Snap for 8570526 from b7454c366ffd804c3df4e2c4889e6b9bb7d80d88 to mainline-scheduling-releaseaml_sch_331113000aml_sch_331111000android13-mainline-scheduling-release

Change-Id: I12a0cbdac1f201954ac17d3a4f5198b0096c3049

5 files changed, 179 insertions, 1 deletions

diff --git a/Android.bp b/Android.bp
index aefddc2c..5ac17917 100644
--- a/Android.bp
+++ b/Android.bp
@@ -147,6 +147,7 @@ unbundled_visibility = [
     "//external/robolectric-shadows/robolectric",
     "//external/robolectric-shadows/shadows/supportv4",
     "//external/robolectric-shadows/shadows/httpclient",
+    "//external/wycheproof",
     "//frameworks/opt/net/wifi/service",
     "//frameworks/opt/net/wifi/tests/wifitests",
     "//packages/apps/CertInstaller",
@@ -157,6 +158,7 @@ unbundled_visibility = [
     "//packages/modules/Wifi/service/tests/wifitests",
     "//libcore",
     "//system/extras/verity",
+    "//system/security/identity/util",
     "//tools/security/remote_provisioning/attestation_testing",
     "//vendor:__subpackages__",
 ]
@@ -251,3 +253,26 @@ java_library {
     ],
     sdk_version: "core_current",
 }
+
+// Bouncycastle for use by packages/modules/ExtServices project.
+//
+// Excludes directories not needed for ASN1*.java and X509* sources.
+//
+java_library {
+    name: "bouncycastle-extservices-asn",
+    visibility: [
+        "//packages/modules/ExtServices",
+    ],
+    apex_available: [
+        "com.android.extservices",
+        "test_com.android.extservices",
+    ],
+    srcs: [
+        "bcprov/src/main/java/org/bouncycastle/**/*.java",
+    ],
+    exclude_srcs: [
+        "bcprov/src/main/java/org/bouncycastle/asn1/ocsp/**/*.java",
+        "bcprov/src/main/java/org/bouncycastle/iana/**/*.java",
+    ],
+    sdk_version: "core_current",
+}
diff --git a/OWNERS b/OWNERS
index 1a1bcd9f..73617ea1 100644
--- a/OWNERS
+++ b/OWNERS
@@ -1,2 +1,2 @@
 # Bug component: 684135
-include platform/external/conscrypt:/OWNERS
+include platform/libcore:/OWNERS
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
index 2c439f4e..5ec21c8b 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
@@ -931,6 +931,33 @@ public class BcKeyStoreSpi
         dOut.close();
     }
 
+    // BEGIN Android-added: new API for KeyStore probing.
+    /**
+     * Probe the first few bytes of the keystore data stream for a valid
+     * keystore encoding. Only the primary keystore implementation is probed.
+     */
+    public boolean engineProbe(InputStream stream) throws IOException {
+        if (stream == null) {
+            throw new NullPointerException("input stream must not be null");
+        }
+        DataInputStream     dIn = new DataInputStream(stream);
+        int                 version = dIn.readInt();
+
+        if (version != STORE_VERSION) {
+            if (version != 0 && version != 1) {
+                return false;
+            }
+        }
+        byte[]      salt = new byte[dIn.readInt()];
+
+        if (salt.length != STORE_SALT_SIZE) {
+            return false;
+        }
+
+        return true;
+    }
+    // END Android-added: new API for KeyStore probing.
+
     /**
      * the BouncyCastle store. This wont work with the key tool as the
      * store is stored encrypted on disk, so the password is mandatory,
@@ -1050,6 +1077,30 @@ public class BcKeyStoreSpi
     
             cOut.close();
         }
+
+        // BEGIN Android-added: new API for KeyStore probing.
+        @Override
+        public boolean engineProbe(InputStream stream) throws IOException {
+            if (stream == null) {
+                throw new NullPointerException("input stream must not be null");
+            }
+            DataInputStream     dIn = new DataInputStream(stream);
+            int                 version = dIn.readInt();
+
+            if (version != STORE_VERSION) {
+                if (version != 0 && version != 1) {
+                    return false;
+                }
+            }
+            byte[]      salt = new byte[dIn.readInt()];
+
+            if (salt.length != STORE_SALT_SIZE) {
+                return false;
+            }
+
+            return true;
+        }
+        // END Android-added: new API for KeyStore probing.
     }
 
     public static class Std
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
index 44faf7db..9605cedd 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
@@ -935,6 +935,33 @@ public class BcKeyStoreSpi
         dOut.close();
     }
 
+    // BEGIN Android-added: new API for KeyStore probing.
+    /**
+     * Probe the first few bytes of the keystore data stream for a valid
+     * keystore encoding. Only the primary keystore implementation is probed.
+     */
+    public boolean engineProbe(InputStream stream) throws IOException {
+        if (stream == null) {
+            throw new NullPointerException("input stream must not be null");
+        }
+        DataInputStream     dIn = new DataInputStream(stream);
+        int                 version = dIn.readInt();
+
+        if (version != STORE_VERSION) {
+            if (version != 0 && version != 1) {
+                return false;
+            }
+        }
+        byte[]      salt = new byte[dIn.readInt()];
+
+        if (salt.length != STORE_SALT_SIZE) {
+            return false;
+        }
+
+        return true;
+    }
+    // END Android-added: new API for KeyStore probing.
+
     /**
      * the BouncyCastle store. This wont work with the key tool as the
      * store is stored encrypted on disk, so the password is mandatory,
@@ -1055,6 +1082,30 @@ public class BcKeyStoreSpi
     
             cOut.close();
         }
+
+        // BEGIN Android-added: new API for KeyStore probing.
+        @Override
+        public boolean engineProbe(InputStream stream) throws IOException {
+            if (stream == null) {
+                throw new NullPointerException("input stream must not be null");
+            }
+            DataInputStream     dIn = new DataInputStream(stream);
+            int                 version = dIn.readInt();
+
+            if (version != STORE_VERSION) {
+                if (version != 0 && version != 1) {
+                    return false;
+                }
+            }
+            byte[]      salt = new byte[dIn.readInt()];
+
+            if (salt.length != STORE_SALT_SIZE) {
+                return false;
+            }
+
+            return true;
+        }
+        // END Android-added: new API for KeyStore probing.
     }
 
     /**
diff --git a/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java b/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
index 44be654a..6c2c25b0 100644
--- a/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
+++ b/repackaged_platform/bcprov/src/main/java/com/android/internal/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
@@ -935,6 +935,33 @@ public class BcKeyStoreSpi
         dOut.close();
     }
 
+    // BEGIN Android-added: new API for KeyStore probing.
+    /**
+     * Probe the first few bytes of the keystore data stream for a valid
+     * keystore encoding. Only the primary keystore implementation is probed.
+     */
+    public boolean engineProbe(InputStream stream) throws IOException {
+        if (stream == null) {
+            throw new NullPointerException("input stream must not be null");
+        }
+        DataInputStream     dIn = new DataInputStream(stream);
+        int                 version = dIn.readInt();
+
+        if (version != STORE_VERSION) {
+            if (version != 0 && version != 1) {
+                return false;
+            }
+        }
+        byte[]      salt = new byte[dIn.readInt()];
+
+        if (salt.length != STORE_SALT_SIZE) {
+            return false;
+        }
+
+        return true;
+    }
+    // END Android-added: new API for KeyStore probing.
+
     /**
      * the BouncyCastle store. This wont work with the key tool as the
      * store is stored encrypted on disk, so the password is mandatory,
@@ -1055,6 +1082,30 @@ public class BcKeyStoreSpi
     
             cOut.close();
         }
+
+        // BEGIN Android-added: new API for KeyStore probing.
+        @Override
+        public boolean engineProbe(InputStream stream) throws IOException {
+            if (stream == null) {
+                throw new NullPointerException("input stream must not be null");
+            }
+            DataInputStream     dIn = new DataInputStream(stream);
+            int                 version = dIn.readInt();
+
+            if (version != STORE_VERSION) {
+                if (version != 0 && version != 1) {
+                    return false;
+                }
+            }
+            byte[]      salt = new byte[dIn.readInt()];
+
+            if (salt.length != STORE_SALT_SIZE) {
+                return false;
+            }
+
+            return true;
+        }
+        // END Android-added: new API for KeyStore probing.
     }
 
     /**