summaryrefslogtreecommitdiff
path: root/bcprov/src/main/java/org/bouncycastle
diff options
context:
space:
mode:
authorAdam Vartanian <flooey@google.com>2017-11-28 11:25:00 +0000
committerAdam Vartanian <flooey@google.com>2017-11-28 15:52:04 +0000
commit6b5b8b2f1e184da74aa4b2d083cb3f6a3c227844 (patch)
tree5a98009437bbdb1e906bd00c94c871ffba530783 /bcprov/src/main/java/org/bouncycastle
parent7377028a95a04fd7de0a8b4d821cfb2db7e66f3e (diff)
downloadbouncycastle-6b5b8b2f1e184da74aa4b2d083cb3f6a3c227844.tar.gz
Have BC use default provider rather than always BC
In cases where BC algorithms need access to other algorithms, switch to using the default implementation of JCA algorithms rather than always using the BC version. Some non-deprecated BC algorithms can access deprecated BC implementations by using this scheme, and in general we want to use Conscrypt algorithms when available. Also comment out a class that isn't ever used. Bug: 68057944 Test: cts -m CtsLibcoreTestCases Test: cts -m CtsKeystoreTestCases Change-Id: Iec4f395b0c6c59865ff6179a4edd3124d2967da9
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle')
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java8
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java8
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java4
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java8
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java7
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java8
6 files changed, 32 insertions, 11 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
index 5a3af046..b7966ef2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
@@ -35,14 +35,18 @@ import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.jcajce.provider.asymmetric.util.BaseCipherSpi;
import org.bouncycastle.jcajce.provider.util.BadBlockException;
import org.bouncycastle.jcajce.provider.util.DigestFactory;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.util.Strings;
public class CipherSpi
extends BaseCipherSpi
{
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
private AsymmetricBlockCipher cipher;
private AlgorithmParameterSpec paramSpec;
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index de48b81f..efeaa9ae 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -97,7 +97,9 @@ import org.bouncycastle.jcajce.PKCS12StoreParameter;
// Android-removed: Unsupported algorithms
// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
import org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.interfaces.BCKeyStore;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
@@ -112,7 +114,9 @@ public class PKCS12KeyStoreSpi
extends KeyStoreSpi
implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore
{
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
private static final int SALT_SIZE = 20;
private static final int MIN_ITERATIONS = 1024;
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java
index c6dcd901..de2e548c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java
@@ -159,8 +159,6 @@ public final class DES
super(new RFC3211WrapEngine(new DESEngine()), 8);
}
}
- */
- // END Android-removed: Unsupported algorithms
public static class AlgParamGen
extends BaseAlgorithmParameterGenerator
@@ -199,6 +197,8 @@ public final class DES
return params;
}
}
+ */
+ // END Android-removed: Unsupported algorithms
/**
* DES - the default for this is to generate a key in
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
index 296d6925..2237e26e 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
@@ -6,13 +6,17 @@ import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
public abstract class BaseAlgorithmParameterGenerator
extends AlgorithmParameterGeneratorSpi
{
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
protected SecureRandom random;
protected int strength = 1024;
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
index 74d22c5d..a735af8b 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
@@ -272,7 +272,12 @@ public class BaseBlockCipher
try
{
engineParams = createParametersInstance(name);
- engineParams.init(ivParam.getIV());
+ // Android-changed: Use IvParameterSpec instead of passing raw bytes.
+ // The documentation of init() says that a byte array should be decoded
+ // as ASN.1, and Conscrypt's implementations follow that requirement,
+ // even though Bouncy Castle's implementations don't. Wrapping it in
+ // an IvParameterSpec makes the interpretation unambiguous to both.
+ engineParams.init(new IvParameterSpec(ivParam.getIV()));
}
catch (Exception e)
{
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
index 2d1080f2..58da98e7 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
@@ -34,7 +34,9 @@ import org.bouncycastle.crypto.Wrapper;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Arrays;
@@ -67,7 +69,9 @@ public abstract class BaseWrapCipher
private int ivSize;
private byte[] iv;
- private final JcaJceHelper helper = new BCJcaJceHelper();
+ // Android-changed: Use default provider for JCA algorithms instead of BC
+ // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+ private final JcaJceHelper helper = new DefaultJcaJceHelper();
protected BaseWrapCipher()
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 22:18:16 +0000