Merge "Load default KeyFactory instead of BC's implementation"

3 files changed, 44 insertions, 6 deletions

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java
index e0e5d021..6a52aef2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java
@@ -406,7 +406,8 @@ public final class DESede
             */
             // END Android-removed: Unsupported algorithms
 
-            if (provider.hasAlgorithm("MessageDigest", "SHA-1"))
+            // Android-removed Bouncy Castle's SHA-1 implementation is removed but we still need PBEWithSHAAnd3-KeyTripleDES-CBC
+            // if (provider.hasAlgorithm("MessageDigest", "SHA-1"))
             {
                 provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key");
                 // BEGIN Android-removed: Unsupported algorithms
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/netscape/NetscapeCertRequest.java b/bcprov/src/main/java/org/bouncycastle/jce/netscape/NetscapeCertRequest.java
index 159224f2..0c9de937 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/netscape/NetscapeCertRequest.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/netscape/NetscapeCertRequest.java
@@ -115,7 +115,7 @@ public class NetscapeCertRequest
                     pubkeyinfo).getBytes());
 
             keyAlg = pubkeyinfo.getAlgorithm();
-            pubkey = KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), "BC")
+            pubkey = KeyFactory.getInstance(keyAlg.getAlgorithm().getId())
                     .generatePublic(xspec);
 
         }
@@ -203,8 +203,7 @@ public class NetscapeCertRequest
         // Verify the signature .. shows the response was generated
         // by someone who knew the associated private key
         //
-        Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(),
-                "BC");
+        Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId());
         sig.initVerify(pubkey);
         sig.update(content.getBytes());
 
@@ -223,8 +222,7 @@ public class NetscapeCertRequest
             SignatureException, NoSuchProviderException,
             InvalidKeySpecException
     {
-        Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(),
-                "BC");
+        Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId());
 
         if (rand != null)
         {
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
index 4458fc14..57bfc47e 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
@@ -2,10 +2,15 @@ package org.bouncycastle.jce.provider;
 
 import java.io.IOException;
 import java.security.AccessController;
+// Android-added: need to get non-BC implementations
+import java.security.KeyFactory;
 import java.security.PrivateKey;
 import java.security.PrivilegedAction;
 import java.security.Provider;
 import java.security.PublicKey;
+// Android-added: need to convert Asn1Objects into standard specs
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.Map;
@@ -336,6 +341,22 @@ public final class BouncyCastleProvider extends Provider
     public static PublicKey getPublicKey(SubjectPublicKeyInfo publicKeyInfo)
         throws IOException
     {
+        // Android-added: BC KeyFactories have been removed, so load them the standard way
+        try {
+            return KeyFactory
+                .getInstance(
+                    publicKeyInfo.getAlgorithmId().getAlgorithm().getId())
+                .generatePublic(
+                    new X509EncodedKeySpec(publicKeyInfo.getEncoded()));
+        } catch (java.security.NoSuchAlgorithmException ex) {
+            // Maintaining compatibility with upstream logic: if appropriate algorithm not found
+            // ("converter" in Android-removed section) return null instead of throwing.
+            return null;
+        } catch (java.security.spec.InvalidKeySpecException ex) {
+            throw new IOException(ex);
+        }
+        // Android-removed: see above
+        /*
         AsymmetricKeyInfoConverter converter = getAsymmetricKeyInfoConverter(publicKeyInfo.getAlgorithm().getAlgorithm());
 
         if (converter == null)
@@ -344,11 +365,28 @@ public final class BouncyCastleProvider extends Provider
         }
 
         return converter.generatePublic(publicKeyInfo);
+        */
     }
 
     public static PrivateKey getPrivateKey(PrivateKeyInfo privateKeyInfo)
         throws IOException
     {
+        // Android-added: BC KeyFactories have been removed, so load them the standard way
+        try {
+            return KeyFactory
+                .getInstance(
+                    privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm().getId())
+                .generatePrivate(
+                    new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded()));
+        } catch (java.security.NoSuchAlgorithmException ex) {
+            // Maintaining compatibility with upstream logic: if appropriate algorithm not found
+            // ("converter" in Android-removed section) return null instead of throwing.
+            return null;
+        } catch (java.security.spec.InvalidKeySpecException ex) {
+            throw new IOException(ex);
+        }
+        // Android-removed: see above
+        /*
         AsymmetricKeyInfoConverter converter = getAsymmetricKeyInfoConverter(privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm());
 
         if (converter == null)
@@ -357,5 +395,6 @@ public final class BouncyCastleProvider extends Provider
         }
 
         return converter.generatePrivate(privateKeyInfo);
+        */
     }
 }