterException - { - throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - } - - protected AlgorithmParameters engineGenerateParameters() - { - byte[] iv = new byte[16]; - - if (random == null) - { - random = new SecureRandom(); - } - - random.nextBytes(iv); - - AlgorithmParameters params; - - try - { - params = AlgorithmParameters.getInstance("AES", BouncyCastleProvider.PROVIDER_NAME); - params.init(new IvParameterSpec(iv)); - } - catch (Exception e) - { - throw new RuntimeException(e.getMessage()); - } - - return params; - } - } + // BEGIN android-removed + // public static class KeyGen128 + // extends KeyGen + // { + // public KeyGen128() + // { + // super(128); + // } + // } + // + // public static class KeyGen192 + // extends KeyGen + // { + // public KeyGen192() + // { + // super(192); + // } + // } + // + // public static class KeyGen256 + // extends KeyGen + // { + // public KeyGen256() + // { + // super(256); + // } + // } + // + // public static class AlgParamGen + // extends JDKAlgorithmParameterGenerator + // { + // protected void engineInit( + // AlgorithmParameterSpec genParamSpec, + // SecureRandom random) + // throws InvalidAlgorithmParameterException + // { + // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + // } + // + // protected AlgorithmParameters engineGenerateParameters() + // { + // byte[] iv = new byte[16]; + // + // if (random == null) + // { + // random = new SecureRandom(); + // } + // + // random.nextBytes(iv); + // + // AlgorithmParameters params; + // + // try + // { + // params = AlgorithmParameters.getInstance("AES", BouncyCastleProvider.PROVIDER_NAME); + // params.init(new IvParameterSpec(iv)); + // } + // catch (Exception e) + // { + // throw new RuntimeException(e.getMessage()); + // } + // + // return params; + // } + // } + // END android-removed public static class AlgParams extends JDKAlgorithmParameters.IVAlgorithmParameters @@ -205,58 +213,66 @@ put("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); put("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); - put("AlgorithmParameterGenerator.AES", "org.bouncycastle.jce.provider.symmetric.AES$AlgParamGen"); - put("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); - put("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); - put("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); - put("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); - put("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); - put("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); + // BEGIN android-removed + // put("AlgorithmParameterGenerator.AES", "org.bouncycastle.jce.provider.symmetric.AES$AlgParamGen"); + // put("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); + // put("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); + // put("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); + // put("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); + // put("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); + // put("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); + // END android-removed put("Cipher.AES", "org.bouncycastle.jce.provider.symmetric.AES$ECB"); put("Alg.Alias.Cipher." + wrongAES128, "AES"); put("Alg.Alias.Cipher." + wrongAES192, "AES"); put("Alg.Alias.Cipher." + wrongAES256, "AES"); - put("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, "org.bouncycastle.jce.provider.symmetric.AES$ECB"); - put("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, "org.bouncycastle.jce.provider.symmetric.AES$ECB"); - put("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, "org.bouncycastle.jce.provider.symmetric.AES$ECB"); - put("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, "org.bouncycastle.jce.provider.symmetric.AES$CBC"); - put("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, "org.bouncycastle.jce.provider.symmetric.AES$CBC"); - put("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, "org.bouncycastle.jce.provider.symmetric.AES$CBC"); - put("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, "org.bouncycastle.jce.provider.symmetric.AES$OFB"); - put("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, "org.bouncycastle.jce.provider.symmetric.AES$OFB"); - put("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, "org.bouncycastle.jce.provider.symmetric.AES$OFB"); - put("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, "org.bouncycastle.jce.provider.symmetric.AES$CFB"); - put("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, "org.bouncycastle.jce.provider.symmetric.AES$CFB"); - put("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, "org.bouncycastle.jce.provider.symmetric.AES$CFB"); + // BEGIN android-removed + // put("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, "org.bouncycastle.jce.provider.symmetric.AES$ECB"); + // put("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, "org.bouncycastle.jce.provider.symmetric.AES$ECB"); + // put("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, "org.bouncycastle.jce.provider.symmetric.AES$ECB"); + // put("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, "org.bouncycastle.jce.provider.symmetric.AES$CBC"); + // put("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, "org.bouncycastle.jce.provider.symmetric.AES$CBC"); + // put("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, "org.bouncycastle.jce.provider.symmetric.AES$CBC"); + // put("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, "org.bouncycastle.jce.provider.symmetric.AES$OFB"); + // put("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, "org.bouncycastle.jce.provider.symmetric.AES$OFB"); + // put("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, "org.bouncycastle.jce.provider.symmetric.AES$OFB"); + // put("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, "org.bouncycastle.jce.provider.symmetric.AES$CFB"); + // put("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, "org.bouncycastle.jce.provider.symmetric.AES$CFB"); + // put("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, "org.bouncycastle.jce.provider.symmetric.AES$CFB"); + // END android-removed put("Cipher.AESWRAP", "org.bouncycastle.jce.provider.symmetric.AES$Wrap"); put("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP"); put("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP"); put("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); - put("Cipher.AESRFC3211WRAP", "org.bouncycastle.jce.provider.symmetric.AES$RFC3211Wrap"); + // BEGIN android-removed + // put("Cipher.AESRFC3211WRAP", "org.bouncycastle.jce.provider.symmetric.AES$RFC3211Wrap"); + // END android-removed put("KeyGenerator.AES", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen"); - put("KeyGenerator.2.16.840.1.101.3.4.2", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); - put("KeyGenerator.2.16.840.1.101.3.4.22", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); - put("KeyGenerator.2.16.840.1.101.3.4.42", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); - put("KeyGenerator.AESWRAP", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); - put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); - - put("Mac.AESCMAC", "org.bouncycastle.jce.provider.symmetric.AES$AESCMAC"); + // BEGIN android-removed + // put("KeyGenerator.2.16.840.1.101.3.4.2", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); + // put("KeyGenerator.2.16.840.1.101.3.4.22", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); + // put("KeyGenerator.2.16.840.1.101.3.4.42", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); + // put("KeyGenerator.AESWRAP", "org.bouncycastle.jce.provider.symmetric.AES$KeyGen"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen128"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen192"); + // put("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, "org.bouncycastle.jce.provider.symmetric.AES$KeyGen256"); + // + // put("Mac.AESCMAC", "org.bouncycastle.jce.provider.symmetric.AES$AESCMAC"); + // END android-removed } } } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/ARC4.java bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/ARC4.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/ARC4.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/ARC4.java 2011-09-08 21:28:49.000000000 +0000 @@ -27,7 +27,9 @@ { public KeyGen() { - super("RC4", 128, new CipherKeyGenerator()); + // BEGIN android-changed + super("ARC4", 128, new CipherKeyGenerator()); + // END android-changed } } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/Blowfish.java bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/Blowfish.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/Blowfish.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/Blowfish.java 2011-09-08 21:28:49.000000000 +0000 @@ -57,7 +57,9 @@ public Mappings() { put("Cipher.BLOWFISH", "org.bouncycastle.jce.provider.symmetric.Blowfish$ECB"); - put("Cipher.1.3.6.1.4.1.3029.1.2", "org.bouncycastle.jce.provider.symmetric.Blowfish$CBC"); + // BEGIN android-removed + // put("Cipher.1.3.6.1.4.1.3029.1.2", "org.bouncycastle.jce.provider.symmetric.Blowfish$CBC"); + // END android-removed put("KeyGenerator.BLOWFISH", "org.bouncycastle.jce.provider.symmetric.Blowfish$KeyGen"); put("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH"); put("AlgorithmParameters.BLOWFISH", "org.bouncycastle.jce.provider.symmetric.Blowfish$AlgParams"); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/DESede.java bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/DESede.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/DESede.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/DESede.java 2011-09-08 21:28:49.000000000 +0000 @@ -14,11 +14,15 @@ import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.engines.DESedeEngine; import org.bouncycastle.crypto.engines.DESedeWrapEngine; -import org.bouncycastle.crypto.engines.RFC3211WrapEngine; +// BEGIN android-removed +// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; +// END android-removed import org.bouncycastle.crypto.generators.DESedeKeyGenerator; import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -import org.bouncycastle.crypto.macs.CFBBlockCipherMac; -import org.bouncycastle.crypto.macs.CMac; +// BEGIN android-removed +// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; +// import org.bouncycastle.crypto.macs.CMac; +// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.paddings.ISO7816d4Padding; import org.bouncycastle.jce.provider.JCEBlockCipher; @@ -51,17 +55,19 @@ } } - /** - * DESede CFB8 - */ - public static class DESedeCFB8 - extends JCEMac - { - public DESedeCFB8() - { - super(new CFBBlockCipherMac(new DESedeEngine())); - } - } + // BEGIN android-removed + // /** + // * DESede CFB8 + // */ + // public static class DESedeCFB8 + // extends JCEMac + // { + // public DESedeCFB8() + // { + // super(new CFBBlockCipherMac(new DESedeEngine())); + // } + // } + // END android-removed /** * DESede64 @@ -96,14 +102,16 @@ } } - static public class CMAC - extends JCEMac - { - public CMAC() - { - super(new CMac(new DESedeEngine())); - } - } + // BEGIN android-removed + // static public class CMAC + // extends JCEMac + // { + // public CMAC() + // { + // super(new CMac(new DESedeEngine())); + // } + // } + // END android-removed public static class Wrap extends WrapCipherSpi @@ -114,14 +122,16 @@ } } - public static class RFC3211 - extends WrapCipherSpi - { - public RFC3211() - { - super(new RFC3211WrapEngine(new DESedeEngine()), 8); - } - } + // BEGIN android-removed + // public static class RFC3211 + // extends WrapCipherSpi + // { + // public RFC3211() + // { + // super(new RFC3211WrapEngine(new DESedeEngine()), 8); + // } + // } + // END android-removed /** * DESede - the default for this is to generate a key in @@ -262,32 +272,42 @@ public Mappings() { put("Cipher.DESEDE", "org.bouncycastle.jce.provider.symmetric.DESede$ECB"); - put("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, "org.bouncycastle.jce.provider.symmetric.DESede$CBC"); - put("Cipher." + OIWObjectIdentifiers.desCBC, "org.bouncycastle.jce.provider.symmetric.DESede$CBC"); + // BEGIN android-removed + // put("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, "org.bouncycastle.jce.provider.symmetric.DESede$CBC"); + // put("Cipher." + OIWObjectIdentifiers.desCBC, "org.bouncycastle.jce.provider.symmetric.DESede$CBC"); + // END android-removed put("Cipher.DESEDEWRAP", "org.bouncycastle.jce.provider.symmetric.DESede$Wrap"); - put("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "org.bouncycastle.jce.provider.symmetric.DESede$Wrap"); - put("Cipher.DESEDERFC3211WRAP", "org.bouncycastle.jce.provider.symmetric.DESede$RFC3211"); + // BEGIN android-changed + put("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); + // END android-changed + // BEGIN android-removed + // put("Cipher.DESEDERFC3211WRAP", "org.bouncycastle.jce.provider.symmetric.DESede$RFC3211"); + // END android-removed put("KeyGenerator.DESEDE", "org.bouncycastle.jce.provider.symmetric.DESede$KeyGenerator"); - put("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "org.bouncycastle.jce.provider.symmetric.DESede$KeyGenerator3"); - put("KeyGenerator.DESEDEWRAP", "org.bouncycastle.jce.provider.symmetric.DESede$KeyGenerator"); + // BEGIN android-removed + // put("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "org.bouncycastle.jce.provider.symmetric.DESede$KeyGenerator3"); + // put("KeyGenerator.DESEDEWRAP", "org.bouncycastle.jce.provider.symmetric.DESede$KeyGenerator"); + // END android-removed put("SecretKeyFactory.DESEDE", "org.bouncycastle.jce.provider.symmetric.DESede$KeyFactory"); - put("Mac.DESEDECMAC", "org.bouncycastle.jce.provider.symmetric.DESede$CMAC"); - put("Mac.DESEDEMAC", "org.bouncycastle.jce.provider.symmetric.DESede$CBCMAC"); - put("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); - - put("Mac.DESEDEMAC/CFB8", "org.bouncycastle.jce.provider.symmetric.DESede$DESedeCFB8"); - put("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); - - put("Mac.DESEDEMAC64", "org.bouncycastle.jce.provider.symmetric.DESede$DESede64"); - put("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); - - put("Mac.DESEDEMAC64WITHISO7816-4PADDING", "org.bouncycastle.jce.provider.symmetric.DESede$DESede64with7816d4"); - put("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - put("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - put("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + // BEGIN android-removed + // put("Mac.DESEDECMAC", "org.bouncycastle.jce.provider.symmetric.DESede$CMAC"); + // put("Mac.DESEDEMAC", "org.bouncycastle.jce.provider.symmetric.DESede$CBCMAC"); + // put("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); + // + // put("Mac.DESEDEMAC/CFB8", "org.bouncycastle.jce.provider.symmetric.DESede$DESedeCFB8"); + // put("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); + // + // put("Mac.DESEDEMAC64", "org.bouncycastle.jce.provider.symmetric.DESede$DESede64"); + // put("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); + // + // put("Mac.DESEDEMAC64WITHISO7816-4PADDING", "org.bouncycastle.jce.provider.symmetric.DESede$DESede64with7816d4"); + // put("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + // put("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + // put("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + // END android-removed } } } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/openssl/PEMUtilities.java bcprov-jdk16-146/org/bouncycastle/openssl/PEMUtilities.java --- bcprov-jdk16-146.orig/org/bouncycastle/openssl/PEMUtilities.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/openssl/PEMUtilities.java 2011-09-08 21:28:50.000000000 +0000 @@ -45,10 +45,12 @@ PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes192_CBC); PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes256_CBC); - KEYSIZES.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), new Integer(192)); - KEYSIZES.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), new Integer(128)); - KEYSIZES.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), new Integer(192)); - KEYSIZES.put(NISTObjectIdentifiers.id_aes256_CBC.getId(), new Integer(256)); + // BEGIN android-changed + KEYSIZES.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), Integer.valueOf(192)); + KEYSIZES.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), Integer.valueOf(128)); + KEYSIZES.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), Integer.valueOf(192)); + KEYSIZES.put(NISTObjectIdentifiers.id_aes256_CBC.getId(), Integer.valueOf(256)); + // END android-changed } static int getKeySize(String algorithm) diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk16-146/org/bouncycastle/x509/X509Util.java --- bcprov-jdk16-146.orig/org/bouncycastle/x509/X509Util.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/x509/X509Util.java 2011-09-08 21:28:50.000000000 +0000 @@ -44,14 +44,18 @@ static { - algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); - algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); + // BEGIN android-removed + // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); + // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); + // END android-removed algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption); - algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); - algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); + // BEGIN android-removed + // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); + // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); + // END android-removed algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); @@ -59,45 +63,59 @@ algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); - algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); + // BEGIN android-removed + // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); + // END android-removed algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); - algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + // BEGIN android-removed + // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); + // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); + // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); + // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); + // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + // END android-removed algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); - algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); + // BEGIN android-removed + // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); + // END android-removed algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); + // BEGIN android-removed + // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); + // END android-removed algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); - algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // BEGIN android-removed + // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); + // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); + // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // END android-removed // // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. // The parameters field SHALL be NULL for RSA based signature algorithms. // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); + // BEGIN android-removed + // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); + // END android-removed noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); - noParams.add(NISTObjectIdentifiers.dsa_with_sha224); + // BEGIN android-removed + // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); + // END android-removed noParams.add(NISTObjectIdentifiers.dsa_with_sha256); noParams.add(NISTObjectIdentifiers.dsa_with_sha384); noParams.add(NISTObjectIdentifiers.dsa_with_sha512); @@ -105,25 +123,39 @@ // // RFC 4491 // - noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); - noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // BEGIN android-removed + // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); + // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + // END android-removed // // explicit params // - AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, new DERNull()); + // BEGIN android-changed + AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); + // END android-changed params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); - AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, new DERNull()); - params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); - - AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, new DERNull()); + // BEGIN android-removed + // // BEGIN android-changed + // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); + // // END android-changed + // params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); + // END android-removed + + // BEGIN android-changed + AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); + // END android-changed params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); - AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, new DERNull()); + // BEGIN android-changed + AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE); + // END android-changed params.put("SHA384WITHRSAANDMGF1", creatPSSParams(sha384AlgId, 48)); - AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, new DERNull()); + // BEGIN android-changed + AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE); + // END android-changed params.put("SHA512WITHRSAANDMGF1", creatPSSParams(sha512AlgId, 64)); } @@ -166,7 +198,9 @@ } else { - return new AlgorithmIdentifier(sigOid, new DERNull()); + // BEGIN android-changed + return new AlgorithmIdentifier(sigOid, DERNull.INSTANCE); + // END android-changed } } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/x509/extension/X509ExtensionUtil.java bcprov-jdk16-146/org/bouncycastle/x509/extension/X509ExtensionUtil.java --- bcprov-jdk16-146.orig/org/bouncycastle/x509/extension/X509ExtensionUtil.java 2011-02-23 20:08:56.000000000 +0000 +++ bcprov-jdk16-146/org/bouncycastle/x509/extension/X509ExtensionUtil.java 2011-09-08 21:28:50.000000000 +0000 @@ -62,7 +62,9 @@ { GeneralName genName = GeneralName.getInstance(it.nextElement()); List list = new ArrayList(); - list.add(new Integer(genName.getTagNo())); + // BEGIN android-changed + list.add(Integer.valueOf(genName.getTagNo())); + // END android-changed switch (genName.getTagNo()) { case GeneralName.ediPartyName: