diff options
author | Kenny Root <kroot@google.com> | 2015-05-11 17:18:51 -0700 |
---|---|---|
committer | Kenny Root <kroot@google.com> | 2015-05-13 10:46:17 -0700 |
commit | 5807a4a5f96af3fca8def98793f25fcdad00c6cf (patch) | |
tree | 8ba59018667697d449b7819b1668f8b806ee82ac | |
parent | 367fb0bc4adc380cbe1f1a82c2a975dbf834be4c (diff) | |
download | bouncycastle-5807a4a5f96af3fca8def98793f25fcdad00c6cf.tar.gz |
Change Bouncycastle default AES key size to 128
The default of 192 bit keys was the worst of all choices. 128-bit
runs faster on mobile devices.
(cherry picked from commit ac2a5751dc9578b1f2a8d99906e435993d36c8d6)
Bug: 21085656
Change-Id: Ie4d15ea35e46a157f8c0d43a91e699135e2c58d1
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java | 4 | ||||
-rw-r--r-- | patches/bcprov.patch | 23 |
2 files changed, 20 insertions, 7 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java index 630a3ca2..00b80aa3 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java @@ -208,7 +208,9 @@ public final class AES { public KeyGen() { - this(192); + // BEGIN android-changed + this(128); + // END android-changed } public KeyGen(int keySize) diff --git a/patches/bcprov.patch b/patches/bcprov.patch index cf0cb72e..e4009acb 100644 --- a/patches/bcprov.patch +++ b/patches/bcprov.patch @@ -4290,7 +4290,18 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AE /** * PBEWithAES-CBC -@@ -199,32 +217,34 @@ +@@ -190,7 +208,9 @@ + { + public KeyGen() + { +- this(192); ++ // BEGIN android-changed ++ this(128); ++ // END android-changed + } + + public KeyGen(int keySize) +@@ -199,32 +219,34 @@ } } @@ -4351,7 +4362,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AE /** * PBEWithSHA1And128BitAES-BC -@@ -334,119 +354,121 @@ +@@ -334,119 +356,121 @@ } } @@ -4586,7 +4597,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AE public static class AlgParams extends IvAlgorithmParameters -@@ -545,80 +567,82 @@ +@@ -545,80 +569,82 @@ } } @@ -4743,7 +4754,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AE public static class Mappings extends SymmetricAlgorithmProvider -@@ -652,58 +676,63 @@ +@@ -652,58 +678,63 @@ provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); @@ -4849,7 +4860,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AE provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); -@@ -711,33 +740,35 @@ +@@ -711,33 +742,35 @@ provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); @@ -4912,7 +4923,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/symmetric/AE provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC"); provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC"); -@@ -816,8 +847,10 @@ +@@ -816,8 +849,10 @@ provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); |