Merge "Do not accept null password in PKCS12KeyStoreSpi#engineStore." am: 28da8c1313 am: b4d2aa4fad am: 07ef9e0b31

Original change: https://android-review.googlesource.com/c/platform/external/bouncycastle/+/1622887 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I4680afa52638dab0713bcc3bec06a00538698df4
author: Almaz Mingaleev <mingaleev@google.com> 2021-03-11 14:09:01 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2021-03-11 14:09:01 +0000
commit: f2ec5d302db2eadf0969012f0d5ac79d6a0e7e23 (patch)
tree: 24da872ed32f4dfea62eadb36ad0bce3f265df8d
parent: 43342253fe7278755a0f9fe1960c1d0df61cbc6c (diff)
parent: 07ef9e0b318b5d69e33853ce6f6b1d3e3869f3a4 (diff)
download: bouncycastle-f2ec5d302db2eadf0969012f0d5ac79d6a0e7e23.tar.gz
3 files changed, 33 insertions, 0 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index 4969e8a3..4c3e480d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -1306,6 +1306,14 @@ public class PKCS12KeyStoreSpi
     private void doStore(OutputStream stream, char[] password, boolean useDEREncoding)
         throws IOException
     {
+        // BEGIN Android-changed: Upstream allows null passwords, but we maintain historical Android
+        // behaviour.
+        // See CtsKeystoreTestCases:android.keystore.cts.KeyStoreTest
+        if (password == null)
+        {
+            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
+        }
+        /*
         if (keys.size() == 0)
         {
             if (password == null)
@@ -1358,6 +1366,9 @@ public class PKCS12KeyStoreSpi
                 throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
             }
         }
+        */
+        // END Android-changed: Upstream allows null passwords, but we maintain historical Android
+        // behaviour.
 
         //
         // handle the key
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index f53f8df0..fb5f2fdd 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -1310,6 +1310,14 @@ public class PKCS12KeyStoreSpi
     private void doStore(OutputStream stream, char[] password, boolean useDEREncoding)
         throws IOException
     {
+        // BEGIN Android-changed: Upstream allows null passwords, but we maintain historical Android
+        // behaviour.
+        // See CtsKeystoreTestCases:android.keystore.cts.KeyStoreTest
+        if (password == null)
+        {
+            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
+        }
+        /*
         if (keys.size() == 0)
         {
             if (password == null)
@@ -1362,6 +1370,9 @@ public class PKCS12KeyStoreSpi
                 throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
             }
         }
+        */
+        // END Android-changed: Upstream allows null passwords, but we maintain historical Android
+        // behaviour.
 
         //
         // handle the key
diff --git a/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index 0b4e2d90..d5897959 100644
--- a/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -1310,6 +1310,14 @@ public class PKCS12KeyStoreSpi
     private void doStore(OutputStream stream, char[] password, boolean useDEREncoding)
         throws IOException
     {
+        // BEGIN Android-changed: Upstream allows null passwords, but we maintain historical Android
+        // behaviour.
+        // See CtsKeystoreTestCases:android.keystore.cts.KeyStoreTest
+        if (password == null)
+        {
+            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
+        }
+        /*
         if (keys.size() == 0)
         {
             if (password == null)
@@ -1362,6 +1370,9 @@ public class PKCS12KeyStoreSpi
                 throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
             }
         }
+        */
+        // END Android-changed: Upstream allows null passwords, but we maintain historical Android
+        // behaviour.
 
         //
         // handle the key
author	Almaz Mingaleev <mingaleev@google.com>	2021-03-11 14:09:01 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2021-03-11 14:09:01 +0000
commit	f2ec5d302db2eadf0969012f0d5ac79d6a0e7e23 (patch)
tree	24da872ed32f4dfea62eadb36ad0bce3f265df8d
parent	43342253fe7278755a0f9fe1960c1d0df61cbc6c (diff)
parent	07ef9e0b318b5d69e33853ce6f6b1d3e3869f3a4 (diff)
download	bouncycastle-f2ec5d302db2eadf0969012f0d5ac79d6a0e7e23.tar.gz