diff options
| author | Adam Vartanian <flooey@google.com> | 2017-07-11 10:17:24 +0100 |
|---|---|---|
| committer | Adam Vartanian <flooey@google.com> | 2017-07-20 08:55:12 +0100 |
| commit | 4936950820c68699a4ace55a2a8e5f7f677a913d (patch) | |
| tree | 60fd944d4a3dcd27d8a5308e7b7598afa18d2025 /bcprov/src/main/java/org | |
| parent | 6ec33a667cad9a33e8049206a0507fcece28fd9c (diff) | |
| download | bouncycastle-4936950820c68699a4ace55a2a8e5f7f677a913d.tar.gz | |
Update change markers in external/bouncycastle.
For the most part, this is just changing markers that had no explanatory
text and adding an explanation. Some more detail on two of the common
explanations:
"Unsupported algorithms": We choose not to ship a whole lot of the
various crypto algorithms that Bouncy Castle supports. Justfying each
individual choice to disable a given algorithm is out of place in the
code and also doesn't have a natural home (since each algorithm is
disabled in upwards of a dozen places), so just mark where algorithms
are disabled due to being unsupported.
"Unknown reason": I looked in the history and couldn't find any
justification for the change. Generally these changes were made in
commits with descriptions like "bouncycastle 1.49 upgrade" from multiple
years ago. I don't want to change behavior in this change, so I left
these changes as they were; these can be revisited in the future if
desired.
This change also reverts some diffs from upstream, both inside disabled
blocks of code (which is irrelevant) and ones that are active but have
no behavioral change (for example, an added package-visible constructor
that isn't called by any class in the package). There're also a number
of whitespace-only changes that revert diffs from upstream.
Bug: 63092064
Test: cts -m CtsLibcoreTestCases
Change-Id: I27c61063eda849455bc93edaf180acefb5eed217
Diffstat (limited to 'bcprov/src/main/java/org')
87 files changed, 4732 insertions, 4694 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java index d883a732..0225e6e9 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java @@ -80,7 +80,7 @@ public class ASN1Boolean return (value != 0 ? TRUE : FALSE); } - // BEGIN android-added + // BEGIN Android-added: Unknown reason /** * return a ASN1Boolean from the passed in array. */ @@ -90,7 +90,7 @@ public class ASN1Boolean return (octets[0] != 0) ? TRUE : FALSE; } - // END android-added + // END Android-added: Unknown reason /** * return a Boolean from a tagged object. * @@ -117,9 +117,7 @@ public class ASN1Boolean } } - // BEGIN android-changed - protected ASN1Boolean( - // END android-changed + ASN1Boolean( byte[] value) { if (value.length != 1) @@ -145,10 +143,9 @@ public class ASN1Boolean * @deprecated use getInstance(boolean) method. * @param value true or false. */ - // BEGIN android-changed + // Android-changed: Reduce visibility to protected protected ASN1Boolean( boolean value) - // END android-changed { this.value = (value) ? TRUE_VALUE : FALSE_VALUE; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java index 0e2be644..6040676a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java @@ -3,6 +3,7 @@ package org.bouncycastle.asn1; import java.io.IOException; import java.text.ParseException; import java.text.SimpleDateFormat; +// Android-added: Localization support import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -110,10 +111,9 @@ public class ASN1GeneralizedTime public ASN1GeneralizedTime( Date time) { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US); - // END android-changed dateF.setTimeZone(new SimpleTimeZone(0, "Z")); @@ -131,11 +131,11 @@ public class ASN1GeneralizedTime Date time, Locale locale) { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale); + // BEGIN Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US); dateF.setCalendar(Calendar.getInstance(Locale.US)); - // END android-changed + // END Android-changed: Use localized version dateF.setTimeZone(new SimpleTimeZone(0, "Z")); @@ -260,17 +260,15 @@ public class ASN1GeneralizedTime { if (hasFractionalSeconds()) { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'"); dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'", Locale.US); - // END android-changed } else { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US); - // END android-changed } dateF.setTimeZone(new SimpleTimeZone(0, "Z")); @@ -280,17 +278,15 @@ public class ASN1GeneralizedTime d = this.getTime(); if (hasFractionalSeconds()) { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz"); dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz", Locale.US); - // END android-changed } else { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US); - // END android-changed } dateF.setTimeZone(new SimpleTimeZone(0, "Z")); @@ -299,17 +295,15 @@ public class ASN1GeneralizedTime { if (hasFractionalSeconds()) { - // BEGIN android-changed + // Android-changed: Use localized version // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS"); dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS", Locale.US); - // END android-changed } else { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmss"); dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); - // END android-changed } dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID())); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java index f1098e70..f39d1206 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java @@ -8,12 +8,6 @@ import java.io.IOException; public abstract class ASN1Null extends ASN1Primitive { - // BEGIN android-added - /*package*/ ASN1Null() - { - } - - // END android-added /** * Return an instance of ASN.1 NULL from the passed in object. * <p> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java index 50b8a491..bdfec4fd 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java @@ -155,13 +155,8 @@ public class ASN1ObjectIdentifier } } - // BEGIN android-changed - /* - * Intern the identifier so there aren't hundreds of duplicates - * (in practice). - */ + // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice. this.identifier = objId.toString().intern(); - // END android-changed this.body = Arrays.clone(bytes); } @@ -182,13 +177,8 @@ public class ASN1ObjectIdentifier throw new IllegalArgumentException("string " + identifier + " not an OID"); } - // BEGIN android-changed - /* - * Intern the identifier so there aren't hundreds of duplicates - * (in practice). - */ + // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice. this.identifier = identifier.intern(); - // END android-changed } /** diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java index 41ce8177..446af77f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java @@ -3,6 +3,7 @@ package org.bouncycastle.asn1; import java.io.IOException; import java.text.ParseException; import java.text.SimpleDateFormat; +// Android-added: Localization support import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -124,10 +125,9 @@ public class ASN1UTCTime public ASN1UTCTime( Date time) { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'"); SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US); - // END android-changed dateF.setTimeZone(new SimpleTimeZone(0,"Z")); @@ -145,11 +145,11 @@ public class ASN1UTCTime Date time, Locale locale) { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale); + // BEGIN Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale); SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US); dateF.setCalendar(Calendar.getInstance(locale)); - // END android-changed + // END Android-changed: Use localized version dateF.setTimeZone(new SimpleTimeZone(0,"Z")); @@ -172,10 +172,9 @@ public class ASN1UTCTime public Date getDate() throws ParseException { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz"); SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz", Locale.US); - // END android-changed return dateF.parse(getTime()); } @@ -190,10 +189,9 @@ public class ASN1UTCTime public Date getAdjustedDate() throws ParseException { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US); - // END android-changed dateF.setTimeZone(new SimpleTimeZone(0, "Z")); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java index 7df2acf6..3a86b1d6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java @@ -15,9 +15,8 @@ public class DERNull /** * @deprecated use DERNull.INSTANCE */ - // BEGIN android-changed + // Android-changed: Reduce visibility to protected. protected DERNull() - // END android-changed { } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java b/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java index 59e96e86..1fc8ab09 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java @@ -8,9 +8,8 @@ import java.nio.channels.FileChannel; class StreamUtil { - // BEGIN android-removed + // Android-removed: Check max memory at runtime // private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); - // END android-removed /** * Find out possible longest length... @@ -50,7 +49,7 @@ class StreamUtil } } - // BEGIN android-changed + // BEGIN Android-changed: Check max memory at runtime long maxMemory = Runtime.getRuntime().maxMemory(); if (maxMemory > Integer.MAX_VALUE) { @@ -58,7 +57,7 @@ class StreamUtil } return (int) maxMemory; - // END android-changed + // END Android-changed: Check max memory at runtime } static int calculateBodyLength( diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java index a4f3f3b2..f43f9fb7 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java @@ -72,23 +72,25 @@ public interface BCObjectIdentifiers */ public static final ASN1ObjectIdentifier bc_sig = bc.branch("2"); - // BEGIN android-removed - // /** - // * Sphincs-256 - // */ - // public static final ASN1ObjectIdentifier sphincs256 = bc_sig.branch("1"); - // public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512 = sphincs256.branch("1"); - // public static final ASN1ObjectIdentifier sphincs256_with_SHA512 = sphincs256.branch("2"); - // public static final ASN1ObjectIdentifier sphincs256_with_SHA3_512 = sphincs256.branch("3"); + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * Sphincs-256 + * + public static final ASN1ObjectIdentifier sphincs256 = bc_sig.branch("1"); + public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512 = sphincs256.branch("1"); + public static final ASN1ObjectIdentifier sphincs256_with_SHA512 = sphincs256.branch("2"); + public static final ASN1ObjectIdentifier sphincs256_with_SHA3_512 = sphincs256.branch("3"); - // /** - // * key_exchange(3) algorithms - // */ - // public static final ASN1ObjectIdentifier bc_exch = bc.branch("3"); + /** + * key_exchange(3) algorithms + * + public static final ASN1ObjectIdentifier bc_exch = bc.branch("3"); - // /** - // * NewHope - // */ - // public static final ASN1ObjectIdentifier newHope = bc_exch.branch("1"); - // END android-removed + /** + * NewHope + * + public static final ASN1ObjectIdentifier newHope = bc_exch.branch("1"); + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java index 1592c755..2e8e0392 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java @@ -28,9 +28,7 @@ import org.bouncycastle.asn1.BERTaggedObject; */ public class ContentInfo extends ASN1Object - // BEGIN android-removed - // implements CMSObjectIdentifiers - // END android-removed + implements CMSObjectIdentifiers { private ASN1ObjectIdentifier contentType; private ASN1Encodable content; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java index ed9a6c03..a6f8d8fe 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java @@ -2,6 +2,7 @@ package org.bouncycastle.asn1.cms; import java.text.ParseException; import java.text.SimpleDateFormat; +// Android-added: Localization support import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -71,10 +72,9 @@ public class Time Date time) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); - // END android-changed dateF.setTimeZone(tz); @@ -105,11 +105,11 @@ public class Time Locale locale) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); + // BEGIN Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); dateF.setCalendar(Calendar.getInstance(locale)); - // END android-changed + // END Android-changed: Use localized version dateF.setTimeZone(tz); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java index 75df2aa7..48d03209 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java @@ -13,12 +13,14 @@ public interface PKCSObjectIdentifiers static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); /** PKCS#1: 1.2.840.113549.1.1.1 */ static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); - // BEGIN android-removed - // /** PKCS#1: 1.2.840.113549.1.1.2 */ - // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); - // /** PKCS#1: 1.2.840.113549.1.1.3 */ - // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); - // END android-removed + // BEGIN Android-removed: MD2 and MD4 are unsupported + /* + /** PKCS#1: 1.2.840.113549.1.1.2 * + static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); + /** PKCS#1: 1.2.840.113549.1.1.3 * + static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); + */ + // END Android-removed: MD2 and MD4 are unsupported /** PKCS#1: 1.2.840.113549.1.1.4 */ static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); /** PKCS#1: 1.2.840.113549.1.1.5 */ diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java index 20f6ea3b..dcde3034 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java @@ -14,9 +14,9 @@ import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.crypto.Digest; -// BEGIN android-changed +// Android-changed: Use Android digests +// import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed /** * The AuthorityKeyIdentifier object. @@ -108,9 +108,9 @@ public class AuthorityKeyIdentifier public AuthorityKeyIdentifier( SubjectPublicKeyInfo spki) { - // BEGIN android-changed + // Android-changed: Use Android digests + // Digest digest = new SHA1Digest(); Digest digest = AndroidDigestFactory.getSHA1(); - // END android-changed byte[] resBuf = new byte[digest.getDigestSize()]; byte[] bytes = spki.getPublicKeyData().getBytes(); @@ -129,9 +129,9 @@ public class AuthorityKeyIdentifier GeneralNames name, BigInteger serialNumber) { - // BEGIN android-changed + // Android-changed: Use Android digests + // Digest digest = new SHA1Digest(); Digest digest = AndroidDigestFactory.getSHA1(); - // END android-changed byte[] resBuf = new byte[digest.getDigestSize()]; byte[] bytes = spki.getPublicKeyData().getBytes(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java index 989de4c9..a99dddfc 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java @@ -2,6 +2,7 @@ package org.bouncycastle.asn1.x509; import java.text.ParseException; import java.text.SimpleDateFormat; +// Android-added: Localization support import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -52,10 +53,9 @@ public class Time Date time) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); - // END android-changed dateF.setTimeZone(tz); @@ -86,8 +86,8 @@ public class Time Locale locale) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); + // BEGIN Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); dateF.setCalendar(Calendar.getInstance(locale)); // END android-changed diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java index 0c372f7f..fafb68ff 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java @@ -255,10 +255,10 @@ public class X509Name */ public static final Hashtable SymbolLookUp = DefaultLookUp; - // BEGIN android-changed + // BEGIN Android-changed: Use Boolean class constants instead of Boolean constructor private static final Boolean TRUE = Boolean.TRUE; private static final Boolean FALSE = Boolean.FALSE; - // END android-changed + // END Android-changed: Use Boolean class constants instead of Boolean constructor static { @@ -448,9 +448,7 @@ public class X509Name throw new IllegalArgumentException("cannot encode value"); } } - // BEGIN android-changed - added.addElement(Boolean.valueOf(i != 0)); - // END android-changed + added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility } } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java index 454f3227..b1b14163 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java @@ -78,8 +78,10 @@ public class X509NameTokenizer } else { - // BEGIN android-added - // copied from a newer version of BouncyCastle + // BEGIN Android-added: Unknown reason + // This was previously marked with the comment "copied from a newer version + // of BouncyCastle", but I couldn't find any evidence that it ever was included + // in any version of BC if (c == '#' && buf.charAt(buf.length() - 1) == '=') { buf.append('\\'); @@ -88,7 +90,7 @@ public class X509NameTokenizer { buf.append('\\'); } - // END android-added + // END Android-added: Unknown reason buf.append(c); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java index 5abcca9f..0fc87379 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java @@ -4,15 +4,13 @@ import java.util.Enumeration; import java.util.Vector; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed +// Android-removed: Unsupported curves // import org.bouncycastle.asn1.anssi.ANSSINamedCurves; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; -// END android-removed import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.sec.SECNamedCurves; -// BEGIN android-removed +// Android-removed: Unsupported curves // import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; -// END android-removed /** * A general class that reads all X9.62 style EC curve tables. @@ -41,17 +39,19 @@ public class ECNamedCurveTable ecP = NISTNamedCurves.getByName(name); } - // BEGIN android-removed - // if (ecP == null) - // { - // ecP = TeleTrusTNamedCurves.getByName(name); - // } - // - // if (ecP == null) - // { - // ecP = ANSSINamedCurves.getByName(name); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (ecP == null) + { + ecP = TeleTrusTNamedCurves.getByName(name); + } + + if (ecP == null) + { + ecP = ANSSINamedCurves.getByName(name); + } + */ + // END Android-removed: Unsupported curves return ecP; } @@ -77,17 +77,19 @@ public class ECNamedCurveTable oid = NISTNamedCurves.getOID(name); } - // BEGIN android-removed - // if (oid == null) - // { - // oid = TeleTrusTNamedCurves.getOID(name); - // } - // - // if (oid == null) - // { - // oid = ANSSINamedCurves.getOID(name); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (oid == null) + { + oid = TeleTrusTNamedCurves.getOID(name); + } + + if (oid == null) + { + oid = ANSSINamedCurves.getOID(name); + } + */ + // END Android-removed: Unsupported curves return oid; } @@ -109,24 +111,28 @@ public class ECNamedCurveTable name = SECNamedCurves.getName(oid); } - // BEGIN android-removed - // if (name == null) - // { - // name = TeleTrusTNamedCurves.getName(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (name == null) + { + name = TeleTrusTNamedCurves.getName(oid); + } + */ + // END Android-removed: Unsupported curves if (name == null) { name = X962NamedCurves.getName(oid); } - // BEGIN android-removed - // if (name == null) - // { - // name = ECGOST3410NamedCurves.getName(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (name == null) + { + name = ECGOST3410NamedCurves.getName(oid); + } + */ + // END Android-removed: Unsupported curves return name; } @@ -150,17 +156,19 @@ public class ECNamedCurveTable // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup - // BEGIN android-removed - // if (ecP == null) - // { - // ecP = TeleTrusTNamedCurves.getByOID(oid); - // } - // - // if (ecP == null) - // { - // ecP = ANSSINamedCurves.getByOID(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (ecP == null) + { + ecP = TeleTrusTNamedCurves.getByOID(oid); + } + + if (ecP == null) + { + ecP = ANSSINamedCurves.getByOID(oid); + } + */ + // END Android-removed: Unsupported curves return ecP; } @@ -177,10 +185,10 @@ public class ECNamedCurveTable addEnumeration(v, X962NamedCurves.getNames()); addEnumeration(v, SECNamedCurves.getNames()); addEnumeration(v, NISTNamedCurves.getNames()); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported curves // addEnumeration(v, TeleTrusTNamedCurves.getNames()); // addEnumeration(v, ANSSINamedCurves.getNames()); - // END android-removed + // END Android-removed: Unsupported curves return v.elements(); } diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java index e3c596d9..2c23bed1 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java @@ -64,110 +64,112 @@ public class CustomNamedCurves return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create(); } - // BEGIN android-removed - // /* - // * curve25519 - // */ - // static X9ECParametersHolder curve25519 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new Curve25519()); - // - // /* - // * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form - // * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). - // * - // * The Curve25519 paper doesn't say which of the two possible y values the base - // * point has. The choice here is guided by language in the Ed25519 paper. - // * - // * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) - // */ - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" - // + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); - // - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // - // /* - // * secp128r1 - // */ - // static X9ECParametersHolder secp128r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("000E0D4D696E6768756151750CC03A4473D03679"); - // ECCurve curve = configureCurve(new SecP128R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "161FF7528B899B2D0C28607CA52C5B86" - // + "CF5AC8395BAFEB13C02DA292DDED7A83")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // - // /* - // * secp160k1 - // */ - // static X9ECParametersHolder secp160k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // GLVTypeBParameters glv = new GLVTypeBParameters( - // new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16), - // new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16), - // new BigInteger[]{ - // new BigInteger("9162fbe73984472a0a9e", 16), - // new BigInteger("-96341f1138933bc2f505", 16) }, - // new BigInteger[]{ - // new BigInteger("127971af8721782ecffa3", 16), - // new BigInteger("9162fbe73984472a0a9e", 16) }, - // new BigInteger("9162fbe73984472a0a9d0590", 16), - // new BigInteger("96341f1138933bc2f503fd44", 16), - // 176); - // ECCurve curve = configureCurveGLV(new SecP160K1Curve(), glv); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB" - // + "938CF935318FDCED6BC28286531733C3F03C4FEE")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // - // /* - // * secp160r1 - // */ - // static X9ECParametersHolder secp160r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("1053CDE42C14D696E67687561517533BF3F83345"); - // ECCurve curve = configureCurve(new SecP160R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "4A96B5688EF573284664698968C38BB913CBFC82" - // + "23A628553168947D59DCC912042351377AC5FB32")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // - // /* - // * secp160r2 - // */ - // static X9ECParametersHolder secp160r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("B99B99B099B323E02709A4D696E6768756151751"); - // ECCurve curve = configureCurve(new SecP160R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "52DCB034293A117E1F4FF11B30F7199D3144CE6D" - // + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + /* + * curve25519 + * + static X9ECParametersHolder curve25519 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new Curve25519()); + + /* + * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form + * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). + * + * The Curve25519 paper doesn't say which of the two possible y values the base + * point has. The choice here is guided by language in the Ed25519 paper. + * + * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) + * + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" + + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); + + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * secp128r1 + * + static X9ECParametersHolder secp128r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("000E0D4D696E6768756151750CC03A4473D03679"); + ECCurve curve = configureCurve(new SecP128R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "161FF7528B899B2D0C28607CA52C5B86" + + "CF5AC8395BAFEB13C02DA292DDED7A83")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * secp160k1 + * + static X9ECParametersHolder secp160k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + GLVTypeBParameters glv = new GLVTypeBParameters( + new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16), + new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16), + new BigInteger[]{ + new BigInteger("9162fbe73984472a0a9e", 16), + new BigInteger("-96341f1138933bc2f505", 16) }, + new BigInteger[]{ + new BigInteger("127971af8721782ecffa3", 16), + new BigInteger("9162fbe73984472a0a9e", 16) }, + new BigInteger("9162fbe73984472a0a9d0590", 16), + new BigInteger("96341f1138933bc2f503fd44", 16), + 176); + ECCurve curve = configureCurveGLV(new SecP160K1Curve(), glv); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB" + + "938CF935318FDCED6BC28286531733C3F03C4FEE")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * secp160r1 + * + static X9ECParametersHolder secp160r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("1053CDE42C14D696E67687561517533BF3F83345"); + ECCurve curve = configureCurve(new SecP160R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "4A96B5688EF573284664698968C38BB913CBFC82" + + "23A628553168947D59DCC912042351377AC5FB32")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * secp160r2 + * + static X9ECParametersHolder secp160r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("B99B99B099B323E02709A4D696E6768756151751"); + ECCurve curve = configureCurve(new SecP160R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "52DCB034293A117E1F4FF11B30F7199D3144CE6D" + + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + */ + // END Android-removed: Unsupported curves /* * secp192k1 @@ -333,295 +335,297 @@ public class CustomNamedCurves } }; - // BEGIN android-removed - // /* - // * sect113r1 - // */ - // static X9ECParametersHolder sect113r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("10E723AB14D696E6768756151756FEBF8FCB49A9"); - // ECCurve curve = configureCurve(new SecT113R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "009D73616F35F4AB1407D73562C10F" - // + "00A52830277958EE84D1315ED31886")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect113r2 - // */ - // static X9ECParametersHolder sect113r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("10C0FB15760860DEF1EEF4D696E676875615175D"); - // ECCurve curve = configureCurve(new SecT113R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "01A57A6A7B26CA5EF52FCDB8164797" - // + "00B3ADC94ED1FE674C06E695BABA1D")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect131r1 - // */ - // static X9ECParametersHolder sect131r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("4D696E676875615175985BD3ADBADA21B43A97E2"); - // ECCurve curve = configureCurve(new SecT131R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0081BAF91FDF9833C40F9C181343638399" - // + "078C6E7EA38C001F73C8134B1B4EF9E150")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect131r2 - // */ - // static X9ECParametersHolder sect131r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("985BD3ADBAD4D696E676875615175A21B43A97E3"); - // ECCurve curve = configureCurve(new SecT131R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0356DCD8F2F95031AD652D23951BB366A8" - // + "0648F06D867940A5366D9E265DE9EB240F")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect163k1 - // */ - // static X9ECParametersHolder sect163k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT163K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8" - // + "0289070FB05D38FF58321F2E800536D538CCDAA3D9")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect163r1 - // */ - // static X9ECParametersHolder sect163r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("24B7B137C8A14D696E6768756151756FD0DA2E5C"); - // ECCurve curve = configureCurve(new SecT163R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0369979697AB43897789566789567F787A7876A654" - // + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect163r2 - // */ - // static X9ECParametersHolder sect163r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("85E25BFE5C86226CDB12016F7553F9D0E693A268"); - // ECCurve curve = configureCurve(new SecT163R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "03F0EBA16286A2D57EA0991168D4994637E8343E36" - // + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect193r1 - // */ - // static X9ECParametersHolder sect193r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("103FAEC74D696E676875615175777FC5B191EF30"); - // ECCurve curve = configureCurve(new SecT193R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1" - // + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect193r2 - // */ - // static X9ECParametersHolder sect193r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("10B7B4D696E676875615175137C8A16FD0DA2211"); - // ECCurve curve = configureCurve(new SecT193R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F" - // + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect233k1 - // */ - // static X9ECParametersHolder sect233k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT233K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126" - // + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect233r1 - // */ - // static X9ECParametersHolder sect233r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3"); - // ECCurve curve = configureCurve(new SecT233R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B" - // + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect239k1 - // */ - // static X9ECParametersHolder sect239k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT239K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC" - // + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect283k1 - // */ - // static X9ECParametersHolder sect283k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT283K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836" - // + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect283r1 - // */ - // static X9ECParametersHolder sect283r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE"); - // ECCurve curve = configureCurve(new SecT283R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053" - // + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect409k1 - // */ - // static X9ECParametersHolder sect409k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT409K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746" - // + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect409r1 - // */ - // static X9ECParametersHolder sect409r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B"); - // ECCurve curve = configureCurve(new SecT409R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7" - // + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect571k1 - // */ - // static X9ECParametersHolder sect571k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT571K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972" - // + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect571r1 - // */ - // static X9ECParametersHolder sect571r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310"); - // ECCurve curve = configureCurve(new SecT571R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19" - // + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + /* + * sect113r1 + * + static X9ECParametersHolder sect113r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("10E723AB14D696E6768756151756FEBF8FCB49A9"); + ECCurve curve = configureCurve(new SecT113R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "009D73616F35F4AB1407D73562C10F" + + "00A52830277958EE84D1315ED31886")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect113r2 + * + static X9ECParametersHolder sect113r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("10C0FB15760860DEF1EEF4D696E676875615175D"); + ECCurve curve = configureCurve(new SecT113R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "01A57A6A7B26CA5EF52FCDB8164797" + + "00B3ADC94ED1FE674C06E695BABA1D")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect131r1 + * + static X9ECParametersHolder sect131r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("4D696E676875615175985BD3ADBADA21B43A97E2"); + ECCurve curve = configureCurve(new SecT131R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0081BAF91FDF9833C40F9C181343638399" + + "078C6E7EA38C001F73C8134B1B4EF9E150")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect131r2 + * + static X9ECParametersHolder sect131r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("985BD3ADBAD4D696E676875615175A21B43A97E3"); + ECCurve curve = configureCurve(new SecT131R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0356DCD8F2F95031AD652D23951BB366A8" + + "0648F06D867940A5366D9E265DE9EB240F")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect163k1 + * + static X9ECParametersHolder sect163k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT163K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8" + + "0289070FB05D38FF58321F2E800536D538CCDAA3D9")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect163r1 + * + static X9ECParametersHolder sect163r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("24B7B137C8A14D696E6768756151756FD0DA2E5C"); + ECCurve curve = configureCurve(new SecT163R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0369979697AB43897789566789567F787A7876A654" + + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect163r2 + * + static X9ECParametersHolder sect163r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("85E25BFE5C86226CDB12016F7553F9D0E693A268"); + ECCurve curve = configureCurve(new SecT163R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "03F0EBA16286A2D57EA0991168D4994637E8343E36" + + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect193r1 + * + static X9ECParametersHolder sect193r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("103FAEC74D696E676875615175777FC5B191EF30"); + ECCurve curve = configureCurve(new SecT193R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1" + + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect193r2 + * + static X9ECParametersHolder sect193r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("10B7B4D696E676875615175137C8A16FD0DA2211"); + ECCurve curve = configureCurve(new SecT193R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F" + + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect233k1 + * + static X9ECParametersHolder sect233k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT233K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126" + + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect233r1 + * + static X9ECParametersHolder sect233r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3"); + ECCurve curve = configureCurve(new SecT233R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B" + + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect239k1 + * + static X9ECParametersHolder sect239k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT239K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC" + + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect283k1 + * + static X9ECParametersHolder sect283k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT283K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836" + + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect283r1 + * + static X9ECParametersHolder sect283r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE"); + ECCurve curve = configureCurve(new SecT283R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053" + + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect409k1 + * + static X9ECParametersHolder sect409k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT409K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746" + + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect409r1 + * + static X9ECParametersHolder sect409r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B"); + ECCurve curve = configureCurve(new SecT409R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7" + + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect571k1 + * + static X9ECParametersHolder sect571k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT571K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972" + + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect571r1 + * + static X9ECParametersHolder sect571r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310"); + ECCurve curve = configureCurve(new SecT571R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19" + + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + */ + // END Android-removed: Unsupported curves static final Hashtable nameToCurve = new Hashtable(); @@ -662,21 +666,19 @@ public class CustomNamedCurves static { - // BEGIN android-removed - // defineCurve("curve25519", curve25519); - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + defineCurve("curve25519", curve25519); // defineCurveWithOID("secp112r1", SECObjectIdentifiers.secp112r1, secp112r1); // defineCurveWithOID("secp112r2", SECObjectIdentifiers.secp112r2, secp112r2); - // BEGIN android-removed - // defineCurveWithOID("secp128r1", SECObjectIdentifiers.secp128r1, secp128r1); - // END android-removed + defineCurveWithOID("secp128r1", SECObjectIdentifiers.secp128r1, secp128r1); // defineCurveWithOID("secp128r2", SECObjectIdentifiers.secp128r2, secp128r2); - // BEGIN android-removed - // defineCurveWithOID("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1); - // defineCurveWithOID("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1); - // defineCurveWithOID("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2); - // END android-removed + defineCurveWithOID("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1); + defineCurveWithOID("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1); + defineCurveWithOID("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2); + */ + // END Android-removed: Unsupported curves defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1); defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1); defineCurveWithOID("secp224k1", SECObjectIdentifiers.secp224k1, secp224k1); @@ -686,38 +688,40 @@ public class CustomNamedCurves defineCurveWithOID("secp384r1", SECObjectIdentifiers.secp384r1, secp384r1); defineCurveWithOID("secp521r1", SECObjectIdentifiers.secp521r1, secp521r1); - // BEGIN android-removed - // defineCurveWithOID("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1); - // defineCurveWithOID("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2); - // defineCurveWithOID("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1); - // defineCurveWithOID("sect131r2", SECObjectIdentifiers.sect131r2, sect131r2); - // defineCurveWithOID("sect163k1", SECObjectIdentifiers.sect163k1, sect163k1); - // defineCurveWithOID("sect163r1", SECObjectIdentifiers.sect163r1, sect163r1); - // defineCurveWithOID("sect163r2", SECObjectIdentifiers.sect163r2, sect163r2); - // defineCurveWithOID("sect193r1", SECObjectIdentifiers.sect193r1, sect193r1); - // defineCurveWithOID("sect193r2", SECObjectIdentifiers.sect193r2, sect193r2); - // defineCurveWithOID("sect233k1", SECObjectIdentifiers.sect233k1, sect233k1); - // defineCurveWithOID("sect233r1", SECObjectIdentifiers.sect233r1, sect233r1); - // defineCurveWithOID("sect239k1", SECObjectIdentifiers.sect239k1, sect239k1); - // defineCurveWithOID("sect283k1", SECObjectIdentifiers.sect283k1, sect283k1); - // defineCurveWithOID("sect283r1", SECObjectIdentifiers.sect283r1, sect283r1); - // defineCurveWithOID("sect409k1", SECObjectIdentifiers.sect409k1, sect409k1); - // defineCurveWithOID("sect409r1", SECObjectIdentifiers.sect409r1, sect409r1); - // defineCurveWithOID("sect571k1", SECObjectIdentifiers.sect571k1, sect571k1); - // defineCurveWithOID("sect571r1", SECObjectIdentifiers.sect571r1, sect571r1); - - // defineCurveAlias("B-163", SECObjectIdentifiers.sect163r2); - // defineCurveAlias("B-233", SECObjectIdentifiers.sect233r1); - // defineCurveAlias("B-283", SECObjectIdentifiers.sect283r1); - // defineCurveAlias("B-409", SECObjectIdentifiers.sect409r1); - // defineCurveAlias("B-571", SECObjectIdentifiers.sect571r1); - - // defineCurveAlias("K-163", SECObjectIdentifiers.sect163k1); - // defineCurveAlias("K-233", SECObjectIdentifiers.sect233k1); - // defineCurveAlias("K-283", SECObjectIdentifiers.sect283k1); - // defineCurveAlias("K-409", SECObjectIdentifiers.sect409k1); - // defineCurveAlias("K-571", SECObjectIdentifiers.sect571k1); - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + defineCurveWithOID("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1); + defineCurveWithOID("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2); + defineCurveWithOID("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1); + defineCurveWithOID("sect131r2", SECObjectIdentifiers.sect131r2, sect131r2); + defineCurveWithOID("sect163k1", SECObjectIdentifiers.sect163k1, sect163k1); + defineCurveWithOID("sect163r1", SECObjectIdentifiers.sect163r1, sect163r1); + defineCurveWithOID("sect163r2", SECObjectIdentifiers.sect163r2, sect163r2); + defineCurveWithOID("sect193r1", SECObjectIdentifiers.sect193r1, sect193r1); + defineCurveWithOID("sect193r2", SECObjectIdentifiers.sect193r2, sect193r2); + defineCurveWithOID("sect233k1", SECObjectIdentifiers.sect233k1, sect233k1); + defineCurveWithOID("sect233r1", SECObjectIdentifiers.sect233r1, sect233r1); + defineCurveWithOID("sect239k1", SECObjectIdentifiers.sect239k1, sect239k1); + defineCurveWithOID("sect283k1", SECObjectIdentifiers.sect283k1, sect283k1); + defineCurveWithOID("sect283r1", SECObjectIdentifiers.sect283r1, sect283r1); + defineCurveWithOID("sect409k1", SECObjectIdentifiers.sect409k1, sect409k1); + defineCurveWithOID("sect409r1", SECObjectIdentifiers.sect409r1, sect409r1); + defineCurveWithOID("sect571k1", SECObjectIdentifiers.sect571k1, sect571k1); + defineCurveWithOID("sect571r1", SECObjectIdentifiers.sect571r1, sect571r1); + + defineCurveAlias("B-163", SECObjectIdentifiers.sect163r2); + defineCurveAlias("B-233", SECObjectIdentifiers.sect233r1); + defineCurveAlias("B-283", SECObjectIdentifiers.sect283r1); + defineCurveAlias("B-409", SECObjectIdentifiers.sect409r1); + defineCurveAlias("B-571", SECObjectIdentifiers.sect571r1); + + defineCurveAlias("K-163", SECObjectIdentifiers.sect163k1); + defineCurveAlias("K-233", SECObjectIdentifiers.sect233k1); + defineCurveAlias("K-283", SECObjectIdentifiers.sect283k1); + defineCurveAlias("K-409", SECObjectIdentifiers.sect409k1); + defineCurveAlias("K-571", SECObjectIdentifiers.sect571k1); + */ + // END Android-removed: Unsupported curves defineCurveAlias("P-192", SECObjectIdentifiers.secp192r1); defineCurveAlias("P-224", SECObjectIdentifiers.secp224r1); diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java index b5505f43..8df10697 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java @@ -7,13 +7,10 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DataLengthException; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.InvalidCipherTextException; -// BEGIN android-changed -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-remnoved +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; /** @@ -32,10 +29,9 @@ public class OAEPEncoding public OAEPEncoding( AsymmetricBlockCipher cipher) { - // BEGIN android-changed - // Was: this(cipher, DigestFactory.createSHA1(), null); + // Android-changed: Use Android digests + // this(cipher, DigestFactory.createSHA1(), null); this(cipher, AndroidDigestFactory.getSHA1(), null); - // END android-changed } public OAEPEncoding( diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java index b36ae58c..e79557f4 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java @@ -390,12 +390,6 @@ public class PKCS1Encoding { badType = (type != 1); } - // BEGIN android-added - if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey)) - { - throw new InvalidCipherTextException("invalid block type " + type); - } - // END android-added // // find and extract the message block. diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java index 7274bf94..652d8ac8 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java @@ -6,16 +6,13 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.InvalidCipherTextException; import org.bouncycastle.crypto.Wrapper; -// BEGIN android-changed -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; /** @@ -56,9 +53,9 @@ public class DESedeWrapEngine // // checksum digest // - // BEGIN android-changed + // Android-changed: Use Android digests + // Digest sha1 = DigestFactory.createSHA1(); Digest sha1 = AndroidDigestFactory.getSHA1(); - // END android-changed byte[] digest = new byte[20]; /** diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java index a0728b2c..1075f22e 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java @@ -3,17 +3,15 @@ package org.bouncycastle.crypto.generators; import java.math.BigInteger; import java.security.SecureRandom; -// BEGIN android-added +// Android-added: Log long-running operation import java.util.logging.Logger; -// END android-added import org.bouncycastle.math.ec.WNafUtil; import org.bouncycastle.util.BigIntegers; class DHParametersHelper { - // BEGIN android-added + // Android-added: Log long-running operation private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); - // END android-added private static final BigInteger ONE = BigInteger.valueOf(1); private static final BigInteger TWO = BigInteger.valueOf(2); @@ -25,20 +23,19 @@ class DHParametersHelper */ static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) { - // BEGIN android-added + // BEGIN Android-added: Log long-running operation logger.info("Generating safe primes. This may take a long time."); long start = System.currentTimeMillis(); int tries = 0; - // END android-added + // END Android-added: Log long-running operation BigInteger p, q; int qLength = size - 1; int minWeight = size >>> 2; for (;;) { - // BEGIN android-added + // Android-added: Log long-running operation tries++; - // END android-added q = new BigInteger(qLength, 2, random); // p <- 2q + 1 @@ -67,11 +64,11 @@ class DHParametersHelper break; } - // BEGIN android-added + // BEGIN Android-added: Log long-running operation long end = System.currentTimeMillis(); long duration = end - start; logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); - // END android-added + // END Android-added: Log long-running operation return new BigInteger[] { p, q }; } diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java index cec79e03..961b367d 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java @@ -7,10 +7,9 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.params.DSAParameterGenerationParameters; import org.bouncycastle.crypto.params.DSAParameters; import org.bouncycastle.crypto.params.DSAValidationParameters; -// BEGIN android-changed -// Was: import org.bouncycastle.crypto.util.DigestFactory; +// Android-changed: Use Android digests +// import org.bouncycastle.crypto.util.DigestFactory; import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added import org.bouncycastle.util.Arrays; import org.bouncycastle.util.BigIntegers; import org.bouncycastle.util.encoders.Hex; @@ -34,9 +33,9 @@ public class DSAParametersGenerator public DSAParametersGenerator() { - // BEGIN android-changed + // Android-changed: Use Android digests + // this(DigestFactory.createSHA1()); this(AndroidDigestFactory.getSHA1()); - // END android-changed } public DSAParametersGenerator(Digest digest) @@ -131,9 +130,9 @@ public class DSAParametersGenerator int n = (L - 1) / 160; byte[] w = new byte[L / 8]; - // BEGIN android-changed + // Android-changed: Use Android digests + // if (!(digest instanceof SHA1Digest)) if (!(digest.getAlgorithmName().equals("SHA-1"))) - // END android-changed { throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters"); } diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java index e6ec53a0..3e850c11 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java @@ -3,13 +3,11 @@ package org.bouncycastle.crypto.generators; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.PBEParametersGenerator; -// BEGIN android-changed -import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; /** * Generator for PBE derived keys and ivs as usd by OpenSSL. @@ -21,9 +19,9 @@ import org.bouncycastle.crypto.params.ParametersWithIV; public class OpenSSLPBEParametersGenerator extends PBEParametersGenerator { - // BEGIN android-changed + // Android-changed: Use Android digests + // private Digest digest = DigestFactory.createMD5(); private Digest digest = AndroidDigestFactory.getMD5(); - // END android-changed /** * Construct a OpenSSL Parameters generator. diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java index 3089f8cc..c45c84f1 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java @@ -4,15 +4,12 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.Mac; import org.bouncycastle.crypto.PBEParametersGenerator; -// BEGIN android-changed -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; /** @@ -34,9 +31,9 @@ public class PKCS5S2ParametersGenerator */ public PKCS5S2ParametersGenerator() { - // BEGIN android-changed + // Android-changed: Use Android digests + // this(DigestFactory.createSHA1()); this(AndroidDigestFactory.getSHA1()); - // END android-changed } public PKCS5S2ParametersGenerator(Digest digest) diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java index 600a317f..5868262a 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java @@ -36,29 +36,29 @@ public class HMac { blockLengths = new Hashtable(); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // blockLengths.put("GOST3411", Integers.valueOf(32)); // // blockLengths.put("MD2", Integers.valueOf(16)); // blockLengths.put("MD4", Integers.valueOf(64)); - // END android-removed + // END Android-removed: Unsupported algorithms blockLengths.put("MD5", Integers.valueOf(64)); - - // BEGIN android-removed + + // BEGIN Android-removed: Unsupported algorithms // blockLengths.put("RIPEMD128", Integers.valueOf(64)); // blockLengths.put("RIPEMD160", Integers.valueOf(64)); - // END android-removed + // END Android-removed: Unsupported algorithms blockLengths.put("SHA-1", Integers.valueOf(64)); blockLengths.put("SHA-224", Integers.valueOf(64)); blockLengths.put("SHA-256", Integers.valueOf(64)); blockLengths.put("SHA-384", Integers.valueOf(128)); blockLengths.put("SHA-512", Integers.valueOf(128)); - - // BEGIN android-removed + + // BEGIN Android-removed: Unsupported algorithms // blockLengths.put("Tiger", Integers.valueOf(64)); // blockLengths.put("Whirlpool", Integers.valueOf(64)); - // END android-removed + // END Android-removed: Unsupported algorithms } private static int getByteLength( diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java index 1ba5ebb1..c6453a3b 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java @@ -24,11 +24,11 @@ public class GCMBlockCipher implements AEADBlockCipher { private static final int BLOCK_SIZE = 16; - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. // 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak // plaintext and authentication key private static final long MAX_INPUT_SIZE = 68719476704L; - // END android-added + // END Android-added: Max input size limitation from NIST. // not final due to a compiler bug private BlockCipher cipher; @@ -238,13 +238,13 @@ public class GCMBlockCipher return totalData < macSize ? 0 : totalData - macSize; } - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. /** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */ private long getTotalInputSizeAfterNewInput(int newInputLen) { return totalLength + newInputLen + bufOff; } - // END android-added + // END Android-added: Max input size limitation from NIST. public int getUpdateOutputSize(int len) { @@ -263,11 +263,11 @@ public class GCMBlockCipher public void processAADByte(byte in) { checkStatus(); - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) { throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); } - // END android-added + // END Android-added: Max input size limitation from NIST. atBlock[atBlockPos] = in; if (++atBlockPos == BLOCK_SIZE) { @@ -280,11 +280,11 @@ public class GCMBlockCipher public void processAADBytes(byte[] in, int inOff, int len) { - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) { throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); } - // END android-added + // END Android-added: Max input size limitation from NIST. for (int i = 0; i < len; ++i) { atBlock[atBlockPos] = in[inOff + i]; @@ -323,12 +323,12 @@ public class GCMBlockCipher throws DataLengthException { checkStatus(); - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) { throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); } - // END android-added - + // END Android-added: Max input size limitation from NIST. + bufBlock[bufOff] = in; if (++bufOff == bufBlock.length) { @@ -342,11 +342,11 @@ public class GCMBlockCipher throws DataLengthException { checkStatus(); - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) { throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); } - // END android-added + // END Android-added: Max input size limitation from NIST. if (in.length < (inOff + len)) { diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java index a8ef959c..45c8b57d 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java @@ -39,11 +39,11 @@ public class RSADigestSigner */ static { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); - // END android-removed + // END Android-removed: Unsupported algorithms oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); @@ -53,10 +53,17 @@ public class RSADigestSigner oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224); oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256); - // BEGIN android-removed - // oidMap.put("MD2", PKCSObjectIdentifiers.md2); - // oidMap.put("MD4", PKCSObjectIdentifiers.md4); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + oidMap.put("SHA3-224", NISTObjectIdentifiers.id_sha3_224); + oidMap.put("SHA3-256", NISTObjectIdentifiers.id_sha3_256); + oidMap.put("SHA3-384", NISTObjectIdentifiers.id_sha3_384); + oidMap.put("SHA3-512", NISTObjectIdentifiers.id_sha3_512); + + oidMap.put("MD2", PKCSObjectIdentifiers.md2); + oidMap.put("MD4", PKCSObjectIdentifiers.md4); + */ + // END Android-removed: Unsupported algorithms oidMap.put("MD5", PKCSObjectIdentifiers.md5); } diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java index 0175aa17..911f1dae 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java @@ -9,9 +9,8 @@ import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.oiw.ElGamalParameter; -// END android-removed import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.DHParameter; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; @@ -33,10 +32,9 @@ import org.bouncycastle.crypto.params.DSAPrivateKeyParameters; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECNamedDomainParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.ElGamalParameters; // import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; -// END android-removed import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; /** @@ -102,16 +100,18 @@ public class PrivateKeyFactory return new DHPrivateKeyParameters(derX.getValue(), dhParams); } - // BEGIN android-removed - // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) - // { - // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); - // ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); - // - // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( - // params.getP(), params.getG())); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) + { + ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); + ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); + + return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( + params.getP(), params.getG())); + } + */ + // END Android-removed: Unsupported algorithms else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) { ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java index 042c68ef..86028870 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java @@ -11,9 +11,8 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.DEROctetString; -// BEGIN android-removed +// Android-removed: Unsupported algorithm // import org.bouncycastle.asn1.oiw.ElGamalParameter; -// END android-removed import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.DHParameter; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; @@ -40,10 +39,9 @@ import org.bouncycastle.crypto.params.DSAPublicKeyParameters; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECNamedDomainParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -// BEGIN android-removed +// Android-removed: Unsupported algorithm // import org.bouncycastle.crypto.params.ElGamalParameters; // import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; -// END android-removed import org.bouncycastle.crypto.params.RSAKeyParameters; /** @@ -137,16 +135,18 @@ public class PublicKeyFactory return new DHPublicKeyParameters(derY.getValue(), dhParams); } - // BEGIN android-removed - // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) - // { - // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); - // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); - // - // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( - // params.getP(), params.getG())); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) + { + ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); + ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); + + return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( + params.getP(), params.getG())); + } + */ + // END Android-removed: Unsupported algorithm else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) { diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java index 579b9735..dcc963cc 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java @@ -36,10 +36,10 @@ public class DH provider.addAttributes("KeyAgreement.DH", generalDhAttributes); provider.addAlgorithm("KeyAgreement.DH", PREFIX + "KeyAgreementSpi"); provider.addAlgorithm("Alg.Alias.KeyAgreement.DIFFIEHELLMAN", "DH"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_ESDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF"); // provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_SSDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyFactory.DH", PREFIX + "KeyFactorySpi"); provider.addAlgorithm("Alg.Alias.KeyFactory.DIFFIEHELLMAN", "DH"); @@ -51,22 +51,19 @@ public class DH provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher.IES", PREFIX + "IESCipher$IES"); - // provider.addAlgorithm("Cipher.IESwithAES-CBC", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.IESWITHAES-CBC", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.IESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESede"); - // - // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); - // provider.addAlgorithm("Cipher.DHIESwithAES-CBC", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.DHIESWITHAES-CBC", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.DHIESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESede"); - // - // provider.addAlgorithm("Cipher.OLDDHIES", PREFIX + "IESCipher$OldIES"); - // provider.addAlgorithm("Cipher.OLDDHIESwithAES", PREFIX + "IESCipher$OldIESwithAES"); - // provider.addAlgorithm("Cipher.OLDDHIESWITHAES", PREFIX + "IESCipher$OldIESwithAES"); - // provider.addAlgorithm("Cipher.OLDDHIESWITHDESEDE", PREFIX + "IESCipher$OldIESwithDESede"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Cipher.IES", PREFIX + "IESCipher$IES"); + provider.addAlgorithm("Cipher.IESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC"); + provider.addAlgorithm("Cipher.IESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC"); + provider.addAlgorithm("Cipher.IESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESedeCBC"); + + provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); + provider.addAlgorithm("Cipher.DHIESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC"); + provider.addAlgorithm("Cipher.DHIESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC"); + provider.addAlgorithm("Cipher.DHIESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESedeCBC"); + */ + // END Android-removed: Unsupported algorithms registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi()); registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi()); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java index 70ae1203..44bf12ef 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java @@ -27,52 +27,52 @@ public class DSA provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); - // BEGIN android-changed + // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA + // provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); - // END android-changed + provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); + // END Android-changed: Change primary ID from DSA to SHA1withDSA provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); - // BEGIN android-removed - // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); - // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); - // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); - // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); - - // provider.addAlgorithm("Signature.DDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA1WITHDDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA224WITHDDSA", PREFIX + "DSASigner$detDSA224"); - // provider.addAlgorithm("Signature.SHA256WITHDDSA", PREFIX + "DSASigner$detDSA256"); - // provider.addAlgorithm("Signature.SHA384WITHDDSA", PREFIX + "DSASigner$detDSA384"); - // provider.addAlgorithm("Signature.SHA512WITHDDSA", PREFIX + "DSASigner$detDSA512"); - // provider.addAlgorithm("Signature.SHA3-224WITHDDSA", PREFIX + "DSASigner$detDSASha3_224"); - // provider.addAlgorithm("Signature.SHA3-256WITHDDSA", PREFIX + "DSASigner$detDSASha3_256"); - // provider.addAlgorithm("Signature.SHA3-384WITHDDSA", PREFIX + "DSASigner$detDSASha3_384"); - // provider.addAlgorithm("Signature.SHA3-512WITHDDSA", PREFIX + "DSASigner$detDSASha3_512"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); + provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); + provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); + provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); + + provider.addAlgorithm("Signature.DDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA1WITHDDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA224WITHDDSA", PREFIX + "DSASigner$detDSA224"); + provider.addAlgorithm("Signature.SHA256WITHDDSA", PREFIX + "DSASigner$detDSA256"); + provider.addAlgorithm("Signature.SHA384WITHDDSA", PREFIX + "DSASigner$detDSA384"); + provider.addAlgorithm("Signature.SHA512WITHDDSA", PREFIX + "DSASigner$detDSA512"); + provider.addAlgorithm("Signature.SHA3-224WITHDDSA", PREFIX + "DSASigner$detDSASha3_224"); + provider.addAlgorithm("Signature.SHA3-256WITHDDSA", PREFIX + "DSASigner$detDSASha3_256"); + provider.addAlgorithm("Signature.SHA3-384WITHDDSA", PREFIX + "DSASigner$detDSASha3_384"); + provider.addAlgorithm("Signature.SHA3-512WITHDDSA", PREFIX + "DSASigner$detDSASha3_512"); + */ + // END Android-removed: Unsupported algorithms addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); - // BEGIN android-removed - // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); - // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); - // END android-removed - - // BEGIN android-added - provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); - // END android-added - - // BEGIN android-removed - // addSignatureAlgorithm(provider, "SHA3-224", "DSA", PREFIX + "DSASigner$dsaSha3_224", NISTObjectIdentifiers.id_dsa_with_sha3_224); - // addSignatureAlgorithm(provider, "SHA3-256", "DSA", PREFIX + "DSASigner$dsaSha3_256", NISTObjectIdentifiers.id_dsa_with_sha3_256); - // addSignatureAlgorithm(provider, "SHA3-384", "DSA", PREFIX + "DSASigner$dsaSha3_384", NISTObjectIdentifiers.id_dsa_with_sha3_384); - // addSignatureAlgorithm(provider, "SHA3-512", "DSA", PREFIX + "DSASigner$dsaSha3_512", NISTObjectIdentifiers.id_dsa_with_sha3_512); - // END android-removed - - // BEGIN android-changed + // BEGIN Android-removed: Unsupported algorithms + /* + addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); + addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); + + addSignatureAlgorithm(provider, "SHA3-224", "DSA", PREFIX + "DSASigner$dsaSha3_224", NISTObjectIdentifiers.id_dsa_with_sha3_224); + addSignatureAlgorithm(provider, "SHA3-256", "DSA", PREFIX + "DSASigner$dsaSha3_256", NISTObjectIdentifiers.id_dsa_with_sha3_256); + addSignatureAlgorithm(provider, "SHA3-384", "DSA", PREFIX + "DSASigner$dsaSha3_384", NISTObjectIdentifiers.id_dsa_with_sha3_384); + addSignatureAlgorithm(provider, "SHA3-512", "DSA", PREFIX + "DSASigner$dsaSha3_512", NISTObjectIdentifiers.id_dsa_with_sha3_512); + */ + // END Android-removed: Unsupported algorithms + + // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); @@ -82,19 +82,19 @@ public class DSA provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); - // END android-changed + // END Android-changed: Change primary ID from DSA to SHA1withDSA - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); - // END android-removed + // END Android-removed: Unsupported algorithms AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); for (int i = 0; i != DSAUtil.dsaOids.length; i++) { - // BEGIN android-changed + // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); - // END android-changed + // END Android-changed: Change primary ID from DSA to SHA1withDSA registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); registerOidAlgorithmParameterGenerator(provider, DSAUtil.dsaOids[i], "DSA"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java index 1c49da9f..016b465f 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java @@ -3,20 +3,20 @@ package org.bouncycastle.jcajce.provider.asymmetric; import java.util.HashMap; import java.util.Map; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; // import org.bouncycastle.asn1.eac.EACObjectIdentifiers; // import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; // import org.bouncycastle.asn1.sec.SECObjectIdentifiers; // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.util.Properties; -// END android-removed +// END Android-removed: Unsupported algorithms public class EC { @@ -43,146 +43,144 @@ public class EC provider.addAttributes("KeyAgreement.ECDH", generalEcAttributes); provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); - // BEGIN android-removed - // provider.addAttributes("KeyAgreement.ECDHC", generalEcAttributes); - // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); - // provider.addAttributes("KeyAgreement.ECCDH", generalEcAttributes); - // provider.addAlgorithm("KeyAgreement.ECCDH", PREFIX + "KeyAgreementSpi$DHC"); - // - // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA1KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA224KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA224KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA256KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA256KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA384KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA384KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA512KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA512KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); - // - // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA1CKDF"); - // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA256CKDF"); - // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA384CKDF"); - // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA512CKDF"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAttributes("KeyAgreement.ECDHC", generalEcAttributes); + provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); + provider.addAttributes("KeyAgreement.ECCDH", generalEcAttributes); + provider.addAlgorithm("KeyAgreement.ECCDH", PREFIX + "KeyAgreementSpi$DHC"); + + provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA1KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA224KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA224KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA256KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA256KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA384KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA384KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA512KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA512KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); + + provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA1CKDF"); + provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA256CKDF"); + provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA384CKDF"); + provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA512CKDF"); + */ + // END Android-removed: Unsupported algorithms registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); - // BEGIN android-added - // We were having this one in 1.52. As of 1.54 this one is under - // if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv")) - // below - registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); - // END android-added - - // BEGIN android-removed - // registerOid(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC()); - // - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC()); - // - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC()); - // - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC()); - // - // END android-removed - // BEGIN android-removed - // // Android comment: the registrations in this block are causing CTS tests to fail - // // and don't seem to be implemented by bouncycastle (so looks like an bug in - // // bouncycastle). - // // TODO(20447540): check if this occurs in upstream bouncycastle and report accordingly - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); - // - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); - // END android-removed - // BEGIN android-removed - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC"); - // - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC"); - // - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC"); - // - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC"); - // - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC"); - // - // if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv")) - // { - // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); - // - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1CKDF"); - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224CKDF"); - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF"); - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF"); - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF"); - // - // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA224KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA256KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA384KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA512KDFAndSharedInfo"); - // - // registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); - // - // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "EC"); - // - // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "EC"); - // - // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "EC"); - // - // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "EC"); - // - // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); - // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); - // } - // END android-removed + + // BEGIN Android-removed: Unsupported algorithms + /* + registerOid(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + + registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC()); + + registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC()); + + registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC()); + + registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC()); + + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); + + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC"); + + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC"); + + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC"); + + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC"); + + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC"); + + if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv")) + { + provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); + + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1CKDF"); + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224CKDF"); + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF"); + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF"); + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF"); + + provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA224KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA256KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA384KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA512KDFAndSharedInfo"); + + */ + // END Android-removed: Unsupported algorithms + registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); + // BEGIN Android-removed: Unsupported algorithms + /* + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); + + registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "EC"); + + registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "EC"); + + registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "EC"); + + registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "EC"); + + provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); + provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); + } + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); - // BEGIN android-removed - // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); - // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); - // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); + provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); + provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); - // BEGIN android-removed - // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); - // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); - // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // - // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); - // - // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); - // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); - // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); - // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); - // - // provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); - // END android-removed - - // BEGIN android-changed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); + provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); + provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); + provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); + provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); + + provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); + + provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); + provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); + provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); + provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); + + provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); + */ + // END Android-removed: Unsupported algorithms + + // BEGIN Android-changed: Change primary ID from ECDSA to SHA1withECDSA provider.addAlgorithm("Signature.SHA1withECDSA", PREFIX + "SignatureSpi$ecDSA"); provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); @@ -193,60 +191,64 @@ public class EC provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "SHA1withECDSA"); provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "SHA1withECDSA"); provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "SHA1withECDSA"); - // END android-changed - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); - // - // provider.addAlgorithm("Signature.ECDDSA", PREFIX + "SignatureSpi$ecDetDSA"); - // provider.addAlgorithm("Signature.SHA1WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA"); - // provider.addAlgorithm("Signature.SHA224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA224"); - // provider.addAlgorithm("Signature.SHA256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA256"); - // provider.addAlgorithm("Signature.SHA384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA384"); - // provider.addAlgorithm("Signature.SHA512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA512"); - // provider.addAlgorithm("Signature.SHA3-224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_224"); - // provider.addAlgorithm("Signature.SHA3-256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_256"); - // provider.addAlgorithm("Signature.SHA3-384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_384"); - // provider.addAlgorithm("Signature.SHA3-512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_512"); - - // provider.addAlgorithm("Alg.Alias.Signature.DETECDSA", "ECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDETECDSA", "SHA1WITHECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHDETECDSA", "SHA224WITHECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHDETECDSA", "SHA256WITHECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHDETECDSA", "SHA384WITHECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHDETECDSA", "SHA512WITHECDDSA"); - // END android-removed + // END Android-changed: Change primary ID from ECDSA to SHA1withECDSA + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); + + provider.addAlgorithm("Signature.ECDDSA", PREFIX + "SignatureSpi$ecDetDSA"); + provider.addAlgorithm("Signature.SHA1WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA"); + provider.addAlgorithm("Signature.SHA224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA224"); + provider.addAlgorithm("Signature.SHA256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA256"); + provider.addAlgorithm("Signature.SHA384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA384"); + provider.addAlgorithm("Signature.SHA512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA512"); + provider.addAlgorithm("Signature.SHA3-224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_224"); + provider.addAlgorithm("Signature.SHA3-256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_256"); + provider.addAlgorithm("Signature.SHA3-384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_384"); + provider.addAlgorithm("Signature.SHA3-512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_512"); + + provider.addAlgorithm("Alg.Alias.Signature.DETECDSA", "ECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDETECDSA", "SHA1WITHECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHDETECDSA", "SHA224WITHECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHDETECDSA", "SHA256WITHECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHDETECDSA", "SHA384WITHECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHDETECDSA", "SHA512WITHECDDSA"); + */ + // END Android-removed: Unsupported algorithms addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); - // BEGIN android-removed - // addSignatureAlgorithm(provider, "SHA3-224", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_224", NISTObjectIdentifiers.id_ecdsa_with_sha3_224); - // addSignatureAlgorithm(provider, "SHA3-256", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_256", NISTObjectIdentifiers.id_ecdsa_with_sha3_256); - // addSignatureAlgorithm(provider, "SHA3-384", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_384", NISTObjectIdentifiers.id_ecdsa_with_sha3_384); - // addSignatureAlgorithm(provider, "SHA3-512", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_512", NISTObjectIdentifiers.id_ecdsa_with_sha3_512); - // - // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); - // - // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); - // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); - // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); - // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); - // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); - // - // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); - // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); - // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); - // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); - // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); - // - // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); - // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); - // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); - // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); - // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); - // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + addSignatureAlgorithm(provider, "SHA3-224", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_224", NISTObjectIdentifiers.id_ecdsa_with_sha3_224); + addSignatureAlgorithm(provider, "SHA3-256", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_256", NISTObjectIdentifiers.id_ecdsa_with_sha3_256); + addSignatureAlgorithm(provider, "SHA3-384", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_384", NISTObjectIdentifiers.id_ecdsa_with_sha3_384); + addSignatureAlgorithm(provider, "SHA3-512", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_512", NISTObjectIdentifiers.id_ecdsa_with_sha3_512); + + addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); + + provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); + provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); + provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); + provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); + provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); + + addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); + addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); + addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); + addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); + addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); + + addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); + addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); + addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); + addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); + addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); + addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); + */ + // END Android-removed: Unsupported algorithms } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java index 86026ccd..4eb01a34 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java @@ -7,9 +7,8 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; @@ -40,48 +39,58 @@ public class RSA provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); - // - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); - // - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); + + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); + + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-224WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-256WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-384WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-512WITHRSAANDMGF1", "PSS"); + + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); + */ + // END Android-removed: Unsupported algorithms provider.addAttributes("Cipher.RSA", generalRsaAttributes); provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); - // BEGIN android-changed + // Android-changed: Use an alias for RSA/RAW instead of a concrete implementation provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); - // END android-changed - // BEGIN android-removed - // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.rsaEncryption, PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher", X509ObjectIdentifiers.id_ea_rsa, PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); - // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); - // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); - // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); - // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.rsaEncryption, PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher", X509ObjectIdentifiers.id_ea_rsa, PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); + provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); + provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); + provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); + provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); + provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); + provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); @@ -91,128 +100,145 @@ public class RSA registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); - // BEGIN android-removed - // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); - // - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); - // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); - // - // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // - // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); - // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); - // - // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); - // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); - // - // addPSSSignature(provider, "SHA224", PREFIX + "PSSSignatureSpi$SHA224withRSA"); - // addPSSSignature(provider, "SHA256", PREFIX + "PSSSignatureSpi$SHA256withRSA"); - // addPSSSignature(provider, "SHA384", PREFIX + "PSSSignatureSpi$SHA384withRSA"); - // addPSSSignature(provider, "SHA512", PREFIX + "PSSSignatureSpi$SHA512withRSA"); - // addPSSSignature(provider, "SHA512(224)", PREFIX + "PSSSignatureSpi$SHA512_224withRSA"); - // addPSSSignature(provider, "SHA512(256)", PREFIX + "PSSSignatureSpi$SHA512_256withRSA"); - // - // addPSSSignature(provider, "SHA3-224", PREFIX + "PSSSignatureSpi$SHA3_224withRSA"); - // addPSSSignature(provider, "SHA3-256", PREFIX + "PSSSignatureSpi$SHA3_256withRSA"); - // addPSSSignature(provider, "SHA3-384", PREFIX + "PSSSignatureSpi$SHA3_384withRSA"); - // addPSSSignature(provider, "SHA3-512", PREFIX + "PSSSignatureSpi$SHA3_512withRSA"); - // - // if (provider.hasAlgorithm("MessageDigest", "MD2")) - // { - // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); - // } - // - // if (provider.hasAlgorithm("MessageDigest", "MD4")) - // { - // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); + + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); + registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); + + provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); + provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); + provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); + + provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); + provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); + + provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); + provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); + + addPSSSignature(provider, "SHA224", PREFIX + "PSSSignatureSpi$SHA224withRSA"); + addPSSSignature(provider, "SHA256", PREFIX + "PSSSignatureSpi$SHA256withRSA"); + addPSSSignature(provider, "SHA384", PREFIX + "PSSSignatureSpi$SHA384withRSA"); + addPSSSignature(provider, "SHA512", PREFIX + "PSSSignatureSpi$SHA512withRSA"); + addPSSSignature(provider, "SHA512(224)", PREFIX + "PSSSignatureSpi$SHA512_224withRSA"); + addPSSSignature(provider, "SHA512(256)", PREFIX + "PSSSignatureSpi$SHA512_256withRSA"); + + addPSSSignature(provider, "SHA3-224", PREFIX + "PSSSignatureSpi$SHA3_224withRSA"); + addPSSSignature(provider, "SHA3-256", PREFIX + "PSSSignatureSpi$SHA3_256withRSA"); + addPSSSignature(provider, "SHA3-384", PREFIX + "PSSSignatureSpi$SHA3_384withRSA"); + addPSSSignature(provider, "SHA3-512", PREFIX + "PSSSignatureSpi$SHA3_512withRSA"); + + if (provider.hasAlgorithm("MessageDigest", "MD2")) + { + addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); + } + + if (provider.hasAlgorithm("MessageDigest", "MD4")) + { + addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); + } + */ + // END Android-removed: Unsupported algorithms if (provider.hasAlgorithm("MessageDigest", "MD5")) { addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // addISO9796Signature(provider, "MD5", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); - // END android-removed } if (provider.hasAlgorithm("MessageDigest", "SHA1")) { - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); - // - // addPSSSignature(provider, "SHA1", PREFIX + "PSSSignatureSpi$SHA1withRSA"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); + + addPSSSignature(provider, "SHA1", PREFIX + "PSSSignatureSpi$SHA1withRSA"); + */ + // END Android-removed: Unsupported algorithms addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // addISO9796Signature(provider, "SHA1", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); - // END android-removed provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // addX931Signature(provider, "SHA1", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); - // END android-removed } addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); addDigestSignature(provider, "SHA256", PREFIX + "DigestSignatureSpi$SHA256", PKCSObjectIdentifiers.sha256WithRSAEncryption); addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); - // BEGIN android-removed - // addDigestSignature(provider, "SHA512(224)", PREFIX + "DigestSignatureSpi$SHA512_224", PKCSObjectIdentifiers.sha512_224WithRSAEncryption); - // addDigestSignature(provider, "SHA512(256)", PREFIX + "DigestSignatureSpi$SHA512_256", PKCSObjectIdentifiers.sha512_256WithRSAEncryption); - // - // addDigestSignature(provider, "SHA3-224", PREFIX + "DigestSignatureSpi$SHA3_224", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224); - // addDigestSignature(provider, "SHA3-256", PREFIX + "DigestSignatureSpi$SHA3_256", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256); - // addDigestSignature(provider, "SHA3-384", PREFIX + "DigestSignatureSpi$SHA3_384", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384); - // addDigestSignature(provider, "SHA3-512", PREFIX + "DigestSignatureSpi$SHA3_512", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512); - // - // addISO9796Signature(provider, "SHA224", PREFIX + "ISOSignatureSpi$SHA224WithRSAEncryption"); - // addISO9796Signature(provider, "SHA256", PREFIX + "ISOSignatureSpi$SHA256WithRSAEncryption"); - // addISO9796Signature(provider, "SHA384", PREFIX + "ISOSignatureSpi$SHA384WithRSAEncryption"); - // addISO9796Signature(provider, "SHA512", PREFIX + "ISOSignatureSpi$SHA512WithRSAEncryption"); - // addISO9796Signature(provider, "SHA512(224)", PREFIX + "ISOSignatureSpi$SHA512_224WithRSAEncryption"); - // addISO9796Signature(provider, "SHA512(256)", PREFIX + "ISOSignatureSpi$SHA512_256WithRSAEncryption"); - // - // addX931Signature(provider, "SHA224", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); - // addX931Signature(provider, "SHA256", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); - // addX931Signature(provider, "SHA384", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); - // addX931Signature(provider, "SHA512", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); - // addX931Signature(provider, "SHA512(224)", PREFIX + "X931SignatureSpi$SHA512_224WithRSAEncryption"); - // addX931Signature(provider, "SHA512(256)", PREFIX + "X931SignatureSpi$SHA512_256WithRSAEncryption"); - // - // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) - // { - // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); - // - // addX931Signature(provider, "RMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); - // addX931Signature(provider, "RIPEMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); - // } - // - // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) - // { - // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); - // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); - // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); - // - // addX931Signature(provider, "RMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); - // addX931Signature(provider, "RIPEMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + addDigestSignature(provider, "SHA512(224)", PREFIX + "DigestSignatureSpi$SHA512_224", PKCSObjectIdentifiers.sha512_224WithRSAEncryption); + addDigestSignature(provider, "SHA512(256)", PREFIX + "DigestSignatureSpi$SHA512_256", PKCSObjectIdentifiers.sha512_256WithRSAEncryption); + + addDigestSignature(provider, "SHA3-224", PREFIX + "DigestSignatureSpi$SHA3_224", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224); + addDigestSignature(provider, "SHA3-256", PREFIX + "DigestSignatureSpi$SHA3_256", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256); + addDigestSignature(provider, "SHA3-384", PREFIX + "DigestSignatureSpi$SHA3_384", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384); + addDigestSignature(provider, "SHA3-512", PREFIX + "DigestSignatureSpi$SHA3_512", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512); + + addISO9796Signature(provider, "SHA224", PREFIX + "ISOSignatureSpi$SHA224WithRSAEncryption"); + addISO9796Signature(provider, "SHA256", PREFIX + "ISOSignatureSpi$SHA256WithRSAEncryption"); + addISO9796Signature(provider, "SHA384", PREFIX + "ISOSignatureSpi$SHA384WithRSAEncryption"); + addISO9796Signature(provider, "SHA512", PREFIX + "ISOSignatureSpi$SHA512WithRSAEncryption"); + addISO9796Signature(provider, "SHA512(224)", PREFIX + "ISOSignatureSpi$SHA512_224WithRSAEncryption"); + addISO9796Signature(provider, "SHA512(256)", PREFIX + "ISOSignatureSpi$SHA512_256WithRSAEncryption"); + + addX931Signature(provider, "SHA224", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); + addX931Signature(provider, "SHA256", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); + addX931Signature(provider, "SHA384", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); + addX931Signature(provider, "SHA512", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); + addX931Signature(provider, "SHA512(224)", PREFIX + "X931SignatureSpi$SHA512_224WithRSAEncryption"); + addX931Signature(provider, "SHA512(256)", PREFIX + "X931SignatureSpi$SHA512_256WithRSAEncryption"); + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) + { + addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); + addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); + + addX931Signature(provider, "RMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); + addX931Signature(provider, "RIPEMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); + } + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) + { + addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); + addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); + provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); + provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); + + addX931Signature(provider, "RMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); + addX931Signature(provider, "RIPEMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); + } + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) + { + addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); + } + + if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) + { + addISO9796Signature(provider, "Whirlpool", PREFIX + "ISOSignatureSpi$WhirlpoolWithRSAEncryption"); + addISO9796Signature(provider, "WHIRLPOOL", PREFIX + "ISOSignatureSpi$WhirlpoolWithRSAEncryption"); + addX931Signature(provider, "Whirlpool", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); + addX931Signature(provider, "WHIRLPOOL", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); + } + */ + // END Android-removed: Unsupported algorithms } private void addDigestSignature( diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java index a9fb6b21..12a9f6fd 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java @@ -18,10 +18,10 @@ public class X509 public void configure(ConfigurableProvider provider) { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); - // END android-removed + // END Android-removed: Unsupported algorithms // // certificate factories. diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java index f5e8d0ef..890674ed 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java @@ -16,10 +16,9 @@ import javax.crypto.spec.DHParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.crypto.DerivationFunction; -// BEGIN android-removed +// Android-removed: Unsupported algorithm // import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator; // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi; import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec; @@ -234,14 +233,16 @@ public class KeyAgreementSpi return bigIntToBytes(result); } - // BEGIN android-removed - // public static class DHwithRFC2631KDF - // extends KeyAgreementSpi - // { - // public DHwithRFC2631KDF() - // { - // super("DHwithRFC2631KDF", new DHKEKGenerator(DigestFactory.createSHA1())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + public static class DHwithRFC2631KDF + extends KeyAgreementSpi + { + public DHwithRFC2631KDF() + { + super("DHwithRFC2631KDF", new DHKEKGenerator(DigestFactory.createSHA1())); + } + } + */ + // END Android-removed: Unsupported algorithm } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java index 6374419f..0384b1c8 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java @@ -21,27 +21,15 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.digests.SHA224Digest; -// import org.bouncycastle.crypto.digests.SHA256Digest; -// import org.bouncycastle.crypto.digests.SHA384Digest; -// import org.bouncycastle.crypto.digests.SHA512Digest; -// END android-removed -// BEGIN android-added +// Android-added: Check DSA keys when generated import org.bouncycastle.crypto.params.DSAKeyParameters; import org.bouncycastle.crypto.params.DSAParameters; -// END android-added import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.params.ParametersWithRandom; +// Android-removed: Unsupported algorithm // import org.bouncycastle.crypto.signers.HMacDSAKCalculator; +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; public class DSASigner @@ -83,13 +71,11 @@ public class DSASigner PrivateKey privateKey) throws InvalidKeyException { - CipherParameters param; + CipherParameters param = DSAUtil.generatePrivateKeyParameter(privateKey); - param = DSAUtil.generatePrivateKeyParameter(privateKey); - // BEGIN android-added + // Android-added: Check DSA keys when generated DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters(); checkKey(dsaParam); - // END android-added if (random != null) { @@ -163,7 +149,7 @@ public class DSASigner throw new UnsupportedOperationException("engineSetParameter unsupported"); } - // BEGIN android-added + // BEGIN Android-added: Check DSA keys when generated protected void checkKey(DSAParameters params) throws InvalidKeyException { int valueL = params.getP().bitLength(); int valueN = params.getQ().bitLength(); @@ -184,7 +170,7 @@ public class DSASigner } } - // END android-added + // END Android-added: Check DSA keys when generated /** * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> */ @@ -238,171 +224,180 @@ public class DSASigner { public stdDSA() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed } } - // BEGIN android-removed - // static public class detDSA - // extends DSASigner - // { - // public detDSA() - // { - // super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1()))); - // } - // } + // BEGIN Android-removed: Unsupported algorithm + /* + static public class detDSA + extends DSASigner + { + public detDSA() + { + super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1()))); + } + } + */ + // END Android-removed: Unsupported algorithm static public class dsa224 extends DSASigner { public dsa224() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed } } - // BEGIN android-removed - // static public class detDSA224 - // extends DSASigner - // { - // public detDSA224() - // { - // super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224()))); - // } - // } + // BEGIN Android-removed: Unsupported algorithm + /* + static public class detDSA224 + extends DSASigner + { + public detDSA224() + { + super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224()))); + } + } + */ + // END Android-removed: Unsupported algorithm static public class dsa256 extends DSASigner { public dsa256() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed } } - // BEGIN android-removed - // static public class detDSA256 - // extends DSASigner - // { - // public detDSA256() - // { - // super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256()))); - // } - // } - // - // static public class dsa384 - // extends DSASigner - // { - // public dsa384() - // { - // super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSA384 - // extends DSASigner - // { - // public detDSA384() - // { - // super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384()))); - // } - // } - // - // static public class dsa512 - // extends DSASigner - // { - // public dsa512() - // { - // super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSA512 - // extends DSASigner - // { - // public detDSA512() - // { - // super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512()))); - // } - // } - // - // static public class dsaSha3_224 - // extends DSASigner - // { - // public dsaSha3_224() - // { - // super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSASha3_224 - // extends DSASigner - // { - // public detDSASha3_224() - // { - // super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224()))); - // } - // } - // - // static public class dsaSha3_256 - // extends DSASigner - // { - // public dsaSha3_256() - // { - // super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSASha3_256 - // extends DSASigner - // { - // public detDSASha3_256() - // { - // super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256()))); - // } - // } - // - // static public class dsaSha3_384 - // extends DSASigner - // { - // public dsaSha3_384() - // { - // super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSASha3_384 - // extends DSASigner - // { - // public detDSASha3_384() - // { - // super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384()))); - // } - // } - // - // static public class dsaSha3_512 - // extends DSASigner - // { - // public dsaSha3_512() - // { - // super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSASha3_512 - // extends DSASigner - // { - // public detDSASha3_512() - // { - // super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512()))); - // } - // } - // END android-removed + + // BEGIN Android-removed: Unsupported algorithms + /* + static public class detDSA256 + extends DSASigner + { + public detDSA256() + { + super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256()))); + } + } + + static public class dsa384 + extends DSASigner + { + public dsa384() + { + super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSA384 + extends DSASigner + { + public detDSA384() + { + super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384()))); + } + } + + static public class dsa512 + extends DSASigner + { + public dsa512() + { + super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSA512 + extends DSASigner + { + public detDSA512() + { + super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512()))); + } + } + + static public class dsaSha3_224 + extends DSASigner + { + public dsaSha3_224() + { + super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSASha3_224 + extends DSASigner + { + public detDSASha3_224() + { + super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224()))); + } + } + + static public class dsaSha3_256 + extends DSASigner + { + public dsaSha3_256() + { + super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSASha3_256 + extends DSASigner + { + public detDSASha3_256() + { + super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256()))); + } + } + + static public class dsaSha3_384 + extends DSASigner + { + public dsaSha3_384() + { + super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSASha3_384 + extends DSASigner + { + public detDSASha3_384() + { + super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384()))); + } + } + + static public class dsaSha3_512 + extends DSASigner + { + public dsaSha3_512() + { + super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSASha3_512 + extends DSASigner + { + public detDSASha3_512() + { + super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512()))); + } + } + */ + // END Android-removed: Unsupported algorithms static public class noneDSA extends DSASigner diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java index 10bac464..d768ae6d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java @@ -26,9 +26,8 @@ public class DSAUtil public static final ASN1ObjectIdentifier[] dsaOids = { X9ObjectIdentifiers.id_dsa, - // BEGIN android-added + // Android-added: Add missing OID for DSA-with-SHA1 X9ObjectIdentifiers.id_dsa_with_sha1, - // END android-added OIWObjectIdentifiers.dsaWithSHA1 }; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java index 6e1eda2d..dd286312 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java @@ -14,32 +14,32 @@ import org.bouncycastle.crypto.BasicAgreement; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DerivationFunction; import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; // import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; // import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator; // import org.bouncycastle.crypto.generators.KDF2BytesGenerator; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.MQVPrivateParameters; // import org.bouncycastle.crypto.params.MQVPublicParameters; // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.spec.MQVParameterSpec; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec; import org.bouncycastle.jce.interfaces.ECPrivateKey; import org.bouncycastle.jce.interfaces.ECPublicKey; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.jce.interfaces.MQVPrivateKey; // import org.bouncycastle.jce.interfaces.MQVPublicKey; -// END android-removed +// END Android-removed: Unsupported algorithms /** * Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363 @@ -57,9 +57,8 @@ public class KeyAgreementSpi private ECDomainParameters parameters; private BasicAgreement agreement; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // private MQVParameterSpec mqvParameters; - // END android-removed private BigInteger result; protected KeyAgreementSpi( @@ -95,31 +94,33 @@ public class KeyAgreementSpi } CipherParameters pubKey; - // BEGIN android-removed - // if (agreement instanceof ECMQVBasicAgreement) - // { - // if (!(key instanceof MQVPublicKey)) - // { - // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter((PublicKey)key); - // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvParameters.getOtherPartyEphemeralKey()); - // - // pubKey = new MQVPublicParameters(staticKey, ephemKey); - // } - // else - // { - // MQVPublicKey mqvPubKey = (MQVPublicKey)key; - // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvPubKey.getStaticKey()); - // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); - // - // pubKey = new MQVPublicParameters(staticKey, ephemKey); - // } - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (agreement instanceof ECMQVBasicAgreement) + { + if (!(key instanceof MQVPublicKey)) + { + ECPublicKeyParameters staticKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter((PublicKey)key); + ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvParameters.getOtherPartyEphemeralKey()); + + pubKey = new MQVPublicParameters(staticKey, ephemKey); + } + else + { + MQVPublicKey mqvPubKey = (MQVPublicKey)key; + ECPublicKeyParameters staticKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvPubKey.getStaticKey()); + ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); + + pubKey = new MQVPublicParameters(staticKey, ephemKey); + } + } + else + */ + // END Android-removed: Unsupported algorithms { if (!(key instanceof PublicKey)) { @@ -133,7 +134,9 @@ public class KeyAgreementSpi try { result = agreement.calculateAgreement(pubKey); - } catch (final Exception e) { + } + catch (final Exception e) + { throw new InvalidKeyException("calculation failed: " + e.getMessage()) { public Throwable getCause() @@ -142,6 +145,7 @@ public class KeyAgreementSpi } }; } + return null; } @@ -151,9 +155,9 @@ public class KeyAgreementSpi SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException { - // BEGIN android-changed + // Android-removed: Unsupported algorithms + // if (params != null && !(params instanceof MQVParameterSpec || params instanceof UserKeyingMaterialSpec)) if (params != null && !(params instanceof UserKeyingMaterialSpec)) - // END android-changed { throw new InvalidAlgorithmParameterException("No algorithm parameters supported"); } @@ -163,7 +167,7 @@ public class KeyAgreementSpi protected void engineInit( Key key, - SecureRandom random) + SecureRandom random) throws InvalidKeyException { initFromKey(key, null); @@ -172,62 +176,64 @@ public class KeyAgreementSpi private void initFromKey(Key key, AlgorithmParameterSpec parameterSpec) throws InvalidKeyException { - // BEGIN android-removed - // if (agreement instanceof ECMQVBasicAgreement) - // { - // mqvParameters = null; - // if (!(key instanceof MQVPrivateKey) && !(parameterSpec instanceof MQVParameterSpec)) - // { - // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " - // + getSimpleName(MQVParameterSpec.class) + " for initialisation"); - // } - // - // ECPrivateKeyParameters staticPrivKey; - // ECPrivateKeyParameters ephemPrivKey; - // ECPublicKeyParameters ephemPubKey; - // if (key instanceof MQVPrivateKey) - // { - // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; - // staticPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); - // ephemPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); - // - // ephemPubKey = null; - // if (mqvPrivKey.getEphemeralPublicKey() != null) - // { - // ephemPubKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); - // } - // } - // else - // { - // MQVParameterSpec mqvParameterSpec = (MQVParameterSpec)parameterSpec; - // - // staticPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter((PrivateKey)key); - // ephemPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter(mqvParameterSpec.getEphemeralPrivateKey()); - // - // ephemPubKey = null; - // if (mqvParameterSpec.getEphemeralPublicKey() != null) - // { - // ephemPubKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvParameterSpec.getEphemeralPublicKey()); - // } - // mqvParameters = mqvParameterSpec; - // ukmParameters = mqvParameterSpec.getUserKeyingMaterial(); - // } - // - // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); - // this.parameters = staticPrivKey.getParameters(); - // - // // TODO Validate that all the keys are using the same parameters? - // - // agreement.init(localParams); - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (agreement instanceof ECMQVBasicAgreement) + { + mqvParameters = null; + if (!(key instanceof MQVPrivateKey) && !(parameterSpec instanceof MQVParameterSpec)) + { + throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + + getSimpleName(MQVParameterSpec.class) + " for initialisation"); + } + + ECPrivateKeyParameters staticPrivKey; + ECPrivateKeyParameters ephemPrivKey; + ECPublicKeyParameters ephemPubKey; + if (key instanceof MQVPrivateKey) + { + MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; + staticPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); + ephemPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); + + ephemPubKey = null; + if (mqvPrivKey.getEphemeralPublicKey() != null) + { + ephemPubKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); + } + } + else + { + MQVParameterSpec mqvParameterSpec = (MQVParameterSpec)parameterSpec; + + staticPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter((PrivateKey)key); + ephemPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvParameterSpec.getEphemeralPrivateKey()); + + ephemPubKey = null; + if (mqvParameterSpec.getEphemeralPublicKey() != null) + { + ephemPubKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvParameterSpec.getEphemeralPublicKey()); + } + mqvParameters = mqvParameterSpec; + ukmParameters = mqvParameterSpec.getUserKeyingMaterial(); + } + + MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); + this.parameters = staticPrivKey.getParameters(); + + // TODO Validate that all the keys are using the same parameters? + + agreement.init(localParams); + } + else + */ + // END Android-removed: Unsupported algorithms { if (!(key instanceof PrivateKey)) { @@ -264,248 +270,250 @@ public class KeyAgreementSpi } } - // BEGIN android-removed - // public static class DHC - // extends KeyAgreementSpi - // { - // public DHC() - // { - // super("ECDHC", new ECDHCBasicAgreement(), null); - // } - // } - - // public static class MQV - // extends KeyAgreementSpi - // { - // public MQV() - // { - // super("ECMQV", new ECMQVBasicAgreement(), null); - // } - // } - - // public static class DHwithSHA1KDF - // extends KeyAgreementSpi - // { - // public DHwithSHA1KDF() - // { - // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class DHwithSHA1KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA1KDFAndSharedInfo() - // { - // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class CDHwithSHA1KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA1KDFAndSharedInfo() - // { - // super("ECCDHwithSHA1KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class DHwithSHA224KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA224KDFAndSharedInfo() - // { - // super("ECDHwithSHA224KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); - // } - // } - - // public static class CDHwithSHA224KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA224KDFAndSharedInfo() - // { - // super("ECCDHwithSHA224KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); - // } - // } - - // public static class DHwithSHA256KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA256KDFAndSharedInfo() - // { - // super("ECDHwithSHA256KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class CDHwithSHA256KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA256KDFAndSharedInfo() - // { - // super("ECCDHwithSHA256KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class DHwithSHA384KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA384KDFAndSharedInfo() - // { - // super("ECDHwithSHA384KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class CDHwithSHA384KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA384KDFAndSharedInfo() - // { - // super("ECCDHwithSHA384KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class DHwithSHA512KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA512KDFAndSharedInfo() - // { - // super("ECDHwithSHA512KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); - // } - // } - - // public static class CDHwithSHA512KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA512KDFAndSharedInfo() - // { - // super("ECCDHwithSHA512KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); - // } - // } - - // public static class MQVwithSHA1KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA1KDFAndSharedInfo() - // { - // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class MQVwithSHA224KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA224KDFAndSharedInfo() - // { - // super("ECMQVwithSHA224KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); - // } - // } - - // public static class MQVwithSHA256KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA256KDFAndSharedInfo() - // { - // super("ECMQVwithSHA256KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class MQVwithSHA384KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA384KDFAndSharedInfo() - // { - // super("ECMQVwithSHA384KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class MQVwithSHA512KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA512KDFAndSharedInfo() - // { - // super("ECMQVwithSHA512KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); - // } - // } - - // public static class DHwithSHA1CKDF - // extends KeyAgreementSpi - // { - // public DHwithSHA1CKDF() - // { - // super("ECDHwithSHA1CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class DHwithSHA256CKDF - // extends KeyAgreementSpi - // { - // public DHwithSHA256CKDF() - // { - // super("ECDHwithSHA256CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class DHwithSHA384CKDF - // extends KeyAgreementSpi - // { - // public DHwithSHA384CKDF() - // { - // super("ECDHwithSHA384CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class DHwithSHA512CKDF - // extends KeyAgreementSpi - // { - // public DHwithSHA512CKDF() - // { - // super("ECDHwithSHA512CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512())); - // } - // } - - // public static class MQVwithSHA1CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA1CKDF() - // { - // super("ECMQVwithSHA1CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class MQVwithSHA224CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA224CKDF() - // { - // super("ECMQVwithSHA224CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224())); - // } - // } - - // public static class MQVwithSHA256CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA256CKDF() - // { - // super("ECMQVwithSHA256CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class MQVwithSHA384CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA384CKDF() - // { - // super("ECMQVwithSHA384CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class MQVwithSHA512CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA512CKDF() - // { - // super("ECMQVwithSHA512CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class DHC + extends KeyAgreementSpi + { + public DHC() + { + super("ECDHC", new ECDHCBasicAgreement(), null); + } + } + + public static class MQV + extends KeyAgreementSpi + { + public MQV() + { + super("ECMQV", new ECMQVBasicAgreement(), null); + } + } + + public static class DHwithSHA1KDF + extends KeyAgreementSpi + { + public DHwithSHA1KDF() + { + super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); + } + } + + public static class DHwithSHA1KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA1KDFAndSharedInfo() + { + super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); + } + } + + public static class CDHwithSHA1KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA1KDFAndSharedInfo() + { + super("ECCDHwithSHA1KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); + } + } + + public static class DHwithSHA224KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA224KDFAndSharedInfo() + { + super("ECDHwithSHA224KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); + } + } + + public static class CDHwithSHA224KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA224KDFAndSharedInfo() + { + super("ECCDHwithSHA224KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); + } + } + + public static class DHwithSHA256KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA256KDFAndSharedInfo() + { + super("ECDHwithSHA256KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); + } + } + + public static class CDHwithSHA256KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA256KDFAndSharedInfo() + { + super("ECCDHwithSHA256KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); + } + } + + public static class DHwithSHA384KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA384KDFAndSharedInfo() + { + super("ECDHwithSHA384KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); + } + } + + public static class CDHwithSHA384KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA384KDFAndSharedInfo() + { + super("ECCDHwithSHA384KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); + } + } + + public static class DHwithSHA512KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA512KDFAndSharedInfo() + { + super("ECDHwithSHA512KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); + } + } + + public static class CDHwithSHA512KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA512KDFAndSharedInfo() + { + super("ECCDHwithSHA512KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); + } + } + + public static class MQVwithSHA1KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA1KDFAndSharedInfo() + { + super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); + } + } + + public static class MQVwithSHA224KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA224KDFAndSharedInfo() + { + super("ECMQVwithSHA224KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); + } + } + + public static class MQVwithSHA256KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA256KDFAndSharedInfo() + { + super("ECMQVwithSHA256KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); + } + } + + public static class MQVwithSHA384KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA384KDFAndSharedInfo() + { + super("ECMQVwithSHA384KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); + } + } + + public static class MQVwithSHA512KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA512KDFAndSharedInfo() + { + super("ECMQVwithSHA512KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); + } + } + + public static class DHwithSHA1CKDF + extends KeyAgreementSpi + { + public DHwithSHA1CKDF() + { + super("ECDHwithSHA1CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1())); + } + } + + public static class DHwithSHA256CKDF + extends KeyAgreementSpi + { + public DHwithSHA256CKDF() + { + super("ECDHwithSHA256CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256())); + } + } + + public static class DHwithSHA384CKDF + extends KeyAgreementSpi + { + public DHwithSHA384CKDF() + { + super("ECDHwithSHA384CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384())); + } + } + + public static class DHwithSHA512CKDF + extends KeyAgreementSpi + { + public DHwithSHA512CKDF() + { + super("ECDHwithSHA512CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512())); + } + } + + public static class MQVwithSHA1CKDF + extends KeyAgreementSpi + { + public MQVwithSHA1CKDF() + { + super("ECMQVwithSHA1CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1())); + } + } + + public static class MQVwithSHA224CKDF + extends KeyAgreementSpi + { + public MQVwithSHA224CKDF() + { + super("ECMQVwithSHA224CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224())); + } + } + + public static class MQVwithSHA256CKDF + extends KeyAgreementSpi + { + public MQVwithSHA256CKDF() + { + super("ECMQVwithSHA256CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256())); + } + } + + public static class MQVwithSHA384CKDF + extends KeyAgreementSpi + { + public MQVwithSHA384CKDF() + { + super("ECMQVwithSHA384CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384())); + } + } + + public static class MQVwithSHA512CKDF + extends KeyAgreementSpi + { + public MQVwithSHA512CKDF() + { + super("ECMQVwithSHA512CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512())); + } + } + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java index a749f114..431b6bd3 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java @@ -208,16 +208,18 @@ public class KeyFactorySpi } } - // BEGIN android-removed - // public static class ECGOST3410 - // extends KeyFactorySpi - // { - // public ECGOST3410() - // { - // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + public static class ECGOST3410 + extends KeyFactorySpi + { + public ECGOST3410() + { + super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); + } + } + */ + // END Android-removed: Unsupported algorithm public static class ECDH extends KeyFactorySpi diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java index 5f8a901e..794ca971 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java @@ -43,9 +43,10 @@ public abstract class KeyPairGeneratorSpi ECKeyGenerationParameters param; ECKeyPairGenerator engine = new ECKeyPairGenerator(); Object ecParams = null; - // BEGIN android-changed + // Android-changed: Use 256-bit keys by default. + // 239-bit keys (the Bouncy Castle default) are less widely-supported than 256-bit ones, + // so we've changed the default strength to 256 for increased compatibility int strength = 256; - // BEGIN android-changed int certainty = 50; SecureRandom random = new SecureRandom(); boolean initialised = false; @@ -87,13 +88,13 @@ public abstract class KeyPairGeneratorSpi SecureRandom random) { this.strength = strength; - // BEGIN android-added + // BEGIN Android-changed: Don't override this.random with null. + // Passing null just means to use a default random, which this.random is already + // initialized to, so just use that if (random != null) { - // END android-added - this.random = random; - // BEGIN android-added + this.random = random; } - // END android-added + // END Android-changed: Don't override this.random with null. ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); if (ecParams == null) @@ -116,11 +117,11 @@ public abstract class KeyPairGeneratorSpi SecureRandom random) throws InvalidAlgorithmParameterException { - // BEGIN android-added + // BEGIN Android-added: Use existing SecureRandom if none is provided. if (random == null) { random = this.random; } - // END android-added + // END Android-added: Use existing SecureRandom if none is provided. if (params == null) { ECParameterSpec implicitCA = configuration.getEcImplicitlyCa(); @@ -288,4 +289,4 @@ public abstract class KeyPairGeneratorSpi super("ECMQV", BouncyCastleProvider.CONFIGURATION); } } -} +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java index 46aeec7e..93f9d162 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java @@ -16,19 +16,18 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.digests.RIPEMD160Digest; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.crypto.params.ParametersWithRandom; import org.bouncycastle.crypto.signers.ECDSASigner; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.signers.ECNRSigner; // import org.bouncycastle.crypto.signers.HMacDSAKCalculator; +// END Android-removed: Unsupported algorithms +// BEGIN Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; @@ -74,22 +73,24 @@ public class SignatureSpi { public ecDSA() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA1(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed } } - // BEGIN android-removed - // static public class ecDetDSA - // extends SignatureSpi - // { - // public ecDetDSA() - // { - // super(DigestFactory.createSHA1(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())), new StdDSAEncoder()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + static public class ecDetDSA + extends SignatureSpi + { + public ecDetDSA() + { + super(DigestFactory.createSHA1(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())), new StdDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithm static public class ecDSAnone extends SignatureSpi @@ -105,267 +106,276 @@ public class SignatureSpi { public ecDSA224() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA224(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed } } - // BEGIN android-removed - // static public class ecDetDSA224 - // extends SignatureSpi - // { - // public ecDetDSA224() - // { - // super(DigestFactory.createSHA224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())), new StdDSAEncoder()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + static public class ecDetDSA224 + extends SignatureSpi + { + public ecDetDSA224() + { + super(DigestFactory.createSHA224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())), new StdDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithm static public class ecDSA256 extends SignatureSpi { public ecDSA256() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA256(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed } } - // BEGIN android-removed - // static public class ecDetDSA256 - // extends SignatureSpi - // { - // public ecDetDSA256() - // { - // super(DigestFactory.createSHA256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())), new StdDSAEncoder()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + static public class ecDetDSA256 + extends SignatureSpi + { + public ecDetDSA256() + { + super(DigestFactory.createSHA256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())), new StdDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithm static public class ecDSA384 extends SignatureSpi { public ecDSA384() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA384(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed } } - // BEGIN android-removed - // static public class ecDetDSA384 - // extends SignatureSpi - // { - // public ecDetDSA384() - // { - // super(DigestFactory.createSHA384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())), new StdDSAEncoder()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + static public class ecDetDSA384 + extends SignatureSpi + { + public ecDetDSA384() + { + super(DigestFactory.createSHA384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())), new StdDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithms + static public class ecDSA512 extends SignatureSpi { public ecDSA512() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA512(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed - } - } - - // BEGIN android-removed - // static public class ecDetDSA512 - // extends SignatureSpi - // { - // public ecDetDSA512() - // { - // super(DigestFactory.createSHA512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSASha3_224 - // extends SignatureSpi - // { - // public ecDSASha3_224() - // { - // super(DigestFactory.createSHA3_224(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecDetDSASha3_224 - // extends SignatureSpi - // { - // public ecDetDSASha3_224() - // { - // super(DigestFactory.createSHA3_224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSASha3_256 - // extends SignatureSpi - // { - // public ecDSASha3_256() - // { - // super(DigestFactory.createSHA3_256(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecDetDSASha3_256 - // extends SignatureSpi - // { - // public ecDetDSASha3_256() - // { - // super(DigestFactory.createSHA3_256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSASha3_384 - // extends SignatureSpi - // { - // public ecDSASha3_384() - // { - // super(DigestFactory.createSHA3_384(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecDetDSASha3_384 - // extends SignatureSpi - // { - // public ecDetDSASha3_384() - // { - // super(DigestFactory.createSHA3_384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSASha3_512 - // extends SignatureSpi - // { - // public ecDSASha3_512() - // { - // super(DigestFactory.createSHA3_512(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecDetDSASha3_512 - // extends SignatureSpi - // { - // public ecDetDSASha3_512() - // { - // super(DigestFactory.createSHA3_512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSARipeMD160 - // extends SignatureSpi - // { - // public ecDSARipeMD160() - // { - // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR - // extends SignatureSpi - // { - // public ecNR() - // { - // super(DigestFactory.createSHA1(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR224 - // extends SignatureSpi - // { - // public ecNR224() - // { - // super(DigestFactory.createSHA224(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR256 - // extends SignatureSpi - // { - // public ecNR256() - // { - // super(DigestFactory.createSHA256(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR384 - // extends SignatureSpi - // { - // public ecNR384() - // { - // super(DigestFactory.createSHA384(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR512 - // extends SignatureSpi - // { - // public ecNR512() - // { - // super(DigestFactory.createSHA512(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecCVCDSA - // extends SignatureSpi - // { - // public ecCVCDSA() - // { - // super(DigestFactory.createSHA1(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecCVCDSA224 - // extends SignatureSpi - // { - // public ecCVCDSA224() - // { - // super(DigestFactory.createSHA224(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecCVCDSA256 - // extends SignatureSpi - // { - // public ecCVCDSA256() - // { - // super(DigestFactory.createSHA256(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecCVCDSA384 - // extends SignatureSpi - // { - // public ecCVCDSA384() - // { - // super(DigestFactory.createSHA384(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecCVCDSA512 - // extends SignatureSpi - // { - // public ecCVCDSA512() - // { - // super(DigestFactory.createSHA512(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecPlainDSARP160 - // extends SignatureSpi - // { - // public ecPlainDSARP160() - // { - // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - // END android-removed + } + } + + // BEGIN Android-removed: Unsupported algorithms + /* + static public class ecDetDSA512 + extends SignatureSpi + { + public ecDetDSA512() + { + super(DigestFactory.createSHA512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())), new StdDSAEncoder()); + } + } + + static public class ecDSASha3_224 + extends SignatureSpi + { + public ecDSASha3_224() + { + super(DigestFactory.createSHA3_224(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSASha3_224 + extends SignatureSpi + { + public ecDetDSASha3_224() + { + super(DigestFactory.createSHA3_224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())), new StdDSAEncoder()); + } + } + + static public class ecDSASha3_256 + extends SignatureSpi + { + public ecDSASha3_256() + { + super(DigestFactory.createSHA3_256(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSASha3_256 + extends SignatureSpi + { + public ecDetDSASha3_256() + { + super(DigestFactory.createSHA3_256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())), new StdDSAEncoder()); + } + } + + static public class ecDSASha3_384 + extends SignatureSpi + { + public ecDSASha3_384() + { + super(DigestFactory.createSHA3_384(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSASha3_384 + extends SignatureSpi + { + public ecDetDSASha3_384() + { + super(DigestFactory.createSHA3_384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())), new StdDSAEncoder()); + } + } + + static public class ecDSASha3_512 + extends SignatureSpi + { + public ecDSASha3_512() + { + super(DigestFactory.createSHA3_512(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSASha3_512 + extends SignatureSpi + { + public ecDetDSASha3_512() + { + super(DigestFactory.createSHA3_512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())), new StdDSAEncoder()); + } + } + + static public class ecDSARipeMD160 + extends SignatureSpi + { + public ecDSARipeMD160() + { + super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecNR + extends SignatureSpi + { + public ecNR() + { + super(DigestFactory.createSHA1(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR224 + extends SignatureSpi + { + public ecNR224() + { + super(DigestFactory.createSHA224(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR256 + extends SignatureSpi + { + public ecNR256() + { + super(DigestFactory.createSHA256(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR384 + extends SignatureSpi + { + public ecNR384() + { + super(DigestFactory.createSHA384(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR512 + extends SignatureSpi + { + public ecNR512() + { + super(DigestFactory.createSHA512(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecCVCDSA + extends SignatureSpi + { + public ecCVCDSA() + { + super(DigestFactory.createSHA1(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA224 + extends SignatureSpi + { + public ecCVCDSA224() + { + super(DigestFactory.createSHA224(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA256 + extends SignatureSpi + { + public ecCVCDSA256() + { + super(DigestFactory.createSHA256(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA384 + extends SignatureSpi + { + public ecCVCDSA384() + { + super(DigestFactory.createSHA384(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA512 + extends SignatureSpi + { + public ecCVCDSA512() + { + super(DigestFactory.createSHA512(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecPlainDSARP160 + extends SignatureSpi + { + public ecPlainDSARP160() + { + super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithms private static class StdDSAEncoder implements DSAEncoder @@ -406,68 +416,70 @@ public class SignatureSpi } } - // BEGIN android-removed - // private static class PlainDSAEncoder - // implements DSAEncoder - // { - // public byte[] encode( - // BigInteger r, - // BigInteger s) - // throws IOException - // { - // byte[] first = makeUnsigned(r); - // byte[] second = makeUnsigned(s); - // byte[] res; - // - // if (first.length > second.length) - // { - // res = new byte[first.length * 2]; - // } - // else - // { - // res = new byte[second.length * 2]; - // } - // - // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); - // System.arraycopy(second, 0, res, res.length - second.length, second.length); - // - // return res; - // } - // - // - // private byte[] makeUnsigned(BigInteger val) - // { - // byte[] res = val.toByteArray(); - // - // if (res[0] == 0) - // { - // byte[] tmp = new byte[res.length - 1]; - // - // System.arraycopy(res, 1, tmp, 0, tmp.length); - // - // return tmp; - // } - // - // return res; - // } - // - // public BigInteger[] decode( - // byte[] encoding) - // throws IOException - // { - // BigInteger[] sig = new BigInteger[2]; - // - // byte[] first = new byte[encoding.length / 2]; - // byte[] second = new byte[encoding.length / 2]; - // - // System.arraycopy(encoding, 0, first, 0, first.length); - // System.arraycopy(encoding, first.length, second, 0, second.length); - // - // sig[0] = new BigInteger(1, first); - // sig[1] = new BigInteger(1, second); - // - // return sig; - // } - // } - // END android-removed -} + // BEGIN Android-removed: Unsupported algorithms + /* + private static class PlainDSAEncoder + implements DSAEncoder + { + public byte[] encode( + BigInteger r, + BigInteger s) + throws IOException + { + byte[] first = makeUnsigned(r); + byte[] second = makeUnsigned(s); + byte[] res; + + if (first.length > second.length) + { + res = new byte[first.length * 2]; + } + else + { + res = new byte[second.length * 2]; + } + + System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); + System.arraycopy(second, 0, res, res.length - second.length, second.length); + + return res; + } + + + private byte[] makeUnsigned(BigInteger val) + { + byte[] res = val.toByteArray(); + + if (res[0] == 0) + { + byte[] tmp = new byte[res.length - 1]; + + System.arraycopy(res, 1, tmp, 0, tmp.length); + + return tmp; + } + + return res; + } + + public BigInteger[] decode( + byte[] encoding) + throws IOException + { + BigInteger[] sig = new BigInteger[2]; + + byte[] first = new byte[encoding.length / 2]; + byte[] second = new byte[encoding.length / 2]; + + System.arraycopy(encoding, 0, first, 0, first.length); + System.arraycopy(encoding, first.length, second, 0, second.length); + + sig[0] = new BigInteger(1, first); + sig[1] = new BigInteger(1, second); + + return sig; + } + } + */ + // END Android-removed: Unsupported algorithms +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java index c98b764c..5a3af046 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java @@ -26,9 +26,8 @@ import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.InvalidCipherTextException; -// BEGIN android-removed +// Android-removed: Unsupported algorithm // import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; -// END android-removed import org.bouncycastle.crypto.encodings.OAEPEncoding; import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; @@ -203,12 +202,12 @@ public class CipherSpi { cipher = new PKCS1Encoding(new RSABlindedEngine()); } - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithm // else if (pad.equals("ISO9796-1PADDING")) // { // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); // } - // END android-removed + // END Android-removed: Unsupported algorithm else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) { initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); @@ -237,27 +236,29 @@ public class CipherSpi { initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT)); } - // BEGIN android-removed - // else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING")) - // { - // initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT)); - // } - // else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING")) - // { - // initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT)); - // } - // else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING")) - // { - // initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT)); - // } - // else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING")) - // { - // initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT)); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT)); + } + */ + // END Android-removed: Unsupported algorithms else { - throw new NoSuchPaddingException(padding + " unavailable with RSA."); + throw new NoSuchPaddingException(padding + " unavailable with RSA."); } } @@ -562,50 +563,52 @@ public class CipherSpi } } - // BEGIN android-removed - // static public class PKCS1v1_5Padding - // extends CipherSpi - // { - // public PKCS1v1_5Padding() - // { - // super(new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class PKCS1v1_5Padding_PrivateOnly - // extends CipherSpi - // { - // public PKCS1v1_5Padding_PrivateOnly() - // { - // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class PKCS1v1_5Padding_PublicOnly - // extends CipherSpi - // { - // public PKCS1v1_5Padding_PublicOnly() - // { - // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class OAEPPadding - // extends CipherSpi - // { - // public OAEPPadding() - // { - // super(OAEPParameterSpec.DEFAULT); - // } - // } - // - // static public class ISO9796d1Padding - // extends CipherSpi - // { - // public ISO9796d1Padding() - // { - // super(new ISO9796d1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class PKCS1v1_5Padding + extends CipherSpi + { + public PKCS1v1_5Padding() + { + super(new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class PKCS1v1_5Padding_PrivateOnly + extends CipherSpi + { + public PKCS1v1_5Padding_PrivateOnly() + { + super(false, true, new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class PKCS1v1_5Padding_PublicOnly + extends CipherSpi + { + public PKCS1v1_5Padding_PublicOnly() + { + super(true, false, new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class OAEPPadding + extends CipherSpi + { + public OAEPPadding() + { + super(OAEPParameterSpec.DEFAULT); + } + } + + static public class ISO9796d1Padding + extends CipherSpi + { + public ISO9796d1Padding() + { + super(new ISO9796d1Encoding(new RSABlindedEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java index 1e4d854b..5c2f1df7 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java @@ -17,30 +17,25 @@ import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.DigestInfo; import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.digests.MD2Digest; // import org.bouncycastle.crypto.digests.MD4Digest; // import org.bouncycastle.crypto.digests.NullDigest; // import org.bouncycastle.crypto.digests.RIPEMD128Digest; // import org.bouncycastle.crypto.digests.RIPEMD160Digest; // import org.bouncycastle.crypto.digests.RIPEMD256Digest; -// END android-removed import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; public class DigestSignatureSpi @@ -258,9 +253,9 @@ public class DigestSignatureSpi { public SHA1() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(OIWObjectIdentifiers.idSHA1, DigestFactory.createSHA1(), new PKCS1Encoding(new RSABlindedEngine())); super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } @@ -269,9 +264,9 @@ public class DigestSignatureSpi { public SHA224() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(NISTObjectIdentifiers.id_sha224, DigestFactory.createSHA224(), new PKCS1Encoding(new RSABlindedEngine())); super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } @@ -280,9 +275,9 @@ public class DigestSignatureSpi { public SHA256() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(NISTObjectIdentifiers.id_sha256, DigestFactory.createSHA256(), new PKCS1Encoding(new RSABlindedEngine())); super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } @@ -291,9 +286,9 @@ public class DigestSignatureSpi { public SHA384() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(NISTObjectIdentifiers.id_sha384, DigestFactory.createSHA384(), new PKCS1Encoding(new RSABlindedEngine())); super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } @@ -302,132 +297,136 @@ public class DigestSignatureSpi { public SHA512() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(NISTObjectIdentifiers.id_sha512, DigestFactory.createSHA512(), new PKCS1Encoding(new RSABlindedEngine())); super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } - // BEGIN android-removed - // static public class SHA512_224 - // extends DigestSignatureSpi - // { - // public SHA512_224() - // { - // super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA512_256 - // extends DigestSignatureSpi - // { - // public SHA512_256() - // { - // super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA3_224 - // extends DigestSignatureSpi - // { - // public SHA3_224() - // { - // super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA3_256 - // extends DigestSignatureSpi - // { - // public SHA3_256() - // { - // super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA3_384 - // extends DigestSignatureSpi - // { - // public SHA3_384() - // { - // super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA3_512 - // extends DigestSignatureSpi - // { - // public SHA3_512() - // { - // super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class MD2 - // extends DigestSignatureSpi - // { - // public MD2() - // { - // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class MD4 - // extends DigestSignatureSpi - // { - // public MD4() - // { - // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class SHA512_224 + extends DigestSignatureSpi + { + public SHA512_224() + { + super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA512_256 + extends DigestSignatureSpi + { + public SHA512_256() + { + super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA3_224 + extends DigestSignatureSpi + { + public SHA3_224() + { + super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA3_256 + extends DigestSignatureSpi + { + public SHA3_256() + { + super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA3_384 + extends DigestSignatureSpi + { + public SHA3_384() + { + super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA3_512 + extends DigestSignatureSpi + { + public SHA3_512() + { + super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class MD2 + extends DigestSignatureSpi + { + public MD2() + { + super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class MD4 + extends DigestSignatureSpi + { + public MD4() + { + super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms static public class MD5 extends DigestSignatureSpi { public MD5() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(PKCSObjectIdentifiers.md5, DigestFactory.createMD5(), new PKCS1Encoding(new RSABlindedEngine())); super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } - // BEGIN android-removed - // static public class RIPEMD160 - // extends DigestSignatureSpi - // { - // public RIPEMD160() - // { - // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class RIPEMD128 - // extends DigestSignatureSpi - // { - // public RIPEMD128() - // { - // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class RIPEMD256 - // extends DigestSignatureSpi - // { - // public RIPEMD256() - // { - // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class noneRSA - // extends DigestSignatureSpi - // { - // public noneRSA() - // { - // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class RIPEMD160 + extends DigestSignatureSpi + { + public RIPEMD160() + { + super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class RIPEMD128 + extends DigestSignatureSpi + { + public RIPEMD128() + { + super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class RIPEMD256 + extends DigestSignatureSpi + { + public RIPEMD256() + { + super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class noneRSA + extends DigestSignatureSpi + { + public noneRSA() + { + super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java index 4c3089af..a2c96662 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java @@ -43,10 +43,9 @@ public class KeyPairGeneratorSpi SecureRandom random) { param = new RSAKeyGenerationParameters(defaultPublicExponent, - // BEGIN android-changed - // Was: random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength)); + // Android-changed: Replace null random with default implementation. + // random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength)); (random != null) ? random : new SecureRandom(), strength, PrimeCertaintyCalculator.getDefaultCertainty(strength)); - // END android-changed engine.init(param); } @@ -64,10 +63,9 @@ public class KeyPairGeneratorSpi param = new RSAKeyGenerationParameters( rsaParams.getPublicExponent(), - // BEGIN android-changed - // Was: random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048)); + // Android-changed: Replace null random with default implementation. + // random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048)); (random != null) ? random : new SecureRandom(), rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048)); - // END android-changed engine.init(param); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java index 2994e739..f285ac55 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java @@ -11,10 +11,9 @@ import javax.crypto.ShortBufferException; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers; import org.bouncycastle.asn1.misc.MiscObjectIdentifiers; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; @@ -22,10 +21,9 @@ import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.DerivationFunction; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; // import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator; -// END android-removed import org.bouncycastle.crypto.params.DESParameters; import org.bouncycastle.crypto.params.KDFParameters; import org.bouncycastle.util.Integers; @@ -122,9 +120,8 @@ public abstract class BaseAgreementSpi nameTable.put(KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.getId(), "SEED"); nameTable.put(KISAObjectIdentifiers.id_seedCBC.getId(), "SEED"); nameTable.put(KISAObjectIdentifiers.id_seedMAC.getId(), "SEED"); - // BEGIN android-removed + // Android-removed: Unsupported algorithm // nameTable.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), "GOST28147"); - // END android-removed nameTable.put(NISTObjectIdentifiers.id_aes128_wrap.getId(), "AES"); nameTable.put(NISTObjectIdentifiers.id_aes128_CCM.getId(), "AES"); @@ -163,12 +160,12 @@ public abstract class BaseAgreementSpi { return "AES"; } - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithm // if (algDetails.startsWith(GNUObjectIdentifiers.Serpent.getId())) // { // return "Serpent"; // } - // END android-removed + // END Android-removed: Unsupported algorithms String name = (String)nameTable.get(Strings.toUpperCase(algDetails)); @@ -261,6 +258,7 @@ public abstract class BaseAgreementSpi } int keySize = getKeySize(oidAlgorithm); + if (kdf != null) { if (keySize < 0) @@ -269,24 +267,26 @@ public abstract class BaseAgreementSpi } byte[] keyBytes = new byte[keySize / 8]; - // BEGIN android-removed - // if (kdf instanceof DHKEKGenerator) - // { - // ASN1ObjectIdentifier oid; - // try - // { - // oid = new ASN1ObjectIdentifier(oidAlgorithm); - // } - // catch (IllegalArgumentException e) - // { - // throw new NoSuchAlgorithmException("no OID for algorithm: " + oidAlgorithm); - // } - // DHKDFParameters params = new DHKDFParameters(oid, keySize, secret, ukmParameters); - - // kdf.init(params); - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + if (kdf instanceof DHKEKGenerator) + { + ASN1ObjectIdentifier oid; + try + { + oid = new ASN1ObjectIdentifier(oidAlgorithm); + } + catch (IllegalArgumentException e) + { + throw new NoSuchAlgorithmException("no OID for algorithm: " + oidAlgorithm); + } + DHKDFParameters params = new DHKDFParameters(oid, keySize, secret, ukmParameters); + + kdf.init(params); + } + else + */ + // END Android-removed: Unsupported algorithm { KDFParameters params = new KDFParameters(secret, ukmParameters); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java index 602ca74c..961e2632 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java @@ -18,10 +18,9 @@ import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.RC2ParameterSpec; // import javax.crypto.spec.RC5ParameterSpec; -// END android-removed import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; @@ -41,10 +40,9 @@ public abstract class BaseCipherSpi { IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed + // Android-removed: Unsupported algorithms // RC2ParameterSpec.class, // RC5ParameterSpec.class - // END android-removed }; private final JcaJceHelper helper = new BCJcaJceHelper(); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java index 3b8a0a6a..d67974b8 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java @@ -47,14 +47,14 @@ public class EC5Util } } - // BEGIN android-removed + // BEGIN Android-removed: Unsupported curves // X9ECParameters c25519 = CustomNamedCurves.getByName("Curve25519"); // customCurves.put(new ECCurve.Fp( // c25519.getCurve().getField().getCharacteristic(), // c25519.getCurve().getA().toBigInteger(), - // c25519.getCurve().getB().toBigInteger()), c25519.getCurve()); - // END android-removed + // c25519.getCurve().getB().toBigInteger()), c25519.getCurve()); + // END Android-removed: Unsupported curves } public static ECCurve getCurve( diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java index cba154a7..39ff397c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java @@ -8,17 +8,15 @@ import java.util.Enumeration; import java.util.Map; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.anssi.ANSSINamedCurves; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; // import org.bouncycastle.asn1.gm.GMNamedCurves; -// END android-removed import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.asn1.sec.SECNamedCurves; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; -// END android-removed import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x9.ECNamedCurveTable; import org.bouncycastle.asn1.x9.X962NamedCurves; @@ -338,24 +336,26 @@ public class ECUtil { oid = NISTNamedCurves.getOID(name); } - // BEGIN android-removed - // if (oid == null) - // { - // oid = TeleTrusTNamedCurves.getOID(name); - // } - // if (oid == null) - // { - // oid = ECGOST3410NamedCurves.getOID(name); - // } - // if (oid == null) - // { - // oid = ANSSINamedCurves.getOID(name); - // } - // if (oid == null) - // { - // oid = GMNamedCurves.getOID(name); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (oid == null) + { + oid = TeleTrusTNamedCurves.getOID(name); + } + if (oid == null) + { + oid = ECGOST3410NamedCurves.getOID(name); + } + if (oid == null) + { + oid = ANSSINamedCurves.getOID(name); + } + if (oid == null) + { + oid = GMNamedCurves.getOID(name); + } + */ + // END Android-removed: Unsupported algorithms } return oid; @@ -398,16 +398,18 @@ public class ECUtil { params = NISTNamedCurves.getByOID(oid); } - // BEGIN android-removed - // if (params == null) - // { - // params = TeleTrusTNamedCurves.getByOID(oid); - // } - // if (params == null) - // { - // params = GMNamedCurves.getByOID(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (params == null) + { + params = TeleTrusTNamedCurves.getByOID(oid); + } + if (params == null) + { + params = GMNamedCurves.getByOID(oid); + } + */ + // END Android-removed: Unsupported algorithms } return params; @@ -429,16 +431,18 @@ public class ECUtil { params = NISTNamedCurves.getByName(curveName); } - // BEGIN android-removed - // if (params == null) - // { - // params = TeleTrusTNamedCurves.getByName(curveName); - // } - // if (params == null) - // { - // params = GMNamedCurves.getByName(curveName); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (params == null) + { + params = TeleTrusTNamedCurves.getByName(curveName); + } + if (params == null) + { + params = GMNamedCurves.getByName(curveName); + } + */ + // END Android-removed: Unsupported algorithms } return params; @@ -456,16 +460,18 @@ public class ECUtil { name = NISTNamedCurves.getName(oid); } - // BEGIN android-removed - // if (name == null) - // { - // name = TeleTrusTNamedCurves.getName(oid); - // } - // if (name == null) - // { - // name = ECGOST3410NamedCurves.getName(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (name == null) + { + name = TeleTrusTNamedCurves.getName(oid); + } + if (name == null) + { + name = ECGOST3410NamedCurves.getName(oid); + } + */ + // END Android-removed: Unsupported algorithms } return name; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java index 58310c72..d5608b9e 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java @@ -4,9 +4,8 @@ import java.io.BufferedInputStream; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; -// BEGIN Android-added +// Android-added: Use PushbackInputStream import java.io.PushbackInputStream; -// END Android-added import java.security.cert.CRL; import java.security.cert.CRLException; import java.security.cert.CertPath; @@ -217,22 +216,21 @@ public class CertificateFactory } else { - // BEGIN android-changed - // Was: pis = new ByteArrayInputStream(Streams.readAll(in)); - // Reason: we want {@code in.available()} to return the number of available bytes if + // Android-changed: Use PushbackInputStream instead of ByteArrayInputStream. + // we want {@code in.available()} to return the number of available bytes if // there is trailing data (otherwise it breaks // libcore.java.security.cert.X509CertificateTest#test_Provider // ). Which is not possible if we read the whole stream at this point. + // // pis = new ByteArrayInputStream(Streams.readAll(in)); pis = new PushbackInputStream(in); - // END android-changed } - // BEGIN android-changed - // Was: pis.mark(1); + // BEGIN Android-changed: Use PushbackInputStream + // pis.mark(1); if (in.markSupported()) { pis.mark(1); } - // END android-changed + // END Android-changed: Use PushbackInputStream int tag = pis.read(); @@ -241,8 +239,8 @@ public class CertificateFactory return null; } - // BEGIN android-changdd - // Was: pis.reset + // BEGIN Android-changed: Use PushbackInputStream + // pis.reset if (in.markSupported()) { pis.reset(); } @@ -250,7 +248,7 @@ public class CertificateFactory { ((PushbackInputStream) pis).unread(tag); } - // END android-changed + // END Android-changed: Use PushbackInputStream if (tag != 0x30) // assume ascii PEM encoded. { @@ -276,19 +274,17 @@ public class CertificateFactory throws CertificateException { java.security.cert.Certificate cert; - // BEGIN android-removed - // BufferedInputStream in = new BufferedInputStream(inStream); - // Reason: we want {@code in.available()} to return the number of available bytes if + // Android-removed: Don't read entire stream immediately. + // we want {@code in.available()} to return the number of available bytes if // there is trailing data (otherwise it breaks // libcore.java.security.cert.X509CertificateTest#test_Provider // ). Which is not possible if we read the whole stream at this point. - // END android-removed + // BufferedInputStream in = new BufferedInputStream(inStream); List certs = new ArrayList(); - // BEGIN android-changed - // Was: while ((cert = engineGenerateCertificate(in)) != null) + // Android-changed: Read from original stream + // while ((cert = engineGenerateCertificate(in)) != null) while ((cert = engineGenerateCertificate(inStream)) != null) - // END android-changed { certs.add(cert); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java index 8bb4c3ab..b72de4cb 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java @@ -37,9 +37,8 @@ import org.bouncycastle.asn1.pkcs.SignedData; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; import org.bouncycastle.util.io.pem.PemObject; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.util.io.pem.PemWriter; -// END android-removed /** * CertPath implementation for X.509 certificates. @@ -56,9 +55,8 @@ public class PKIXCertPath { List encodings = new ArrayList(); encodings.add("PkiPath"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // encodings.add("PEM"); - // END android-removed encodings.add("PKCS7"); certPathEncodings = Collections.unmodifiableList(encodings); } @@ -305,29 +303,31 @@ public class PKIXCertPath return toDEREncoded(new ContentInfo( PKCSObjectIdentifiers.signedData, sd)); } - // BEGIN android-removed - // else if (encoding.equalsIgnoreCase("PEM")) - // { - // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); - // - // try - // { - // for (int i = 0; i != certificates.size(); i++) - // { - // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); - // } - // - // pWrt.close(); - // } - // catch (Exception e) - // { - // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); - // } - // - // return bOut.toByteArray(); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (encoding.equalsIgnoreCase("PEM")) + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); + + try + { + for (int i = 0; i != certificates.size(); i++) + { + pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); + } + + pWrt.close(); + } + catch (Exception e) + { + throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); + } + + return bOut.toByteArray(); + } + */ + // END Android-removed: Unsupported algorithms else { throw new CertificateEncodingException("unsupported encoding: " + encoding); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java index 51213d42..bfd7c254 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java @@ -56,9 +56,9 @@ import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.Extensions; import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.asn1.x509.KeyUsage; -// BEGIN android-added +// BEGIN Android-added: Unknown reason import org.bouncycastle.asn1.x509.X509Name; -// END android-added +// END Android-added: Unknown reason import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; import org.bouncycastle.jcajce.util.JcaJceHelper; import org.bouncycastle.jce.X509Principal; @@ -542,20 +542,19 @@ class X509CertificateObject } } - // BEGIN android-changed + // Android-added: Cache the encoded certificate private byte[] encoded; - // END android-changed public byte[] getEncoded() throws CertificateEncodingException { try { - // BEGIN android-changed + // BEGIN Android-changed: Cache the encoded certificate if (encoded == null) { encoded = c.getEncoded(ASN1Encoding.DER); } return encoded; - // END android-changed + // END Android-changed: Cache the encoded certificate } catch (IOException e) { @@ -879,9 +878,9 @@ class X509CertificateObject list.add(genName.getEncoded()); break; case GeneralName.directoryName: - // BEGIN android-changed + // Android-changed: Unknown reason + // list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); - // END android-changed break; case GeneralName.dNSName: case GeneralName.rfc822Name: diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java index 35e03189..17a5462a 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java @@ -5,12 +5,6 @@ import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.digests.SHA1Digest; -// BEGIN ANDROID-ADDED -import org.bouncycastle.crypto.digests.SHA224Digest; -import org.bouncycastle.crypto.digests.SHA256Digest; -import org.bouncycastle.crypto.digests.SHA384Digest; -import org.bouncycastle.crypto.digests.SHA512Digest; -// END ANDROID-ADDED import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java index e129db4d..af375c22 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java @@ -45,19 +45,21 @@ public class SHA256 } } - // BEGIN android-removed - // /** - // * PBEWithHmacSHA - // */ - // public static class PBEWithMacKeyFactory - // extends PBESecretKeyFactory - // { - // public PBEWithMacKeyFactory() - // { - // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * PBEWithHmacSHA + * + public static class PBEWithMacKeyFactory + extends PBESecretKeyFactory + { + public PBEWithMacKeyFactory() + { + super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); + } + } + */ + // END Android-removed: Unsupported algorithms /** * HMACSHA256 @@ -86,11 +88,11 @@ public class SHA256 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Mac.PBEWITHHMACSHA256", PREFIX + "$HashMac"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java index f2fb6d32..8bddcb23 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java @@ -5,9 +5,8 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.digests.SHA384Digest; import org.bouncycastle.crypto.macs.HMac; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.OldHMac; -// END android-removed import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -59,16 +58,18 @@ public class SHA384 } } - // BEGIN android-removed - // public static class OldSHA384 - // extends BaseMac - // { - // public OldSHA384() - // { - // super(new OldHMac(new SHA384Digest())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class OldSHA384 + extends BaseMac + { + public OldSHA384() + { + super(new OldHMac(new SHA384Digest())); + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends DigestAlgorithmProvider @@ -84,9 +85,8 @@ public class SHA384 provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest"); provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); - // END android-removed provider.addAlgorithm("Mac.PBEWITHHMACSHA384", PREFIX + "$HashMac"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java index 9433a817..589e26a3 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java @@ -4,13 +4,11 @@ import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.digests.SHA512Digest; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.digests.SHA512tDigest; -// END android-removed import org.bouncycastle.crypto.macs.HMac; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.OldHMac; -// END android-removed import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -41,44 +39,46 @@ public class SHA512 } } - // BEGIN android-removed - // static public class DigestT - // extends BCMessageDigest - // implements Cloneable - // { - // public DigestT(int bitLength) - // { - // super(new SHA512tDigest(bitLength)); - // } - // - // public Object clone() - // throws CloneNotSupportedException - // { - // DigestT d = (DigestT)super.clone(); - // d.digest = new SHA512tDigest((SHA512tDigest)digest); - // - // return d; - // } - // } - // - // static public class DigestT224 - // extends DigestT - // { - // public DigestT224() - // { - // super(224); - // } - // } - // - // static public class DigestT256 - // extends DigestT - // { - // public DigestT256() - // { - // super(256); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class DigestT + extends BCMessageDigest + implements Cloneable + { + public DigestT(int bitLength) + { + super(new SHA512tDigest(bitLength)); + } + + public Object clone() + throws CloneNotSupportedException + { + DigestT d = (DigestT)super.clone(); + d.digest = new SHA512tDigest((SHA512tDigest)digest); + + return d; + } + } + + static public class DigestT224 + extends DigestT + { + public DigestT224() + { + super(224); + } + } + + static public class DigestT256 + extends DigestT + { + public DigestT256() + { + super(256); + } + } + */ + // END Android-removed: Unsupported algorithms public static class HashMac extends BaseMac @@ -89,37 +89,39 @@ public class SHA512 } } - // BEGIN android-removed - // public static class HashMacT224 - // extends BaseMac - // { - // public HashMacT224() - // { - // super(new HMac(new SHA512tDigest(224))); - // } - // } - // - // public static class HashMacT256 - // extends BaseMac - // { - // public HashMacT256() - // { - // super(new HMac(new SHA512tDigest(256))); - // } - // } - // - // /** - // * SHA-512 HMac - // */ - // public static class OldSHA512 - // extends BaseMac - // { - // public OldSHA512() - // { - // super(new OldHMac(new SHA512Digest())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class HashMacT224 + extends BaseMac + { + public HashMacT224() + { + super(new HMac(new SHA512tDigest(224))); + } + } + + public static class HashMacT256 + extends BaseMac + { + public HashMacT256() + { + super(new HMac(new SHA512tDigest(256))); + } + } + + /** + * SHA-512 HMac + * + public static class OldSHA512 + extends BaseMac + { + public OldSHA512() + { + super(new OldHMac(new SHA512Digest())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * HMACSHA512 @@ -133,25 +135,27 @@ public class SHA512 } } - // BEGIN android-removed - // public static class KeyGeneratorT224 - // extends BaseKeyGenerator - // { - // public KeyGeneratorT224() - // { - // super("HMACSHA512/224", 224, new CipherKeyGenerator()); - // } - // } - // - // public static class KeyGeneratorT256 - // extends BaseKeyGenerator - // { - // public KeyGeneratorT256() - // { - // super("HMACSHA512/256", 256, new CipherKeyGenerator()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class KeyGeneratorT224 + extends BaseKeyGenerator + { + public KeyGeneratorT224() + { + super("HMACSHA512/224", 224, new CipherKeyGenerator()); + } + } + + public static class KeyGeneratorT256 + extends BaseKeyGenerator + { + public KeyGeneratorT256() + { + super("HMACSHA512/256", 256, new CipherKeyGenerator()); + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends DigestAlgorithmProvider @@ -168,27 +172,29 @@ public class SHA512 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512"); - // BEGIN android-removed - // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); - // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); - // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); - // - // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); - // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); - // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); - // - // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); + provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); + + provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); + provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); + + provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Mac.PBEWITHHMACSHA512", PREFIX + "$HashMac"); addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); - // END android-removed + // END Android-removed: Unsupported algorithms } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java index 9711426e..5bc0aa82 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java @@ -17,9 +17,8 @@ public class BC public void configure(ConfigurableProvider provider) { provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); - // END android-removed provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore"); provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle"); provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java index 1d4e1468..4dc856d9 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java @@ -17,16 +17,18 @@ public class PKCS12 public void configure(ConfigurableProvider provider) { provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // BEGIN android-removed - // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); - // - // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); - // - // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); + + provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); + + provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); + */ + // END Android-removed: Unsupported algorithms } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java index 106f75b2..de48b81f 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java @@ -64,10 +64,9 @@ import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DEROutputStream; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERSet; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; @@ -90,15 +89,13 @@ import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; import org.bouncycastle.crypto.Digest; -// BEGIN android-changed -// Was: import org.bouncycastle.crypto.digests.SHA1Digest +// Android-changed: Use Android digests +// import org.bouncycastle.crypto.util.DigestFactory; import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed import org.bouncycastle.jcajce.PKCS12Key; import org.bouncycastle.jcajce.PKCS12StoreParameter; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; -// END android-removed import org.bouncycastle.jcajce.spec.PBKDF2KeySpec; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; @@ -233,6 +230,8 @@ public class PKCS12KeyStoreSpi private static byte[] getDigest(SubjectPublicKeyInfo spki) { + // Android-changed: Use Android digests + // Digest digest = DigestFactory.createSHA1(); Digest digest = AndroidDigestFactory.getSHA1(); byte[] resBuf = new byte[digest.getDigestSize()]; @@ -758,15 +757,17 @@ public class PKCS12KeyStoreSpi { cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets())); } - // BEGIN android-removed - // else - // { - // // TODO: at the moment it's just GOST, but... - // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); - // - // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else + { + // TODO: at the moment it's just GOST, but... + GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); + + cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); + } + */ + // END Android-removed: Unsupported algorithms return cipher; } @@ -1718,33 +1719,36 @@ public class PKCS12KeyStoreSpi super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); } } - // BEGIN android-removed - // public static class BCPKCS12KeyStore3DES - // extends PKCS12KeyStoreSpi - // { - // public BCPKCS12KeyStore3DES() - // { - // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); - // } - // } - // - // public static class DefPKCS12KeyStore - // extends PKCS12KeyStoreSpi - // { - // public DefPKCS12KeyStore() - // { - // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); - // } - // } - // - // public static class DefPKCS12KeyStore3DES - // extends PKCS12KeyStoreSpi - // { - // public DefPKCS12KeyStore3DES() - // { - // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); - // } - // } + + // BEGIN Android-removed: Unsupported algorithms + /* + public static class BCPKCS12KeyStore3DES + extends PKCS12KeyStoreSpi + { + public BCPKCS12KeyStore3DES() + { + super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); + } + } + + public static class DefPKCS12KeyStore + extends PKCS12KeyStoreSpi + { + public DefPKCS12KeyStore() + { + super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); + } + } + + public static class DefPKCS12KeyStore3DES + extends PKCS12KeyStoreSpi + { + public DefPKCS12KeyStore3DES() + { + super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); + } + } + */ // END android-removed private static class IgnoresCaseHashtable @@ -1818,9 +1822,8 @@ public class PKCS12KeyStoreSpi keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192)); keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256)); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); - // END android-removed KEY_SIZES = Collections.unmodifiableMap(keySizes); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java index f118e5c8..e0669d2c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java @@ -1,13 +1,11 @@ package org.bouncycastle.jcajce.provider.symmetric; import java.io.IOException; -// BEGIN android-added +// BEGIN Android-added: Needed for setting mode with GCM import java.security.NoSuchAlgorithmException; -// END android-added -// BEGIN android-removed -// import java.security.AlgorithmParameters; -// import java.security.InvalidAlgorithmParameterException; -// END android-removed +// END Android-added: Needed for setting mode with GCM +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; import java.security.SecureRandom; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; @@ -16,13 +14,12 @@ import java.util.Map; import javax.crypto.spec.IvParameterSpec; -// BEGIN android-added +// BEGIN Android-added: Needed for setting padding with GCM import javax.crypto.NoSuchPaddingException; -// END android-added +// END Android-added: Needed for setting padding with GCM import org.bouncycastle.asn1.bc.BCObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cms.CCMParameters; -// END android-removed import org.bouncycastle.asn1.cms.GCMParameters; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.crypto.BlockCipher; @@ -34,32 +31,28 @@ import org.bouncycastle.crypto.InvalidCipherTextException; import org.bouncycastle.crypto.Mac; import org.bouncycastle.crypto.engines.AESEngine; import org.bouncycastle.crypto.engines.AESWrapEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.engines.AESWrapPadEngine; // import org.bouncycastle.crypto.engines.RFC3211WrapEngine; // import org.bouncycastle.crypto.engines.RFC5649WrapEngine; // import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; // import org.bouncycastle.crypto.macs.CMac; // import org.bouncycastle.crypto.macs.GMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.CCMBlockCipher; -// END android-removed import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.GCMBlockCipher; import org.bouncycastle.crypto.modes.OFBBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; @@ -130,7 +123,7 @@ public final class AES public GCM() { super(new GCMBlockCipher(new AESEngine())); - // BEGIN android-added + // BEGIN Android-added: Set mode and padding due to name change (see note in Mappings) try { engineSetMode("GCM"); engineSetPadding("NoPadding"); @@ -138,130 +131,132 @@ public final class AES // this should not be possible throw new RuntimeException("Could not set mode or padding for GCM mode", e); } - // END android-added + // END Android-added: Set mode and padding due to name change (see note in Mappings) } } - // BEGIN android-removed - // static public class CCM - // extends BaseBlockCipher - // { - // public CCM() - // { - // super(new CCMBlockCipher(new AESEngine()), false, 16); - // } - // } - - // public static class AESCMAC - // extends BaseMac - // { - // public AESCMAC() - // { - // super(new CMac(new AESEngine())); - // } - // } - - // public static class AESGMAC - // extends BaseMac - // { - // public AESGMAC() - // { - // super(new GMac(new GCMBlockCipher(new AESEngine()))); - // } - // } - - // public static class AESCCMMAC - // extends BaseMac - // { - // public AESCCMMAC() - // { - // super(new CCMMac()); - // } - - // private static class CCMMac - // implements Mac - // { - // private final CCMBlockCipher ccm = new CCMBlockCipher(new AESEngine()); - - // private int macLength = 8; - - // public void init(CipherParameters params) - // throws IllegalArgumentException - // { - // ccm.init(true, params); - - // this.macLength = ccm.getMac().length; - // } - - // public String getAlgorithmName() - // { - // return ccm.getAlgorithmName() + "Mac"; - // } - - // public int getMacSize() - // { - // return macLength; - // } - - // public void update(byte in) - // throws IllegalStateException - // { - // ccm.processAADByte(in); - // } - - // public void update(byte[] in, int inOff, int len) - // throws DataLengthException, IllegalStateException - // { - // ccm.processAADBytes(in, inOff, len); - // } - - // public int doFinal(byte[] out, int outOff) - // throws DataLengthException, IllegalStateException - // { - // try - // { - // return ccm.doFinal(out, 0); - // } - // catch (InvalidCipherTextException e) - // { - // throw new IllegalStateException("exception on doFinal(): " + e.toString()); - // } - // } - - // public void reset() - // { - // ccm.reset(); - // } - // } - // } - - // static public class KeyFactory - // extends BaseSecretKeyFactory - // { - // public KeyFactory() - // { - // super("AES", null); - // } - // } - - // public static class Poly1305 - // extends BaseMac - // { - // public Poly1305() - // { - // super(new org.bouncycastle.crypto.macs.Poly1305(new AESEngine())); - // } - // } - - // public static class Poly1305KeyGen - // extends BaseKeyGenerator - // { - // public Poly1305KeyGen() - // { - // super("Poly1305-AES", 256, new Poly1305KeyGenerator()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class CCM + extends BaseBlockCipher + { + public CCM() + { + super(new CCMBlockCipher(new AESEngine()), false, 16); + } + } + + public static class AESCMAC + extends BaseMac + { + public AESCMAC() + { + super(new CMac(new AESEngine())); + } + } + + public static class AESGMAC + extends BaseMac + { + public AESGMAC() + { + super(new GMac(new GCMBlockCipher(new AESEngine()))); + } + } + + public static class AESCCMMAC + extends BaseMac + { + public AESCCMMAC() + { + super(new CCMMac()); + } + + private static class CCMMac + implements Mac + { + private final CCMBlockCipher ccm = new CCMBlockCipher(new AESEngine()); + + private int macLength = 8; + + public void init(CipherParameters params) + throws IllegalArgumentException + { + ccm.init(true, params); + + this.macLength = ccm.getMac().length; + } + + public String getAlgorithmName() + { + return ccm.getAlgorithmName() + "Mac"; + } + + public int getMacSize() + { + return macLength; + } + + public void update(byte in) + throws IllegalStateException + { + ccm.processAADByte(in); + } + + public void update(byte[] in, int inOff, int len) + throws DataLengthException, IllegalStateException + { + ccm.processAADBytes(in, inOff, len); + } + + public int doFinal(byte[] out, int outOff) + throws DataLengthException, IllegalStateException + { + try + { + return ccm.doFinal(out, 0); + } + catch (InvalidCipherTextException e) + { + throw new IllegalStateException("exception on doFinal(): " + e.toString()); + } + } + + public void reset() + { + ccm.reset(); + } + } + } + + static public class KeyFactory + extends BaseSecretKeyFactory + { + public KeyFactory() + { + super("AES", null); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new AESEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-AES", 256, new Poly1305KeyGenerator()); + } + } + */ + // END Android-removed: Unsupported algorithms static public class Wrap extends BaseWrapCipher @@ -272,34 +267,36 @@ public final class AES } } - // BEGIN android-removed - // public static class WrapPad - // extends BaseWrapCipher - // { - // public WrapPad() - // { - // super(new AESWrapPadEngine()); - // } - // } - - // public static class RFC3211Wrap - // extends BaseWrapCipher - // { - // public RFC3211Wrap() - // { - // super(new RFC3211WrapEngine(new AESEngine()), 16); - // } - // } - - // public static class RFC5649Wrap - // extends BaseWrapCipher - // { - // public RFC5649Wrap() - // { - // super(new RFC5649WrapEngine(new AESEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class WrapPad + extends BaseWrapCipher + { + public WrapPad() + { + super(new AESWrapPadEngine()); + } + } + + public static class RFC3211Wrap + extends BaseWrapCipher + { + public RFC3211Wrap() + { + super(new RFC3211WrapEngine(new AESEngine()), 16); + } + } + + public static class RFC5649Wrap + extends BaseWrapCipher + { + public RFC5649Wrap() + { + super(new RFC5649WrapEngine(new AESEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithAES-CBC @@ -378,9 +375,12 @@ public final class AES { public KeyGen() { - // BEGIN android-changed + // Android-changed: Use 128-bit keys by default. + // Bouncy Castle defaults to 192-bit keys, which is the worst choice: worse security + // than 256-bit keys, slower than 128-bit keys, narrower support than either. + // Use 128-bit keys by default since they're faster and should still be plenty secure. + // this(192); this(128); - // END android-changed } public KeyGen(int keySize) @@ -389,34 +389,36 @@ public final class AES } } - // BEGIN android-removed - // public static class KeyGen128 - // extends KeyGen - // { - // public KeyGen128() - // { - // super(128); - // } - // } - // - // public static class KeyGen192 - // extends KeyGen - // { - // public KeyGen192() - // { - // super(192); - // } - // } - // - // public static class KeyGen256 - // extends KeyGen - // { - // public KeyGen256() - // { - // super(256); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class KeyGen128 + extends KeyGen + { + public KeyGen128() + { + super(128); + } + } + + public static class KeyGen192 + extends KeyGen + { + public KeyGen192() + { + super(192); + } + } + + public static class KeyGen256 + extends KeyGen + { + public KeyGen256() + { + super(256); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithSHA1And128BitAES-BC @@ -525,124 +527,126 @@ public final class AES super("PBEWithMD5And256BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 256, 128); } } + + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[16]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("AES"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - - // public static class AlgParamGenCCM - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // // TODO: add support for GCMParameterSpec as a template. - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[12]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("CCM"); - // params.init(new CCMParameters(iv, 12).getEncoded()); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - - // public static class AlgParamGenGCM - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // // TODO: add support for GCMParameterSpec as a template. - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] nonce = new byte[12]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(nonce); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("GCM"); - // params.init(new GCMParameters(nonce, 16).getEncoded()); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - // END android-removed + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("AES"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParamGenCCM + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + // TODO: add support for GCMParameterSpec as a template. + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[12]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("CCM"); + params.init(new CCMParameters(iv, 12).getEncoded()); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParamGenGCM + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + // TODO: add support for GCMParameterSpec as a template. + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] nonce = new byte[12]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(nonce); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("GCM"); + params.init(new GCMParameters(nonce, 16).getEncoded()); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + */ + // END Android-removed: Unsupported algorithms public static class AlgParams extends IvAlgorithmParameters @@ -738,92 +742,94 @@ public final class AES } } - // BEGIN android-removed - // public static class AlgParamsCCM - // extends BaseAlgorithmParameters - // { - // private CCMParameters ccmParams; - - // protected void engineInit(AlgorithmParameterSpec paramSpec) - // throws InvalidParameterSpecException - // { - // if (GcmSpecUtil.isGcmSpec(paramSpec)) - // { - // ccmParams = CCMParameters.getInstance(GcmSpecUtil.extractGcmParameters(paramSpec)); - // } - // else if (paramSpec instanceof AEADParameterSpec) - // { - // ccmParams = new CCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8); - // } - // else - // { - // throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName()); - // } - // } - - // protected void engineInit(byte[] params) - // throws IOException - // { - // ccmParams = CCMParameters.getInstance(params); - // } - - // protected void engineInit(byte[] params, String format) - // throws IOException - // { - // if (!isASN1FormatString(format)) - // { - // throw new IOException("unknown format specified"); - // } - - // ccmParams = CCMParameters.getInstance(params); - // } - - // protected byte[] engineGetEncoded() - // throws IOException - // { - // return ccmParams.getEncoded(); - // } - - // protected byte[] engineGetEncoded(String format) - // throws IOException - // { - // if (!isASN1FormatString(format)) - // { - // throw new IOException("unknown format specified"); - // } - - // return ccmParams.getEncoded(); - // } - - // protected String engineToString() - // { - // return "CCM"; - // } - - // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec)) - // { - // if (GcmSpecUtil.gcmSpecExists()) - // { - // return GcmSpecUtil.extractGcmSpec(ccmParams.toASN1Primitive()); - // } - // return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8); - // } - // if (paramSpec == AEADParameterSpec.class) - // { - // return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8); - // } - // if (paramSpec == IvParameterSpec.class) - // { - // return new IvParameterSpec(ccmParams.getNonce()); - // } - - // throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParamsCCM + extends BaseAlgorithmParameters + { + private CCMParameters ccmParams; + + protected void engineInit(AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (GcmSpecUtil.isGcmSpec(paramSpec)) + { + ccmParams = CCMParameters.getInstance(GcmSpecUtil.extractGcmParameters(paramSpec)); + } + else if (paramSpec instanceof AEADParameterSpec) + { + ccmParams = new CCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8); + } + else + { + throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName()); + } + } + + protected void engineInit(byte[] params) + throws IOException + { + ccmParams = CCMParameters.getInstance(params); + } + + protected void engineInit(byte[] params, String format) + throws IOException + { + if (!isASN1FormatString(format)) + { + throw new IOException("unknown format specified"); + } + + ccmParams = CCMParameters.getInstance(params); + } + + protected byte[] engineGetEncoded() + throws IOException + { + return ccmParams.getEncoded(); + } + + protected byte[] engineGetEncoded(String format) + throws IOException + { + if (!isASN1FormatString(format)) + { + throw new IOException("unknown format specified"); + } + + return ccmParams.getEncoded(); + } + + protected String engineToString() + { + return "CCM"; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec)) + { + if (GcmSpecUtil.gcmSpecExists()) + { + return GcmSpecUtil.extractGcmSpec(ccmParams.toASN1Primitive()); + } + return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8); + } + if (paramSpec == AEADParameterSpec.class) + { + return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8); + } + if (paramSpec == IvParameterSpec.class) + { + return new IvParameterSpec(ccmParams.getNonce()); + } + + throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName()); + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends SymmetricAlgorithmProvider @@ -857,40 +863,45 @@ public final class AES provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); - // END android-removed + + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); + */ + // END Android-removed: Unsupported algorithms provider.addAttributes("Cipher.AES", generalAesAttributes); provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); + */ + // END Android-removed: Unsupported algorithms provider.addAttributes("Cipher.AESWRAP", generalAesAttributes); provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); @@ -899,81 +910,85 @@ public final class AES provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); provider.addAlgorithm("Alg.Alias.Cipher.AESKW", "AESWRAP"); - // BEGIN android-removed - // provider.addAttributes("Cipher.AESWRAPPAD", generalAesAttributes); - // provider.addAlgorithm("Cipher.AESWRAPPAD", PREFIX + "$WrapPad"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap_pad, "AESWRAPPAD"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_wrap_pad, "AESWRAPPAD"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap_pad, "AESWRAPPAD"); - // provider.addAlgorithm("Alg.Alias.Cipher.AESKWP", "AESWRAPPAD"); - // - // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); - // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAttributes("Cipher.CCM", generalAesAttributes); - // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); - // END android-removed - - // BEGIN android-changed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAttributes("Cipher.AESWRAPPAD", generalAesAttributes); + provider.addAlgorithm("Cipher.AESWRAPPAD", PREFIX + "$WrapPad"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap_pad, "AESWRAPPAD"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_wrap_pad, "AESWRAPPAD"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap_pad, "AESWRAPPAD"); + provider.addAlgorithm("Alg.Alias.Cipher.AESKWP", "AESWRAPPAD"); + + provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); + provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); + + provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAttributes("Cipher.CCM", generalAesAttributes); + provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); + */ + // END Android-removed: Unsupported algorithms + + // BEGIN Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM" provider.addAttributes("Cipher.AES/GCM/NOPADDING", generalAesAttributes); provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING"); - // END android-changed + // END Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM" provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); - // BEGIN android-removed - // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator.AESWRAPPAD", PREFIX + "$KeyGen"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap_pad, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap_pad, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap_pad, PREFIX + "$KeyGen256"); - - // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); - - // provider.addAlgorithm("Mac.AESCCMMAC", PREFIX + "$AESCCMMAC"); - // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes128_CCM.getId(), "AESCCMMAC"); - // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes192_CCM.getId(), "AESCCMMAC"); - // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes256_CCM.getId(), "AESCCMMAC"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator.AESWRAPPAD", PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap_pad, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap_pad, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap_pad, PREFIX + "$KeyGen256"); + + provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); + + provider.addAlgorithm("Mac.AESCCMMAC", PREFIX + "$AESCCMMAC"); + provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes128_CCM.getId(), "AESCCMMAC"); + provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes192_CCM.getId(), "AESCCMMAC"); + provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes256_CCM.getId(), "AESCCMMAC"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc, "PBEWITHSHAAND128BITAES-CBC-BC"); provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc, "PBEWITHSHAAND192BITAES-CBC-BC"); @@ -1018,10 +1033,10 @@ public final class AES provider.addAlgorithm("Cipher.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC"); provider.addAlgorithm("Cipher.PBEWITHMD5AND256BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("SecretKeyFactory.AES", PREFIX + "$KeyFactory"); // provider.addAlgorithm("SecretKeyFactory", NISTObjectIdentifiers.aes, PREFIX + "$KeyFactory"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND128BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And128BitAESCBCOpenSSL"); provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And192BitAESCBCOpenSSL"); @@ -1075,10 +1090,10 @@ public final class AES provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); - // END android-removed + // END Android-removed: Unsupported algorithms } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java index c780d12c..d1305cbc 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java @@ -29,9 +29,9 @@ public final class ARC4 { public KeyGen() { - // BEGIN android-changed + // Android-changed: Use ARC4 for algorithm name to match name used in provider + // super("RC4", 128, new CipherKeyGenerator()); super("ARC4", 128, new CipherKeyGenerator()); - // END android-changed } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java index c0a09499..ebaa5c5f 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java @@ -3,16 +3,14 @@ package org.bouncycastle.jcajce.provider.symmetric; import org.bouncycastle.asn1.misc.MiscObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.engines.BlowfishEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.CMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; @@ -40,16 +38,18 @@ public final class Blowfish } } - // BEGIN android-removed - // public static class CMAC - // extends BaseMac - // { - // public CMAC() - // { - // super(new CMac(new BlowfishEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class CMAC + extends BaseMac + { + public CMAC() + { + super(new CMac(new BlowfishEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms public static class KeyGen extends BaseKeyGenerator @@ -80,13 +80,11 @@ public final class Blowfish public void configure(ConfigurableProvider provider) { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Mac.BLOWFISHCMAC", PREFIX + "$CMAC"); - // END android-removed provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, PREFIX + "$CBC"); - // END android-removed provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); provider.addAlgorithm("Alg.Alias.KeyGenerator", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, "BLOWFISH"); provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java index 5a4f8cda..c6dcd901 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java @@ -19,16 +19,14 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.engines.DESEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.engines.RFC3211WrapEngine; -// END android-removed import org.bouncycastle.crypto.generators.DESKeyGenerator; import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.CFBBlockCipherMac; // import org.bouncycastle.crypto.macs.CMac; // import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.paddings.ISO7816d4Padding; import org.bouncycastle.crypto.params.DESParameters; @@ -69,19 +67,21 @@ public final class DES } } - // BEGIN android-removed - // /** - // * DES CFB8 - // */ - // public static class DESCFB8 - // extends BaseMac - // { - // public DESCFB8() - // { - // super(new CFBBlockCipherMac(new DESEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * DES CFB8 + * + public static class DESCFB8 + extends BaseMac + { + public DESCFB8() + { + super(new CFBBlockCipherMac(new DESEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * DES64 @@ -116,49 +116,51 @@ public final class DES } } - // BEGIN android-removed - // static public class CMAC - // extends BaseMac - // { - // public CMAC() - // { - // super(new CMac(new DESEngine())); - // } - // } - // - // /** - // * DES9797Alg3with7816-4Padding - // */ - // public static class DES9797Alg3with7816d4 - // extends BaseMac - // { - // public DES9797Alg3with7816d4() - // { - // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); - // } - // } - // - // /** - // * DES9797Alg3 - // */ - // public static class DES9797Alg3 - // extends BaseMac - // { - // public DES9797Alg3() - // { - // super(new ISO9797Alg3Mac(new DESEngine())); - // } - // } - // - // public static class RFC3211 - // extends BaseWrapCipher - // { - // public RFC3211() - // { - // super(new RFC3211WrapEngine(new DESEngine()), 8); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class CMAC + extends BaseMac + { + public CMAC() + { + super(new CMac(new DESEngine())); + } + } + + /** + * DES9797Alg3with7816-4Padding + * + public static class DES9797Alg3with7816d4 + extends BaseMac + { + public DES9797Alg3with7816d4() + { + super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); + } + } + + /** + * DES9797Alg3 + * + public static class DES9797Alg3 + extends BaseMac + { + public DES9797Alg3() + { + super(new ISO9797Alg3Mac(new DESEngine())); + } + } + + public static class RFC3211 + extends BaseWrapCipher + { + public RFC3211() + { + super(new RFC3211WrapEngine(new DESEngine()), 8); + } + } + */ + // END Android-removed: Unsupported algorithms public static class AlgParamGen extends BaseAlgorithmParameterGenerator @@ -358,19 +360,21 @@ public final class DES } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndDES - // */ - // static public class PBEWithMD2KeyFactory - // extends DESPBEKeyFactory - // { - // public PBEWithMD2KeyFactory() - // { - // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * PBEWithMD2AndDES + * + static public class PBEWithMD2KeyFactory + extends DESPBEKeyFactory + { + public PBEWithMD2KeyFactory() + { + super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithMD5AndDES @@ -396,19 +400,21 @@ public final class DES } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndDES - // */ - // static public class PBEWithMD2 - // extends BaseBlockCipher - // { - // public PBEWithMD2() - // { - // super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD2, 64, 8); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * PBEWithMD2AndDES + * + static public class PBEWithMD2 + extends BaseBlockCipher + { + public PBEWithMD2() + { + super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD2, 64, 8); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithMD5AndDES @@ -448,81 +454,80 @@ public final class DES { provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher", OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); - // - // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); - // - // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Cipher", OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); + + addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); + + provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); - // BEGIN android-removed - // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); - // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); - // - // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); - // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); - // - // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); - // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); - // - // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // - // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); - // - // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); - // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); - // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); + provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); + + provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); + provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); + + provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); + provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); + + provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + + provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); + + provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); + provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); + provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters", OIWObjectIdentifiers.desCBC, "DES"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); // // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5"); provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - // END android-removed provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); - // BEGIN android-removed provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); - // END android-removed + // Android-removed: Unsupported algorithms + // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); - // END android-removed provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - // END android-removed provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java index c89fe348..9b2e57b4 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java @@ -1,21 +1,18 @@ package org.bouncycastle.jcajce.provider.symmetric; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import java.security.AlgorithmParameters; // import java.security.InvalidAlgorithmParameterException; -// END android-removed import java.security.SecureRandom; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import java.security.spec.AlgorithmParameterSpec; -// END android-removed import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import javax.crypto.SecretKey; import javax.crypto.spec.DESedeKeySpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.IvParameterSpec; -// END android-removed import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; @@ -23,21 +20,18 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.engines.DESedeEngine; import org.bouncycastle.crypto.engines.DESedeWrapEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.engines.RFC3211WrapEngine; -// END android-removed import org.bouncycastle.crypto.generators.DESedeKeyGenerator; import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.CFBBlockCipherMac; // import org.bouncycastle.crypto.macs.CMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.paddings.ISO7816d4Padding; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -69,19 +63,21 @@ public final class DESede } } - // BEGIN android-removed - // /** - // * DESede CFB8 - // */ - // public static class DESedeCFB8 - // extends BaseMac - // { - // public DESedeCFB8() - // { - // super(new CFBBlockCipherMac(new DESedeEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * DESede CFB8 + * + public static class DESedeCFB8 + extends BaseMac + { + public DESedeCFB8() + { + super(new CFBBlockCipherMac(new DESedeEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * DESede64 @@ -106,7 +102,7 @@ public final class DESede super(new CBCBlockCipherMac(new DESedeEngine(), 64, new ISO7816d4Padding())); } } - + public static class CBCMAC extends BaseMac { @@ -116,16 +112,18 @@ public final class DESede } } - // BEGIN android-removed - // static public class CMAC - // extends BaseMac - // { - // public CMAC() - // { - // super(new CMac(new DESedeEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class CMAC + extends BaseMac + { + public CMAC() + { + super(new CMac(new DESedeEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms public static class Wrap extends BaseWrapCipher @@ -136,16 +134,18 @@ public final class DESede } } - // BEGIN android-removed - // public static class RFC3211 - // extends BaseWrapCipher - // { - // public RFC3211() - // { - // super(new RFC3211WrapEngine(new DESedeEngine()), 8); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class RFC3211 + extends BaseWrapCipher + { + public RFC3211() + { + super(new RFC3211WrapEngine(new DESedeEngine()), 8); + } + } + */ + // END Android-removed: Unsupported algorithms /** * DESede - the default for this is to generate a key in @@ -259,45 +259,47 @@ public final class DESede } } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[8]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("DES"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("DES"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + */ + // END Android-removed: Unsupported algorithms static public class KeyFactory extends BaseSecretKeyFactory @@ -381,38 +383,35 @@ public final class DESede public void configure(ConfigurableProvider provider) { provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); - // END android-removed provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); - // BEGIN android-changed + // BEGIN Android-changed: Make alias of DESEDEWRAP rather than separate algorithm provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); - // END android-changed - // BEGIN android-removed + // END Android-changed: Make alias of DESEDEWRAP rather than separate algorithm + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); // provider.addAlgorithm("Alg.Alias.Cipher.DESEDERFC3217WRAP", "DESEDEWRAP"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE"); provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP"); provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); - // END android-removed provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE"); if (provider.hasAlgorithm("MessageDigest", "SHA-1")) { provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); - // END android-removed provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); @@ -426,39 +425,41 @@ public final class DESede } provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); - // BEGIN android-removed - // provider.addAlgorithm("SecretKeyFactory", OIWObjectIdentifiers.desEDE, PREFIX + "$KeyFactory"); + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("SecretKeyFactory", OIWObjectIdentifiers.desEDE, PREFIX + "$KeyFactory"); - // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); - // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); + provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); + provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); - // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); + provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); - // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); + provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); - // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // END android-removed + provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java index b19a4d43..31c9bda1 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java @@ -13,9 +13,8 @@ import javax.crypto.spec.PBEParameterSpec; import org.bouncycastle.asn1.ASN1Encoding; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.pkcs.PBKDF2Params; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherParameters; @@ -34,99 +33,101 @@ public class PBEPBKDF2 } - // BEGIN android-removed - // public static class AlgParams - // extends BaseAlgorithmParameters - // { - // PBKDF2Params params; - // - // protected byte[] engineGetEncoded() - // { - // try - // { - // return params.getEncoded(ASN1Encoding.DER); - // } - // catch (IOException e) - // { - // throw new RuntimeException("Oooops! " + e.toString()); - // } - // } - - // protected byte[] engineGetEncoded( - // String format) - // { - // if (this.isASN1FormatString(format)) - // { - // return engineGetEncoded(); - // } - // - // return null; - // } - // - // protected AlgorithmParameterSpec localEngineGetParameterSpec( - // Class paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec == PBEParameterSpec.class) - // { - // return new PBEParameterSpec(params.getSalt(), - // params.getIterationCount().intValue()); - // } - // - // throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF2 PBE parameters object."); - // } - // - // protected void engineInit( - // AlgorithmParameterSpec paramSpec) - // throws InvalidParameterSpecException - // { - // if (!(paramSpec instanceof PBEParameterSpec)) - // { - // throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF2 PBE parameters algorithm parameters object"); - // } - // - // PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec; - // - // this.params = new PBKDF2Params(pbeSpec.getSalt(), - // pbeSpec.getIterationCount()); - // } - // - // protected void engineInit( - // byte[] params) - // throws IOException - // { - // this.params = PBKDF2Params.getInstance(ASN1Primitive.fromByteArray(params)); - // } - // - // protected void engineInit( - // byte[] params, - // String format) - // throws IOException - // { - // if (this.isASN1FormatString(format)) - // { - // engineInit(params); - // return; - // } - // - // throw new IOException("Unknown parameters format in PBKDF2 parameters object"); - // } - // - // protected String engineToString() - // { - // return "PBKDF2 Parameters"; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParams + extends BaseAlgorithmParameters + { + PBKDF2Params params; + + protected byte[] engineGetEncoded() + { + try + { + return params.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + throw new RuntimeException("Oooops! " + e.toString()); + } + } + + protected byte[] engineGetEncoded( + String format) + { + if (this.isASN1FormatString(format)) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == PBEParameterSpec.class) + { + return new PBEParameterSpec(params.getSalt(), + params.getIterationCount().intValue()); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF2 PBE parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (!(paramSpec instanceof PBEParameterSpec)) + { + throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF2 PBE parameters algorithm parameters object"); + } + + PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec; + + this.params = new PBKDF2Params(pbeSpec.getSalt(), + pbeSpec.getIterationCount()); + } + + protected void engineInit( + byte[] params) + throws IOException + { + this.params = PBKDF2Params.getInstance(ASN1Primitive.fromByteArray(params)); + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + engineInit(params); + return; + } + + throw new IOException("Unknown parameters format in PBKDF2 parameters object"); + } + + protected String engineToString() + { + return "PBKDF2 Parameters"; + } + } + */ + // END Android-removed: Unsupported algorithms public static class BasePBKDF2 extends BaseSecretKeyFactory { private int scheme; - // BEGIN ANDROID-ADDED + // BEGIN Android-added: Allow to specify a key using only the password. private int keySizeInBits; private int ivSizeInBits; - // END ANDROID-ADDED + // END Android-added: Allow to specify a key using only the password. private int defaultDigest; public BasePBKDF2(String name, int scheme) @@ -134,27 +135,27 @@ public class PBEPBKDF2 this(name, scheme, SHA1); } - // BEGIN ANDROID-CHANGED - // Was: public BasePBKDF2(String name, int scheme, int defaultDigest) + // BEGIN Android-changed: Allow to specify a key using only the password. + // public BasePBKDF2(String name, int scheme, int defaultDigest) private BasePBKDF2( String name, int scheme, int digest, int keySizeInBits, int ivSizeInBits) - // END ANDROID-CHANGED + // END Android-changed: Allow to specify a key using only the password. { super(name, PKCSObjectIdentifiers.id_PBKDF2); this.scheme = scheme; - // BEGIN ANDROID-ADDED + // BEGIN Android-added: Support key-restricted versions. this.keySizeInBits = keySizeInBits; this.ivSizeInBits = ivSizeInBits; - // END ANDROID-ADDED + // END Android-added: Support key-restricted versions. this.defaultDigest = digest; } - // BEGIN android-added + // BEGIN Android-added: Allow to specify a key using only the password. private BasePBKDF2(String name, int scheme, int digest) { this(name, scheme, digest, 0, 0); } - // END android-added + // END Android-added: Allow to specify a key using only the password. protected SecretKey engineGenerateSecret( KeySpec keySpec) @@ -164,9 +165,8 @@ public class PBEPBKDF2 { PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; - // BEGIN ANDROID-ADDED - // Allow to specify a key using only the password. The key will be generated later - // when other parameters are known. + // BEGIN Android-added: Allow to specify a key using only the password. + // The key will be generated later when other parameters are known. if (pbeSpec.getSalt() == null && pbeSpec.getIterationCount() == 0 && pbeSpec.getKeyLength() == 0 @@ -178,7 +178,7 @@ public class PBEPBKDF2 // cipherParameters, to be generated when the PBE parameters are known. null); } - // END ANDROID-ADDED + // END Android-added: Allow to specify a key using only the password. if (pbeSpec.getSalt() == null) { @@ -231,13 +231,15 @@ public class PBEPBKDF2 private int getDigestCode(ASN1ObjectIdentifier algorithm) throws InvalidKeySpecException { - // BEGIN android-removed - // if (algorithm.equals(CryptoProObjectIdentifiers.gostR3411Hmac)) - // { - // return GOST3411; - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (algorithm.equals(CryptoProObjectIdentifiers.gostR3411Hmac)) + { + return GOST3411; + } + else + */ + // END Android-removed: Unsupported algorithms if (algorithm.equals(PKCSObjectIdentifiers.id_hmacWithSHA1)) { return SHA1; @@ -263,62 +265,65 @@ public class PBEPBKDF2 } } - // BEGIN android-removed - // public static class PBKDF2withUTF8 - // extends BasePBKDF2 - // { - // public PBKDF2withUTF8() - // { - // super("PBKDF2", PKCS5S2_UTF8); - // } - // } - // - // public static class PBKDF2withSHA224 - // extends BasePBKDF2 - // { - // public PBKDF2withSHA224() - // { - // super("PBKDF2", PKCS5S2_UTF8, SHA224); - // } - // } - // - // public static class PBKDF2withSHA256 - // extends BasePBKDF2 - // { - // public PBKDF2withSHA256() - // { - // super("PBKDF2", PKCS5S2_UTF8, SHA256); - // } - // } - // - // public static class PBKDF2withSHA384 - // extends BasePBKDF2 - // { - // public PBKDF2withSHA384() - // { - // super("PBKDF2", PKCS5S2_UTF8, SHA384); - // } - // } - // - // public static class PBKDF2withSHA512 - // extends BasePBKDF2 - // { - // public PBKDF2withSHA512() - // { - // super("PBKDF2", PKCS5S2_UTF8, SHA512); - // } - // } - // - // public static class PBKDF2with8BIT - // extends BasePBKDF2 - // { - // public PBKDF2with8BIT() - // { - // super("PBKDF2", PKCS5S2); - // } - // } - - // BEGIN android-added + // BEGIN Android-removed: Unsupported algorithms + /* + public static class PBKDF2withUTF8 + extends BasePBKDF2 + { + public PBKDF2withUTF8() + { + super("PBKDF2", PKCS5S2_UTF8); + } + } + + public static class PBKDF2withSHA224 + extends BasePBKDF2 + { + public PBKDF2withSHA224() + { + super("PBKDF2", PKCS5S2_UTF8, SHA224); + } + } + + public static class PBKDF2withSHA256 + extends BasePBKDF2 + { + public PBKDF2withSHA256() + { + super("PBKDF2", PKCS5S2_UTF8, SHA256); + } + } + + public static class PBKDF2withSHA384 + extends BasePBKDF2 + { + public PBKDF2withSHA384() + { + super("PBKDF2", PKCS5S2_UTF8, SHA384); + } + } + public static class PBKDF2withSHA512 + extends BasePBKDF2 + { + public PBKDF2withSHA512() + { + super("PBKDF2", PKCS5S2_UTF8, SHA512); + } + } + + public static class PBKDF2with8BIT + extends BasePBKDF2 + { + public PBKDF2with8BIT() + { + super("PBKDF2", PKCS5S2); + } + } + */ + // END Android-removed: Unsupported algorithms + + // BEGIN Android-added: Android implementations of PBKDF2 algorithms. + // See note in Mappings below. public static class BasePBKDF2WithHmacSHA1 extends BasePBKDF2 { public BasePBKDF2WithHmacSHA1(String name, int scheme) { @@ -479,7 +484,7 @@ public class PBEPBKDF2 super("PBEWithHmacSHA512AndAES_256", PKCS5S2_UTF8, SHA512, 256, 128); } } - // END android-added + // END Android-added: Android implementations of PBKDF2 algorithms. public static class Mappings extends AlgorithmProvider @@ -492,45 +497,34 @@ public class PBEPBKDF2 public void configure(ConfigurableProvider provider) { - // BEGIN android-comment - // Context: many of these services used to be in - // com.android.org.bouncycastle.jcajce.provider.digest,SHA1, duplicated with respect to here. This - // class (PBEPBKDF2) wasn't present in Android until the upgrade to 1.56. Android added - // some other of these services in SHA1 (for fixed key sizes). Then the duplicate - // algorithms were removed upstream from SHA1 in - // b5634e3155e7fd8688599d3eef8e4f3c8a1db078 - // . As a result, when adapting BouncyCastle 1.56 from upstream, the Android code that - // had been added to SHA1 was moved here, and the rest of the services provided by this - // class were commented. - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8"); - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1", "PBKDF2"); - // END android-removed - // BEGIN android-changed - // Was: provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1ANDUTF8", "PBKDF2"); + // Android-note: Provided classes differ significantly from upstream. + // Before BC 1.56, this class was omitted in Android and the algorithms we desired + // were provided in org.bouncycastle.jcajce.provider.digest.SHA1. During that + // time, Android added some additional versions of these algorithms for fixed key sizes. + // BC eventually consolidated the algorithms into this class. As a result, when + // upgrading to BC 1.56, we added this class but replaced its contents with + // our versions. + // BEGIN Android-removed: Bouncy Castle versions of algorithms. + /* + provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1", "PBKDF2"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1ANDUTF8", "PBKDF2"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHASCII", PREFIX + "$PBKDF2with8BIT"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITH8BIT", "PBKDF2WITHASCII"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1AND8BIT", "PBKDF2WITHASCII"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA224", PREFIX + "$PBKDF2withSHA224"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA256", PREFIX + "$PBKDF2withSHA256"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA384", PREFIX + "$PBKDF2withSHA384"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA512", PREFIX + "$PBKDF2withSHA512"); + */ + // END Android-removed: Bouncy Castle versions of algorithms. + // BEGIN Android-added: Android versions of algorithms. provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WithHmacSHA1AndUTF8", "PBKDF2WithHmacSHA1"); - // END android-changed - // BEGin android-removed - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHASCII", PREFIX + "$PBKDF2with8BIT"); - // END android-removed - // BEGIN android-changed - // Was: - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITH8BIT", "PBKDF2WITHASCII"); - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1AND8BIT", "PBKDF2WITHASCII"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2with8BIT", "PBKDF2WithHmacSHA1And8BIT"); - // END android-changed - // BEGIN android-added provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2withASCII", "PBKDF2WithHmacSHA1And8BIT"); - // BEGIN android-removed - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA224", PREFIX + "$PBKDF2withSHA224"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA256", PREFIX + "$PBKDF2withSHA256"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA384", PREFIX + "$PBKDF2withSHA384"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA512", PREFIX + "$PBKDF2withSHA512"); - // END android-removed - // BEGIN android-added provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1", PREFIX + "$PBKDF2WithHmacSHA1UTF8"); provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA224", PREFIX + "$PBKDF2WithHmacSHA224UTF8"); provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA256", PREFIX + "$PBKDF2WithHmacSHA256UTF8"); @@ -547,7 +541,7 @@ public class PBEPBKDF2 provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA384AndAES_256", PREFIX + "$PBEWithHmacSHA384AndAES_256"); provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA512AndAES_256", PREFIX + "$PBEWithHmacSHA512AndAES_256"); provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1And8BIT", PREFIX + "$PBKDF2WithHmacSHA18BIT"); - // END android-added + // END Android-added: Android versions of algorithms. } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java index 7bc1e713..cd28eab3 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java @@ -12,28 +12,24 @@ import javax.crypto.spec.RC2ParameterSpec; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.pkcs.RC2CBCParameter; // import org.bouncycastle.crypto.CipherKeyGenerator; -// END android-removed import org.bouncycastle.crypto.engines.RC2Engine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.engines.RC2WrapEngine; // import org.bouncycastle.crypto.macs.CBCBlockCipherMac; // import org.bouncycastle.crypto.macs.CFBBlockCipherMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; import org.bouncycastle.util.Arrays; @@ -44,61 +40,63 @@ public final class RC2 { } - // BEGIN android-removed - // /** - // * RC2 - // */ - // static public class ECB - // extends BaseBlockCipher - // { - // public ECB() - // { - // super(new RC2Engine()); - // } - // } - // - // /** - // * RC2CBC - // */ - // static public class CBC - // extends BaseBlockCipher - // { - // public CBC() - // { - // super(new CBCBlockCipher(new RC2Engine()), 64); - // } - // } - // - // public static class Wrap - // extends BaseWrapCipher - // { - // public Wrap() - // { - // super(new RC2WrapEngine()); - // } - // } - // - // /** - // * RC2 - // */ - // public static class CBCMAC - // extends BaseMac - // { - // public CBCMAC() - // { - // super(new CBCBlockCipherMac(new RC2Engine())); - // } - // } - // - // public static class CFB8MAC - // extends BaseMac - // { - // public CFB8MAC() - // { - // super(new CFBBlockCipherMac(new RC2Engine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * RC2 + * + static public class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new RC2Engine()); + } + } + + /** + * RC2CBC + * + static public class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new RC2Engine()), 64); + } + } + + public static class Wrap + extends BaseWrapCipher + { + public Wrap() + { + super(new RC2WrapEngine()); + } + } + + /** + * RC2 + * + public static class CBCMAC + extends BaseMac + { + public CBCMAC() + { + super(new CBCBlockCipherMac(new RC2Engine())); + } + } + + public static class CFB8MAC + extends BaseMac + { + public CFB8MAC() + { + super(new CFBBlockCipherMac(new RC2Engine())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithSHA1AndRC2 @@ -184,19 +182,21 @@ public final class RC2 } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndRC2 - // */ - // static public class PBEWithMD2KeyFactory - // extends PBESecretKeyFactory - // { - // public PBEWithMD2KeyFactory() - // { - // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * PBEWithMD2AndRC2 + * + static public class PBEWithMD2KeyFactory + extends PBESecretKeyFactory + { + public PBEWithMD2KeyFactory() + { + super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithMD5AndRC2 @@ -210,249 +210,251 @@ public final class RC2 } } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // RC2ParameterSpec spec = null; - - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // if (genParamSpec instanceof RC2ParameterSpec) - // { - // spec = (RC2ParameterSpec)genParamSpec; - // return; - // } - - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // AlgorithmParameters params; - - // if (spec == null) - // { - // byte[] iv = new byte[8]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // try - // { - // params = createParametersInstance("RC2"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // } - // else - // { - // try - // { - // params = createParametersInstance("RC2"); - // params.init(spec); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // } - - // return params; - // } - // } - - // public static class KeyGenerator - // extends BaseKeyGenerator - // { - // public KeyGenerator() - // { - // super("RC2", 128, new CipherKeyGenerator()); - // } - // } - - // public static class AlgParams - // extends BaseAlgorithmParameters - // { - // private static final short[] table = { - // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, - // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, - // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, - // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, - // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, - // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, - // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, - // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, - // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, - // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, - // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, - // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, - // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, - // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, - // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, - // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab - // }; - - // private static final short[] ekb = { - // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, - // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, - // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, - // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, - // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, - // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, - // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, - // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, - // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, - // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, - // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, - // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, - // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, - // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, - // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, - // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd - // }; - - // private byte[] iv; - // private int parameterVersion = 58; - - // protected byte[] engineGetEncoded() - // { - // return Arrays.clone(iv); - // } - - // protected byte[] engineGetEncoded( - // String format) - // throws IOException - // { - // if (this.isASN1FormatString(format)) - // { - // if (parameterVersion == -1) - // { - // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); - // } - // else - // { - // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); - // } - // } - - // if (format.equals("RAW")) - // { - // return engineGetEncoded(); - // } - - // return null; - // } - - // protected AlgorithmParameterSpec localEngineGetParameterSpec( - // Class paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec == RC2ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class) - // { - // if (parameterVersion != -1) - // { - // if (parameterVersion < 256) - // { - // return new RC2ParameterSpec(ekb[parameterVersion], iv); - // } - // else - // { - // return new RC2ParameterSpec(parameterVersion, iv); - // } - // } - // } - - // if (paramSpec == IvParameterSpec.class || paramSpec == AlgorithmParameterSpec.class) - // { - // return new IvParameterSpec(iv); - // } - - // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); - // } - - // protected void engineInit( - // AlgorithmParameterSpec paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec instanceof IvParameterSpec) - // { - // this.iv = ((IvParameterSpec)paramSpec).getIV(); - // } - // else if (paramSpec instanceof RC2ParameterSpec) - // { - // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); - // if (effKeyBits != -1) - // { - // if (effKeyBits < 256) - // { - // parameterVersion = table[effKeyBits]; - // } - // else - // { - // parameterVersion = effKeyBits; - // } - // } - - // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); - // } - // else - // { - // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); - // } - // } - - // protected void engineInit( - // byte[] params) - // throws IOException - // { - // this.iv = Arrays.clone(params); - // } - - // protected void engineInit( - // byte[] params, - // String format) - // throws IOException - // { - // if (this.isASN1FormatString(format)) - // { - // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); - - // if (p.getRC2ParameterVersion() != null) - // { - // parameterVersion = p.getRC2ParameterVersion().intValue(); - // } - - // iv = p.getIV(); - - // return; - // } - - // if (format.equals("RAW")) - // { - // engineInit(params); - // return; - // } - - // throw new IOException("Unknown parameters format in IV parameters object"); - // } - - // protected String engineToString() - // { - // return "RC2 Parameters"; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + RC2ParameterSpec spec = null; + + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (genParamSpec instanceof RC2ParameterSpec) + { + spec = (RC2ParameterSpec)genParamSpec; + return; + } + + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + AlgorithmParameters params; + + if (spec == null) + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + try + { + params = createParametersInstance("RC2"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + } + else + { + try + { + params = createParametersInstance("RC2"); + params.init(spec); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + } + + return params; + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("RC2", 128, new CipherKeyGenerator()); + } + } + + public static class AlgParams + extends BaseAlgorithmParameters + { + private static final short[] table = { + 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, + 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, + 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, + 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, + 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, + 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, + 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, + 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, + 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, + 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, + 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, + 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, + 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, + 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, + 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, + 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab + }; + + private static final short[] ekb = { + 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, + 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, + 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, + 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, + 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, + 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, + 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, + 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, + 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, + 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, + 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, + 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, + 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, + 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, + 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, + 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd + }; + + private byte[] iv; + private int parameterVersion = 58; + + protected byte[] engineGetEncoded() + { + return Arrays.clone(iv); + } + + protected byte[] engineGetEncoded( + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + if (parameterVersion == -1) + { + return new RC2CBCParameter(engineGetEncoded()).getEncoded(); + } + else + { + return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); + } + } + + if (format.equals("RAW")) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == RC2ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class) + { + if (parameterVersion != -1) + { + if (parameterVersion < 256) + { + return new RC2ParameterSpec(ekb[parameterVersion], iv); + } + else + { + return new RC2ParameterSpec(parameterVersion, iv); + } + } + } + + if (paramSpec == IvParameterSpec.class || paramSpec == AlgorithmParameterSpec.class) + { + return new IvParameterSpec(iv); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec instanceof IvParameterSpec) + { + this.iv = ((IvParameterSpec)paramSpec).getIV(); + } + else if (paramSpec instanceof RC2ParameterSpec) + { + int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); + if (effKeyBits != -1) + { + if (effKeyBits < 256) + { + parameterVersion = table[effKeyBits]; + } + else + { + parameterVersion = effKeyBits; + } + } + + this.iv = ((RC2ParameterSpec)paramSpec).getIV(); + } + else + { + throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); + } + } + + protected void engineInit( + byte[] params) + throws IOException + { + this.iv = Arrays.clone(params); + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); + + if (p.getRC2ParameterVersion() != null) + { + parameterVersion = p.getRC2ParameterVersion().intValue(); + } + + iv = p.getIV(); + + return; + } + + if (format.equals("RAW")) + { + engineInit(params); + return; + } + + throw new IOException("Unknown parameters format in IV parameters object"); + } + + protected String engineToString() + { + return "RC2 Parameters"; + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends AlgorithmProvider @@ -465,36 +467,38 @@ public final class RC2 public void configure(ConfigurableProvider provider) { - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); - // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); - // - // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); - // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); - // - // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); - // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); - // - // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); - // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); - // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.RC2_CBC, PREFIX + "$CBC"); - // - // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); - // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); - // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); - // - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); - // END android-removed + + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); + + provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); + provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); + + provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); + provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); + + provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); + provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); + provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); + provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.RC2_CBC, PREFIX + "$CBC"); + + provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); + provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); + provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); + + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); - // END android-removed provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); @@ -502,18 +506,16 @@ public final class RC2 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); - // END android-removed provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); - // END android-removed provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java index 7ac79e7e..e955e9d0 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java @@ -6,44 +6,46 @@ import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; abstract class SymmetricAlgorithmProvider extends AlgorithmProvider { - // BEGIN android-removed - // protected void addCMacAlgorithm( - // ConfigurableProvider provider, - // String algorithm, - // String algorithmClassName, - // String keyGeneratorClassName) - // { - // provider.addAlgorithm("Mac." + algorithm + "-CMAC", algorithmClassName); - // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "CMAC", algorithm + "-CMAC"); - // - // provider.addAlgorithm("KeyGenerator." + algorithm + "-CMAC", keyGeneratorClassName); - // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "CMAC", algorithm + "-CMAC"); - // } - // - // protected void addGMacAlgorithm( - // ConfigurableProvider provider, - // String algorithm, - // String algorithmClassName, - // String keyGeneratorClassName) - // { - // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); - // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); - // - // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); - // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); - // } - // - // protected void addPoly1305Algorithm(ConfigurableProvider provider, - // String algorithm, - // String algorithmClassName, - // String keyGeneratorClassName) - // { - // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); - // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); - // - // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); - // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + protected void addCMacAlgorithm( + ConfigurableProvider provider, + String algorithm, + String algorithmClassName, + String keyGeneratorClassName) + { + provider.addAlgorithm("Mac." + algorithm + "-CMAC", algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "CMAC", algorithm + "-CMAC"); + + provider.addAlgorithm("KeyGenerator." + algorithm + "-CMAC", keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "CMAC", algorithm + "-CMAC"); + } + + protected void addGMacAlgorithm( + ConfigurableProvider provider, + String algorithm, + String algorithmClassName, + String keyGeneratorClassName) + { + provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); + + provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); + } + + protected void addPoly1305Algorithm(ConfigurableProvider provider, + String algorithm, + String algorithmClassName, + String keyGeneratorClassName) + { + provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); + + provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); + } + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java index c666ac14..669be26a 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java @@ -1,26 +1,22 @@ package org.bouncycastle.jcajce.provider.symmetric; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.BlockCipher; // import org.bouncycastle.crypto.CipherKeyGenerator; -// END android-removed import org.bouncycastle.crypto.engines.TwofishEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; // import org.bouncycastle.crypto.macs.GMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.GCMBlockCipher; -// END android-removed import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; // import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; // import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; public final class Twofish @@ -29,58 +25,60 @@ public final class Twofish { } - // BEGIN android-removed - // public static class ECB - // extends BaseBlockCipher - // { - // public ECB() - // { - // super(new BlockCipherProvider() - // { - // public BlockCipher get() - // { - // return new TwofishEngine(); - // } - // }); - // } - // } - // - // public static class KeyGen - // extends BaseKeyGenerator - // { - // public KeyGen() - // { - // super("Twofish", 256, new CipherKeyGenerator()); - // } - // } - // - // public static class GMAC - // extends BaseMac - // { - // public GMAC() - // { - // super(new GMac(new GCMBlockCipher(new TwofishEngine()))); - // } - // } - // - // public static class Poly1305 - // extends BaseMac - // { - // public Poly1305() - // { - // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); - // } - // } - // - // public static class Poly1305KeyGen - // extends BaseKeyGenerator - // { - // public Poly1305KeyGen() - // { - // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new TwofishEngine(); + } + }); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Twofish", 256, new CipherKeyGenerator()); + } + } + + public static class GMAC + extends BaseMac + { + public GMAC() + { + super(new GMac(new GCMBlockCipher(new TwofishEngine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithSHAAndTwofish-CBC @@ -106,16 +104,18 @@ public final class Twofish } } - // BEGIN android-removed - // public static class AlgParams - // extends IvAlgorithmParameters - // { - // protected String engineToString() - // { - // return "Twofish IV"; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Twofish IV"; + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends SymmetricAlgorithmProvider @@ -128,21 +128,21 @@ public final class Twofish public void configure(ConfigurableProvider provider) { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); - // END android-removed + // END Android-removed: Unsupported algorithms } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java index 1486d711..a4719729 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java @@ -152,10 +152,4 @@ public class BCPBEKey { return tryWrong; } - - // BEGIN android-added - public PBEKeySpec getPbeKeySpec() { - return pbeKeySpec; - } - // END android-added } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java index 63d7b351..74d22c5d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java @@ -20,14 +20,13 @@ import javax.crypto.SecretKey; import javax.crypto.ShortBufferException; import javax.crypto.interfaces.PBEKey; import javax.crypto.spec.IvParameterSpec; -// BEGIN android-added +// BEGIN Android-added: Various key-handling modifications import javax.crypto.spec.PBEKeySpec; -// END android-added +// END Android-added: Various key-handling modifications import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.RC2ParameterSpec; // import javax.crypto.spec.RC5ParameterSpec; -// END android-removed import org.bouncycastle.asn1.cms.GCMParameters; import org.bouncycastle.crypto.BlockCipher; @@ -41,20 +40,17 @@ import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.modes.CCMBlockCipher; import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.CTSBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.EAXBlockCipher; // import org.bouncycastle.crypto.modes.GCFBBlockCipher; -// END android-removed import org.bouncycastle.crypto.modes.GCMBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.GOFBBlockCipher; // import org.bouncycastle.crypto.modes.OCBBlockCipher; -// END android-removed import org.bouncycastle.crypto.modes.OFBBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; // import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; -// END android-removed import org.bouncycastle.crypto.modes.SICBlockCipher; import org.bouncycastle.crypto.paddings.BlockCipherPadding; import org.bouncycastle.crypto.paddings.ISO10126d2Padding; @@ -67,22 +63,19 @@ import org.bouncycastle.crypto.params.AEADParameters; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.ParametersWithSBox; -// END android-removed import org.bouncycastle.crypto.params.RC2Parameters; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.RC5Parameters; // import org.bouncycastle.jcajce.PBKDF1Key; // import org.bouncycastle.jcajce.PBKDF1KeyWithParameters; -// END android-removed import org.bouncycastle.jcajce.PKCS12Key; import org.bouncycastle.jcajce.PKCS12KeyWithParameters; import org.bouncycastle.jcajce.spec.AEADParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; // import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; -// END android-removed import org.bouncycastle.util.Strings; public class BaseBlockCipher @@ -96,16 +89,14 @@ public class BaseBlockCipher // private Class[] availableSpecs = { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // RC2ParameterSpec.class, // RC5ParameterSpec.class, - // END android-removed gcmSpecClass, IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed + // Android-removed: Unsupported algorithms // GOST28147ParameterSpec.class - // END android-removed }; private BlockCipher baseEngine; @@ -342,33 +333,35 @@ public class BaseBlockCipher new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); } } - // BEGIN android-removed - // else if (modeName.startsWith("PGP")) - // { - // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); - // - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher( - // new PGPCFBBlockCipher(baseEngine, inlineIV)); - // } - // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) - // { - // ivLength = 0; - // cipher = new BufferedGenericBlockCipher( - // new OpenPGPCFBBlockCipher(baseEngine)); - // } - // else if (modeName.startsWith("SIC")) - // { - // ivLength = baseEngine.getBlockSize(); - // if (ivLength < 16) - // { - // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); - // } - // fixedIv = false; - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new SICBlockCipher(baseEngine))); - // } - // END android-removed + // BEGIN Android-removed: Unsupported modes + /* + else if (modeName.startsWith("PGP")) + { + boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); + + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher( + new PGPCFBBlockCipher(baseEngine, inlineIV)); + } + else if (modeName.equalsIgnoreCase("OpenPGPCFB")) + { + ivLength = 0; + cipher = new BufferedGenericBlockCipher( + new OpenPGPCFBBlockCipher(baseEngine)); + } + else if (modeName.startsWith("SIC")) + { + ivLength = baseEngine.getBlockSize(); + if (ivLength < 16) + { + throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); + } + fixedIv = false; + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new SICBlockCipher(baseEngine))); + } + */ + // END Android-removed: Unsupported modes else if (modeName.startsWith("CTR")) { ivLength = baseEngine.getBlockSize(); @@ -376,20 +369,22 @@ public class BaseBlockCipher cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( new SICBlockCipher(baseEngine))); } - // BEGIN android-removed - // else if (modeName.startsWith("GOFB")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new GOFBBlockCipher(baseEngine))); - // } - // else if (modeName.startsWith("GCFB")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new GCFBBlockCipher(baseEngine))); - // } - // END android-removed + // BEGIN Android-removed: Unsupported modes + /* + else if (modeName.startsWith("GOFB")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new GOFBBlockCipher(baseEngine))); + } + else if (modeName.startsWith("GCFB")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new GCFBBlockCipher(baseEngine))); + } + */ + // END Android-removed: Unsupported modes else if (modeName.startsWith("CTS")) { ivLength = baseEngine.getBlockSize(); @@ -400,28 +395,30 @@ public class BaseBlockCipher ivLength = 13; // CCM nonce 7..13 bytes cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); } - // BEGIN android-removed - // else if (modeName.startsWith("OCB")) - // { - // if (engineProvider != null) - // { - // /* - // * RFC 7253 4.2. Nonce is a string of no more than 120 bits - // */ - // ivLength = 15; - // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); - // } - // else - // { - // throw new NoSuchAlgorithmException("can't support mode " + mode); - // } - // } - // else if (modeName.startsWith("EAX")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); - // } - // END android-removed + // BEGIN Android-removed: Unsupported modes + /* + else if (modeName.startsWith("OCB")) + { + if (engineProvider != null) + { + /* + * RFC 7253 4.2. Nonce is a string of no more than 120 bits + * + ivLength = 15; + cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); + } + else + { + throw new NoSuchAlgorithmException("can't support mode " + mode); + } + } + else if (modeName.startsWith("EAX")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); + } + */ + // END Android-removed: Unsupported modes else if (modeName.startsWith("GCM")) { ivLength = baseEngine.getBlockSize(); @@ -489,13 +486,13 @@ public class BaseBlockCipher } } - // BEGIN android-added + // BEGIN Android-added: Handling missing IVs // TODO(27995180): This might need to be removed if we drop support for BCPBE keys without IV // in PKCS12 private boolean isBCPBEKeyWithoutIV(Key key) { return (key instanceof BCPBEKey) && !(((BCPBEKey)key).getParam() instanceof ParametersWithIV); } - // END android-added + // END Android-added: Handling missing IVs protected void engineInit( int opmode, @@ -530,12 +527,12 @@ public class BaseBlockCipher // // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it). // - // BEGIN android-changed - // Was: if (scheme == PKCS12 || key instanceof PKCS12Key) + // BEGIN Android-changed: Don't use PKCS12 with missing IV. // If the key is a BCPBE one without an IV, ignore the fact that the scheme is PKCS12. // TODO(27995180): consider whether we want to keep support for these keys and PKCS12. + // if (scheme == PKCS12 || key instanceof PKCS12Key) if ((scheme == PKCS12 || key instanceof PKCS12Key) && !isBCPBEKeyWithoutIV(key)) - // END android-changed + // END Android-changed: Don't use PKCS12 with missing IV. { SecretKey k; try @@ -578,13 +575,13 @@ public class BaseBlockCipher } else if (pbeKeyParam == null) { - // BEGIN android-changed - // Was: param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName()); + // BEGIN Android-changed: Unreachable code // TODO(27995180): consider rejecting such keys for PKCS12 // See above for the android-changed with a TODO for the same bug that makes // this code unreachable. - // END android-changed - throw new IllegalStateException("Unreachable code"); + // param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName()); + throw new AssertionError("Unreachable code"); + // END Android-changed: Unreachable code } else { @@ -600,27 +597,29 @@ public class BaseBlockCipher ivParam = (ParametersWithIV)param; } } - // BEGIN android-removed - // else if (key instanceof PBKDF1Key) - // { - // PBKDF1Key k = (PBKDF1Key)key; - - // if (params instanceof PBEParameterSpec) - // { - // pbeSpec = (PBEParameterSpec)params; - // } - // if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null) - // { - // pbeSpec = new PBEParameterSpec(((PBKDF1KeyWithParameters)k).getSalt(), ((PBKDF1KeyWithParameters)k).getIterationCount()); - // } - - // param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS5S1, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName()); - // if (param instanceof ParametersWithIV) - // { - // ivParam = (ParametersWithIV)param; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (key instanceof PBKDF1Key) + { + PBKDF1Key k = (PBKDF1Key)key; + + if (params instanceof PBEParameterSpec) + { + pbeSpec = (PBEParameterSpec)params; + } + if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null) + { + pbeSpec = new PBEParameterSpec(((PBKDF1KeyWithParameters)k).getSalt(), ((PBKDF1KeyWithParameters)k).getIterationCount()); + } + + param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS5S1, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName()); + if (param instanceof ParametersWithIV) + { + ivParam = (ParametersWithIV)param; + } + } + */ + // END Android-removed: Unsupported algorithms else if (key instanceof BCPBEKey) { BCPBEKey k = (BCPBEKey)key; @@ -641,7 +640,7 @@ public class BaseBlockCipher else if (params instanceof PBEParameterSpec) { pbeSpec = (PBEParameterSpec)params; - // BEGIN android-added + // BEGIN Android-added: Allow PBE keys with only passwords. // At this point, k.getParam() == null, so the key hasn't been generated. If // the parameters have non-default values, recreate the BCPBEKey from algorithm // parameters as to generate the key. @@ -653,7 +652,7 @@ public class BaseBlockCipher k.getKeySize()), null /* CipherParameters */); } - // END android-added + // END Android-added: Allow PBE keys with only passwords. param = PBE.Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName()); } else @@ -681,10 +680,10 @@ public class BaseBlockCipher ivParam = (ParametersWithIV)param; } } - // BEGIN android-changed - // Was: else if (!(key instanceof RepeatedSecretKeySpec)) + // BEGIN Android-changed: Unsupported algorithm + // else if (!(key instanceof RepeatedSecretKeySpec)) else - // END android-changed + // END Android-changed: Unsupported algorithms { if (scheme == PKCS5S1 || scheme == PKCS5S1_UTF8 || scheme == PKCS5S2 || scheme == PKCS5S2_UTF8) { @@ -692,12 +691,12 @@ public class BaseBlockCipher } param = new KeyParameter(key.getEncoded()); } - // BEGIN android-removed + // BEGIN Android-removed: Unreachable // else // { // param = null; // } - // END android-removed + // END Android-removed: Unreachable if (params instanceof AEADParameterSpec) { @@ -748,86 +747,88 @@ public class BaseBlockCipher } } } - // BEGIN android-removed - // else if (params instanceof GOST28147ParameterSpec) - // { - // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - // - // param = new ParametersWithSBox( - // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); - // - // if (gost28147Param.getIV() != null && ivLength != 0) - // { - // if (param instanceof ParametersWithIV) - // { - // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), gost28147Param.getIV()); - // } - // else - // { - // param = new ParametersWithIV(param, gost28147Param.getIV()); - // } - // ivParam = (ParametersWithIV)param; - // } - // } - // else if (params instanceof RC2ParameterSpec) - // { - // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; - // - // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); - // - // if (rc2Param.getIV() != null && ivLength != 0) - // { - // if (param instanceof ParametersWithIV) - // { - // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc2Param.getIV()); - // } - // else - // { - // param = new ParametersWithIV(param, rc2Param.getIV()); - // } - // ivParam = (ParametersWithIV)param; - // } - // } - // else if (params instanceof RC5ParameterSpec) - // { - // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; - // - // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); - // if (baseEngine.getAlgorithmName().startsWith("RC5")) - // { - // if (baseEngine.getAlgorithmName().equals("RC5-32")) - // { - // if (rc5Param.getWordSize() != 32) - // { - // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); - // } - // } - // else if (baseEngine.getAlgorithmName().equals("RC5-64")) - // { - // if (rc5Param.getWordSize() != 64) - // { - // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); - // } - // } - // } - // else - // { - // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); - // } - // if ((rc5Param.getIV() != null) && (ivLength != 0)) - // { - // if (param instanceof ParametersWithIV) - // { - // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc5Param.getIV()); - // } - // else - // { - // param = new ParametersWithIV(param, rc5Param.getIV()); - // } - // ivParam = (ParametersWithIV)param; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (params instanceof GOST28147ParameterSpec) + { + GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + + param = new ParametersWithSBox( + new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); + + if (gost28147Param.getIV() != null && ivLength != 0) + { + if (param instanceof ParametersWithIV) + { + param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), gost28147Param.getIV()); + } + else + { + param = new ParametersWithIV(param, gost28147Param.getIV()); + } + ivParam = (ParametersWithIV)param; + } + } + else if (params instanceof RC2ParameterSpec) + { + RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; + + param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); + + if (rc2Param.getIV() != null && ivLength != 0) + { + if (param instanceof ParametersWithIV) + { + param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc2Param.getIV()); + } + else + { + param = new ParametersWithIV(param, rc2Param.getIV()); + } + ivParam = (ParametersWithIV)param; + } + } + else if (params instanceof RC5ParameterSpec) + { + RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; + + param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); + if (baseEngine.getAlgorithmName().startsWith("RC5")) + { + if (baseEngine.getAlgorithmName().equals("RC5-32")) + { + if (rc5Param.getWordSize() != 32) + { + throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); + } + } + else if (baseEngine.getAlgorithmName().equals("RC5-64")) + { + if (rc5Param.getWordSize() != 64) + { + throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); + } + } + } + else + { + throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); + } + if ((rc5Param.getIV() != null) && (ivLength != 0)) + { + if (param instanceof ParametersWithIV) + { + param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc5Param.getIV()); + } + else + { + param = new ParametersWithIV(param, rc5Param.getIV()); + } + ivParam = (ParametersWithIV)param; + } + } + */ + // END Android-removed: Unsupported algorithms else if (gcmSpecClass != null && gcmSpecClass.isInstance(params)) { if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) @@ -869,27 +870,28 @@ public class BaseBlockCipher { ivRandom = new SecureRandom(); } + if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE)) { byte[] iv = new byte[ivLength]; - // BEGIN android-changed - // Was: ivRandom.nextBytes(iv); + // BEGIN Android-changed: For PBE keys with no IV, use IV of 0 rather than random // TODO(27995180): for such keys, consider whether we want to reject them or // allow them if the IV is passed in the parameters + // ivRandom.nextBytes(iv); if (!isBCPBEKeyWithoutIV(key)) { ivRandom.nextBytes(iv); } - // END android-changed + // END Android-changed: For PBE keys with no IV, use IV of 0 rather than random param = new ParametersWithIV(param, iv); ivParam = (ParametersWithIV)param; } else if (cipher.getUnderlyingCipher().getAlgorithmName().indexOf("PGPCFB") < 0) { - // BEGIN android-changed - // Was: throw new InvalidAlgorithmParameterException("no IV set when one expected"); + // BEGIN Android-changed: For PBE keys with no IV, use IV of 0 // TODO(27995180): for such keys, consider whether we want to reject them or // allow them if the IV is passed in the parameters + // throw new InvalidAlgorithmParameterException("no IV set when one expected"); if (!isBCPBEKeyWithoutIV(key)) { throw new InvalidAlgorithmParameterException("no IV set when one expected"); } else { @@ -897,7 +899,7 @@ public class BaseBlockCipher param = new ParametersWithIV(param, new byte[ivLength]); ivParam = (ParametersWithIV)param; } - // END android-changed + // END Android-changed: For PBE keys with no IV, use IV of 0 } } @@ -951,21 +953,23 @@ public class BaseBlockCipher ivParam = new ParametersWithIV(key, iv.getIV()); param = ivParam; } - // BEGIN android-removed - // else if (params instanceof GOST28147ParameterSpec) - // { - // // need to pick up IV and SBox. - // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - // - // param = new ParametersWithSBox(param, gost28147Param.getSbox()); - // - // if (gost28147Param.getIV() != null && ivLength != 0) - // { - // ivParam = new ParametersWithIV(key, gost28147Param.getIV()); - // param = ivParam; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (params instanceof GOST28147ParameterSpec) + { + // need to pick up IV and SBox. + GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + + param = new ParametersWithSBox(param, gost28147Param.getSbox()); + + if (gost28147Param.getIV() != null && ivLength != 0) + { + ivParam = new ParametersWithIV(key, gost28147Param.getIV()); + param = ivParam; + } + } + */ + // END Android-removed: Unsupported algorithms } else { @@ -976,20 +980,22 @@ public class BaseBlockCipher ivParam = new ParametersWithIV(param, iv.getIV()); param = ivParam; } - // BEGIN android-removed - // else if (params instanceof GOST28147ParameterSpec) - // { - // // need to pick up IV and SBox. - // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - // - // param = new ParametersWithSBox(param, gost28147Param.getSbox()); - // - // if (gost28147Param.getIV() != null && ivLength != 0) - // { - // param = new ParametersWithIV(param, gost28147Param.getIV()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (params instanceof GOST28147ParameterSpec) + { + // need to pick up IV and SBox. + GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + + param = new ParametersWithSBox(param, gost28147Param.getSbox()); + + if (gost28147Param.getIV() != null && ivLength != 0) + { + param = new ParametersWithIV(param, gost28147Param.getIV()); + } + } + */ + // END Android-removed: Unsupported algorithms } return param; } @@ -1192,9 +1198,9 @@ public class BaseBlockCipher private boolean isAEADModeName( String modeName) { - // BEGIN android-changed + // Android-changed: Unsupported modes + // return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName); return "CCM".equals(modeName) || "GCM".equals(modeName); - // END android-changed } /* diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java index 7102db50..45b24bff 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java @@ -22,15 +22,13 @@ import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.crypto.params.AEADParameters; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.RC2Parameters; // import org.bouncycastle.crypto.params.SkeinParameters; -// END android-removed import org.bouncycastle.jcajce.PKCS12Key; import org.bouncycastle.jcajce.spec.AEADParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.spec.SkeinParameterSpec; -// END android-removed public class BaseMac extends MacSpi implements PBE @@ -103,16 +101,16 @@ public class BaseMac int digest = SHA1; int keySize = 160; - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // if (macEngine.getAlgorithmName().startsWith("GOST")) // { - // digest = GOST3411; - // keySize = 256; + // digest = GOST3411; + // keySize = 256; // } - // BEGIN android-changed - // Was: else if (macEngine instanceof HMac) + // END Android-removed: Unsupported algorithms + // Android-changed: Adjust for missing if + // else if (macEngine instanceof HMac) if (macEngine instanceof HMac) - // END android-changed { if (!macEngine.getAlgorithmName().startsWith("SHA-1")) { @@ -136,13 +134,13 @@ public class BaseMac digest = SHA512; keySize = 512; } - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // else if (macEngine.getAlgorithmName().startsWith("RIPEMD160")) // { // digest = RIPEMD160; // keySize = 160; // } - // END android-removed + // END Android-removed: Unsupported algorithms else { throw new InvalidAlgorithmParameterException("no PKCS12 mapping for HMAC: " + macEngine.getAlgorithmName()); @@ -198,17 +196,18 @@ public class BaseMac { param = new ParametersWithIV(keyParam, ((IvParameterSpec)params).getIV()); } - // BEGIN android-removed - // else if (params instanceof RC2ParameterSpec) - // { - // param = new ParametersWithIV(new RC2Parameters(keyParam.getKey(), ((RC2ParameterSpec)params).getEffectiveKeyBits()), ((RC2ParameterSpec)params).getIV()); - // } - - // else if (params instanceof SkeinParameterSpec) - // { - // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(keyParam.getKey()).build(); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (params instanceof RC2ParameterSpec) + { + param = new ParametersWithIV(new RC2Parameters(keyParam.getKey(), ((RC2ParameterSpec)params).getEffectiveKeyBits()), ((RC2ParameterSpec)params).getIV()); + } + else if (params instanceof SkeinParameterSpec) + { + param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(keyParam.getKey()).build(); + } + */ + // END Android-removed: Unsupported algorithms else if (params == null) { param = new KeyParameter(key.getEncoded()); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java index f2893080..9795e2da 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java @@ -15,10 +15,9 @@ import javax.crypto.SecretKey; import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.RC2ParameterSpec; // import javax.crypto.spec.RC5ParameterSpec; -// END android-removed import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DataLengthException; @@ -37,10 +36,9 @@ public class BaseStreamCipher // private Class[] availableSpecs = { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // RC2ParameterSpec.class, // RC5ParameterSpec.class, - // END android-removed IvParameterSpec.class, PBEParameterSpec.class }; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java index e2c86766..2d1080f2 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java @@ -22,10 +22,9 @@ import javax.crypto.NoSuchPaddingException; import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.RC2ParameterSpec; // import javax.crypto.spec.RC5ParameterSpec; -// END android-removed import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; @@ -51,10 +50,9 @@ public abstract class BaseWrapCipher { IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed + // Android-removed: Unsupported algorithms // RC2ParameterSpec.class, // RC5ParameterSpec.class - // END android-removed }; protected int pbeType = PKCS12; @@ -279,8 +277,6 @@ public abstract class BaseWrapCipher return null; } - // BEGIN android-changed - // added ShortBufferException to throws statement protected int engineDoFinal( byte[] input, int inputOffset, @@ -291,7 +287,6 @@ public abstract class BaseWrapCipher { return 0; } - // END android-changed protected byte[] engineWrap( Key key) diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java index 2e4f96b5..89c21734 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java @@ -1,27 +1,25 @@ package org.bouncycastle.jcajce.provider.symmetric.util; +// BEGIN Android-added: Needed for compatibility helper import java.lang.reflect.Method; +// END Android-added: Needed for compatibility helper import java.security.InvalidAlgorithmParameterException; import java.security.spec.AlgorithmParameterSpec; import javax.crypto.SecretKey; -// BEGIN android-added +// BEGIN Android-added: Allow IVs specified in parameters. import javax.crypto.spec.IvParameterSpec; -// END android-added +// END Android-added: Allow IVs specified in parameters. import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.PBEParameterSpec; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.PBEParametersGenerator; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.digests.GOST3411Digest; // import org.bouncycastle.crypto.digests.MD2Digest; // import org.bouncycastle.crypto.digests.RIPEMD160Digest; // import org.bouncycastle.crypto.digests.TigerDigest; -// END android-removed import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; @@ -29,9 +27,10 @@ import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator; import org.bouncycastle.crypto.params.DESParameters; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed +// BEGIN Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; +// END Android-changed: Use Android digests public interface PBE { @@ -40,15 +39,13 @@ public interface PBE // static final int MD5 = 0; static final int SHA1 = 1; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // static final int RIPEMD160 = 2; // static final int TIGER = 3; - // END android-removed static final int SHA256 = 4; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // static final int MD2 = 5; // static final int GOST3411 = 6; - // END android-removed static final int SHA224 = 7; static final int SHA384 = 8; static final int SHA512 = 9; @@ -60,7 +57,6 @@ public interface PBE static final int PKCS5S1_UTF8 = 4; static final int PKCS5S2_UTF8 = 5; - /** * uses the appropriate mixer to generate the key and IV if necessary. */ @@ -76,20 +72,19 @@ public interface PBE { switch (hash) { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // case MD2: // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); // break; - // END android-removed case MD5: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S1ParametersGenerator(DigestFactory.createMD5()); generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed break; case SHA1: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S1ParametersGenerator(DigestFactory.createSHA1()); generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed break; default: throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); @@ -99,48 +94,54 @@ public interface PBE { switch (hash) { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // case MD2: // generator = new PKCS5S2ParametersGenerator(new MD2Digest()); // break; - // END android-removed case MD5: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createMD5()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed break; - case SHA1: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA1()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed break; - // BEGIN android-removed - // case RIPEMD160: - // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); - // break; - // case TIGER: - // generator = new PKCS5S2ParametersGenerator(new TigerDigest()); - // break; - // END android-removed - // BEGIN android-added - case SHA224: - generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA224()); + // BEGIN Android-removed: Unsupported algorithms + /* + case RIPEMD160: + generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); + break; + case TIGER: + generator = new PKCS5S2ParametersGenerator(new TigerDigest()); break; - // END android-added + */ + // END Android-removed: Unsupported algorithms case SHA256: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA256()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256()); - // END android-changed break; - // BEGIN android-added + // Android-removed: Unsupported algorithms + // case GOST3411: + // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); + // break; + case SHA224: + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA224()); + generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA224()); + break; case SHA384: + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA384()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA384()); break; case SHA512: + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA512()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA512()); break; - // END android-added default: throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption."); } @@ -149,44 +150,52 @@ public interface PBE { switch (hash) { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // case MD2: // generator = new PKCS12ParametersGenerator(new MD2Digest()); // break; - // END android-removed case MD5: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createMD5()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed break; case SHA1: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA1()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed break; - // BEGIN android-removed - // case RIPEMD160: - // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); - // break; - // case TIGER: - // generator = new PKCS12ParametersGenerator(new TigerDigest()); - // break; - // END android-removed - // BEGIN android-added - case SHA224: - generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA224()); + // BEGIN Android-removed: Unsupported algorithms + /* + case RIPEMD160: + generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); break; - // END android-added + case TIGER: + generator = new PKCS12ParametersGenerator(new TigerDigest()); + break; + */ + // END Android-removed: Unsupported algorithms case SHA256: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA256()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); - // END android-changed break; - // BEGIN android-added + // Android-removed: Unsupported algorithms + // case GOST3411: + // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); + // break; + case SHA224: + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA224()); + generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA224()); + break; case SHA384: + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA384()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA384()); break; case SHA512: + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA512()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA512()); break; default: @@ -235,7 +244,7 @@ public interface PBE if (ivSize != 0) { param = generator.generateDerivedParameters(keySize, ivSize); - // BEGIN ANDROID-ADDED + // BEGIN Android-added: Allow IVs specified in parameters. // PKCS5S2 doesn't specify that the IV must be generated from the password. If the // IV is passed as a parameter, use it. AlgorithmParameterSpec parameterSpecFromPBEParameterSpec = @@ -249,7 +258,7 @@ public interface PBE (KeyParameter) parametersWithIV.getParameters(), ivParameterSpec.getIV()); } - // END ANDROID-ADDED + // END Android-added: Allow IVs specified in parameters. } else { @@ -304,7 +313,7 @@ public interface PBE if (pbeKey.getIvSize() != 0) { param = generator.generateDerivedParameters(pbeKey.getKeySize(), pbeKey.getIvSize()); - // BEGIN ANDROID-ADDED + // BEGIN Android-added: Allow IVs specified in parameters. // PKCS5S2 doesn't specify that the IV must be generated from the password. If the // IV is passed as a parameter, use it. AlgorithmParameterSpec parameterSpecFromPBEParameterSpec = @@ -318,7 +327,7 @@ public interface PBE (KeyParameter) parametersWithIV.getParameters(), ivParameterSpec.getIV()); } - // END ANDROID-ADDED + // END Android-added: Allow IVs specified in parameters. } else { @@ -464,7 +473,7 @@ public interface PBE return param; } - // BEGIN android-added + // BEGIN Android-added: Add helper for 1.8 compatibility. /** * Invokes the method {@link PBEParameterSpec#getParameterSpec()} via reflection. * @@ -483,7 +492,7 @@ public interface PBE return null; } } - // END android-added + // END Android-added: Add helper for 1.8 compatibility. private static byte[] convertPassword(int type, PBEKeySpec keySpec) diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java index 9869b1c6..552a6e60 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java @@ -10,9 +10,9 @@ import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.Digest; -// BEGIN android-added +// BEGIN Android-added: Use Android digests import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added +// END Android-added: Use Android digests import org.bouncycastle.util.Strings; public class DigestFactory @@ -23,14 +23,16 @@ public class DigestFactory private static Set sha256 = new HashSet(); private static Set sha384 = new HashSet(); private static Set sha512 = new HashSet(); - // BEGIN android-removed - // private static Set sha512_224 = new HashSet(); - // private static Set sha512_256 = new HashSet(); - // private static Set sha3_224 = new HashSet(); - // private static Set sha3_256 = new HashSet(); - // private static Set sha3_384 = new HashSet(); - // private static Set sha3_512 = new HashSet(); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + private static Set sha512_224 = new HashSet(); + private static Set sha512_256 = new HashSet(); + private static Set sha3_224 = new HashSet(); + private static Set sha3_256 = new HashSet(); + private static Set sha3_384 = new HashSet(); + private static Set sha3_512 = new HashSet(); + */ + // END Android-removed: Unsupported algorithms private static Map oids = new HashMap(); @@ -59,27 +61,29 @@ public class DigestFactory sha512.add("SHA-512"); sha512.add(NISTObjectIdentifiers.id_sha512.getId()); - // BEGIN android-removed - // sha512_224.add("SHA512(224)"); - // sha512_224.add("SHA-512(224)"); - // sha512_224.add(NISTObjectIdentifiers.id_sha512_224.getId()); + // BEGIN Android-removed: Unsupported algorithms + /* + sha512_224.add("SHA512(224)"); + sha512_224.add("SHA-512(224)"); + sha512_224.add(NISTObjectIdentifiers.id_sha512_224.getId()); - // sha512_256.add("SHA512(256)"); - // sha512_256.add("SHA-512(256)"); - // sha512_256.add(NISTObjectIdentifiers.id_sha512_256.getId()); + sha512_256.add("SHA512(256)"); + sha512_256.add("SHA-512(256)"); + sha512_256.add(NISTObjectIdentifiers.id_sha512_256.getId()); - // sha3_224.add("SHA3-224"); - // sha3_224.add(NISTObjectIdentifiers.id_sha3_224.getId()); + sha3_224.add("SHA3-224"); + sha3_224.add(NISTObjectIdentifiers.id_sha3_224.getId()); - // sha3_256.add("SHA3-256"); - // sha3_256.add(NISTObjectIdentifiers.id_sha3_256.getId()); + sha3_256.add("SHA3-256"); + sha3_256.add(NISTObjectIdentifiers.id_sha3_256.getId()); - // sha3_384.add("SHA3-384"); - // sha3_384.add(NISTObjectIdentifiers.id_sha3_384.getId()); + sha3_384.add("SHA3-384"); + sha3_384.add(NISTObjectIdentifiers.id_sha3_384.getId()); - // sha3_512.add("SHA3-512"); - // sha3_512.add(NISTObjectIdentifiers.id_sha3_512.getId()); - // END android-removed + sha3_512.add("SHA3-512"); + sha3_512.add(NISTObjectIdentifiers.id_sha3_512.getId()); + */ + // END Android-removed: Unsupported algorithms oids.put("MD5", PKCSObjectIdentifiers.md5); @@ -133,65 +137,69 @@ public class DigestFactory if (sha1.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA1(); return AndroidDigestFactory.getSHA1(); - // END android-changed } if (md5.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createMD5(); return AndroidDigestFactory.getMD5(); - // END android-changed } if (sha224.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA224(); return AndroidDigestFactory.getSHA224(); - // END android-changed } if (sha256.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA256(); return AndroidDigestFactory.getSHA256(); - // END android-changed } if (sha384.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA384(); return AndroidDigestFactory.getSHA384(); - // END android-changed } - if (sha512.contains(digestName)) { - // BEGIN android-changed + if (sha512.contains(digestName)) + { + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA512(); return AndroidDigestFactory.getSHA512(); - // END android-changed } - // BEGIN android-removed - // if (sha512_224.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA512_224(); - // } - // if (sha512_256.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA512_256(); - // } - // - // if (sha3_224.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_224(); - // } - // if (sha3_256.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_256(); - // } - // if (sha3_384.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_384(); - // } - // if (sha3_512.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_512(); - // } + // BEGIN Android-removed: Unsupported algorithms + /* + if (sha512_224.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA512_224(); + } + if (sha512_256.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA512_256(); + } + + if (sha3_224.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA3_224(); + } + if (sha3_256.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA3_256(); + } + if (sha3_384.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA3_384(); + } + if (sha3_512.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA3_512(); + } + */ + // END Android-removed: Unsupported algorithms return null; } @@ -205,14 +213,16 @@ public class DigestFactory || (sha256.contains(digest1) && sha256.contains(digest2)) || (sha384.contains(digest1) && sha384.contains(digest2)) || (sha512.contains(digest1) && sha512.contains(digest2)) - // BEGIN android-removed - // || (sha512_224.contains(digest1) && sha512_224.contains(digest2)) - // || (sha512_256.contains(digest1) && sha512_256.contains(digest2)) - // || (sha3_224.contains(digest1) && sha3_224.contains(digest2)) - // || (sha3_256.contains(digest1) && sha3_256.contains(digest2)) - // || (sha3_384.contains(digest1) && sha3_384.contains(digest2)) - // || (sha3_512.contains(digest1) && sha3_512.contains(digest2)) - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + || (sha512_224.contains(digest1) && sha512_224.contains(digest2)) + || (sha512_256.contains(digest1) && sha512_256.contains(digest2)) + || (sha3_224.contains(digest1) && sha3_224.contains(digest2)) + || (sha3_256.contains(digest1) && sha3_256.contains(digest2)) + || (sha3_384.contains(digest1) && sha3_384.contains(digest2)) + || (sha3_512.contains(digest1) && sha3_512.contains(digest2)) + */ + // END Android-removed: Unsupported algorithms || (md5.contains(digest1) && md5.contains(digest2)); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java index 51486012..4237ac6b 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java @@ -6,15 +6,13 @@ import java.security.AlgorithmParameters; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed /** * General JCA/JCE utility methods. @@ -107,24 +105,26 @@ public class JcaJceUtils { return "SHA512"; } - // BEGIN android-removed - // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - // { - // return "RIPEMD128"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - // { - // return "RIPEMD160"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - // { - // return "RIPEMD256"; - // } - // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - // { - // return "GOST3411"; - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + { + return "GOST3411"; + } + */ + // END Android-removed: Unsupported algorithms else { return digestAlgOID.getId(); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java index 1125a4ba..119d8eb5 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java @@ -4,17 +4,15 @@ import java.util.HashMap; import java.util.Map; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers; // import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed public class MessageDigestUtils { @@ -22,30 +20,32 @@ public class MessageDigestUtils static { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // digestOidMap.put(PKCSObjectIdentifiers.md2, "MD2"); // digestOidMap.put(PKCSObjectIdentifiers.md4, "MD4"); - // END android-removed + // END Android-removed: Unsupported algorithms digestOidMap.put(PKCSObjectIdentifiers.md5, "MD5"); digestOidMap.put(OIWObjectIdentifiers.idSHA1, "SHA-1"); digestOidMap.put(NISTObjectIdentifiers.id_sha224, "SHA-224"); digestOidMap.put(NISTObjectIdentifiers.id_sha256, "SHA-256"); digestOidMap.put(NISTObjectIdentifiers.id_sha384, "SHA-384"); digestOidMap.put(NISTObjectIdentifiers.id_sha512, "SHA-512"); - // BEGIN android-removed - // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD-128"); - // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD-160"); - // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD-128"); - // digestOidMap.put(ISOIECObjectIdentifiers.ripemd128, "RIPEMD-128"); - // digestOidMap.put(ISOIECObjectIdentifiers.ripemd160, "RIPEMD-160"); - // digestOidMap.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411"); - // digestOidMap.put(GNUObjectIdentifiers.Tiger_192, "Tiger"); - // digestOidMap.put(ISOIECObjectIdentifiers.whirlpool, "Whirlpool"); - // digestOidMap.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224"); - // digestOidMap.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256"); - // digestOidMap.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384"); - // digestOidMap.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD-128"); + digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD-160"); + digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD-128"); + digestOidMap.put(ISOIECObjectIdentifiers.ripemd128, "RIPEMD-128"); + digestOidMap.put(ISOIECObjectIdentifiers.ripemd160, "RIPEMD-160"); + digestOidMap.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411"); + digestOidMap.put(GNUObjectIdentifiers.Tiger_192, "Tiger"); + digestOidMap.put(ISOIECObjectIdentifiers.whirlpool, "Whirlpool"); + digestOidMap.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224"); + digestOidMap.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256"); + digestOidMap.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384"); + digestOidMap.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512"); + */ + // END Android-removed: Unsupported algorithms } /** diff --git a/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java b/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java index 0c41c882..22373486 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java @@ -30,18 +30,16 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.CertificationRequest; import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.X509Name; @@ -85,11 +83,10 @@ public class PKCS10CertificationRequest static { - // BEGIN android-removed - // Dropping MD2 + // Android-removed: Unsupported algorithms // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); - // END android-removed + // END Android-removed: Unsupported algorithms algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); @@ -109,14 +106,14 @@ public class PKCS10CertificationRequest algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5")); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - // END android-removed + // END Android-removed: Unsupported algorithms algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); @@ -129,13 +126,13 @@ public class PKCS10CertificationRequest algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - // END android-removed + // END Android-removed: Unsupported algorithms // // reverse mappings @@ -145,15 +142,15 @@ public class PKCS10CertificationRequest oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); - // END android-removed + // END Android-removed: Unsupported algorithms oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); - // END android-removed + // END Android-removed: Unsupported algorithms oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); @@ -187,10 +184,10 @@ public class PKCS10CertificationRequest // // RFC 4491 // - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - // END android-removed + // END Android-removed: Unsupported algorithms // // explicit params // @@ -633,24 +630,26 @@ public class PKCS10CertificationRequest { return "SHA512"; } - // BEGIN android-removed - // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - // { - // return "RIPEMD128"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - // { - // return "RIPEMD160"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - // { - // return "RIPEMD256"; - // } - // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - // { - // return "GOST3411"; - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + { + return "GOST3411"; + } + */ + // END Android-removed: Unsupported algorithms else { return digestAlgOID.getId(); diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java index 5cb5d526..dfc56d7e 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java @@ -60,29 +60,25 @@ public final class BouncyCastleProvider extends Provider private static final String[] SYMMETRIC_GENERIC = { - // BEGIN android-changed - // Was: "PBEPBKDF2", "TLSKDF" + // Android-changed: Remove unsupported algorithms, add our own version of PBEv2 AlgParams + // "PBEPBKDF2", "TLSKDF" "PBEPBKDF2", "PBEPKCS12", "PBES2AlgorithmParameters" }; private static final String[] SYMMETRIC_MACS = { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // "SipHash", "Poly1305" - // END android-removed }; private static final String[] SYMMETRIC_CIPHERS = { - // BEGIN android-removed + // Android-changed: Unsupported algorithms // "AES", "ARC4", "ARIA", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "SM4", "TEA", "Twofish", "Threefish", // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20", "OpenSSLPBKDF" - // END android-removed - // BEGIN android-added "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish", - // END android-added }; /* @@ -94,22 +90,16 @@ public final class BouncyCastleProvider extends Provider // later ones configure it. private static final String[] ASYMMETRIC_GENERIC = { - // BEGIN android-removed + // Android-changed: Unsupported algorithms // "X509", "IES" - // END android-removed - // BEGIN android-added "X509" - // END android-added }; private static final String[] ASYMMETRIC_CIPHERS = { - // BEGIN android-removed + // Android-changed: Unsupported algorithms // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145", "GM" - // END android-removed - // BEGIN android-added "DSA", "DH", "EC", "RSA", - // END android-added }; /* @@ -118,13 +108,10 @@ public final class BouncyCastleProvider extends Provider private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest."; private static final String[] DIGESTS = { - // BEGIN android-removed + // Android-changed: Unsupported algorithms // "GOST3411", "Keccak", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", // "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool", "Blake2b" - // END android-removed - // BEGIN android-added "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", - // END android-added }; /* @@ -136,7 +123,7 @@ public final class BouncyCastleProvider extends Provider "BC", "BCFKS", "PKCS12" }; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // /* // * Configurable secure random // */ @@ -181,54 +168,56 @@ public final class BouncyCastleProvider extends Provider loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES); - // BEGIN android-removed - // loadAlgorithms(SECURE_RANDOM_PACKAGE, SECURE_RANDOMS); - // - // // - // // X509Store - // // - // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); - // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); - // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); - // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); - // - // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); - // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); - // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); - // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); + // Android-removed: Unsupported algorithms + /* + loadAlgorithms(SECURE_RANDOM_PACKAGE, SECURE_RANDOMS); + // - // // - // // X509StreamParser - // // - // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); - // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); - // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); - // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); + // X509Store // - // // - // // cipher engines - // // - // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); + put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); + put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); + put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); + put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); + + put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); + put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); + put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); + put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); + // - // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); + // X509StreamParser // + put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); + put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); + put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); + put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); + // - // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); + // cipher engines // - // // Certification Path API - // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); - // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); - // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); - // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); - // END android-removed + put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); + + put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); + + + put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); + + // Certification Path API + put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); + put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); + put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); + put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); + */ + // END Android-removed: Unsupported algorithms put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); - // END android-removed + // END Android-removed: Unsupported algorithms } private void loadAlgorithms(String packageName, String[] names) diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java index b6a9d6a5..b72a6f44 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java @@ -75,9 +75,7 @@ import org.bouncycastle.util.Selector; import org.bouncycastle.util.Store; import org.bouncycastle.util.StoreException; import org.bouncycastle.x509.X509AttributeCertificate; -// BEGIN android-removed -// import org.bouncycastle.x509.extension.X509ExtensionUtil; -// END android-removed +import org.bouncycastle.x509.extension.X509ExtensionUtil; class CertPathValidatorUtilities { @@ -657,22 +655,24 @@ class CertPathValidatorUtilities { Object obj = iter.next(); - // BEGIN android-removed - // if (obj instanceof X509Store) - // { - // X509Store certStore = (X509Store)obj; - // try - // { - // certs.addAll(certStore.getMatches(certSelect)); - // } - // catch (StoreException e) - // { - // throw new AnnotatedException( - // "Problem while picking certificates from X.509 store.", e); - // } - // } - // else - // END android-removed + // BEGIN Android-removed: Unknown reason + /* + if (obj instanceof Store) + { + Store certStore = (Store)obj; + try + { + certs.addAll(certStore.getMatches(certSelect)); + } + catch (StoreException e) + { + throw new AnnotatedException( + "Problem while picking certificates from X.509 store.", e); + } + } + else + */ + // END Android-removed: Unknown reason { CertStore certStore = (CertStore)obj; @@ -894,7 +894,9 @@ class CertPathValidatorUtilities { return; } + X500Principal certificateIssuer = crl_entry.getCertificateIssuer(); + X500Name certIssuer; if (certificateIssuer == null) { diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java index 20ca6f27..7d6a50cf 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java @@ -19,10 +19,9 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; -// END android-removed import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; @@ -205,23 +204,25 @@ public class JCEECPrivateKey ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); - // BEGIN android-removed - // if (ecP == null) // GOST Curve - // { - // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); - // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); - // - // ecSpec = new ECNamedCurveSpec( - // ECGOST3410NamedCurves.getName(oid), - // ellipticCurve, - // new ECPoint( - // gParam.getG().getAffineXCoord().toBigInteger(), - // gParam.getG().getAffineYCoord().toBigInteger()), - // gParam.getN(), - // gParam.getH()); - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (ecP == null) // GOST Curve + { + ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); + EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); + + ecSpec = new ECNamedCurveSpec( + ECGOST3410NamedCurves.getName(oid), + ellipticCurve, + new ECPoint( + gParam.getG().getAffineXCoord().toBigInteger(), + gParam.getG().getAffineYCoord().toBigInteger()), + gParam.getN(), + gParam.getH()); + } + else + */ + // END Android-removed: Unsupported algorithms { EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); @@ -335,13 +336,13 @@ public class JCEECPrivateKey try { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // if (algorithm.equals("ECGOST3410")) // { // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); // } // else - // END android-removed + // END Android-removed: Unsupported algorithms { info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java index 94fb7289..654b5e1d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java @@ -18,11 +18,10 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.DEROctetString; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; // import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; -// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x9.X962Parameters; @@ -35,13 +34,11 @@ import org.bouncycastle.crypto.params.ECPublicKeyParameters; import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jce.ECGOST3410NamedCurveTable; -// END android-removed import org.bouncycastle.jce.interfaces.ECPointEncoder; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; -// END android-removed import org.bouncycastle.jce.spec.ECNamedCurveSpec; import org.bouncycastle.math.ec.ECCurve; import org.bouncycastle.math.ec.custom.sec.SecP256K1Point; @@ -55,9 +52,8 @@ public class JCEECPublicKey private org.bouncycastle.math.ec.ECPoint q; private ECParameterSpec ecSpec; private boolean withCompression; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // private GOST3410PublicKeyAlgParameters gostParams; - // END android-removed public JCEECPublicKey( String algorithm, @@ -67,9 +63,8 @@ public class JCEECPublicKey this.q = key.q; this.ecSpec = key.ecSpec; this.withCompression = key.withCompression; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // this.gostParams = key.gostParams; - // END android-removed } public JCEECPublicKey( @@ -192,56 +187,58 @@ public class JCEECPublicKey private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) { - // BEGIN android-removed - // if (info.getAlgorithmId().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001)) - // { - // DERBitString bits = info.getPublicKeyData(); - // ASN1OctetString key; - // this.algorithm = "ECGOST3410"; - // - // try - // { - // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); - // } - // catch (IOException ex) - // { - // throw new IllegalArgumentException("error recovering public key"); - // } - // - // byte[] keyEnc = key.getOctets(); - // byte[] x = new byte[32]; - // byte[] y = new byte[32]; - // - // for (int i = 0; i != x.length; i++) - // { - // x[i] = keyEnc[32 - 1 - i]; - // } - // - // for (int i = 0; i != y.length; i++) - // { - // y[i] = keyEnc[64 - 1 - i]; - // } - // - // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); - // - // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); - // - // ECCurve curve = spec.getCurve(); - // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); - // - // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); - // - // ecSpec = new ECNamedCurveSpec( - // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), - // ellipticCurve, - // new ECPoint( - // spec.getG().getAffineXCoord().toBigInteger(), - // spec.getG().getAffineYCoord().toBigInteger()), - // spec.getN(), spec.getH()); - // - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (info.getAlgorithmId().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001)) + { + DERBitString bits = info.getPublicKeyData(); + ASN1OctetString key; + this.algorithm = "ECGOST3410"; + + try + { + key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); + } + catch (IOException ex) + { + throw new IllegalArgumentException("error recovering public key"); + } + + byte[] keyEnc = key.getOctets(); + byte[] x = new byte[32]; + byte[] y = new byte[32]; + + for (int i = 0; i != x.length; i++) + { + x[i] = keyEnc[32 - 1 - i]; + } + + for (int i = 0; i != y.length; i++) + { + y[i] = keyEnc[64 - 1 - i]; + } + + gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); + + ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); + + ECCurve curve = spec.getCurve(); + EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); + + this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); + + ecSpec = new ECNamedCurveSpec( + ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), + ellipticCurve, + new ECPoint( + spec.getG().getAffineXCoord().toBigInteger(), + spec.getG().getAffineYCoord().toBigInteger()), + spec.getN(), spec.getH()); + + } + else + */ + // END Android-removed: Unsupported algorithms { X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters()); ECCurve curve; @@ -330,54 +327,56 @@ public class JCEECPublicKey ASN1Encodable params; SubjectPublicKeyInfo info; - // BEGIN android-removed - // if (algorithm.equals("ECGOST3410")) - // { - // if (gostParams != null) - // { - // params = gostParams; - // } - // else - // { - // if (ecSpec instanceof ECNamedCurveSpec) - // { - // params = new GOST3410PublicKeyAlgParameters( - // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), - // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); - // } - // else - // { // strictly speaking this may not be applicable... - // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); - // - // X9ECParameters ecP = new X9ECParameters( - // curve, - // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), - // ecSpec.getOrder(), - // BigInteger.valueOf(ecSpec.getCofactor()), - // ecSpec.getCurve().getSeed()); - // - // params = new X962Parameters(ecP); - // } - // } - // - // BigInteger bX = this.q.getAffineXCoord().toBigInteger(); - // BigInteger bY = this.q.getAffineYCoord().toBigInteger(); - // byte[] encKey = new byte[64]; - // - // extractBytes(encKey, 0, bX); - // extractBytes(encKey, 32, bY); - // - // try - // { - // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); - // } - // catch (IOException e) - // { - // return null; - // } - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (algorithm.equals("ECGOST3410")) + { + if (gostParams != null) + { + params = gostParams; + } + else + { + if (ecSpec instanceof ECNamedCurveSpec) + { + params = new GOST3410PublicKeyAlgParameters( + ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), + CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); + } + else + { // strictly speaking this may not be applicable... + ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + + X9ECParameters ecP = new X9ECParameters( + curve, + EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + ecSpec.getOrder(), + BigInteger.valueOf(ecSpec.getCofactor()), + ecSpec.getCurve().getSeed()); + + params = new X962Parameters(ecP); + } + } + + BigInteger bX = this.q.getAffineXCoord().toBigInteger(); + BigInteger bY = this.q.getAffineYCoord().toBigInteger(); + byte[] encKey = new byte[64]; + + extractBytes(encKey, 0, bX); + extractBytes(encKey, 32, bY); + + try + { + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); + } + catch (IOException e) + { + return null; + } + } + else + */ + // END Android-removed: Unsupported algorithms { if (ecSpec instanceof ECNamedCurveSpec) { diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java index b53b7aa2..97a38aca 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java @@ -88,24 +88,26 @@ class PKIXCRLUtil { Object obj = iter.next(); - // BEGIN android-removed - // if (obj instanceof Store) - // { - // Store store = (Store)obj; - - // try - // { - // crls.addAll(store.getMatches(crlSelect)); - // foundValidStore = true; - // } - // catch (StoreException e) - // { - // lastException = new AnnotatedException( - // "Exception searching in X.509 CRL store.", e); - // } - // } - // else - // END android-removed + // BEGIN Android-removed: Unknown reason + /* + if (obj instanceof Store) + { + Store store = (Store)obj; + + try + { + crls.addAll(store.getMatches(crlSelect)); + foundValidStore = true; + } + catch (StoreException e) + { + lastException = new AnnotatedException( + "Exception searching in X.509 CRL store.", e); + } + } + else + */ + // END Android-removed: Unknown reason { CertStore store = (CertStore)obj; diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java index 5d49d889..bd2331ab 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java @@ -1,8 +1,8 @@ package org.bouncycastle.jce.provider; -// BEGIN android-added +// BEGIN Android-added: Blacklist support import java.math.BigInteger; -// END android-added +// END Android-added: Blacklist support import java.security.InvalidAlgorithmParameterException; import java.security.PublicKey; import java.security.cert.CertPath; @@ -45,11 +45,11 @@ public class PKIXCertPathValidatorSpi public PKIXCertPathValidatorSpi() { } - // BEGIN android-added + // BEGIN Android-added: Avoid loading blacklist during class init private static class NoPreloadHolder { private final static CertBlacklist blacklist = new CertBlacklist(); } - // END android-added + // END Android-added: Avoid loading blacklist during class init public CertPathValidatorResult engineValidate( CertPath certPath, @@ -105,7 +105,7 @@ public class PKIXCertPathValidatorSpi { throw new CertPathValidatorException("Certification path is empty.", null, certPath, -1); } - // BEGIN android-added + // BEGIN Android-added: Support blacklisting known-bad certs { X509Certificate cert = (X509Certificate) certs.get(0); @@ -120,7 +120,7 @@ public class PKIXCertPathValidatorSpi } } } - // END android-added + // END Android-added: Support blacklisting known-bad certs // // (b) @@ -300,7 +300,7 @@ public class PKIXCertPathValidatorSpi for (index = certs.size() - 1; index >= 0; index--) { - // BEGIN android-added + // BEGIN Android-added: Support blacklisting known-bad certs if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) { // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs String message = "Certificate revocation of public key " + workingPublicKey; @@ -308,7 +308,7 @@ public class PKIXCertPathValidatorSpi AnnotatedException e = new AnnotatedException(message); throw new CertPathValidatorException(e.getMessage(), e, certPath, index); } - // END android-added + // END Android-added: Support blacklisting known-bad certs // try // { // diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java index 4a0166b2..a35fa650 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java @@ -58,9 +58,9 @@ import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.Extensions; import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.asn1.x509.KeyUsage; -// BEGIN android-added +// BEGIN Android-added: Unknown reason import org.bouncycastle.asn1.x509.X509Name; -// END android-added +// END Android-added: Unknown reason import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; import org.bouncycastle.jce.X509Principal; import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; @@ -570,20 +570,20 @@ public class X509CertificateObject } } - // BEGIN android-changed + // BEGIN Android-added: Cache encoded certificates private byte[] encoded; - // END android-changed + // END Android-added: Cache encoded certificates public byte[] getEncoded() throws CertificateEncodingException { try { - // BEGIN android-changed + // BEGIN Android-changed: Cache encoded certificates if (encoded == null) { encoded = c.getEncoded(ASN1Encoding.DER); } return encoded; - // END android-changed + // END Android-changed: Cache encoded certificates } catch (IOException e) { @@ -904,9 +904,9 @@ public class X509CertificateObject list.add(genName.getEncoded()); break; case GeneralName.directoryName: - // BEGIN android-changed + // BEGIN Android-changed: Unknown reason list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); - // END android-changed + // END Android-changed: Unknown reason break; case GeneralName.dNSName: case GeneralName.rfc822Name: diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java index b12b1df7..a2ac86f8 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java @@ -14,9 +14,8 @@ import org.bouncycastle.asn1.ASN1Null; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; @@ -68,14 +67,16 @@ class X509SignatureUtil if (params != null && !derNull.equals(params)) { - // BEGIN android-removed - // if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) - // { - // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); - // - // return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) + { + RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); + + return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; + } + */ + // END Android-removed: Unsupported algorithms if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) { ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); @@ -118,24 +119,26 @@ class X509SignatureUtil { return "SHA512"; } - // BEGIN android-removed - // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - // { - // return "RIPEMD128"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - // { - // return "RIPEMD160"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - // { - // return "RIPEMD256"; - // } - // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - // { - // return "GOST3411"; - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + { + return "GOST3411"; + } + */ + // END Android-removed: Unsupported algorithms else { return digestAlgOID.getId(); diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java b/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java index ecf910f4..4762ec52 100644 --- a/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java +++ b/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java @@ -25,16 +25,14 @@ import org.bouncycastle.asn1.ASN1Encoding; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import org.bouncycastle.jce.X509Principal; @@ -48,10 +46,10 @@ class X509Util static { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); - // END android-removed + // END Android-removed: Unsupported algorithms algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); @@ -69,14 +67,14 @@ class X509Util algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - // END android-removed + // END Android-removed: Unsupported algorithms algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); @@ -89,13 +87,13 @@ class X509Util algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - // END android-removed + // END Android-removed: Unsupported algorithms // // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. @@ -115,10 +113,10 @@ class X509Util // // RFC 4491 // - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - // END android-removed + // END Android-removed: Unsupported algorithms // // explicit params diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java b/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java index 28bf5507..325b8fbc 100644 --- a/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java @@ -38,7 +38,6 @@ import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; import org.bouncycastle.jce.X509Principal; - import org.bouncycastle.x509.extension.X509ExtensionUtil; /** |