diff options
Diffstat (limited to 'bcprov/src/main/java/org')
87 files changed, 4732 insertions, 4694 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java index d883a732..0225e6e9 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java @@ -80,7 +80,7 @@ public class ASN1Boolean return (value != 0 ? TRUE : FALSE); } - // BEGIN android-added + // BEGIN Android-added: Unknown reason /** * return a ASN1Boolean from the passed in array. */ @@ -90,7 +90,7 @@ public class ASN1Boolean return (octets[0] != 0) ? TRUE : FALSE; } - // END android-added + // END Android-added: Unknown reason /** * return a Boolean from a tagged object. * @@ -117,9 +117,7 @@ public class ASN1Boolean } } - // BEGIN android-changed - protected ASN1Boolean( - // END android-changed + ASN1Boolean( byte[] value) { if (value.length != 1) @@ -145,10 +143,9 @@ public class ASN1Boolean * @deprecated use getInstance(boolean) method. * @param value true or false. */ - // BEGIN android-changed + // Android-changed: Reduce visibility to protected protected ASN1Boolean( boolean value) - // END android-changed { this.value = (value) ? TRUE_VALUE : FALSE_VALUE; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java index 0e2be644..6040676a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java @@ -3,6 +3,7 @@ package org.bouncycastle.asn1; import java.io.IOException; import java.text.ParseException; import java.text.SimpleDateFormat; +// Android-added: Localization support import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -110,10 +111,9 @@ public class ASN1GeneralizedTime public ASN1GeneralizedTime( Date time) { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US); - // END android-changed dateF.setTimeZone(new SimpleTimeZone(0, "Z")); @@ -131,11 +131,11 @@ public class ASN1GeneralizedTime Date time, Locale locale) { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale); + // BEGIN Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US); dateF.setCalendar(Calendar.getInstance(Locale.US)); - // END android-changed + // END Android-changed: Use localized version dateF.setTimeZone(new SimpleTimeZone(0, "Z")); @@ -260,17 +260,15 @@ public class ASN1GeneralizedTime { if (hasFractionalSeconds()) { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'"); dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'", Locale.US); - // END android-changed } else { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US); - // END android-changed } dateF.setTimeZone(new SimpleTimeZone(0, "Z")); @@ -280,17 +278,15 @@ public class ASN1GeneralizedTime d = this.getTime(); if (hasFractionalSeconds()) { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz"); dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz", Locale.US); - // END android-changed } else { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US); - // END android-changed } dateF.setTimeZone(new SimpleTimeZone(0, "Z")); @@ -299,17 +295,15 @@ public class ASN1GeneralizedTime { if (hasFractionalSeconds()) { - // BEGIN android-changed + // Android-changed: Use localized version // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS"); dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS", Locale.US); - // END android-changed } else { - // BEGIN android-changed - // Was: dateF = new SimpleDateFormat("yyyyMMddHHmmss"); + // Android-changed: Use localized version + // dateF = new SimpleDateFormat("yyyyMMddHHmmss"); dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); - // END android-changed } dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID())); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java index f1098e70..f39d1206 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java @@ -8,12 +8,6 @@ import java.io.IOException; public abstract class ASN1Null extends ASN1Primitive { - // BEGIN android-added - /*package*/ ASN1Null() - { - } - - // END android-added /** * Return an instance of ASN.1 NULL from the passed in object. * <p> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java index 50b8a491..bdfec4fd 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java @@ -155,13 +155,8 @@ public class ASN1ObjectIdentifier } } - // BEGIN android-changed - /* - * Intern the identifier so there aren't hundreds of duplicates - * (in practice). - */ + // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice. this.identifier = objId.toString().intern(); - // END android-changed this.body = Arrays.clone(bytes); } @@ -182,13 +177,8 @@ public class ASN1ObjectIdentifier throw new IllegalArgumentException("string " + identifier + " not an OID"); } - // BEGIN android-changed - /* - * Intern the identifier so there aren't hundreds of duplicates - * (in practice). - */ + // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice. this.identifier = identifier.intern(); - // END android-changed } /** diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java index 41ce8177..446af77f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java @@ -3,6 +3,7 @@ package org.bouncycastle.asn1; import java.io.IOException; import java.text.ParseException; import java.text.SimpleDateFormat; +// Android-added: Localization support import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -124,10 +125,9 @@ public class ASN1UTCTime public ASN1UTCTime( Date time) { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'"); SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US); - // END android-changed dateF.setTimeZone(new SimpleTimeZone(0,"Z")); @@ -145,11 +145,11 @@ public class ASN1UTCTime Date time, Locale locale) { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale); + // BEGIN Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale); SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US); dateF.setCalendar(Calendar.getInstance(locale)); - // END android-changed + // END Android-changed: Use localized version dateF.setTimeZone(new SimpleTimeZone(0,"Z")); @@ -172,10 +172,9 @@ public class ASN1UTCTime public Date getDate() throws ParseException { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz"); SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz", Locale.US); - // END android-changed return dateF.parse(getTime()); } @@ -190,10 +189,9 @@ public class ASN1UTCTime public Date getAdjustedDate() throws ParseException { - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US); - // END android-changed dateF.setTimeZone(new SimpleTimeZone(0, "Z")); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java index 7df2acf6..3a86b1d6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java @@ -15,9 +15,8 @@ public class DERNull /** * @deprecated use DERNull.INSTANCE */ - // BEGIN android-changed + // Android-changed: Reduce visibility to protected. protected DERNull() - // END android-changed { } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java b/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java index 59e96e86..1fc8ab09 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java @@ -8,9 +8,8 @@ import java.nio.channels.FileChannel; class StreamUtil { - // BEGIN android-removed + // Android-removed: Check max memory at runtime // private static final long MAX_MEMORY = Runtime.getRuntime().maxMemory(); - // END android-removed /** * Find out possible longest length... @@ -50,7 +49,7 @@ class StreamUtil } } - // BEGIN android-changed + // BEGIN Android-changed: Check max memory at runtime long maxMemory = Runtime.getRuntime().maxMemory(); if (maxMemory > Integer.MAX_VALUE) { @@ -58,7 +57,7 @@ class StreamUtil } return (int) maxMemory; - // END android-changed + // END Android-changed: Check max memory at runtime } static int calculateBodyLength( diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java index a4f3f3b2..f43f9fb7 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java @@ -72,23 +72,25 @@ public interface BCObjectIdentifiers */ public static final ASN1ObjectIdentifier bc_sig = bc.branch("2"); - // BEGIN android-removed - // /** - // * Sphincs-256 - // */ - // public static final ASN1ObjectIdentifier sphincs256 = bc_sig.branch("1"); - // public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512 = sphincs256.branch("1"); - // public static final ASN1ObjectIdentifier sphincs256_with_SHA512 = sphincs256.branch("2"); - // public static final ASN1ObjectIdentifier sphincs256_with_SHA3_512 = sphincs256.branch("3"); + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * Sphincs-256 + * + public static final ASN1ObjectIdentifier sphincs256 = bc_sig.branch("1"); + public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512 = sphincs256.branch("1"); + public static final ASN1ObjectIdentifier sphincs256_with_SHA512 = sphincs256.branch("2"); + public static final ASN1ObjectIdentifier sphincs256_with_SHA3_512 = sphincs256.branch("3"); - // /** - // * key_exchange(3) algorithms - // */ - // public static final ASN1ObjectIdentifier bc_exch = bc.branch("3"); + /** + * key_exchange(3) algorithms + * + public static final ASN1ObjectIdentifier bc_exch = bc.branch("3"); - // /** - // * NewHope - // */ - // public static final ASN1ObjectIdentifier newHope = bc_exch.branch("1"); - // END android-removed + /** + * NewHope + * + public static final ASN1ObjectIdentifier newHope = bc_exch.branch("1"); + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java index 1592c755..2e8e0392 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfo.java @@ -28,9 +28,7 @@ import org.bouncycastle.asn1.BERTaggedObject; */ public class ContentInfo extends ASN1Object - // BEGIN android-removed - // implements CMSObjectIdentifiers - // END android-removed + implements CMSObjectIdentifiers { private ASN1ObjectIdentifier contentType; private ASN1Encodable content; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java index ed9a6c03..a6f8d8fe 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java @@ -2,6 +2,7 @@ package org.bouncycastle.asn1.cms; import java.text.ParseException; import java.text.SimpleDateFormat; +// Android-added: Localization support import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -71,10 +72,9 @@ public class Time Date time) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); - // END android-changed dateF.setTimeZone(tz); @@ -105,11 +105,11 @@ public class Time Locale locale) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); + // BEGIN Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); dateF.setCalendar(Calendar.getInstance(locale)); - // END android-changed + // END Android-changed: Use localized version dateF.setTimeZone(tz); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java index 75df2aa7..48d03209 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java @@ -13,12 +13,14 @@ public interface PKCSObjectIdentifiers static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); /** PKCS#1: 1.2.840.113549.1.1.1 */ static final ASN1ObjectIdentifier rsaEncryption = pkcs_1.branch("1"); - // BEGIN android-removed - // /** PKCS#1: 1.2.840.113549.1.1.2 */ - // static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); - // /** PKCS#1: 1.2.840.113549.1.1.3 */ - // static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); - // END android-removed + // BEGIN Android-removed: MD2 and MD4 are unsupported + /* + /** PKCS#1: 1.2.840.113549.1.1.2 * + static final ASN1ObjectIdentifier md2WithRSAEncryption = pkcs_1.branch("2"); + /** PKCS#1: 1.2.840.113549.1.1.3 * + static final ASN1ObjectIdentifier md4WithRSAEncryption = pkcs_1.branch("3"); + */ + // END Android-removed: MD2 and MD4 are unsupported /** PKCS#1: 1.2.840.113549.1.1.4 */ static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); /** PKCS#1: 1.2.840.113549.1.1.5 */ diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java index 20f6ea3b..dcde3034 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java @@ -14,9 +14,9 @@ import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.crypto.Digest; -// BEGIN android-changed +// Android-changed: Use Android digests +// import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed /** * The AuthorityKeyIdentifier object. @@ -108,9 +108,9 @@ public class AuthorityKeyIdentifier public AuthorityKeyIdentifier( SubjectPublicKeyInfo spki) { - // BEGIN android-changed + // Android-changed: Use Android digests + // Digest digest = new SHA1Digest(); Digest digest = AndroidDigestFactory.getSHA1(); - // END android-changed byte[] resBuf = new byte[digest.getDigestSize()]; byte[] bytes = spki.getPublicKeyData().getBytes(); @@ -129,9 +129,9 @@ public class AuthorityKeyIdentifier GeneralNames name, BigInteger serialNumber) { - // BEGIN android-changed + // Android-changed: Use Android digests + // Digest digest = new SHA1Digest(); Digest digest = AndroidDigestFactory.getSHA1(); - // END android-changed byte[] resBuf = new byte[digest.getDigestSize()]; byte[] bytes = spki.getPublicKeyData().getBytes(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java index 989de4c9..a99dddfc 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java @@ -2,6 +2,7 @@ package org.bouncycastle.asn1.x509; import java.text.ParseException; import java.text.SimpleDateFormat; +// Android-added: Localization support import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -52,10 +53,9 @@ public class Time Date time) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); + // Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); - // END android-changed dateF.setTimeZone(tz); @@ -86,8 +86,8 @@ public class Time Locale locale) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); - // BEGIN android-changed - // Was: SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); + // BEGIN Android-changed: Use localized version + // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US); dateF.setCalendar(Calendar.getInstance(locale)); // END android-changed diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java index 0c372f7f..fafb68ff 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java @@ -255,10 +255,10 @@ public class X509Name */ public static final Hashtable SymbolLookUp = DefaultLookUp; - // BEGIN android-changed + // BEGIN Android-changed: Use Boolean class constants instead of Boolean constructor private static final Boolean TRUE = Boolean.TRUE; private static final Boolean FALSE = Boolean.FALSE; - // END android-changed + // END Android-changed: Use Boolean class constants instead of Boolean constructor static { @@ -448,9 +448,7 @@ public class X509Name throw new IllegalArgumentException("cannot encode value"); } } - // BEGIN android-changed - added.addElement(Boolean.valueOf(i != 0)); - // END android-changed + added.addElement((i != 0) ? TRUE : FALSE); // to allow earlier JDK compatibility } } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java index 454f3227..b1b14163 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java @@ -78,8 +78,10 @@ public class X509NameTokenizer } else { - // BEGIN android-added - // copied from a newer version of BouncyCastle + // BEGIN Android-added: Unknown reason + // This was previously marked with the comment "copied from a newer version + // of BouncyCastle", but I couldn't find any evidence that it ever was included + // in any version of BC if (c == '#' && buf.charAt(buf.length() - 1) == '=') { buf.append('\\'); @@ -88,7 +90,7 @@ public class X509NameTokenizer { buf.append('\\'); } - // END android-added + // END Android-added: Unknown reason buf.append(c); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java index 5abcca9f..0fc87379 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java @@ -4,15 +4,13 @@ import java.util.Enumeration; import java.util.Vector; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed +// Android-removed: Unsupported curves // import org.bouncycastle.asn1.anssi.ANSSINamedCurves; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; -// END android-removed import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.sec.SECNamedCurves; -// BEGIN android-removed +// Android-removed: Unsupported curves // import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; -// END android-removed /** * A general class that reads all X9.62 style EC curve tables. @@ -41,17 +39,19 @@ public class ECNamedCurveTable ecP = NISTNamedCurves.getByName(name); } - // BEGIN android-removed - // if (ecP == null) - // { - // ecP = TeleTrusTNamedCurves.getByName(name); - // } - // - // if (ecP == null) - // { - // ecP = ANSSINamedCurves.getByName(name); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (ecP == null) + { + ecP = TeleTrusTNamedCurves.getByName(name); + } + + if (ecP == null) + { + ecP = ANSSINamedCurves.getByName(name); + } + */ + // END Android-removed: Unsupported curves return ecP; } @@ -77,17 +77,19 @@ public class ECNamedCurveTable oid = NISTNamedCurves.getOID(name); } - // BEGIN android-removed - // if (oid == null) - // { - // oid = TeleTrusTNamedCurves.getOID(name); - // } - // - // if (oid == null) - // { - // oid = ANSSINamedCurves.getOID(name); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (oid == null) + { + oid = TeleTrusTNamedCurves.getOID(name); + } + + if (oid == null) + { + oid = ANSSINamedCurves.getOID(name); + } + */ + // END Android-removed: Unsupported curves return oid; } @@ -109,24 +111,28 @@ public class ECNamedCurveTable name = SECNamedCurves.getName(oid); } - // BEGIN android-removed - // if (name == null) - // { - // name = TeleTrusTNamedCurves.getName(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (name == null) + { + name = TeleTrusTNamedCurves.getName(oid); + } + */ + // END Android-removed: Unsupported curves if (name == null) { name = X962NamedCurves.getName(oid); } - // BEGIN android-removed - // if (name == null) - // { - // name = ECGOST3410NamedCurves.getName(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (name == null) + { + name = ECGOST3410NamedCurves.getName(oid); + } + */ + // END Android-removed: Unsupported curves return name; } @@ -150,17 +156,19 @@ public class ECNamedCurveTable // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup - // BEGIN android-removed - // if (ecP == null) - // { - // ecP = TeleTrusTNamedCurves.getByOID(oid); - // } - // - // if (ecP == null) - // { - // ecP = ANSSINamedCurves.getByOID(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + if (ecP == null) + { + ecP = TeleTrusTNamedCurves.getByOID(oid); + } + + if (ecP == null) + { + ecP = ANSSINamedCurves.getByOID(oid); + } + */ + // END Android-removed: Unsupported curves return ecP; } @@ -177,10 +185,10 @@ public class ECNamedCurveTable addEnumeration(v, X962NamedCurves.getNames()); addEnumeration(v, SECNamedCurves.getNames()); addEnumeration(v, NISTNamedCurves.getNames()); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported curves // addEnumeration(v, TeleTrusTNamedCurves.getNames()); // addEnumeration(v, ANSSINamedCurves.getNames()); - // END android-removed + // END Android-removed: Unsupported curves return v.elements(); } diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java index e3c596d9..2c23bed1 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java @@ -64,110 +64,112 @@ public class CustomNamedCurves return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create(); } - // BEGIN android-removed - // /* - // * curve25519 - // */ - // static X9ECParametersHolder curve25519 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new Curve25519()); - // - // /* - // * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form - // * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). - // * - // * The Curve25519 paper doesn't say which of the two possible y values the base - // * point has. The choice here is guided by language in the Ed25519 paper. - // * - // * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) - // */ - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" - // + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); - // - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // - // /* - // * secp128r1 - // */ - // static X9ECParametersHolder secp128r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("000E0D4D696E6768756151750CC03A4473D03679"); - // ECCurve curve = configureCurve(new SecP128R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "161FF7528B899B2D0C28607CA52C5B86" - // + "CF5AC8395BAFEB13C02DA292DDED7A83")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // - // /* - // * secp160k1 - // */ - // static X9ECParametersHolder secp160k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // GLVTypeBParameters glv = new GLVTypeBParameters( - // new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16), - // new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16), - // new BigInteger[]{ - // new BigInteger("9162fbe73984472a0a9e", 16), - // new BigInteger("-96341f1138933bc2f505", 16) }, - // new BigInteger[]{ - // new BigInteger("127971af8721782ecffa3", 16), - // new BigInteger("9162fbe73984472a0a9e", 16) }, - // new BigInteger("9162fbe73984472a0a9d0590", 16), - // new BigInteger("96341f1138933bc2f503fd44", 16), - // 176); - // ECCurve curve = configureCurveGLV(new SecP160K1Curve(), glv); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB" - // + "938CF935318FDCED6BC28286531733C3F03C4FEE")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // - // /* - // * secp160r1 - // */ - // static X9ECParametersHolder secp160r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("1053CDE42C14D696E67687561517533BF3F83345"); - // ECCurve curve = configureCurve(new SecP160R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "4A96B5688EF573284664698968C38BB913CBFC82" - // + "23A628553168947D59DCC912042351377AC5FB32")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // - // /* - // * secp160r2 - // */ - // static X9ECParametersHolder secp160r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("B99B99B099B323E02709A4D696E6768756151751"); - // ECCurve curve = configureCurve(new SecP160R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "52DCB034293A117E1F4FF11B30F7199D3144CE6D" - // + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + /* + * curve25519 + * + static X9ECParametersHolder curve25519 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new Curve25519()); + + /* + * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form + * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). + * + * The Curve25519 paper doesn't say which of the two possible y values the base + * point has. The choice here is guided by language in the Ed25519 paper. + * + * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) + * + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A" + + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9")); + + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * secp128r1 + * + static X9ECParametersHolder secp128r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("000E0D4D696E6768756151750CC03A4473D03679"); + ECCurve curve = configureCurve(new SecP128R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "161FF7528B899B2D0C28607CA52C5B86" + + "CF5AC8395BAFEB13C02DA292DDED7A83")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * secp160k1 + * + static X9ECParametersHolder secp160k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + GLVTypeBParameters glv = new GLVTypeBParameters( + new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16), + new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16), + new BigInteger[]{ + new BigInteger("9162fbe73984472a0a9e", 16), + new BigInteger("-96341f1138933bc2f505", 16) }, + new BigInteger[]{ + new BigInteger("127971af8721782ecffa3", 16), + new BigInteger("9162fbe73984472a0a9e", 16) }, + new BigInteger("9162fbe73984472a0a9d0590", 16), + new BigInteger("96341f1138933bc2f503fd44", 16), + 176); + ECCurve curve = configureCurveGLV(new SecP160K1Curve(), glv); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB" + + "938CF935318FDCED6BC28286531733C3F03C4FEE")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * secp160r1 + * + static X9ECParametersHolder secp160r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("1053CDE42C14D696E67687561517533BF3F83345"); + ECCurve curve = configureCurve(new SecP160R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "4A96B5688EF573284664698968C38BB913CBFC82" + + "23A628553168947D59DCC912042351377AC5FB32")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * secp160r2 + * + static X9ECParametersHolder secp160r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("B99B99B099B323E02709A4D696E6768756151751"); + ECCurve curve = configureCurve(new SecP160R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "52DCB034293A117E1F4FF11B30F7199D3144CE6D" + + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + */ + // END Android-removed: Unsupported curves /* * secp192k1 @@ -333,295 +335,297 @@ public class CustomNamedCurves } }; - // BEGIN android-removed - // /* - // * sect113r1 - // */ - // static X9ECParametersHolder sect113r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("10E723AB14D696E6768756151756FEBF8FCB49A9"); - // ECCurve curve = configureCurve(new SecT113R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "009D73616F35F4AB1407D73562C10F" - // + "00A52830277958EE84D1315ED31886")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect113r2 - // */ - // static X9ECParametersHolder sect113r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("10C0FB15760860DEF1EEF4D696E676875615175D"); - // ECCurve curve = configureCurve(new SecT113R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "01A57A6A7B26CA5EF52FCDB8164797" - // + "00B3ADC94ED1FE674C06E695BABA1D")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect131r1 - // */ - // static X9ECParametersHolder sect131r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("4D696E676875615175985BD3ADBADA21B43A97E2"); - // ECCurve curve = configureCurve(new SecT131R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0081BAF91FDF9833C40F9C181343638399" - // + "078C6E7EA38C001F73C8134B1B4EF9E150")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect131r2 - // */ - // static X9ECParametersHolder sect131r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("985BD3ADBAD4D696E676875615175A21B43A97E3"); - // ECCurve curve = configureCurve(new SecT131R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0356DCD8F2F95031AD652D23951BB366A8" - // + "0648F06D867940A5366D9E265DE9EB240F")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect163k1 - // */ - // static X9ECParametersHolder sect163k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT163K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8" - // + "0289070FB05D38FF58321F2E800536D538CCDAA3D9")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect163r1 - // */ - // static X9ECParametersHolder sect163r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("24B7B137C8A14D696E6768756151756FD0DA2E5C"); - // ECCurve curve = configureCurve(new SecT163R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0369979697AB43897789566789567F787A7876A654" - // + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect163r2 - // */ - // static X9ECParametersHolder sect163r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("85E25BFE5C86226CDB12016F7553F9D0E693A268"); - // ECCurve curve = configureCurve(new SecT163R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "03F0EBA16286A2D57EA0991168D4994637E8343E36" - // + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect193r1 - // */ - // static X9ECParametersHolder sect193r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("103FAEC74D696E676875615175777FC5B191EF30"); - // ECCurve curve = configureCurve(new SecT193R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1" - // + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect193r2 - // */ - // static X9ECParametersHolder sect193r2 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("10B7B4D696E676875615175137C8A16FD0DA2211"); - // ECCurve curve = configureCurve(new SecT193R2Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F" - // + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect233k1 - // */ - // static X9ECParametersHolder sect233k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT233K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126" - // + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect233r1 - // */ - // static X9ECParametersHolder sect233r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3"); - // ECCurve curve = configureCurve(new SecT233R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B" - // + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect239k1 - // */ - // static X9ECParametersHolder sect239k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT239K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC" - // + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect283k1 - // */ - // static X9ECParametersHolder sect283k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT283K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836" - // + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect283r1 - // */ - // static X9ECParametersHolder sect283r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE"); - // ECCurve curve = configureCurve(new SecT283R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053" - // + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect409k1 - // */ - // static X9ECParametersHolder sect409k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT409K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746" - // + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect409r1 - // */ - // static X9ECParametersHolder sect409r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B"); - // ECCurve curve = configureCurve(new SecT409R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7" - // + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect571k1 - // */ - // static X9ECParametersHolder sect571k1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = null; - // ECCurve curve = configureCurve(new SecT571K1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972" - // + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - - // /* - // * sect571r1 - // */ - // static X9ECParametersHolder sect571r1 = new X9ECParametersHolder() - // { - // protected X9ECParameters createParameters() - // { - // byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310"); - // ECCurve curve = configureCurve(new SecT571R1Curve()); - // X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" - // + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19" - // + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B")); - // return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); - // } - // }; - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + /* + * sect113r1 + * + static X9ECParametersHolder sect113r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("10E723AB14D696E6768756151756FEBF8FCB49A9"); + ECCurve curve = configureCurve(new SecT113R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "009D73616F35F4AB1407D73562C10F" + + "00A52830277958EE84D1315ED31886")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect113r2 + * + static X9ECParametersHolder sect113r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("10C0FB15760860DEF1EEF4D696E676875615175D"); + ECCurve curve = configureCurve(new SecT113R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "01A57A6A7B26CA5EF52FCDB8164797" + + "00B3ADC94ED1FE674C06E695BABA1D")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect131r1 + * + static X9ECParametersHolder sect131r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("4D696E676875615175985BD3ADBADA21B43A97E2"); + ECCurve curve = configureCurve(new SecT131R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0081BAF91FDF9833C40F9C181343638399" + + "078C6E7EA38C001F73C8134B1B4EF9E150")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect131r2 + * + static X9ECParametersHolder sect131r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("985BD3ADBAD4D696E676875615175A21B43A97E3"); + ECCurve curve = configureCurve(new SecT131R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0356DCD8F2F95031AD652D23951BB366A8" + + "0648F06D867940A5366D9E265DE9EB240F")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect163k1 + * + static X9ECParametersHolder sect163k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT163K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8" + + "0289070FB05D38FF58321F2E800536D538CCDAA3D9")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect163r1 + * + static X9ECParametersHolder sect163r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("24B7B137C8A14D696E6768756151756FD0DA2E5C"); + ECCurve curve = configureCurve(new SecT163R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0369979697AB43897789566789567F787A7876A654" + + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect163r2 + * + static X9ECParametersHolder sect163r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("85E25BFE5C86226CDB12016F7553F9D0E693A268"); + ECCurve curve = configureCurve(new SecT163R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "03F0EBA16286A2D57EA0991168D4994637E8343E36" + + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect193r1 + * + static X9ECParametersHolder sect193r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("103FAEC74D696E676875615175777FC5B191EF30"); + ECCurve curve = configureCurve(new SecT193R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1" + + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect193r2 + * + static X9ECParametersHolder sect193r2 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("10B7B4D696E676875615175137C8A16FD0DA2211"); + ECCurve curve = configureCurve(new SecT193R2Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F" + + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect233k1 + * + static X9ECParametersHolder sect233k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT233K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126" + + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect233r1 + * + static X9ECParametersHolder sect233r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3"); + ECCurve curve = configureCurve(new SecT233R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B" + + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect239k1 + * + static X9ECParametersHolder sect239k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT239K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC" + + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect283k1 + * + static X9ECParametersHolder sect283k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT283K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836" + + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect283r1 + * + static X9ECParametersHolder sect283r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE"); + ECCurve curve = configureCurve(new SecT283R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053" + + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect409k1 + * + static X9ECParametersHolder sect409k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT409K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746" + + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect409r1 + * + static X9ECParametersHolder sect409r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B"); + ECCurve curve = configureCurve(new SecT409R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7" + + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect571k1 + * + static X9ECParametersHolder sect571k1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = null; + ECCurve curve = configureCurve(new SecT571K1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972" + + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + + /* + * sect571r1 + * + static X9ECParametersHolder sect571r1 = new X9ECParametersHolder() + { + protected X9ECParameters createParameters() + { + byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310"); + ECCurve curve = configureCurve(new SecT571R1Curve()); + X9ECPoint G = new X9ECPoint(curve, Hex.decode("04" + + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19" + + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B")); + return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S); + } + }; + */ + // END Android-removed: Unsupported curves static final Hashtable nameToCurve = new Hashtable(); @@ -662,21 +666,19 @@ public class CustomNamedCurves static { - // BEGIN android-removed - // defineCurve("curve25519", curve25519); - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + defineCurve("curve25519", curve25519); // defineCurveWithOID("secp112r1", SECObjectIdentifiers.secp112r1, secp112r1); // defineCurveWithOID("secp112r2", SECObjectIdentifiers.secp112r2, secp112r2); - // BEGIN android-removed - // defineCurveWithOID("secp128r1", SECObjectIdentifiers.secp128r1, secp128r1); - // END android-removed + defineCurveWithOID("secp128r1", SECObjectIdentifiers.secp128r1, secp128r1); // defineCurveWithOID("secp128r2", SECObjectIdentifiers.secp128r2, secp128r2); - // BEGIN android-removed - // defineCurveWithOID("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1); - // defineCurveWithOID("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1); - // defineCurveWithOID("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2); - // END android-removed + defineCurveWithOID("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1); + defineCurveWithOID("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1); + defineCurveWithOID("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2); + */ + // END Android-removed: Unsupported curves defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1); defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1); defineCurveWithOID("secp224k1", SECObjectIdentifiers.secp224k1, secp224k1); @@ -686,38 +688,40 @@ public class CustomNamedCurves defineCurveWithOID("secp384r1", SECObjectIdentifiers.secp384r1, secp384r1); defineCurveWithOID("secp521r1", SECObjectIdentifiers.secp521r1, secp521r1); - // BEGIN android-removed - // defineCurveWithOID("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1); - // defineCurveWithOID("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2); - // defineCurveWithOID("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1); - // defineCurveWithOID("sect131r2", SECObjectIdentifiers.sect131r2, sect131r2); - // defineCurveWithOID("sect163k1", SECObjectIdentifiers.sect163k1, sect163k1); - // defineCurveWithOID("sect163r1", SECObjectIdentifiers.sect163r1, sect163r1); - // defineCurveWithOID("sect163r2", SECObjectIdentifiers.sect163r2, sect163r2); - // defineCurveWithOID("sect193r1", SECObjectIdentifiers.sect193r1, sect193r1); - // defineCurveWithOID("sect193r2", SECObjectIdentifiers.sect193r2, sect193r2); - // defineCurveWithOID("sect233k1", SECObjectIdentifiers.sect233k1, sect233k1); - // defineCurveWithOID("sect233r1", SECObjectIdentifiers.sect233r1, sect233r1); - // defineCurveWithOID("sect239k1", SECObjectIdentifiers.sect239k1, sect239k1); - // defineCurveWithOID("sect283k1", SECObjectIdentifiers.sect283k1, sect283k1); - // defineCurveWithOID("sect283r1", SECObjectIdentifiers.sect283r1, sect283r1); - // defineCurveWithOID("sect409k1", SECObjectIdentifiers.sect409k1, sect409k1); - // defineCurveWithOID("sect409r1", SECObjectIdentifiers.sect409r1, sect409r1); - // defineCurveWithOID("sect571k1", SECObjectIdentifiers.sect571k1, sect571k1); - // defineCurveWithOID("sect571r1", SECObjectIdentifiers.sect571r1, sect571r1); - - // defineCurveAlias("B-163", SECObjectIdentifiers.sect163r2); - // defineCurveAlias("B-233", SECObjectIdentifiers.sect233r1); - // defineCurveAlias("B-283", SECObjectIdentifiers.sect283r1); - // defineCurveAlias("B-409", SECObjectIdentifiers.sect409r1); - // defineCurveAlias("B-571", SECObjectIdentifiers.sect571r1); - - // defineCurveAlias("K-163", SECObjectIdentifiers.sect163k1); - // defineCurveAlias("K-233", SECObjectIdentifiers.sect233k1); - // defineCurveAlias("K-283", SECObjectIdentifiers.sect283k1); - // defineCurveAlias("K-409", SECObjectIdentifiers.sect409k1); - // defineCurveAlias("K-571", SECObjectIdentifiers.sect571k1); - // END android-removed + // BEGIN Android-removed: Unsupported curves + /* + defineCurveWithOID("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1); + defineCurveWithOID("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2); + defineCurveWithOID("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1); + defineCurveWithOID("sect131r2", SECObjectIdentifiers.sect131r2, sect131r2); + defineCurveWithOID("sect163k1", SECObjectIdentifiers.sect163k1, sect163k1); + defineCurveWithOID("sect163r1", SECObjectIdentifiers.sect163r1, sect163r1); + defineCurveWithOID("sect163r2", SECObjectIdentifiers.sect163r2, sect163r2); + defineCurveWithOID("sect193r1", SECObjectIdentifiers.sect193r1, sect193r1); + defineCurveWithOID("sect193r2", SECObjectIdentifiers.sect193r2, sect193r2); + defineCurveWithOID("sect233k1", SECObjectIdentifiers.sect233k1, sect233k1); + defineCurveWithOID("sect233r1", SECObjectIdentifiers.sect233r1, sect233r1); + defineCurveWithOID("sect239k1", SECObjectIdentifiers.sect239k1, sect239k1); + defineCurveWithOID("sect283k1", SECObjectIdentifiers.sect283k1, sect283k1); + defineCurveWithOID("sect283r1", SECObjectIdentifiers.sect283r1, sect283r1); + defineCurveWithOID("sect409k1", SECObjectIdentifiers.sect409k1, sect409k1); + defineCurveWithOID("sect409r1", SECObjectIdentifiers.sect409r1, sect409r1); + defineCurveWithOID("sect571k1", SECObjectIdentifiers.sect571k1, sect571k1); + defineCurveWithOID("sect571r1", SECObjectIdentifiers.sect571r1, sect571r1); + + defineCurveAlias("B-163", SECObjectIdentifiers.sect163r2); + defineCurveAlias("B-233", SECObjectIdentifiers.sect233r1); + defineCurveAlias("B-283", SECObjectIdentifiers.sect283r1); + defineCurveAlias("B-409", SECObjectIdentifiers.sect409r1); + defineCurveAlias("B-571", SECObjectIdentifiers.sect571r1); + + defineCurveAlias("K-163", SECObjectIdentifiers.sect163k1); + defineCurveAlias("K-233", SECObjectIdentifiers.sect233k1); + defineCurveAlias("K-283", SECObjectIdentifiers.sect283k1); + defineCurveAlias("K-409", SECObjectIdentifiers.sect409k1); + defineCurveAlias("K-571", SECObjectIdentifiers.sect571k1); + */ + // END Android-removed: Unsupported curves defineCurveAlias("P-192", SECObjectIdentifiers.secp192r1); defineCurveAlias("P-224", SECObjectIdentifiers.secp224r1); diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java index b5505f43..8df10697 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java @@ -7,13 +7,10 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DataLengthException; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.InvalidCipherTextException; -// BEGIN android-changed -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-remnoved +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; /** @@ -32,10 +29,9 @@ public class OAEPEncoding public OAEPEncoding( AsymmetricBlockCipher cipher) { - // BEGIN android-changed - // Was: this(cipher, DigestFactory.createSHA1(), null); + // Android-changed: Use Android digests + // this(cipher, DigestFactory.createSHA1(), null); this(cipher, AndroidDigestFactory.getSHA1(), null); - // END android-changed } public OAEPEncoding( diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java index b36ae58c..e79557f4 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/PKCS1Encoding.java @@ -390,12 +390,6 @@ public class PKCS1Encoding { badType = (type != 1); } - // BEGIN android-added - if ((type == 1 && forPrivateKey) || (type == 2 && !forPrivateKey)) - { - throw new InvalidCipherTextException("invalid block type " + type); - } - // END android-added // // find and extract the message block. diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java index 7274bf94..652d8ac8 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java @@ -6,16 +6,13 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.InvalidCipherTextException; import org.bouncycastle.crypto.Wrapper; -// BEGIN android-changed -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; /** @@ -56,9 +53,9 @@ public class DESedeWrapEngine // // checksum digest // - // BEGIN android-changed + // Android-changed: Use Android digests + // Digest sha1 = DigestFactory.createSHA1(); Digest sha1 = AndroidDigestFactory.getSHA1(); - // END android-changed byte[] digest = new byte[20]; /** diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java index a0728b2c..1075f22e 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java @@ -3,17 +3,15 @@ package org.bouncycastle.crypto.generators; import java.math.BigInteger; import java.security.SecureRandom; -// BEGIN android-added +// Android-added: Log long-running operation import java.util.logging.Logger; -// END android-added import org.bouncycastle.math.ec.WNafUtil; import org.bouncycastle.util.BigIntegers; class DHParametersHelper { - // BEGIN android-added + // Android-added: Log long-running operation private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName()); - // END android-added private static final BigInteger ONE = BigInteger.valueOf(1); private static final BigInteger TWO = BigInteger.valueOf(2); @@ -25,20 +23,19 @@ class DHParametersHelper */ static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random) { - // BEGIN android-added + // BEGIN Android-added: Log long-running operation logger.info("Generating safe primes. This may take a long time."); long start = System.currentTimeMillis(); int tries = 0; - // END android-added + // END Android-added: Log long-running operation BigInteger p, q; int qLength = size - 1; int minWeight = size >>> 2; for (;;) { - // BEGIN android-added + // Android-added: Log long-running operation tries++; - // END android-added q = new BigInteger(qLength, 2, random); // p <- 2q + 1 @@ -67,11 +64,11 @@ class DHParametersHelper break; } - // BEGIN android-added + // BEGIN Android-added: Log long-running operation long end = System.currentTimeMillis(); long duration = end - start; logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms"); - // END android-added + // END Android-added: Log long-running operation return new BigInteger[] { p, q }; } diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java index cec79e03..961b367d 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java @@ -7,10 +7,9 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.params.DSAParameterGenerationParameters; import org.bouncycastle.crypto.params.DSAParameters; import org.bouncycastle.crypto.params.DSAValidationParameters; -// BEGIN android-changed -// Was: import org.bouncycastle.crypto.util.DigestFactory; +// Android-changed: Use Android digests +// import org.bouncycastle.crypto.util.DigestFactory; import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added import org.bouncycastle.util.Arrays; import org.bouncycastle.util.BigIntegers; import org.bouncycastle.util.encoders.Hex; @@ -34,9 +33,9 @@ public class DSAParametersGenerator public DSAParametersGenerator() { - // BEGIN android-changed + // Android-changed: Use Android digests + // this(DigestFactory.createSHA1()); this(AndroidDigestFactory.getSHA1()); - // END android-changed } public DSAParametersGenerator(Digest digest) @@ -131,9 +130,9 @@ public class DSAParametersGenerator int n = (L - 1) / 160; byte[] w = new byte[L / 8]; - // BEGIN android-changed + // Android-changed: Use Android digests + // if (!(digest instanceof SHA1Digest)) if (!(digest.getAlgorithmName().equals("SHA-1"))) - // END android-changed { throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters"); } diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java index e6ec53a0..3e850c11 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java @@ -3,13 +3,11 @@ package org.bouncycastle.crypto.generators; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.PBEParametersGenerator; -// BEGIN android-changed -import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; /** * Generator for PBE derived keys and ivs as usd by OpenSSL. @@ -21,9 +19,9 @@ import org.bouncycastle.crypto.params.ParametersWithIV; public class OpenSSLPBEParametersGenerator extends PBEParametersGenerator { - // BEGIN android-changed + // Android-changed: Use Android digests + // private Digest digest = DigestFactory.createMD5(); private Digest digest = AndroidDigestFactory.getMD5(); - // END android-changed /** * Construct a OpenSSL Parameters generator. diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java index 3089f8cc..c45c84f1 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java @@ -4,15 +4,12 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.Mac; import org.bouncycastle.crypto.PBEParametersGenerator; -// BEGIN android-changed -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; /** @@ -34,9 +31,9 @@ public class PKCS5S2ParametersGenerator */ public PKCS5S2ParametersGenerator() { - // BEGIN android-changed + // Android-changed: Use Android digests + // this(DigestFactory.createSHA1()); this(AndroidDigestFactory.getSHA1()); - // END android-changed } public PKCS5S2ParametersGenerator(Digest digest) diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java index 600a317f..5868262a 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java @@ -36,29 +36,29 @@ public class HMac { blockLengths = new Hashtable(); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // blockLengths.put("GOST3411", Integers.valueOf(32)); // // blockLengths.put("MD2", Integers.valueOf(16)); // blockLengths.put("MD4", Integers.valueOf(64)); - // END android-removed + // END Android-removed: Unsupported algorithms blockLengths.put("MD5", Integers.valueOf(64)); - - // BEGIN android-removed + + // BEGIN Android-removed: Unsupported algorithms // blockLengths.put("RIPEMD128", Integers.valueOf(64)); // blockLengths.put("RIPEMD160", Integers.valueOf(64)); - // END android-removed + // END Android-removed: Unsupported algorithms blockLengths.put("SHA-1", Integers.valueOf(64)); blockLengths.put("SHA-224", Integers.valueOf(64)); blockLengths.put("SHA-256", Integers.valueOf(64)); blockLengths.put("SHA-384", Integers.valueOf(128)); blockLengths.put("SHA-512", Integers.valueOf(128)); - - // BEGIN android-removed + + // BEGIN Android-removed: Unsupported algorithms // blockLengths.put("Tiger", Integers.valueOf(64)); // blockLengths.put("Whirlpool", Integers.valueOf(64)); - // END android-removed + // END Android-removed: Unsupported algorithms } private static int getByteLength( diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java index 1ba5ebb1..c6453a3b 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java @@ -24,11 +24,11 @@ public class GCMBlockCipher implements AEADBlockCipher { private static final int BLOCK_SIZE = 16; - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. // 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak // plaintext and authentication key private static final long MAX_INPUT_SIZE = 68719476704L; - // END android-added + // END Android-added: Max input size limitation from NIST. // not final due to a compiler bug private BlockCipher cipher; @@ -238,13 +238,13 @@ public class GCMBlockCipher return totalData < macSize ? 0 : totalData - macSize; } - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. /** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */ private long getTotalInputSizeAfterNewInput(int newInputLen) { return totalLength + newInputLen + bufOff; } - // END android-added + // END Android-added: Max input size limitation from NIST. public int getUpdateOutputSize(int len) { @@ -263,11 +263,11 @@ public class GCMBlockCipher public void processAADByte(byte in) { checkStatus(); - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) { throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); } - // END android-added + // END Android-added: Max input size limitation from NIST. atBlock[atBlockPos] = in; if (++atBlockPos == BLOCK_SIZE) { @@ -280,11 +280,11 @@ public class GCMBlockCipher public void processAADBytes(byte[] in, int inOff, int len) { - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) { throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); } - // END android-added + // END Android-added: Max input size limitation from NIST. for (int i = 0; i < len; ++i) { atBlock[atBlockPos] = in[inOff + i]; @@ -323,12 +323,12 @@ public class GCMBlockCipher throws DataLengthException { checkStatus(); - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) { throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); } - // END android-added - + // END Android-added: Max input size limitation from NIST. + bufBlock[bufOff] = in; if (++bufOff == bufBlock.length) { @@ -342,11 +342,11 @@ public class GCMBlockCipher throws DataLengthException { checkStatus(); - // BEGIN android-added + // BEGIN Android-added: Max input size limitation from NIST. if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) { throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes"); } - // END android-added + // END Android-added: Max input size limitation from NIST. if (in.length < (inOff + len)) { diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java index a8ef959c..45c8b57d 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java @@ -39,11 +39,11 @@ public class RSADigestSigner */ static { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128); // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160); // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256); - // END android-removed + // END Android-removed: Unsupported algorithms oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); @@ -53,10 +53,17 @@ public class RSADigestSigner oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224); oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256); - // BEGIN android-removed - // oidMap.put("MD2", PKCSObjectIdentifiers.md2); - // oidMap.put("MD4", PKCSObjectIdentifiers.md4); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + oidMap.put("SHA3-224", NISTObjectIdentifiers.id_sha3_224); + oidMap.put("SHA3-256", NISTObjectIdentifiers.id_sha3_256); + oidMap.put("SHA3-384", NISTObjectIdentifiers.id_sha3_384); + oidMap.put("SHA3-512", NISTObjectIdentifiers.id_sha3_512); + + oidMap.put("MD2", PKCSObjectIdentifiers.md2); + oidMap.put("MD4", PKCSObjectIdentifiers.md4); + */ + // END Android-removed: Unsupported algorithms oidMap.put("MD5", PKCSObjectIdentifiers.md5); } diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java index 0175aa17..911f1dae 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java @@ -9,9 +9,8 @@ import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.oiw.ElGamalParameter; -// END android-removed import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.DHParameter; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; @@ -33,10 +32,9 @@ import org.bouncycastle.crypto.params.DSAPrivateKeyParameters; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECNamedDomainParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.ElGamalParameters; // import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; -// END android-removed import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; /** @@ -102,16 +100,18 @@ public class PrivateKeyFactory return new DHPrivateKeyParameters(derX.getValue(), dhParams); } - // BEGIN android-removed - // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) - // { - // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); - // ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); - // - // return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( - // params.getP(), params.getG())); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) + { + ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); + ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); + + return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters( + params.getP(), params.getG())); + } + */ + // END Android-removed: Unsupported algorithms else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa)) { ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey(); diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java index 042c68ef..86028870 100644 --- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java @@ -11,9 +11,8 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.DEROctetString; -// BEGIN android-removed +// Android-removed: Unsupported algorithm // import org.bouncycastle.asn1.oiw.ElGamalParameter; -// END android-removed import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.DHParameter; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; @@ -40,10 +39,9 @@ import org.bouncycastle.crypto.params.DSAPublicKeyParameters; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECNamedDomainParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -// BEGIN android-removed +// Android-removed: Unsupported algorithm // import org.bouncycastle.crypto.params.ElGamalParameters; // import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; -// END android-removed import org.bouncycastle.crypto.params.RSAKeyParameters; /** @@ -137,16 +135,18 @@ public class PublicKeyFactory return new DHPublicKeyParameters(derY.getValue(), dhParams); } - // BEGIN android-removed - // else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) - // { - // ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); - // ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); - // - // return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( - // params.getP(), params.getG())); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + else if (algId.getAlgorithm().equals(OIWObjectIdentifiers.elGamalAlgorithm)) + { + ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters()); + ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey(); + + return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters( + params.getP(), params.getG())); + } + */ + // END Android-removed: Unsupported algorithm else if (algId.getAlgorithm().equals(X9ObjectIdentifiers.id_dsa) || algId.getAlgorithm().equals(OIWObjectIdentifiers.dsaWithSHA1)) { diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java index 579b9735..dcc963cc 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java @@ -36,10 +36,10 @@ public class DH provider.addAttributes("KeyAgreement.DH", generalDhAttributes); provider.addAlgorithm("KeyAgreement.DH", PREFIX + "KeyAgreementSpi"); provider.addAlgorithm("Alg.Alias.KeyAgreement.DIFFIEHELLMAN", "DH"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_ESDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF"); // provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_SSDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyFactory.DH", PREFIX + "KeyFactorySpi"); provider.addAlgorithm("Alg.Alias.KeyFactory.DIFFIEHELLMAN", "DH"); @@ -51,22 +51,19 @@ public class DH provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher.IES", PREFIX + "IESCipher$IES"); - // provider.addAlgorithm("Cipher.IESwithAES-CBC", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.IESWITHAES-CBC", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.IESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESede"); - // - // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); - // provider.addAlgorithm("Cipher.DHIESwithAES-CBC", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.DHIESWITHAES-CBC", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.DHIESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESede"); - // - // provider.addAlgorithm("Cipher.OLDDHIES", PREFIX + "IESCipher$OldIES"); - // provider.addAlgorithm("Cipher.OLDDHIESwithAES", PREFIX + "IESCipher$OldIESwithAES"); - // provider.addAlgorithm("Cipher.OLDDHIESWITHAES", PREFIX + "IESCipher$OldIESwithAES"); - // provider.addAlgorithm("Cipher.OLDDHIESWITHDESEDE", PREFIX + "IESCipher$OldIESwithDESede"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Cipher.IES", PREFIX + "IESCipher$IES"); + provider.addAlgorithm("Cipher.IESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC"); + provider.addAlgorithm("Cipher.IESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC"); + provider.addAlgorithm("Cipher.IESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESedeCBC"); + + provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); + provider.addAlgorithm("Cipher.DHIESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC"); + provider.addAlgorithm("Cipher.DHIESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC"); + provider.addAlgorithm("Cipher.DHIESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESedeCBC"); + */ + // END Android-removed: Unsupported algorithms registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi()); registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi()); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java index 70ae1203..44bf12ef 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java @@ -27,52 +27,52 @@ public class DSA provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); - // BEGIN android-changed + // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA + // provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); - // END android-changed + provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); + // END Android-changed: Change primary ID from DSA to SHA1withDSA provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); - // BEGIN android-removed - // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); - // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); - // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); - // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); - - // provider.addAlgorithm("Signature.DDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA1WITHDDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA224WITHDDSA", PREFIX + "DSASigner$detDSA224"); - // provider.addAlgorithm("Signature.SHA256WITHDDSA", PREFIX + "DSASigner$detDSA256"); - // provider.addAlgorithm("Signature.SHA384WITHDDSA", PREFIX + "DSASigner$detDSA384"); - // provider.addAlgorithm("Signature.SHA512WITHDDSA", PREFIX + "DSASigner$detDSA512"); - // provider.addAlgorithm("Signature.SHA3-224WITHDDSA", PREFIX + "DSASigner$detDSASha3_224"); - // provider.addAlgorithm("Signature.SHA3-256WITHDDSA", PREFIX + "DSASigner$detDSASha3_256"); - // provider.addAlgorithm("Signature.SHA3-384WITHDDSA", PREFIX + "DSASigner$detDSASha3_384"); - // provider.addAlgorithm("Signature.SHA3-512WITHDDSA", PREFIX + "DSASigner$detDSASha3_512"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); + provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); + provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); + provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); + + provider.addAlgorithm("Signature.DDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA1WITHDDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA224WITHDDSA", PREFIX + "DSASigner$detDSA224"); + provider.addAlgorithm("Signature.SHA256WITHDDSA", PREFIX + "DSASigner$detDSA256"); + provider.addAlgorithm("Signature.SHA384WITHDDSA", PREFIX + "DSASigner$detDSA384"); + provider.addAlgorithm("Signature.SHA512WITHDDSA", PREFIX + "DSASigner$detDSA512"); + provider.addAlgorithm("Signature.SHA3-224WITHDDSA", PREFIX + "DSASigner$detDSASha3_224"); + provider.addAlgorithm("Signature.SHA3-256WITHDDSA", PREFIX + "DSASigner$detDSASha3_256"); + provider.addAlgorithm("Signature.SHA3-384WITHDDSA", PREFIX + "DSASigner$detDSASha3_384"); + provider.addAlgorithm("Signature.SHA3-512WITHDDSA", PREFIX + "DSASigner$detDSASha3_512"); + */ + // END Android-removed: Unsupported algorithms addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); - // BEGIN android-removed - // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); - // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); - // END android-removed - - // BEGIN android-added - provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); - // END android-added - - // BEGIN android-removed - // addSignatureAlgorithm(provider, "SHA3-224", "DSA", PREFIX + "DSASigner$dsaSha3_224", NISTObjectIdentifiers.id_dsa_with_sha3_224); - // addSignatureAlgorithm(provider, "SHA3-256", "DSA", PREFIX + "DSASigner$dsaSha3_256", NISTObjectIdentifiers.id_dsa_with_sha3_256); - // addSignatureAlgorithm(provider, "SHA3-384", "DSA", PREFIX + "DSASigner$dsaSha3_384", NISTObjectIdentifiers.id_dsa_with_sha3_384); - // addSignatureAlgorithm(provider, "SHA3-512", "DSA", PREFIX + "DSASigner$dsaSha3_512", NISTObjectIdentifiers.id_dsa_with_sha3_512); - // END android-removed - - // BEGIN android-changed + // BEGIN Android-removed: Unsupported algorithms + /* + addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); + addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); + + addSignatureAlgorithm(provider, "SHA3-224", "DSA", PREFIX + "DSASigner$dsaSha3_224", NISTObjectIdentifiers.id_dsa_with_sha3_224); + addSignatureAlgorithm(provider, "SHA3-256", "DSA", PREFIX + "DSASigner$dsaSha3_256", NISTObjectIdentifiers.id_dsa_with_sha3_256); + addSignatureAlgorithm(provider, "SHA3-384", "DSA", PREFIX + "DSASigner$dsaSha3_384", NISTObjectIdentifiers.id_dsa_with_sha3_384); + addSignatureAlgorithm(provider, "SHA3-512", "DSA", PREFIX + "DSASigner$dsaSha3_512", NISTObjectIdentifiers.id_dsa_with_sha3_512); + */ + // END Android-removed: Unsupported algorithms + + // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); @@ -82,19 +82,19 @@ public class DSA provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); - // END android-changed + // END Android-changed: Change primary ID from DSA to SHA1withDSA - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); - // END android-removed + // END Android-removed: Unsupported algorithms AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); for (int i = 0; i != DSAUtil.dsaOids.length; i++) { - // BEGIN android-changed + // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); - // END android-changed + // END Android-changed: Change primary ID from DSA to SHA1withDSA registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); registerOidAlgorithmParameterGenerator(provider, DSAUtil.dsaOids[i], "DSA"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java index 1c49da9f..016b465f 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java @@ -3,20 +3,20 @@ package org.bouncycastle.jcajce.provider.asymmetric; import java.util.HashMap; import java.util.Map; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; // import org.bouncycastle.asn1.eac.EACObjectIdentifiers; // import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; // import org.bouncycastle.asn1.sec.SECObjectIdentifiers; // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.util.Properties; -// END android-removed +// END Android-removed: Unsupported algorithms public class EC { @@ -43,146 +43,144 @@ public class EC provider.addAttributes("KeyAgreement.ECDH", generalEcAttributes); provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); - // BEGIN android-removed - // provider.addAttributes("KeyAgreement.ECDHC", generalEcAttributes); - // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); - // provider.addAttributes("KeyAgreement.ECCDH", generalEcAttributes); - // provider.addAlgorithm("KeyAgreement.ECCDH", PREFIX + "KeyAgreementSpi$DHC"); - // - // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA1KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA224KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA224KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA256KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA256KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA384KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA384KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA512KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA512KDFAndSharedInfo"); - // - // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); - // - // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA1CKDF"); - // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA256CKDF"); - // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA384CKDF"); - // provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA512CKDF"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAttributes("KeyAgreement.ECDHC", generalEcAttributes); + provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); + provider.addAttributes("KeyAgreement.ECCDH", generalEcAttributes); + provider.addAlgorithm("KeyAgreement.ECCDH", PREFIX + "KeyAgreementSpi$DHC"); + + provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA1KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA224KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA224KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA256KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA256KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA384KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA384KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA512KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA512KDFAndSharedInfo"); + + provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); + + provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA1CKDF"); + provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA256CKDF"); + provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA384CKDF"); + provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA512CKDF"); + */ + // END Android-removed: Unsupported algorithms registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); - // BEGIN android-added - // We were having this one in 1.52. As of 1.54 this one is under - // if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv")) - // below - registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); - // END android-added - - // BEGIN android-removed - // registerOid(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC()); - // - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC()); - // - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC()); - // - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC()); - // - // END android-removed - // BEGIN android-removed - // // Android comment: the registrations in this block are causing CTS tests to fail - // // and don't seem to be implemented by bouncycastle (so looks like an bug in - // // bouncycastle). - // // TODO(20447540): check if this occurs in upstream bouncycastle and report accordingly - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); - // - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); - // END android-removed - // BEGIN android-removed - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC"); - // - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC"); - // - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC"); - // - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC"); - // - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC"); - // - // if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv")) - // { - // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); - // - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1CKDF"); - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224CKDF"); - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF"); - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF"); - // provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF"); - // - // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA224KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA256KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA384KDFAndSharedInfo"); - // provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA512KDFAndSharedInfo"); - // - // registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); - // - // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "EC"); - // - // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "EC"); - // - // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "EC"); - // - // registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "EC"); - // - // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); - // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); - // } - // END android-removed + + // BEGIN Android-removed: Unsupported algorithms + /* + registerOid(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + + registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC()); + + registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC()); + + registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC()); + + registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC()); + registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC()); + + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); + + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC"); + + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC"); + + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC"); + + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC"); + + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC"); + + if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv")) + { + provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); + + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1CKDF"); + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224CKDF"); + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF"); + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF"); + provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF"); + + provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA224KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA256KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA384KDFAndSharedInfo"); + provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA512KDFAndSharedInfo"); + + */ + // END Android-removed: Unsupported algorithms + registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); + // BEGIN Android-removed: Unsupported algorithms + /* + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); + + registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "EC"); + + registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "EC"); + + registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "EC"); + + registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "EC"); + + provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); + provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); + } + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); - // BEGIN android-removed - // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); - // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); - // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); + provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); + provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); - // BEGIN android-removed - // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); - // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); - // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // - // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); - // - // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); - // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); - // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); - // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); - // - // provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); - // END android-removed - - // BEGIN android-changed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); + provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); + provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); + provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); + provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); + + provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); + + provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); + provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); + provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); + provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); + + provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); + */ + // END Android-removed: Unsupported algorithms + + // BEGIN Android-changed: Change primary ID from ECDSA to SHA1withECDSA provider.addAlgorithm("Signature.SHA1withECDSA", PREFIX + "SignatureSpi$ecDSA"); provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); @@ -193,60 +191,64 @@ public class EC provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "SHA1withECDSA"); provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "SHA1withECDSA"); provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "SHA1withECDSA"); - // END android-changed - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); - // - // provider.addAlgorithm("Signature.ECDDSA", PREFIX + "SignatureSpi$ecDetDSA"); - // provider.addAlgorithm("Signature.SHA1WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA"); - // provider.addAlgorithm("Signature.SHA224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA224"); - // provider.addAlgorithm("Signature.SHA256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA256"); - // provider.addAlgorithm("Signature.SHA384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA384"); - // provider.addAlgorithm("Signature.SHA512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA512"); - // provider.addAlgorithm("Signature.SHA3-224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_224"); - // provider.addAlgorithm("Signature.SHA3-256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_256"); - // provider.addAlgorithm("Signature.SHA3-384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_384"); - // provider.addAlgorithm("Signature.SHA3-512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_512"); - - // provider.addAlgorithm("Alg.Alias.Signature.DETECDSA", "ECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDETECDSA", "SHA1WITHECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHDETECDSA", "SHA224WITHECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHDETECDSA", "SHA256WITHECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHDETECDSA", "SHA384WITHECDDSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHDETECDSA", "SHA512WITHECDDSA"); - // END android-removed + // END Android-changed: Change primary ID from ECDSA to SHA1withECDSA + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); + + provider.addAlgorithm("Signature.ECDDSA", PREFIX + "SignatureSpi$ecDetDSA"); + provider.addAlgorithm("Signature.SHA1WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA"); + provider.addAlgorithm("Signature.SHA224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA224"); + provider.addAlgorithm("Signature.SHA256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA256"); + provider.addAlgorithm("Signature.SHA384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA384"); + provider.addAlgorithm("Signature.SHA512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA512"); + provider.addAlgorithm("Signature.SHA3-224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_224"); + provider.addAlgorithm("Signature.SHA3-256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_256"); + provider.addAlgorithm("Signature.SHA3-384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_384"); + provider.addAlgorithm("Signature.SHA3-512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_512"); + + provider.addAlgorithm("Alg.Alias.Signature.DETECDSA", "ECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDETECDSA", "SHA1WITHECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHDETECDSA", "SHA224WITHECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHDETECDSA", "SHA256WITHECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHDETECDSA", "SHA384WITHECDDSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHDETECDSA", "SHA512WITHECDDSA"); + */ + // END Android-removed: Unsupported algorithms addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); - // BEGIN android-removed - // addSignatureAlgorithm(provider, "SHA3-224", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_224", NISTObjectIdentifiers.id_ecdsa_with_sha3_224); - // addSignatureAlgorithm(provider, "SHA3-256", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_256", NISTObjectIdentifiers.id_ecdsa_with_sha3_256); - // addSignatureAlgorithm(provider, "SHA3-384", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_384", NISTObjectIdentifiers.id_ecdsa_with_sha3_384); - // addSignatureAlgorithm(provider, "SHA3-512", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_512", NISTObjectIdentifiers.id_ecdsa_with_sha3_512); - // - // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); - // - // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); - // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); - // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); - // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); - // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); - // - // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); - // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); - // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); - // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); - // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); - // - // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); - // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); - // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); - // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); - // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); - // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + addSignatureAlgorithm(provider, "SHA3-224", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_224", NISTObjectIdentifiers.id_ecdsa_with_sha3_224); + addSignatureAlgorithm(provider, "SHA3-256", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_256", NISTObjectIdentifiers.id_ecdsa_with_sha3_256); + addSignatureAlgorithm(provider, "SHA3-384", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_384", NISTObjectIdentifiers.id_ecdsa_with_sha3_384); + addSignatureAlgorithm(provider, "SHA3-512", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_512", NISTObjectIdentifiers.id_ecdsa_with_sha3_512); + + addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); + + provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); + provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); + provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); + provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); + provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); + + addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); + addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); + addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); + addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); + addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); + + addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); + addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); + addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); + addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); + addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); + addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); + */ + // END Android-removed: Unsupported algorithms } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java index 86026ccd..4eb01a34 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java @@ -7,9 +7,8 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; @@ -40,48 +39,58 @@ public class RSA provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); - // - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); - // - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); + + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); + + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-224WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-256WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-384WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-512WITHRSAANDMGF1", "PSS"); + + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); + */ + // END Android-removed: Unsupported algorithms provider.addAttributes("Cipher.RSA", generalRsaAttributes); provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); - // BEGIN android-changed + // Android-changed: Use an alias for RSA/RAW instead of a concrete implementation provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); - // END android-changed - // BEGIN android-removed - // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.rsaEncryption, PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher", X509ObjectIdentifiers.id_ea_rsa, PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); - // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); - // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); - // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); - // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.rsaEncryption, PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher", X509ObjectIdentifiers.id_ea_rsa, PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); + provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); + provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); + provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); + provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); + provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); + provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); @@ -91,128 +100,145 @@ public class RSA registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); - // BEGIN android-removed - // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); - // - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); - // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); - // - // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // - // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); - // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); - // - // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); - // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); - // - // addPSSSignature(provider, "SHA224", PREFIX + "PSSSignatureSpi$SHA224withRSA"); - // addPSSSignature(provider, "SHA256", PREFIX + "PSSSignatureSpi$SHA256withRSA"); - // addPSSSignature(provider, "SHA384", PREFIX + "PSSSignatureSpi$SHA384withRSA"); - // addPSSSignature(provider, "SHA512", PREFIX + "PSSSignatureSpi$SHA512withRSA"); - // addPSSSignature(provider, "SHA512(224)", PREFIX + "PSSSignatureSpi$SHA512_224withRSA"); - // addPSSSignature(provider, "SHA512(256)", PREFIX + "PSSSignatureSpi$SHA512_256withRSA"); - // - // addPSSSignature(provider, "SHA3-224", PREFIX + "PSSSignatureSpi$SHA3_224withRSA"); - // addPSSSignature(provider, "SHA3-256", PREFIX + "PSSSignatureSpi$SHA3_256withRSA"); - // addPSSSignature(provider, "SHA3-384", PREFIX + "PSSSignatureSpi$SHA3_384withRSA"); - // addPSSSignature(provider, "SHA3-512", PREFIX + "PSSSignatureSpi$SHA3_512withRSA"); - // - // if (provider.hasAlgorithm("MessageDigest", "MD2")) - // { - // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); - // } - // - // if (provider.hasAlgorithm("MessageDigest", "MD4")) - // { - // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); + + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); + registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); + + provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); + provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); + provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); + + provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); + provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); + + provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); + provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); + + addPSSSignature(provider, "SHA224", PREFIX + "PSSSignatureSpi$SHA224withRSA"); + addPSSSignature(provider, "SHA256", PREFIX + "PSSSignatureSpi$SHA256withRSA"); + addPSSSignature(provider, "SHA384", PREFIX + "PSSSignatureSpi$SHA384withRSA"); + addPSSSignature(provider, "SHA512", PREFIX + "PSSSignatureSpi$SHA512withRSA"); + addPSSSignature(provider, "SHA512(224)", PREFIX + "PSSSignatureSpi$SHA512_224withRSA"); + addPSSSignature(provider, "SHA512(256)", PREFIX + "PSSSignatureSpi$SHA512_256withRSA"); + + addPSSSignature(provider, "SHA3-224", PREFIX + "PSSSignatureSpi$SHA3_224withRSA"); + addPSSSignature(provider, "SHA3-256", PREFIX + "PSSSignatureSpi$SHA3_256withRSA"); + addPSSSignature(provider, "SHA3-384", PREFIX + "PSSSignatureSpi$SHA3_384withRSA"); + addPSSSignature(provider, "SHA3-512", PREFIX + "PSSSignatureSpi$SHA3_512withRSA"); + + if (provider.hasAlgorithm("MessageDigest", "MD2")) + { + addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); + } + + if (provider.hasAlgorithm("MessageDigest", "MD4")) + { + addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); + } + */ + // END Android-removed: Unsupported algorithms if (provider.hasAlgorithm("MessageDigest", "MD5")) { addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // addISO9796Signature(provider, "MD5", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); - // END android-removed } if (provider.hasAlgorithm("MessageDigest", "SHA1")) { - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); - // - // addPSSSignature(provider, "SHA1", PREFIX + "PSSSignatureSpi$SHA1withRSA"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); + + addPSSSignature(provider, "SHA1", PREFIX + "PSSSignatureSpi$SHA1withRSA"); + */ + // END Android-removed: Unsupported algorithms addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // addISO9796Signature(provider, "SHA1", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); - // END android-removed provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // addX931Signature(provider, "SHA1", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); - // END android-removed } addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); addDigestSignature(provider, "SHA256", PREFIX + "DigestSignatureSpi$SHA256", PKCSObjectIdentifiers.sha256WithRSAEncryption); addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); - // BEGIN android-removed - // addDigestSignature(provider, "SHA512(224)", PREFIX + "DigestSignatureSpi$SHA512_224", PKCSObjectIdentifiers.sha512_224WithRSAEncryption); - // addDigestSignature(provider, "SHA512(256)", PREFIX + "DigestSignatureSpi$SHA512_256", PKCSObjectIdentifiers.sha512_256WithRSAEncryption); - // - // addDigestSignature(provider, "SHA3-224", PREFIX + "DigestSignatureSpi$SHA3_224", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224); - // addDigestSignature(provider, "SHA3-256", PREFIX + "DigestSignatureSpi$SHA3_256", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256); - // addDigestSignature(provider, "SHA3-384", PREFIX + "DigestSignatureSpi$SHA3_384", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384); - // addDigestSignature(provider, "SHA3-512", PREFIX + "DigestSignatureSpi$SHA3_512", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512); - // - // addISO9796Signature(provider, "SHA224", PREFIX + "ISOSignatureSpi$SHA224WithRSAEncryption"); - // addISO9796Signature(provider, "SHA256", PREFIX + "ISOSignatureSpi$SHA256WithRSAEncryption"); - // addISO9796Signature(provider, "SHA384", PREFIX + "ISOSignatureSpi$SHA384WithRSAEncryption"); - // addISO9796Signature(provider, "SHA512", PREFIX + "ISOSignatureSpi$SHA512WithRSAEncryption"); - // addISO9796Signature(provider, "SHA512(224)", PREFIX + "ISOSignatureSpi$SHA512_224WithRSAEncryption"); - // addISO9796Signature(provider, "SHA512(256)", PREFIX + "ISOSignatureSpi$SHA512_256WithRSAEncryption"); - // - // addX931Signature(provider, "SHA224", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); - // addX931Signature(provider, "SHA256", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); - // addX931Signature(provider, "SHA384", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); - // addX931Signature(provider, "SHA512", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); - // addX931Signature(provider, "SHA512(224)", PREFIX + "X931SignatureSpi$SHA512_224WithRSAEncryption"); - // addX931Signature(provider, "SHA512(256)", PREFIX + "X931SignatureSpi$SHA512_256WithRSAEncryption"); - // - // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) - // { - // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); - // - // addX931Signature(provider, "RMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); - // addX931Signature(provider, "RIPEMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); - // } - // - // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) - // { - // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); - // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); - // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); - // - // addX931Signature(provider, "RMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); - // addX931Signature(provider, "RIPEMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + addDigestSignature(provider, "SHA512(224)", PREFIX + "DigestSignatureSpi$SHA512_224", PKCSObjectIdentifiers.sha512_224WithRSAEncryption); + addDigestSignature(provider, "SHA512(256)", PREFIX + "DigestSignatureSpi$SHA512_256", PKCSObjectIdentifiers.sha512_256WithRSAEncryption); + + addDigestSignature(provider, "SHA3-224", PREFIX + "DigestSignatureSpi$SHA3_224", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224); + addDigestSignature(provider, "SHA3-256", PREFIX + "DigestSignatureSpi$SHA3_256", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256); + addDigestSignature(provider, "SHA3-384", PREFIX + "DigestSignatureSpi$SHA3_384", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384); + addDigestSignature(provider, "SHA3-512", PREFIX + "DigestSignatureSpi$SHA3_512", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512); + + addISO9796Signature(provider, "SHA224", PREFIX + "ISOSignatureSpi$SHA224WithRSAEncryption"); + addISO9796Signature(provider, "SHA256", PREFIX + "ISOSignatureSpi$SHA256WithRSAEncryption"); + addISO9796Signature(provider, "SHA384", PREFIX + "ISOSignatureSpi$SHA384WithRSAEncryption"); + addISO9796Signature(provider, "SHA512", PREFIX + "ISOSignatureSpi$SHA512WithRSAEncryption"); + addISO9796Signature(provider, "SHA512(224)", PREFIX + "ISOSignatureSpi$SHA512_224WithRSAEncryption"); + addISO9796Signature(provider, "SHA512(256)", PREFIX + "ISOSignatureSpi$SHA512_256WithRSAEncryption"); + + addX931Signature(provider, "SHA224", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); + addX931Signature(provider, "SHA256", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); + addX931Signature(provider, "SHA384", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); + addX931Signature(provider, "SHA512", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); + addX931Signature(provider, "SHA512(224)", PREFIX + "X931SignatureSpi$SHA512_224WithRSAEncryption"); + addX931Signature(provider, "SHA512(256)", PREFIX + "X931SignatureSpi$SHA512_256WithRSAEncryption"); + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) + { + addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); + addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); + + addX931Signature(provider, "RMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); + addX931Signature(provider, "RIPEMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); + } + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) + { + addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); + addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); + provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); + provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); + + addX931Signature(provider, "RMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); + addX931Signature(provider, "RIPEMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); + } + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) + { + addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); + } + + if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) + { + addISO9796Signature(provider, "Whirlpool", PREFIX + "ISOSignatureSpi$WhirlpoolWithRSAEncryption"); + addISO9796Signature(provider, "WHIRLPOOL", PREFIX + "ISOSignatureSpi$WhirlpoolWithRSAEncryption"); + addX931Signature(provider, "Whirlpool", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); + addX931Signature(provider, "WHIRLPOOL", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); + } + */ + // END Android-removed: Unsupported algorithms } private void addDigestSignature( diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java index a9fb6b21..12a9f6fd 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java @@ -18,10 +18,10 @@ public class X509 public void configure(ConfigurableProvider provider) { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); - // END android-removed + // END Android-removed: Unsupported algorithms // // certificate factories. diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java index f5e8d0ef..890674ed 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java @@ -16,10 +16,9 @@ import javax.crypto.spec.DHParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.crypto.DerivationFunction; -// BEGIN android-removed +// Android-removed: Unsupported algorithm // import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator; // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi; import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec; @@ -234,14 +233,16 @@ public class KeyAgreementSpi return bigIntToBytes(result); } - // BEGIN android-removed - // public static class DHwithRFC2631KDF - // extends KeyAgreementSpi - // { - // public DHwithRFC2631KDF() - // { - // super("DHwithRFC2631KDF", new DHKEKGenerator(DigestFactory.createSHA1())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + public static class DHwithRFC2631KDF + extends KeyAgreementSpi + { + public DHwithRFC2631KDF() + { + super("DHwithRFC2631KDF", new DHKEKGenerator(DigestFactory.createSHA1())); + } + } + */ + // END Android-removed: Unsupported algorithm } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java index 6374419f..0384b1c8 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java @@ -21,27 +21,15 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.digests.SHA224Digest; -// import org.bouncycastle.crypto.digests.SHA256Digest; -// import org.bouncycastle.crypto.digests.SHA384Digest; -// import org.bouncycastle.crypto.digests.SHA512Digest; -// END android-removed -// BEGIN android-added +// Android-added: Check DSA keys when generated import org.bouncycastle.crypto.params.DSAKeyParameters; import org.bouncycastle.crypto.params.DSAParameters; -// END android-added import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.params.ParametersWithRandom; +// Android-removed: Unsupported algorithm // import org.bouncycastle.crypto.signers.HMacDSAKCalculator; +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; public class DSASigner @@ -83,13 +71,11 @@ public class DSASigner PrivateKey privateKey) throws InvalidKeyException { - CipherParameters param; + CipherParameters param = DSAUtil.generatePrivateKeyParameter(privateKey); - param = DSAUtil.generatePrivateKeyParameter(privateKey); - // BEGIN android-added + // Android-added: Check DSA keys when generated DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters(); checkKey(dsaParam); - // END android-added if (random != null) { @@ -163,7 +149,7 @@ public class DSASigner throw new UnsupportedOperationException("engineSetParameter unsupported"); } - // BEGIN android-added + // BEGIN Android-added: Check DSA keys when generated protected void checkKey(DSAParameters params) throws InvalidKeyException { int valueL = params.getP().bitLength(); int valueN = params.getQ().bitLength(); @@ -184,7 +170,7 @@ public class DSASigner } } - // END android-added + // END Android-added: Check DSA keys when generated /** * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> */ @@ -238,171 +224,180 @@ public class DSASigner { public stdDSA() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed } } - // BEGIN android-removed - // static public class detDSA - // extends DSASigner - // { - // public detDSA() - // { - // super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1()))); - // } - // } + // BEGIN Android-removed: Unsupported algorithm + /* + static public class detDSA + extends DSASigner + { + public detDSA() + { + super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1()))); + } + } + */ + // END Android-removed: Unsupported algorithm static public class dsa224 extends DSASigner { public dsa224() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed } } - // BEGIN android-removed - // static public class detDSA224 - // extends DSASigner - // { - // public detDSA224() - // { - // super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224()))); - // } - // } + // BEGIN Android-removed: Unsupported algorithm + /* + static public class detDSA224 + extends DSASigner + { + public detDSA224() + { + super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224()))); + } + } + */ + // END Android-removed: Unsupported algorithm static public class dsa256 extends DSASigner { public dsa256() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed } } - // BEGIN android-removed - // static public class detDSA256 - // extends DSASigner - // { - // public detDSA256() - // { - // super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256()))); - // } - // } - // - // static public class dsa384 - // extends DSASigner - // { - // public dsa384() - // { - // super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSA384 - // extends DSASigner - // { - // public detDSA384() - // { - // super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384()))); - // } - // } - // - // static public class dsa512 - // extends DSASigner - // { - // public dsa512() - // { - // super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSA512 - // extends DSASigner - // { - // public detDSA512() - // { - // super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512()))); - // } - // } - // - // static public class dsaSha3_224 - // extends DSASigner - // { - // public dsaSha3_224() - // { - // super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSASha3_224 - // extends DSASigner - // { - // public detDSASha3_224() - // { - // super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224()))); - // } - // } - // - // static public class dsaSha3_256 - // extends DSASigner - // { - // public dsaSha3_256() - // { - // super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSASha3_256 - // extends DSASigner - // { - // public detDSASha3_256() - // { - // super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256()))); - // } - // } - // - // static public class dsaSha3_384 - // extends DSASigner - // { - // public dsaSha3_384() - // { - // super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSASha3_384 - // extends DSASigner - // { - // public detDSASha3_384() - // { - // super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384()))); - // } - // } - // - // static public class dsaSha3_512 - // extends DSASigner - // { - // public dsaSha3_512() - // { - // super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSASha3_512 - // extends DSASigner - // { - // public detDSASha3_512() - // { - // super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512()))); - // } - // } - // END android-removed + + // BEGIN Android-removed: Unsupported algorithms + /* + static public class detDSA256 + extends DSASigner + { + public detDSA256() + { + super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256()))); + } + } + + static public class dsa384 + extends DSASigner + { + public dsa384() + { + super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSA384 + extends DSASigner + { + public detDSA384() + { + super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384()))); + } + } + + static public class dsa512 + extends DSASigner + { + public dsa512() + { + super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSA512 + extends DSASigner + { + public detDSA512() + { + super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512()))); + } + } + + static public class dsaSha3_224 + extends DSASigner + { + public dsaSha3_224() + { + super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSASha3_224 + extends DSASigner + { + public detDSASha3_224() + { + super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224()))); + } + } + + static public class dsaSha3_256 + extends DSASigner + { + public dsaSha3_256() + { + super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSASha3_256 + extends DSASigner + { + public detDSASha3_256() + { + super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256()))); + } + } + + static public class dsaSha3_384 + extends DSASigner + { + public dsaSha3_384() + { + super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSASha3_384 + extends DSASigner + { + public detDSASha3_384() + { + super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384()))); + } + } + + static public class dsaSha3_512 + extends DSASigner + { + public dsaSha3_512() + { + super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSASha3_512 + extends DSASigner + { + public detDSASha3_512() + { + super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512()))); + } + } + */ + // END Android-removed: Unsupported algorithms static public class noneDSA extends DSASigner diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java index 10bac464..d768ae6d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java @@ -26,9 +26,8 @@ public class DSAUtil public static final ASN1ObjectIdentifier[] dsaOids = { X9ObjectIdentifiers.id_dsa, - // BEGIN android-added + // Android-added: Add missing OID for DSA-with-SHA1 X9ObjectIdentifiers.id_dsa_with_sha1, - // END android-added OIWObjectIdentifiers.dsaWithSHA1 }; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java index 6e1eda2d..dd286312 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java @@ -14,32 +14,32 @@ import org.bouncycastle.crypto.BasicAgreement; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DerivationFunction; import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; // import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; // import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator; // import org.bouncycastle.crypto.generators.KDF2BytesGenerator; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.MQVPrivateParameters; // import org.bouncycastle.crypto.params.MQVPublicParameters; // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.spec.MQVParameterSpec; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec; import org.bouncycastle.jce.interfaces.ECPrivateKey; import org.bouncycastle.jce.interfaces.ECPublicKey; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.jce.interfaces.MQVPrivateKey; // import org.bouncycastle.jce.interfaces.MQVPublicKey; -// END android-removed +// END Android-removed: Unsupported algorithms /** * Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363 @@ -57,9 +57,8 @@ public class KeyAgreementSpi private ECDomainParameters parameters; private BasicAgreement agreement; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // private MQVParameterSpec mqvParameters; - // END android-removed private BigInteger result; protected KeyAgreementSpi( @@ -95,31 +94,33 @@ public class KeyAgreementSpi } CipherParameters pubKey; - // BEGIN android-removed - // if (agreement instanceof ECMQVBasicAgreement) - // { - // if (!(key instanceof MQVPublicKey)) - // { - // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter((PublicKey)key); - // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvParameters.getOtherPartyEphemeralKey()); - // - // pubKey = new MQVPublicParameters(staticKey, ephemKey); - // } - // else - // { - // MQVPublicKey mqvPubKey = (MQVPublicKey)key; - // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvPubKey.getStaticKey()); - // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); - // - // pubKey = new MQVPublicParameters(staticKey, ephemKey); - // } - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (agreement instanceof ECMQVBasicAgreement) + { + if (!(key instanceof MQVPublicKey)) + { + ECPublicKeyParameters staticKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter((PublicKey)key); + ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvParameters.getOtherPartyEphemeralKey()); + + pubKey = new MQVPublicParameters(staticKey, ephemKey); + } + else + { + MQVPublicKey mqvPubKey = (MQVPublicKey)key; + ECPublicKeyParameters staticKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvPubKey.getStaticKey()); + ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); + + pubKey = new MQVPublicParameters(staticKey, ephemKey); + } + } + else + */ + // END Android-removed: Unsupported algorithms { if (!(key instanceof PublicKey)) { @@ -133,7 +134,9 @@ public class KeyAgreementSpi try { result = agreement.calculateAgreement(pubKey); - } catch (final Exception e) { + } + catch (final Exception e) + { throw new InvalidKeyException("calculation failed: " + e.getMessage()) { public Throwable getCause() @@ -142,6 +145,7 @@ public class KeyAgreementSpi } }; } + return null; } @@ -151,9 +155,9 @@ public class KeyAgreementSpi SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException { - // BEGIN android-changed + // Android-removed: Unsupported algorithms + // if (params != null && !(params instanceof MQVParameterSpec || params instanceof UserKeyingMaterialSpec)) if (params != null && !(params instanceof UserKeyingMaterialSpec)) - // END android-changed { throw new InvalidAlgorithmParameterException("No algorithm parameters supported"); } @@ -163,7 +167,7 @@ public class KeyAgreementSpi protected void engineInit( Key key, - SecureRandom random) + SecureRandom random) throws InvalidKeyException { initFromKey(key, null); @@ -172,62 +176,64 @@ public class KeyAgreementSpi private void initFromKey(Key key, AlgorithmParameterSpec parameterSpec) throws InvalidKeyException { - // BEGIN android-removed - // if (agreement instanceof ECMQVBasicAgreement) - // { - // mqvParameters = null; - // if (!(key instanceof MQVPrivateKey) && !(parameterSpec instanceof MQVParameterSpec)) - // { - // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " - // + getSimpleName(MQVParameterSpec.class) + " for initialisation"); - // } - // - // ECPrivateKeyParameters staticPrivKey; - // ECPrivateKeyParameters ephemPrivKey; - // ECPublicKeyParameters ephemPubKey; - // if (key instanceof MQVPrivateKey) - // { - // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; - // staticPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); - // ephemPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); - // - // ephemPubKey = null; - // if (mqvPrivKey.getEphemeralPublicKey() != null) - // { - // ephemPubKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); - // } - // } - // else - // { - // MQVParameterSpec mqvParameterSpec = (MQVParameterSpec)parameterSpec; - // - // staticPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter((PrivateKey)key); - // ephemPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter(mqvParameterSpec.getEphemeralPrivateKey()); - // - // ephemPubKey = null; - // if (mqvParameterSpec.getEphemeralPublicKey() != null) - // { - // ephemPubKey = (ECPublicKeyParameters) - // ECUtils.generatePublicKeyParameter(mqvParameterSpec.getEphemeralPublicKey()); - // } - // mqvParameters = mqvParameterSpec; - // ukmParameters = mqvParameterSpec.getUserKeyingMaterial(); - // } - // - // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); - // this.parameters = staticPrivKey.getParameters(); - // - // // TODO Validate that all the keys are using the same parameters? - // - // agreement.init(localParams); - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (agreement instanceof ECMQVBasicAgreement) + { + mqvParameters = null; + if (!(key instanceof MQVPrivateKey) && !(parameterSpec instanceof MQVParameterSpec)) + { + throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + + getSimpleName(MQVParameterSpec.class) + " for initialisation"); + } + + ECPrivateKeyParameters staticPrivKey; + ECPrivateKeyParameters ephemPrivKey; + ECPublicKeyParameters ephemPubKey; + if (key instanceof MQVPrivateKey) + { + MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; + staticPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); + ephemPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); + + ephemPubKey = null; + if (mqvPrivKey.getEphemeralPublicKey() != null) + { + ephemPubKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); + } + } + else + { + MQVParameterSpec mqvParameterSpec = (MQVParameterSpec)parameterSpec; + + staticPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter((PrivateKey)key); + ephemPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvParameterSpec.getEphemeralPrivateKey()); + + ephemPubKey = null; + if (mqvParameterSpec.getEphemeralPublicKey() != null) + { + ephemPubKey = (ECPublicKeyParameters) + ECUtils.generatePublicKeyParameter(mqvParameterSpec.getEphemeralPublicKey()); + } + mqvParameters = mqvParameterSpec; + ukmParameters = mqvParameterSpec.getUserKeyingMaterial(); + } + + MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); + this.parameters = staticPrivKey.getParameters(); + + // TODO Validate that all the keys are using the same parameters? + + agreement.init(localParams); + } + else + */ + // END Android-removed: Unsupported algorithms { if (!(key instanceof PrivateKey)) { @@ -264,248 +270,250 @@ public class KeyAgreementSpi } } - // BEGIN android-removed - // public static class DHC - // extends KeyAgreementSpi - // { - // public DHC() - // { - // super("ECDHC", new ECDHCBasicAgreement(), null); - // } - // } - - // public static class MQV - // extends KeyAgreementSpi - // { - // public MQV() - // { - // super("ECMQV", new ECMQVBasicAgreement(), null); - // } - // } - - // public static class DHwithSHA1KDF - // extends KeyAgreementSpi - // { - // public DHwithSHA1KDF() - // { - // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class DHwithSHA1KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA1KDFAndSharedInfo() - // { - // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class CDHwithSHA1KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA1KDFAndSharedInfo() - // { - // super("ECCDHwithSHA1KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class DHwithSHA224KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA224KDFAndSharedInfo() - // { - // super("ECDHwithSHA224KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); - // } - // } - - // public static class CDHwithSHA224KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA224KDFAndSharedInfo() - // { - // super("ECCDHwithSHA224KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); - // } - // } - - // public static class DHwithSHA256KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA256KDFAndSharedInfo() - // { - // super("ECDHwithSHA256KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class CDHwithSHA256KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA256KDFAndSharedInfo() - // { - // super("ECCDHwithSHA256KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class DHwithSHA384KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA384KDFAndSharedInfo() - // { - // super("ECDHwithSHA384KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class CDHwithSHA384KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA384KDFAndSharedInfo() - // { - // super("ECCDHwithSHA384KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class DHwithSHA512KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public DHwithSHA512KDFAndSharedInfo() - // { - // super("ECDHwithSHA512KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); - // } - // } - - // public static class CDHwithSHA512KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public CDHwithSHA512KDFAndSharedInfo() - // { - // super("ECCDHwithSHA512KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); - // } - // } - - // public static class MQVwithSHA1KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA1KDFAndSharedInfo() - // { - // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class MQVwithSHA224KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA224KDFAndSharedInfo() - // { - // super("ECMQVwithSHA224KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); - // } - // } - - // public static class MQVwithSHA256KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA256KDFAndSharedInfo() - // { - // super("ECMQVwithSHA256KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class MQVwithSHA384KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA384KDFAndSharedInfo() - // { - // super("ECMQVwithSHA384KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class MQVwithSHA512KDFAndSharedInfo - // extends KeyAgreementSpi - // { - // public MQVwithSHA512KDFAndSharedInfo() - // { - // super("ECMQVwithSHA512KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); - // } - // } - - // public static class DHwithSHA1CKDF - // extends KeyAgreementSpi - // { - // public DHwithSHA1CKDF() - // { - // super("ECDHwithSHA1CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class DHwithSHA256CKDF - // extends KeyAgreementSpi - // { - // public DHwithSHA256CKDF() - // { - // super("ECDHwithSHA256CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class DHwithSHA384CKDF - // extends KeyAgreementSpi - // { - // public DHwithSHA384CKDF() - // { - // super("ECDHwithSHA384CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class DHwithSHA512CKDF - // extends KeyAgreementSpi - // { - // public DHwithSHA512CKDF() - // { - // super("ECDHwithSHA512CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512())); - // } - // } - - // public static class MQVwithSHA1CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA1CKDF() - // { - // super("ECMQVwithSHA1CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1())); - // } - // } - - // public static class MQVwithSHA224CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA224CKDF() - // { - // super("ECMQVwithSHA224CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224())); - // } - // } - - // public static class MQVwithSHA256CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA256CKDF() - // { - // super("ECMQVwithSHA256CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256())); - // } - // } - - // public static class MQVwithSHA384CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA384CKDF() - // { - // super("ECMQVwithSHA384CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384())); - // } - // } - - // public static class MQVwithSHA512CKDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA512CKDF() - // { - // super("ECMQVwithSHA512CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class DHC + extends KeyAgreementSpi + { + public DHC() + { + super("ECDHC", new ECDHCBasicAgreement(), null); + } + } + + public static class MQV + extends KeyAgreementSpi + { + public MQV() + { + super("ECMQV", new ECMQVBasicAgreement(), null); + } + } + + public static class DHwithSHA1KDF + extends KeyAgreementSpi + { + public DHwithSHA1KDF() + { + super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); + } + } + + public static class DHwithSHA1KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA1KDFAndSharedInfo() + { + super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); + } + } + + public static class CDHwithSHA1KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA1KDFAndSharedInfo() + { + super("ECCDHwithSHA1KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); + } + } + + public static class DHwithSHA224KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA224KDFAndSharedInfo() + { + super("ECDHwithSHA224KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); + } + } + + public static class CDHwithSHA224KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA224KDFAndSharedInfo() + { + super("ECCDHwithSHA224KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); + } + } + + public static class DHwithSHA256KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA256KDFAndSharedInfo() + { + super("ECDHwithSHA256KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); + } + } + + public static class CDHwithSHA256KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA256KDFAndSharedInfo() + { + super("ECCDHwithSHA256KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); + } + } + + public static class DHwithSHA384KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA384KDFAndSharedInfo() + { + super("ECDHwithSHA384KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); + } + } + + public static class CDHwithSHA384KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA384KDFAndSharedInfo() + { + super("ECCDHwithSHA384KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); + } + } + + public static class DHwithSHA512KDFAndSharedInfo + extends KeyAgreementSpi + { + public DHwithSHA512KDFAndSharedInfo() + { + super("ECDHwithSHA512KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); + } + } + + public static class CDHwithSHA512KDFAndSharedInfo + extends KeyAgreementSpi + { + public CDHwithSHA512KDFAndSharedInfo() + { + super("ECCDHwithSHA512KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); + } + } + + public static class MQVwithSHA1KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA1KDFAndSharedInfo() + { + super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1())); + } + } + + public static class MQVwithSHA224KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA224KDFAndSharedInfo() + { + super("ECMQVwithSHA224KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224())); + } + } + + public static class MQVwithSHA256KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA256KDFAndSharedInfo() + { + super("ECMQVwithSHA256KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256())); + } + } + + public static class MQVwithSHA384KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA384KDFAndSharedInfo() + { + super("ECMQVwithSHA384KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384())); + } + } + + public static class MQVwithSHA512KDFAndSharedInfo + extends KeyAgreementSpi + { + public MQVwithSHA512KDFAndSharedInfo() + { + super("ECMQVwithSHA512KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512())); + } + } + + public static class DHwithSHA1CKDF + extends KeyAgreementSpi + { + public DHwithSHA1CKDF() + { + super("ECDHwithSHA1CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1())); + } + } + + public static class DHwithSHA256CKDF + extends KeyAgreementSpi + { + public DHwithSHA256CKDF() + { + super("ECDHwithSHA256CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256())); + } + } + + public static class DHwithSHA384CKDF + extends KeyAgreementSpi + { + public DHwithSHA384CKDF() + { + super("ECDHwithSHA384CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384())); + } + } + + public static class DHwithSHA512CKDF + extends KeyAgreementSpi + { + public DHwithSHA512CKDF() + { + super("ECDHwithSHA512CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512())); + } + } + + public static class MQVwithSHA1CKDF + extends KeyAgreementSpi + { + public MQVwithSHA1CKDF() + { + super("ECMQVwithSHA1CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1())); + } + } + + public static class MQVwithSHA224CKDF + extends KeyAgreementSpi + { + public MQVwithSHA224CKDF() + { + super("ECMQVwithSHA224CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224())); + } + } + + public static class MQVwithSHA256CKDF + extends KeyAgreementSpi + { + public MQVwithSHA256CKDF() + { + super("ECMQVwithSHA256CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256())); + } + } + + public static class MQVwithSHA384CKDF + extends KeyAgreementSpi + { + public MQVwithSHA384CKDF() + { + super("ECMQVwithSHA384CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384())); + } + } + + public static class MQVwithSHA512CKDF + extends KeyAgreementSpi + { + public MQVwithSHA512CKDF() + { + super("ECMQVwithSHA512CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512())); + } + } + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java index a749f114..431b6bd3 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java @@ -208,16 +208,18 @@ public class KeyFactorySpi } } - // BEGIN android-removed - // public static class ECGOST3410 - // extends KeyFactorySpi - // { - // public ECGOST3410() - // { - // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + public static class ECGOST3410 + extends KeyFactorySpi + { + public ECGOST3410() + { + super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); + } + } + */ + // END Android-removed: Unsupported algorithm public static class ECDH extends KeyFactorySpi diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java index 5f8a901e..794ca971 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java @@ -43,9 +43,10 @@ public abstract class KeyPairGeneratorSpi ECKeyGenerationParameters param; ECKeyPairGenerator engine = new ECKeyPairGenerator(); Object ecParams = null; - // BEGIN android-changed + // Android-changed: Use 256-bit keys by default. + // 239-bit keys (the Bouncy Castle default) are less widely-supported than 256-bit ones, + // so we've changed the default strength to 256 for increased compatibility int strength = 256; - // BEGIN android-changed int certainty = 50; SecureRandom random = new SecureRandom(); boolean initialised = false; @@ -87,13 +88,13 @@ public abstract class KeyPairGeneratorSpi SecureRandom random) { this.strength = strength; - // BEGIN android-added + // BEGIN Android-changed: Don't override this.random with null. + // Passing null just means to use a default random, which this.random is already + // initialized to, so just use that if (random != null) { - // END android-added - this.random = random; - // BEGIN android-added + this.random = random; } - // END android-added + // END Android-changed: Don't override this.random with null. ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); if (ecParams == null) @@ -116,11 +117,11 @@ public abstract class KeyPairGeneratorSpi SecureRandom random) throws InvalidAlgorithmParameterException { - // BEGIN android-added + // BEGIN Android-added: Use existing SecureRandom if none is provided. if (random == null) { random = this.random; } - // END android-added + // END Android-added: Use existing SecureRandom if none is provided. if (params == null) { ECParameterSpec implicitCA = configuration.getEcImplicitlyCa(); @@ -288,4 +289,4 @@ public abstract class KeyPairGeneratorSpi super("ECMQV", BouncyCastleProvider.CONFIGURATION); } } -} +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java index 46aeec7e..93f9d162 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java @@ -16,19 +16,18 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.digests.RIPEMD160Digest; -// END android-removed +// END Android-removed: Unsupported algorithms import org.bouncycastle.crypto.params.ParametersWithRandom; import org.bouncycastle.crypto.signers.ECDSASigner; -// BEGIN android-removed +// BEGIN Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.signers.ECNRSigner; // import org.bouncycastle.crypto.signers.HMacDSAKCalculator; +// END Android-removed: Unsupported algorithms +// BEGIN Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; @@ -74,22 +73,24 @@ public class SignatureSpi { public ecDSA() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA1(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed } } - // BEGIN android-removed - // static public class ecDetDSA - // extends SignatureSpi - // { - // public ecDetDSA() - // { - // super(DigestFactory.createSHA1(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())), new StdDSAEncoder()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + static public class ecDetDSA + extends SignatureSpi + { + public ecDetDSA() + { + super(DigestFactory.createSHA1(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())), new StdDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithm static public class ecDSAnone extends SignatureSpi @@ -105,267 +106,276 @@ public class SignatureSpi { public ecDSA224() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA224(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed } } - // BEGIN android-removed - // static public class ecDetDSA224 - // extends SignatureSpi - // { - // public ecDetDSA224() - // { - // super(DigestFactory.createSHA224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())), new StdDSAEncoder()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + static public class ecDetDSA224 + extends SignatureSpi + { + public ecDetDSA224() + { + super(DigestFactory.createSHA224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())), new StdDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithm static public class ecDSA256 extends SignatureSpi { public ecDSA256() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA256(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed } } - // BEGIN android-removed - // static public class ecDetDSA256 - // extends SignatureSpi - // { - // public ecDetDSA256() - // { - // super(DigestFactory.createSHA256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())), new StdDSAEncoder()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + static public class ecDetDSA256 + extends SignatureSpi + { + public ecDetDSA256() + { + super(DigestFactory.createSHA256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())), new StdDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithm static public class ecDSA384 extends SignatureSpi { public ecDSA384() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA384(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed } } - // BEGIN android-removed - // static public class ecDetDSA384 - // extends SignatureSpi - // { - // public ecDetDSA384() - // { - // super(DigestFactory.createSHA384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())), new StdDSAEncoder()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + static public class ecDetDSA384 + extends SignatureSpi + { + public ecDetDSA384() + { + super(DigestFactory.createSHA384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())), new StdDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithms + static public class ecDSA512 extends SignatureSpi { public ecDSA512() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(DigestFactory.createSHA512(), new ECDSASigner(), new StdDSAEncoder()); super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed - } - } - - // BEGIN android-removed - // static public class ecDetDSA512 - // extends SignatureSpi - // { - // public ecDetDSA512() - // { - // super(DigestFactory.createSHA512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSASha3_224 - // extends SignatureSpi - // { - // public ecDSASha3_224() - // { - // super(DigestFactory.createSHA3_224(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecDetDSASha3_224 - // extends SignatureSpi - // { - // public ecDetDSASha3_224() - // { - // super(DigestFactory.createSHA3_224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSASha3_256 - // extends SignatureSpi - // { - // public ecDSASha3_256() - // { - // super(DigestFactory.createSHA3_256(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecDetDSASha3_256 - // extends SignatureSpi - // { - // public ecDetDSASha3_256() - // { - // super(DigestFactory.createSHA3_256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSASha3_384 - // extends SignatureSpi - // { - // public ecDSASha3_384() - // { - // super(DigestFactory.createSHA3_384(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecDetDSASha3_384 - // extends SignatureSpi - // { - // public ecDetDSASha3_384() - // { - // super(DigestFactory.createSHA3_384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSASha3_512 - // extends SignatureSpi - // { - // public ecDSASha3_512() - // { - // super(DigestFactory.createSHA3_512(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecDetDSASha3_512 - // extends SignatureSpi - // { - // public ecDetDSASha3_512() - // { - // super(DigestFactory.createSHA3_512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())), new StdDSAEncoder()); - // } - // } - - // static public class ecDSARipeMD160 - // extends SignatureSpi - // { - // public ecDSARipeMD160() - // { - // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR - // extends SignatureSpi - // { - // public ecNR() - // { - // super(DigestFactory.createSHA1(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR224 - // extends SignatureSpi - // { - // public ecNR224() - // { - // super(DigestFactory.createSHA224(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR256 - // extends SignatureSpi - // { - // public ecNR256() - // { - // super(DigestFactory.createSHA256(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR384 - // extends SignatureSpi - // { - // public ecNR384() - // { - // super(DigestFactory.createSHA384(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecNR512 - // extends SignatureSpi - // { - // public ecNR512() - // { - // super(DigestFactory.createSHA512(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - - // static public class ecCVCDSA - // extends SignatureSpi - // { - // public ecCVCDSA() - // { - // super(DigestFactory.createSHA1(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecCVCDSA224 - // extends SignatureSpi - // { - // public ecCVCDSA224() - // { - // super(DigestFactory.createSHA224(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecCVCDSA256 - // extends SignatureSpi - // { - // public ecCVCDSA256() - // { - // super(DigestFactory.createSHA256(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecCVCDSA384 - // extends SignatureSpi - // { - // public ecCVCDSA384() - // { - // super(DigestFactory.createSHA384(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecCVCDSA512 - // extends SignatureSpi - // { - // public ecCVCDSA512() - // { - // super(DigestFactory.createSHA512(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - - // static public class ecPlainDSARP160 - // extends SignatureSpi - // { - // public ecPlainDSARP160() - // { - // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - // END android-removed + } + } + + // BEGIN Android-removed: Unsupported algorithms + /* + static public class ecDetDSA512 + extends SignatureSpi + { + public ecDetDSA512() + { + super(DigestFactory.createSHA512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())), new StdDSAEncoder()); + } + } + + static public class ecDSASha3_224 + extends SignatureSpi + { + public ecDSASha3_224() + { + super(DigestFactory.createSHA3_224(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSASha3_224 + extends SignatureSpi + { + public ecDetDSASha3_224() + { + super(DigestFactory.createSHA3_224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())), new StdDSAEncoder()); + } + } + + static public class ecDSASha3_256 + extends SignatureSpi + { + public ecDSASha3_256() + { + super(DigestFactory.createSHA3_256(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSASha3_256 + extends SignatureSpi + { + public ecDetDSASha3_256() + { + super(DigestFactory.createSHA3_256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())), new StdDSAEncoder()); + } + } + + static public class ecDSASha3_384 + extends SignatureSpi + { + public ecDSASha3_384() + { + super(DigestFactory.createSHA3_384(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSASha3_384 + extends SignatureSpi + { + public ecDetDSASha3_384() + { + super(DigestFactory.createSHA3_384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())), new StdDSAEncoder()); + } + } + + static public class ecDSASha3_512 + extends SignatureSpi + { + public ecDSASha3_512() + { + super(DigestFactory.createSHA3_512(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSASha3_512 + extends SignatureSpi + { + public ecDetDSASha3_512() + { + super(DigestFactory.createSHA3_512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())), new StdDSAEncoder()); + } + } + + static public class ecDSARipeMD160 + extends SignatureSpi + { + public ecDSARipeMD160() + { + super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecNR + extends SignatureSpi + { + public ecNR() + { + super(DigestFactory.createSHA1(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR224 + extends SignatureSpi + { + public ecNR224() + { + super(DigestFactory.createSHA224(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR256 + extends SignatureSpi + { + public ecNR256() + { + super(DigestFactory.createSHA256(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR384 + extends SignatureSpi + { + public ecNR384() + { + super(DigestFactory.createSHA384(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR512 + extends SignatureSpi + { + public ecNR512() + { + super(DigestFactory.createSHA512(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecCVCDSA + extends SignatureSpi + { + public ecCVCDSA() + { + super(DigestFactory.createSHA1(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA224 + extends SignatureSpi + { + public ecCVCDSA224() + { + super(DigestFactory.createSHA224(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA256 + extends SignatureSpi + { + public ecCVCDSA256() + { + super(DigestFactory.createSHA256(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA384 + extends SignatureSpi + { + public ecCVCDSA384() + { + super(DigestFactory.createSHA384(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA512 + extends SignatureSpi + { + public ecCVCDSA512() + { + super(DigestFactory.createSHA512(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecPlainDSARP160 + extends SignatureSpi + { + public ecPlainDSARP160() + { + super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + */ + // END Android-removed: Unsupported algorithms private static class StdDSAEncoder implements DSAEncoder @@ -406,68 +416,70 @@ public class SignatureSpi } } - // BEGIN android-removed - // private static class PlainDSAEncoder - // implements DSAEncoder - // { - // public byte[] encode( - // BigInteger r, - // BigInteger s) - // throws IOException - // { - // byte[] first = makeUnsigned(r); - // byte[] second = makeUnsigned(s); - // byte[] res; - // - // if (first.length > second.length) - // { - // res = new byte[first.length * 2]; - // } - // else - // { - // res = new byte[second.length * 2]; - // } - // - // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); - // System.arraycopy(second, 0, res, res.length - second.length, second.length); - // - // return res; - // } - // - // - // private byte[] makeUnsigned(BigInteger val) - // { - // byte[] res = val.toByteArray(); - // - // if (res[0] == 0) - // { - // byte[] tmp = new byte[res.length - 1]; - // - // System.arraycopy(res, 1, tmp, 0, tmp.length); - // - // return tmp; - // } - // - // return res; - // } - // - // public BigInteger[] decode( - // byte[] encoding) - // throws IOException - // { - // BigInteger[] sig = new BigInteger[2]; - // - // byte[] first = new byte[encoding.length / 2]; - // byte[] second = new byte[encoding.length / 2]; - // - // System.arraycopy(encoding, 0, first, 0, first.length); - // System.arraycopy(encoding, first.length, second, 0, second.length); - // - // sig[0] = new BigInteger(1, first); - // sig[1] = new BigInteger(1, second); - // - // return sig; - // } - // } - // END android-removed -} + // BEGIN Android-removed: Unsupported algorithms + /* + private static class PlainDSAEncoder + implements DSAEncoder + { + public byte[] encode( + BigInteger r, + BigInteger s) + throws IOException + { + byte[] first = makeUnsigned(r); + byte[] second = makeUnsigned(s); + byte[] res; + + if (first.length > second.length) + { + res = new byte[first.length * 2]; + } + else + { + res = new byte[second.length * 2]; + } + + System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); + System.arraycopy(second, 0, res, res.length - second.length, second.length); + + return res; + } + + + private byte[] makeUnsigned(BigInteger val) + { + byte[] res = val.toByteArray(); + + if (res[0] == 0) + { + byte[] tmp = new byte[res.length - 1]; + + System.arraycopy(res, 1, tmp, 0, tmp.length); + + return tmp; + } + + return res; + } + + public BigInteger[] decode( + byte[] encoding) + throws IOException + { + BigInteger[] sig = new BigInteger[2]; + + byte[] first = new byte[encoding.length / 2]; + byte[] second = new byte[encoding.length / 2]; + + System.arraycopy(encoding, 0, first, 0, first.length); + System.arraycopy(encoding, first.length, second, 0, second.length); + + sig[0] = new BigInteger(1, first); + sig[1] = new BigInteger(1, second); + + return sig; + } + } + */ + // END Android-removed: Unsupported algorithms +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java index c98b764c..5a3af046 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java @@ -26,9 +26,8 @@ import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.InvalidCipherTextException; -// BEGIN android-removed +// Android-removed: Unsupported algorithm // import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; -// END android-removed import org.bouncycastle.crypto.encodings.OAEPEncoding; import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; @@ -203,12 +202,12 @@ public class CipherSpi { cipher = new PKCS1Encoding(new RSABlindedEngine()); } - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithm // else if (pad.equals("ISO9796-1PADDING")) // { // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); // } - // END android-removed + // END Android-removed: Unsupported algorithm else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) { initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); @@ -237,27 +236,29 @@ public class CipherSpi { initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT)); } - // BEGIN android-removed - // else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING")) - // { - // initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT)); - // } - // else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING")) - // { - // initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT)); - // } - // else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING")) - // { - // initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT)); - // } - // else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING")) - // { - // initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT)); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT)); + } + */ + // END Android-removed: Unsupported algorithms else { - throw new NoSuchPaddingException(padding + " unavailable with RSA."); + throw new NoSuchPaddingException(padding + " unavailable with RSA."); } } @@ -562,50 +563,52 @@ public class CipherSpi } } - // BEGIN android-removed - // static public class PKCS1v1_5Padding - // extends CipherSpi - // { - // public PKCS1v1_5Padding() - // { - // super(new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class PKCS1v1_5Padding_PrivateOnly - // extends CipherSpi - // { - // public PKCS1v1_5Padding_PrivateOnly() - // { - // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class PKCS1v1_5Padding_PublicOnly - // extends CipherSpi - // { - // public PKCS1v1_5Padding_PublicOnly() - // { - // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class OAEPPadding - // extends CipherSpi - // { - // public OAEPPadding() - // { - // super(OAEPParameterSpec.DEFAULT); - // } - // } - // - // static public class ISO9796d1Padding - // extends CipherSpi - // { - // public ISO9796d1Padding() - // { - // super(new ISO9796d1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class PKCS1v1_5Padding + extends CipherSpi + { + public PKCS1v1_5Padding() + { + super(new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class PKCS1v1_5Padding_PrivateOnly + extends CipherSpi + { + public PKCS1v1_5Padding_PrivateOnly() + { + super(false, true, new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class PKCS1v1_5Padding_PublicOnly + extends CipherSpi + { + public PKCS1v1_5Padding_PublicOnly() + { + super(true, false, new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class OAEPPadding + extends CipherSpi + { + public OAEPPadding() + { + super(OAEPParameterSpec.DEFAULT); + } + } + + static public class ISO9796d1Padding + extends CipherSpi + { + public ISO9796d1Padding() + { + super(new ISO9796d1Encoding(new RSABlindedEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java index 1e4d854b..5c2f1df7 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java @@ -17,30 +17,25 @@ import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.DigestInfo; import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.digests.MD2Digest; // import org.bouncycastle.crypto.digests.MD4Digest; // import org.bouncycastle.crypto.digests.NullDigest; // import org.bouncycastle.crypto.digests.RIPEMD128Digest; // import org.bouncycastle.crypto.digests.RIPEMD160Digest; // import org.bouncycastle.crypto.digests.RIPEMD256Digest; -// END android-removed import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; -// BEGIN android-removed +// Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; import org.bouncycastle.util.Arrays; public class DigestSignatureSpi @@ -258,9 +253,9 @@ public class DigestSignatureSpi { public SHA1() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(OIWObjectIdentifiers.idSHA1, DigestFactory.createSHA1(), new PKCS1Encoding(new RSABlindedEngine())); super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } @@ -269,9 +264,9 @@ public class DigestSignatureSpi { public SHA224() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(NISTObjectIdentifiers.id_sha224, DigestFactory.createSHA224(), new PKCS1Encoding(new RSABlindedEngine())); super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } @@ -280,9 +275,9 @@ public class DigestSignatureSpi { public SHA256() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(NISTObjectIdentifiers.id_sha256, DigestFactory.createSHA256(), new PKCS1Encoding(new RSABlindedEngine())); super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } @@ -291,9 +286,9 @@ public class DigestSignatureSpi { public SHA384() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(NISTObjectIdentifiers.id_sha384, DigestFactory.createSHA384(), new PKCS1Encoding(new RSABlindedEngine())); super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } @@ -302,132 +297,136 @@ public class DigestSignatureSpi { public SHA512() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(NISTObjectIdentifiers.id_sha512, DigestFactory.createSHA512(), new PKCS1Encoding(new RSABlindedEngine())); super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } - // BEGIN android-removed - // static public class SHA512_224 - // extends DigestSignatureSpi - // { - // public SHA512_224() - // { - // super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA512_256 - // extends DigestSignatureSpi - // { - // public SHA512_256() - // { - // super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA3_224 - // extends DigestSignatureSpi - // { - // public SHA3_224() - // { - // super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA3_256 - // extends DigestSignatureSpi - // { - // public SHA3_256() - // { - // super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA3_384 - // extends DigestSignatureSpi - // { - // public SHA3_384() - // { - // super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class SHA3_512 - // extends DigestSignatureSpi - // { - // public SHA3_512() - // { - // super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class MD2 - // extends DigestSignatureSpi - // { - // public MD2() - // { - // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - - // static public class MD4 - // extends DigestSignatureSpi - // { - // public MD4() - // { - // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class SHA512_224 + extends DigestSignatureSpi + { + public SHA512_224() + { + super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA512_256 + extends DigestSignatureSpi + { + public SHA512_256() + { + super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA3_224 + extends DigestSignatureSpi + { + public SHA3_224() + { + super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA3_256 + extends DigestSignatureSpi + { + public SHA3_256() + { + super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA3_384 + extends DigestSignatureSpi + { + public SHA3_384() + { + super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class SHA3_512 + extends DigestSignatureSpi + { + public SHA3_512() + { + super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class MD2 + extends DigestSignatureSpi + { + public MD2() + { + super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class MD4 + extends DigestSignatureSpi + { + public MD4() + { + super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms static public class MD5 extends DigestSignatureSpi { public MD5() { - // BEGIN android-changed + // Android-changed: Use Android digests + // super(PKCSObjectIdentifiers.md5, DigestFactory.createMD5(), new PKCS1Encoding(new RSABlindedEngine())); super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed } } - // BEGIN android-removed - // static public class RIPEMD160 - // extends DigestSignatureSpi - // { - // public RIPEMD160() - // { - // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class RIPEMD128 - // extends DigestSignatureSpi - // { - // public RIPEMD128() - // { - // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class RIPEMD256 - // extends DigestSignatureSpi - // { - // public RIPEMD256() - // { - // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class noneRSA - // extends DigestSignatureSpi - // { - // public noneRSA() - // { - // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class RIPEMD160 + extends DigestSignatureSpi + { + public RIPEMD160() + { + super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class RIPEMD128 + extends DigestSignatureSpi + { + public RIPEMD128() + { + super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class RIPEMD256 + extends DigestSignatureSpi + { + public RIPEMD256() + { + super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class noneRSA + extends DigestSignatureSpi + { + public noneRSA() + { + super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java index 4c3089af..a2c96662 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java @@ -43,10 +43,9 @@ public class KeyPairGeneratorSpi SecureRandom random) { param = new RSAKeyGenerationParameters(defaultPublicExponent, - // BEGIN android-changed - // Was: random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength)); + // Android-changed: Replace null random with default implementation. + // random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength)); (random != null) ? random : new SecureRandom(), strength, PrimeCertaintyCalculator.getDefaultCertainty(strength)); - // END android-changed engine.init(param); } @@ -64,10 +63,9 @@ public class KeyPairGeneratorSpi param = new RSAKeyGenerationParameters( rsaParams.getPublicExponent(), - // BEGIN android-changed - // Was: random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048)); + // Android-changed: Replace null random with default implementation. + // random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048)); (random != null) ? random : new SecureRandom(), rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048)); - // END android-changed engine.init(param); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java index 2994e739..f285ac55 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java @@ -11,10 +11,9 @@ import javax.crypto.ShortBufferException; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers; import org.bouncycastle.asn1.misc.MiscObjectIdentifiers; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; @@ -22,10 +21,9 @@ import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.DerivationFunction; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; // import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator; -// END android-removed import org.bouncycastle.crypto.params.DESParameters; import org.bouncycastle.crypto.params.KDFParameters; import org.bouncycastle.util.Integers; @@ -122,9 +120,8 @@ public abstract class BaseAgreementSpi nameTable.put(KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.getId(), "SEED"); nameTable.put(KISAObjectIdentifiers.id_seedCBC.getId(), "SEED"); nameTable.put(KISAObjectIdentifiers.id_seedMAC.getId(), "SEED"); - // BEGIN android-removed + // Android-removed: Unsupported algorithm // nameTable.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), "GOST28147"); - // END android-removed nameTable.put(NISTObjectIdentifiers.id_aes128_wrap.getId(), "AES"); nameTable.put(NISTObjectIdentifiers.id_aes128_CCM.getId(), "AES"); @@ -163,12 +160,12 @@ public abstract class BaseAgreementSpi { return "AES"; } - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithm // if (algDetails.startsWith(GNUObjectIdentifiers.Serpent.getId())) // { // return "Serpent"; // } - // END android-removed + // END Android-removed: Unsupported algorithms String name = (String)nameTable.get(Strings.toUpperCase(algDetails)); @@ -261,6 +258,7 @@ public abstract class BaseAgreementSpi } int keySize = getKeySize(oidAlgorithm); + if (kdf != null) { if (keySize < 0) @@ -269,24 +267,26 @@ public abstract class BaseAgreementSpi } byte[] keyBytes = new byte[keySize / 8]; - // BEGIN android-removed - // if (kdf instanceof DHKEKGenerator) - // { - // ASN1ObjectIdentifier oid; - // try - // { - // oid = new ASN1ObjectIdentifier(oidAlgorithm); - // } - // catch (IllegalArgumentException e) - // { - // throw new NoSuchAlgorithmException("no OID for algorithm: " + oidAlgorithm); - // } - // DHKDFParameters params = new DHKDFParameters(oid, keySize, secret, ukmParameters); - - // kdf.init(params); - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithm + /* + if (kdf instanceof DHKEKGenerator) + { + ASN1ObjectIdentifier oid; + try + { + oid = new ASN1ObjectIdentifier(oidAlgorithm); + } + catch (IllegalArgumentException e) + { + throw new NoSuchAlgorithmException("no OID for algorithm: " + oidAlgorithm); + } + DHKDFParameters params = new DHKDFParameters(oid, keySize, secret, ukmParameters); + + kdf.init(params); + } + else + */ + // END Android-removed: Unsupported algorithm { KDFParameters params = new KDFParameters(secret, ukmParameters); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java index 602ca74c..961e2632 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java @@ -18,10 +18,9 @@ import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.RC2ParameterSpec; // import javax.crypto.spec.RC5ParameterSpec; -// END android-removed import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; @@ -41,10 +40,9 @@ public abstract class BaseCipherSpi { IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed + // Android-removed: Unsupported algorithms // RC2ParameterSpec.class, // RC5ParameterSpec.class - // END android-removed }; private final JcaJceHelper helper = new BCJcaJceHelper(); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java index 3b8a0a6a..d67974b8 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java @@ -47,14 +47,14 @@ public class EC5Util } } - // BEGIN android-removed + // BEGIN Android-removed: Unsupported curves // X9ECParameters c25519 = CustomNamedCurves.getByName("Curve25519"); // customCurves.put(new ECCurve.Fp( // c25519.getCurve().getField().getCharacteristic(), // c25519.getCurve().getA().toBigInteger(), - // c25519.getCurve().getB().toBigInteger()), c25519.getCurve()); - // END android-removed + // c25519.getCurve().getB().toBigInteger()), c25519.getCurve()); + // END Android-removed: Unsupported curves } public static ECCurve getCurve( diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java index cba154a7..39ff397c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java @@ -8,17 +8,15 @@ import java.util.Enumeration; import java.util.Map; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.anssi.ANSSINamedCurves; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; // import org.bouncycastle.asn1.gm.GMNamedCurves; -// END android-removed import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.asn1.sec.SECNamedCurves; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; -// END android-removed import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x9.ECNamedCurveTable; import org.bouncycastle.asn1.x9.X962NamedCurves; @@ -338,24 +336,26 @@ public class ECUtil { oid = NISTNamedCurves.getOID(name); } - // BEGIN android-removed - // if (oid == null) - // { - // oid = TeleTrusTNamedCurves.getOID(name); - // } - // if (oid == null) - // { - // oid = ECGOST3410NamedCurves.getOID(name); - // } - // if (oid == null) - // { - // oid = ANSSINamedCurves.getOID(name); - // } - // if (oid == null) - // { - // oid = GMNamedCurves.getOID(name); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (oid == null) + { + oid = TeleTrusTNamedCurves.getOID(name); + } + if (oid == null) + { + oid = ECGOST3410NamedCurves.getOID(name); + } + if (oid == null) + { + oid = ANSSINamedCurves.getOID(name); + } + if (oid == null) + { + oid = GMNamedCurves.getOID(name); + } + */ + // END Android-removed: Unsupported algorithms } return oid; @@ -398,16 +398,18 @@ public class ECUtil { params = NISTNamedCurves.getByOID(oid); } - // BEGIN android-removed - // if (params == null) - // { - // params = TeleTrusTNamedCurves.getByOID(oid); - // } - // if (params == null) - // { - // params = GMNamedCurves.getByOID(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (params == null) + { + params = TeleTrusTNamedCurves.getByOID(oid); + } + if (params == null) + { + params = GMNamedCurves.getByOID(oid); + } + */ + // END Android-removed: Unsupported algorithms } return params; @@ -429,16 +431,18 @@ public class ECUtil { params = NISTNamedCurves.getByName(curveName); } - // BEGIN android-removed - // if (params == null) - // { - // params = TeleTrusTNamedCurves.getByName(curveName); - // } - // if (params == null) - // { - // params = GMNamedCurves.getByName(curveName); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (params == null) + { + params = TeleTrusTNamedCurves.getByName(curveName); + } + if (params == null) + { + params = GMNamedCurves.getByName(curveName); + } + */ + // END Android-removed: Unsupported algorithms } return params; @@ -456,16 +460,18 @@ public class ECUtil { name = NISTNamedCurves.getName(oid); } - // BEGIN android-removed - // if (name == null) - // { - // name = TeleTrusTNamedCurves.getName(oid); - // } - // if (name == null) - // { - // name = ECGOST3410NamedCurves.getName(oid); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (name == null) + { + name = TeleTrusTNamedCurves.getName(oid); + } + if (name == null) + { + name = ECGOST3410NamedCurves.getName(oid); + } + */ + // END Android-removed: Unsupported algorithms } return name; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java index 58310c72..d5608b9e 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java @@ -4,9 +4,8 @@ import java.io.BufferedInputStream; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; -// BEGIN Android-added +// Android-added: Use PushbackInputStream import java.io.PushbackInputStream; -// END Android-added import java.security.cert.CRL; import java.security.cert.CRLException; import java.security.cert.CertPath; @@ -217,22 +216,21 @@ public class CertificateFactory } else { - // BEGIN android-changed - // Was: pis = new ByteArrayInputStream(Streams.readAll(in)); - // Reason: we want {@code in.available()} to return the number of available bytes if + // Android-changed: Use PushbackInputStream instead of ByteArrayInputStream. + // we want {@code in.available()} to return the number of available bytes if // there is trailing data (otherwise it breaks // libcore.java.security.cert.X509CertificateTest#test_Provider // ). Which is not possible if we read the whole stream at this point. + // // pis = new ByteArrayInputStream(Streams.readAll(in)); pis = new PushbackInputStream(in); - // END android-changed } - // BEGIN android-changed - // Was: pis.mark(1); + // BEGIN Android-changed: Use PushbackInputStream + // pis.mark(1); if (in.markSupported()) { pis.mark(1); } - // END android-changed + // END Android-changed: Use PushbackInputStream int tag = pis.read(); @@ -241,8 +239,8 @@ public class CertificateFactory return null; } - // BEGIN android-changdd - // Was: pis.reset + // BEGIN Android-changed: Use PushbackInputStream + // pis.reset if (in.markSupported()) { pis.reset(); } @@ -250,7 +248,7 @@ public class CertificateFactory { ((PushbackInputStream) pis).unread(tag); } - // END android-changed + // END Android-changed: Use PushbackInputStream if (tag != 0x30) // assume ascii PEM encoded. { @@ -276,19 +274,17 @@ public class CertificateFactory throws CertificateException { java.security.cert.Certificate cert; - // BEGIN android-removed - // BufferedInputStream in = new BufferedInputStream(inStream); - // Reason: we want {@code in.available()} to return the number of available bytes if + // Android-removed: Don't read entire stream immediately. + // we want {@code in.available()} to return the number of available bytes if // there is trailing data (otherwise it breaks // libcore.java.security.cert.X509CertificateTest#test_Provider // ). Which is not possible if we read the whole stream at this point. - // END android-removed + // BufferedInputStream in = new BufferedInputStream(inStream); List certs = new ArrayList(); - // BEGIN android-changed - // Was: while ((cert = engineGenerateCertificate(in)) != null) + // Android-changed: Read from original stream + // while ((cert = engineGenerateCertificate(in)) != null) while ((cert = engineGenerateCertificate(inStream)) != null) - // END android-changed { certs.add(cert); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java index 8bb4c3ab..b72de4cb 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java @@ -37,9 +37,8 @@ import org.bouncycastle.asn1.pkcs.SignedData; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; import org.bouncycastle.util.io.pem.PemObject; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.util.io.pem.PemWriter; -// END android-removed /** * CertPath implementation for X.509 certificates. @@ -56,9 +55,8 @@ public class PKIXCertPath { List encodings = new ArrayList(); encodings.add("PkiPath"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // encodings.add("PEM"); - // END android-removed encodings.add("PKCS7"); certPathEncodings = Collections.unmodifiableList(encodings); } @@ -305,29 +303,31 @@ public class PKIXCertPath return toDEREncoded(new ContentInfo( PKCSObjectIdentifiers.signedData, sd)); } - // BEGIN android-removed - // else if (encoding.equalsIgnoreCase("PEM")) - // { - // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); - // - // try - // { - // for (int i = 0; i != certificates.size(); i++) - // { - // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); - // } - // - // pWrt.close(); - // } - // catch (Exception e) - // { - // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); - // } - // - // return bOut.toByteArray(); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (encoding.equalsIgnoreCase("PEM")) + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); + + try + { + for (int i = 0; i != certificates.size(); i++) + { + pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); + } + + pWrt.close(); + } + catch (Exception e) + { + throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); + } + + return bOut.toByteArray(); + } + */ + // END Android-removed: Unsupported algorithms else { throw new CertificateEncodingException("unsupported encoding: " + encoding); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java index 51213d42..bfd7c254 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java @@ -56,9 +56,9 @@ import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.Extensions; import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.asn1.x509.KeyUsage; -// BEGIN android-added +// BEGIN Android-added: Unknown reason import org.bouncycastle.asn1.x509.X509Name; -// END android-added +// END Android-added: Unknown reason import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; import org.bouncycastle.jcajce.util.JcaJceHelper; import org.bouncycastle.jce.X509Principal; @@ -542,20 +542,19 @@ class X509CertificateObject } } - // BEGIN android-changed + // Android-added: Cache the encoded certificate private byte[] encoded; - // END android-changed public byte[] getEncoded() throws CertificateEncodingException { try { - // BEGIN android-changed + // BEGIN Android-changed: Cache the encoded certificate if (encoded == null) { encoded = c.getEncoded(ASN1Encoding.DER); } return encoded; - // END android-changed + // END Android-changed: Cache the encoded certificate } catch (IOException e) { @@ -879,9 +878,9 @@ class X509CertificateObject list.add(genName.getEncoded()); break; case GeneralName.directoryName: - // BEGIN android-changed + // Android-changed: Unknown reason + // list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); - // END android-changed break; case GeneralName.dNSName: case GeneralName.rfc822Name: diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java index 35e03189..17a5462a 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java @@ -5,12 +5,6 @@ import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.digests.SHA1Digest; -// BEGIN ANDROID-ADDED -import org.bouncycastle.crypto.digests.SHA224Digest; -import org.bouncycastle.crypto.digests.SHA256Digest; -import org.bouncycastle.crypto.digests.SHA384Digest; -import org.bouncycastle.crypto.digests.SHA512Digest; -// END ANDROID-ADDED import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java index e129db4d..af375c22 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java @@ -45,19 +45,21 @@ public class SHA256 } } - // BEGIN android-removed - // /** - // * PBEWithHmacSHA - // */ - // public static class PBEWithMacKeyFactory - // extends PBESecretKeyFactory - // { - // public PBEWithMacKeyFactory() - // { - // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * PBEWithHmacSHA + * + public static class PBEWithMacKeyFactory + extends PBESecretKeyFactory + { + public PBEWithMacKeyFactory() + { + super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); + } + } + */ + // END Android-removed: Unsupported algorithms /** * HMACSHA256 @@ -86,11 +88,11 @@ public class SHA256 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Mac.PBEWITHHMACSHA256", PREFIX + "$HashMac"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java index f2fb6d32..8bddcb23 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java @@ -5,9 +5,8 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.digests.SHA384Digest; import org.bouncycastle.crypto.macs.HMac; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.OldHMac; -// END android-removed import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -59,16 +58,18 @@ public class SHA384 } } - // BEGIN android-removed - // public static class OldSHA384 - // extends BaseMac - // { - // public OldSHA384() - // { - // super(new OldHMac(new SHA384Digest())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class OldSHA384 + extends BaseMac + { + public OldSHA384() + { + super(new OldHMac(new SHA384Digest())); + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends DigestAlgorithmProvider @@ -84,9 +85,8 @@ public class SHA384 provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest"); provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); - // END android-removed provider.addAlgorithm("Mac.PBEWITHHMACSHA384", PREFIX + "$HashMac"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java index 9433a817..589e26a3 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java @@ -4,13 +4,11 @@ import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.digests.SHA512Digest; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.digests.SHA512tDigest; -// END android-removed import org.bouncycastle.crypto.macs.HMac; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.OldHMac; -// END android-removed import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -41,44 +39,46 @@ public class SHA512 } } - // BEGIN android-removed - // static public class DigestT - // extends BCMessageDigest - // implements Cloneable - // { - // public DigestT(int bitLength) - // { - // super(new SHA512tDigest(bitLength)); - // } - // - // public Object clone() - // throws CloneNotSupportedException - // { - // DigestT d = (DigestT)super.clone(); - // d.digest = new SHA512tDigest((SHA512tDigest)digest); - // - // return d; - // } - // } - // - // static public class DigestT224 - // extends DigestT - // { - // public DigestT224() - // { - // super(224); - // } - // } - // - // static public class DigestT256 - // extends DigestT - // { - // public DigestT256() - // { - // super(256); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class DigestT + extends BCMessageDigest + implements Cloneable + { + public DigestT(int bitLength) + { + super(new SHA512tDigest(bitLength)); + } + + public Object clone() + throws CloneNotSupportedException + { + DigestT d = (DigestT)super.clone(); + d.digest = new SHA512tDigest((SHA512tDigest)digest); + + return d; + } + } + + static public class DigestT224 + extends DigestT + { + public DigestT224() + { + super(224); + } + } + + static public class DigestT256 + extends DigestT + { + public DigestT256() + { + super(256); + } + } + */ + // END Android-removed: Unsupported algorithms public static class HashMac extends BaseMac @@ -89,37 +89,39 @@ public class SHA512 } } - // BEGIN android-removed - // public static class HashMacT224 - // extends BaseMac - // { - // public HashMacT224() - // { - // super(new HMac(new SHA512tDigest(224))); - // } - // } - // - // public static class HashMacT256 - // extends BaseMac - // { - // public HashMacT256() - // { - // super(new HMac(new SHA512tDigest(256))); - // } - // } - // - // /** - // * SHA-512 HMac - // */ - // public static class OldSHA512 - // extends BaseMac - // { - // public OldSHA512() - // { - // super(new OldHMac(new SHA512Digest())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class HashMacT224 + extends BaseMac + { + public HashMacT224() + { + super(new HMac(new SHA512tDigest(224))); + } + } + + public static class HashMacT256 + extends BaseMac + { + public HashMacT256() + { + super(new HMac(new SHA512tDigest(256))); + } + } + + /** + * SHA-512 HMac + * + public static class OldSHA512 + extends BaseMac + { + public OldSHA512() + { + super(new OldHMac(new SHA512Digest())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * HMACSHA512 @@ -133,25 +135,27 @@ public class SHA512 } } - // BEGIN android-removed - // public static class KeyGeneratorT224 - // extends BaseKeyGenerator - // { - // public KeyGeneratorT224() - // { - // super("HMACSHA512/224", 224, new CipherKeyGenerator()); - // } - // } - // - // public static class KeyGeneratorT256 - // extends BaseKeyGenerator - // { - // public KeyGeneratorT256() - // { - // super("HMACSHA512/256", 256, new CipherKeyGenerator()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class KeyGeneratorT224 + extends BaseKeyGenerator + { + public KeyGeneratorT224() + { + super("HMACSHA512/224", 224, new CipherKeyGenerator()); + } + } + + public static class KeyGeneratorT256 + extends BaseKeyGenerator + { + public KeyGeneratorT256() + { + super("HMACSHA512/256", 256, new CipherKeyGenerator()); + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends DigestAlgorithmProvider @@ -168,27 +172,29 @@ public class SHA512 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512"); - // BEGIN android-removed - // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); - // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); - // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); - // - // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); - // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); - // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); - // - // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); + provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); + + provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); + provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); + + provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Mac.PBEWITHHMACSHA512", PREFIX + "$HashMac"); addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); - // END android-removed + // END Android-removed: Unsupported algorithms } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java index 9711426e..5bc0aa82 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java @@ -17,9 +17,8 @@ public class BC public void configure(ConfigurableProvider provider) { provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); - // END android-removed provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore"); provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle"); provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java index 1d4e1468..4dc856d9 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java @@ -17,16 +17,18 @@ public class PKCS12 public void configure(ConfigurableProvider provider) { provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // BEGIN android-removed - // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); - // - // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); - // - // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); + + provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); + + provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); + */ + // END Android-removed: Unsupported algorithms } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java index 106f75b2..de48b81f 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java @@ -64,10 +64,9 @@ import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DEROutputStream; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERSet; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; @@ -90,15 +89,13 @@ import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; import org.bouncycastle.crypto.Digest; -// BEGIN android-changed -// Was: import org.bouncycastle.crypto.digests.SHA1Digest +// Android-changed: Use Android digests +// import org.bouncycastle.crypto.util.DigestFactory; import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-changed import org.bouncycastle.jcajce.PKCS12Key; import org.bouncycastle.jcajce.PKCS12StoreParameter; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; -// END android-removed import org.bouncycastle.jcajce.spec.PBKDF2KeySpec; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; @@ -233,6 +230,8 @@ public class PKCS12KeyStoreSpi private static byte[] getDigest(SubjectPublicKeyInfo spki) { + // Android-changed: Use Android digests + // Digest digest = DigestFactory.createSHA1(); Digest digest = AndroidDigestFactory.getSHA1(); byte[] resBuf = new byte[digest.getDigestSize()]; @@ -758,15 +757,17 @@ public class PKCS12KeyStoreSpi { cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets())); } - // BEGIN android-removed - // else - // { - // // TODO: at the moment it's just GOST, but... - // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); - // - // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else + { + // TODO: at the moment it's just GOST, but... + GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); + + cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); + } + */ + // END Android-removed: Unsupported algorithms return cipher; } @@ -1718,33 +1719,36 @@ public class PKCS12KeyStoreSpi super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); } } - // BEGIN android-removed - // public static class BCPKCS12KeyStore3DES - // extends PKCS12KeyStoreSpi - // { - // public BCPKCS12KeyStore3DES() - // { - // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); - // } - // } - // - // public static class DefPKCS12KeyStore - // extends PKCS12KeyStoreSpi - // { - // public DefPKCS12KeyStore() - // { - // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); - // } - // } - // - // public static class DefPKCS12KeyStore3DES - // extends PKCS12KeyStoreSpi - // { - // public DefPKCS12KeyStore3DES() - // { - // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); - // } - // } + + // BEGIN Android-removed: Unsupported algorithms + /* + public static class BCPKCS12KeyStore3DES + extends PKCS12KeyStoreSpi + { + public BCPKCS12KeyStore3DES() + { + super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); + } + } + + public static class DefPKCS12KeyStore + extends PKCS12KeyStoreSpi + { + public DefPKCS12KeyStore() + { + super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); + } + } + + public static class DefPKCS12KeyStore3DES + extends PKCS12KeyStoreSpi + { + public DefPKCS12KeyStore3DES() + { + super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); + } + } + */ // END android-removed private static class IgnoresCaseHashtable @@ -1818,9 +1822,8 @@ public class PKCS12KeyStoreSpi keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192)); keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256)); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); - // END android-removed KEY_SIZES = Collections.unmodifiableMap(keySizes); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java index f118e5c8..e0669d2c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java @@ -1,13 +1,11 @@ package org.bouncycastle.jcajce.provider.symmetric; import java.io.IOException; -// BEGIN android-added +// BEGIN Android-added: Needed for setting mode with GCM import java.security.NoSuchAlgorithmException; -// END android-added -// BEGIN android-removed -// import java.security.AlgorithmParameters; -// import java.security.InvalidAlgorithmParameterException; -// END android-removed +// END Android-added: Needed for setting mode with GCM +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; import java.security.SecureRandom; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; @@ -16,13 +14,12 @@ import java.util.Map; import javax.crypto.spec.IvParameterSpec; -// BEGIN android-added +// BEGIN Android-added: Needed for setting padding with GCM import javax.crypto.NoSuchPaddingException; -// END android-added +// END Android-added: Needed for setting padding with GCM import org.bouncycastle.asn1.bc.BCObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cms.CCMParameters; -// END android-removed import org.bouncycastle.asn1.cms.GCMParameters; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.crypto.BlockCipher; @@ -34,32 +31,28 @@ import org.bouncycastle.crypto.InvalidCipherTextException; import org.bouncycastle.crypto.Mac; import org.bouncycastle.crypto.engines.AESEngine; import org.bouncycastle.crypto.engines.AESWrapEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.engines.AESWrapPadEngine; // import org.bouncycastle.crypto.engines.RFC3211WrapEngine; // import org.bouncycastle.crypto.engines.RFC5649WrapEngine; // import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; // import org.bouncycastle.crypto.macs.CMac; // import org.bouncycastle.crypto.macs.GMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.CCMBlockCipher; -// END android-removed import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.GCMBlockCipher; import org.bouncycastle.crypto.modes.OFBBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; @@ -130,7 +123,7 @@ public final class AES public GCM() { super(new GCMBlockCipher(new AESEngine())); - // BEGIN android-added + // BEGIN Android-added: Set mode and padding due to name change (see note in Mappings) try { engineSetMode("GCM"); engineSetPadding("NoPadding"); @@ -138,130 +131,132 @@ public final class AES // this should not be possible throw new RuntimeException("Could not set mode or padding for GCM mode", e); } - // END android-added + // END Android-added: Set mode and padding due to name change (see note in Mappings) } } - // BEGIN android-removed - // static public class CCM - // extends BaseBlockCipher - // { - // public CCM() - // { - // super(new CCMBlockCipher(new AESEngine()), false, 16); - // } - // } - - // public static class AESCMAC - // extends BaseMac - // { - // public AESCMAC() - // { - // super(new CMac(new AESEngine())); - // } - // } - - // public static class AESGMAC - // extends BaseMac - // { - // public AESGMAC() - // { - // super(new GMac(new GCMBlockCipher(new AESEngine()))); - // } - // } - - // public static class AESCCMMAC - // extends BaseMac - // { - // public AESCCMMAC() - // { - // super(new CCMMac()); - // } - - // private static class CCMMac - // implements Mac - // { - // private final CCMBlockCipher ccm = new CCMBlockCipher(new AESEngine()); - - // private int macLength = 8; - - // public void init(CipherParameters params) - // throws IllegalArgumentException - // { - // ccm.init(true, params); - - // this.macLength = ccm.getMac().length; - // } - - // public String getAlgorithmName() - // { - // return ccm.getAlgorithmName() + "Mac"; - // } - - // public int getMacSize() - // { - // return macLength; - // } - - // public void update(byte in) - // throws IllegalStateException - // { - // ccm.processAADByte(in); - // } - - // public void update(byte[] in, int inOff, int len) - // throws DataLengthException, IllegalStateException - // { - // ccm.processAADBytes(in, inOff, len); - // } - - // public int doFinal(byte[] out, int outOff) - // throws DataLengthException, IllegalStateException - // { - // try - // { - // return ccm.doFinal(out, 0); - // } - // catch (InvalidCipherTextException e) - // { - // throw new IllegalStateException("exception on doFinal(): " + e.toString()); - // } - // } - - // public void reset() - // { - // ccm.reset(); - // } - // } - // } - - // static public class KeyFactory - // extends BaseSecretKeyFactory - // { - // public KeyFactory() - // { - // super("AES", null); - // } - // } - - // public static class Poly1305 - // extends BaseMac - // { - // public Poly1305() - // { - // super(new org.bouncycastle.crypto.macs.Poly1305(new AESEngine())); - // } - // } - - // public static class Poly1305KeyGen - // extends BaseKeyGenerator - // { - // public Poly1305KeyGen() - // { - // super("Poly1305-AES", 256, new Poly1305KeyGenerator()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class CCM + extends BaseBlockCipher + { + public CCM() + { + super(new CCMBlockCipher(new AESEngine()), false, 16); + } + } + + public static class AESCMAC + extends BaseMac + { + public AESCMAC() + { + super(new CMac(new AESEngine())); + } + } + + public static class AESGMAC + extends BaseMac + { + public AESGMAC() + { + super(new GMac(new GCMBlockCipher(new AESEngine()))); + } + } + + public static class AESCCMMAC + extends BaseMac + { + public AESCCMMAC() + { + super(new CCMMac()); + } + + private static class CCMMac + implements Mac + { + private final CCMBlockCipher ccm = new CCMBlockCipher(new AESEngine()); + + private int macLength = 8; + + public void init(CipherParameters params) + throws IllegalArgumentException + { + ccm.init(true, params); + + this.macLength = ccm.getMac().length; + } + + public String getAlgorithmName() + { + return ccm.getAlgorithmName() + "Mac"; + } + + public int getMacSize() + { + return macLength; + } + + public void update(byte in) + throws IllegalStateException + { + ccm.processAADByte(in); + } + + public void update(byte[] in, int inOff, int len) + throws DataLengthException, IllegalStateException + { + ccm.processAADBytes(in, inOff, len); + } + + public int doFinal(byte[] out, int outOff) + throws DataLengthException, IllegalStateException + { + try + { + return ccm.doFinal(out, 0); + } + catch (InvalidCipherTextException e) + { + throw new IllegalStateException("exception on doFinal(): " + e.toString()); + } + } + + public void reset() + { + ccm.reset(); + } + } + } + + static public class KeyFactory + extends BaseSecretKeyFactory + { + public KeyFactory() + { + super("AES", null); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new AESEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-AES", 256, new Poly1305KeyGenerator()); + } + } + */ + // END Android-removed: Unsupported algorithms static public class Wrap extends BaseWrapCipher @@ -272,34 +267,36 @@ public final class AES } } - // BEGIN android-removed - // public static class WrapPad - // extends BaseWrapCipher - // { - // public WrapPad() - // { - // super(new AESWrapPadEngine()); - // } - // } - - // public static class RFC3211Wrap - // extends BaseWrapCipher - // { - // public RFC3211Wrap() - // { - // super(new RFC3211WrapEngine(new AESEngine()), 16); - // } - // } - - // public static class RFC5649Wrap - // extends BaseWrapCipher - // { - // public RFC5649Wrap() - // { - // super(new RFC5649WrapEngine(new AESEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class WrapPad + extends BaseWrapCipher + { + public WrapPad() + { + super(new AESWrapPadEngine()); + } + } + + public static class RFC3211Wrap + extends BaseWrapCipher + { + public RFC3211Wrap() + { + super(new RFC3211WrapEngine(new AESEngine()), 16); + } + } + + public static class RFC5649Wrap + extends BaseWrapCipher + { + public RFC5649Wrap() + { + super(new RFC5649WrapEngine(new AESEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithAES-CBC @@ -378,9 +375,12 @@ public final class AES { public KeyGen() { - // BEGIN android-changed + // Android-changed: Use 128-bit keys by default. + // Bouncy Castle defaults to 192-bit keys, which is the worst choice: worse security + // than 256-bit keys, slower than 128-bit keys, narrower support than either. + // Use 128-bit keys by default since they're faster and should still be plenty secure. + // this(192); this(128); - // END android-changed } public KeyGen(int keySize) @@ -389,34 +389,36 @@ public final class AES } } - // BEGIN android-removed - // public static class KeyGen128 - // extends KeyGen - // { - // public KeyGen128() - // { - // super(128); - // } - // } - // - // public static class KeyGen192 - // extends KeyGen - // { - // public KeyGen192() - // { - // super(192); - // } - // } - // - // public static class KeyGen256 - // extends KeyGen - // { - // public KeyGen256() - // { - // super(256); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class KeyGen128 + extends KeyGen + { + public KeyGen128() + { + super(128); + } + } + + public static class KeyGen192 + extends KeyGen + { + public KeyGen192() + { + super(192); + } + } + + public static class KeyGen256 + extends KeyGen + { + public KeyGen256() + { + super(256); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithSHA1And128BitAES-BC @@ -525,124 +527,126 @@ public final class AES super("PBEWithMD5And256BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 256, 128); } } + + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[16]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("AES"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - - // public static class AlgParamGenCCM - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // // TODO: add support for GCMParameterSpec as a template. - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[12]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("CCM"); - // params.init(new CCMParameters(iv, 12).getEncoded()); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - - // public static class AlgParamGenGCM - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // // TODO: add support for GCMParameterSpec as a template. - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] nonce = new byte[12]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(nonce); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("GCM"); - // params.init(new GCMParameters(nonce, 16).getEncoded()); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - // END android-removed + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("AES"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParamGenCCM + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + // TODO: add support for GCMParameterSpec as a template. + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[12]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("CCM"); + params.init(new CCMParameters(iv, 12).getEncoded()); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParamGenGCM + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + // TODO: add support for GCMParameterSpec as a template. + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] nonce = new byte[12]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(nonce); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("GCM"); + params.init(new GCMParameters(nonce, 16).getEncoded()); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + */ + // END Android-removed: Unsupported algorithms public static class AlgParams extends IvAlgorithmParameters @@ -738,92 +742,94 @@ public final class AES } } - // BEGIN android-removed - // public static class AlgParamsCCM - // extends BaseAlgorithmParameters - // { - // private CCMParameters ccmParams; - - // protected void engineInit(AlgorithmParameterSpec paramSpec) - // throws InvalidParameterSpecException - // { - // if (GcmSpecUtil.isGcmSpec(paramSpec)) - // { - // ccmParams = CCMParameters.getInstance(GcmSpecUtil.extractGcmParameters(paramSpec)); - // } - // else if (paramSpec instanceof AEADParameterSpec) - // { - // ccmParams = new CCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8); - // } - // else - // { - // throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName()); - // } - // } - - // protected void engineInit(byte[] params) - // throws IOException - // { - // ccmParams = CCMParameters.getInstance(params); - // } - - // protected void engineInit(byte[] params, String format) - // throws IOException - // { - // if (!isASN1FormatString(format)) - // { - // throw new IOException("unknown format specified"); - // } - - // ccmParams = CCMParameters.getInstance(params); - // } - - // protected byte[] engineGetEncoded() - // throws IOException - // { - // return ccmParams.getEncoded(); - // } - - // protected byte[] engineGetEncoded(String format) - // throws IOException - // { - // if (!isASN1FormatString(format)) - // { - // throw new IOException("unknown format specified"); - // } - - // return ccmParams.getEncoded(); - // } - - // protected String engineToString() - // { - // return "CCM"; - // } - - // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec)) - // { - // if (GcmSpecUtil.gcmSpecExists()) - // { - // return GcmSpecUtil.extractGcmSpec(ccmParams.toASN1Primitive()); - // } - // return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8); - // } - // if (paramSpec == AEADParameterSpec.class) - // { - // return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8); - // } - // if (paramSpec == IvParameterSpec.class) - // { - // return new IvParameterSpec(ccmParams.getNonce()); - // } - - // throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParamsCCM + extends BaseAlgorithmParameters + { + private CCMParameters ccmParams; + + protected void engineInit(AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (GcmSpecUtil.isGcmSpec(paramSpec)) + { + ccmParams = CCMParameters.getInstance(GcmSpecUtil.extractGcmParameters(paramSpec)); + } + else if (paramSpec instanceof AEADParameterSpec) + { + ccmParams = new CCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8); + } + else + { + throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName()); + } + } + + protected void engineInit(byte[] params) + throws IOException + { + ccmParams = CCMParameters.getInstance(params); + } + + protected void engineInit(byte[] params, String format) + throws IOException + { + if (!isASN1FormatString(format)) + { + throw new IOException("unknown format specified"); + } + + ccmParams = CCMParameters.getInstance(params); + } + + protected byte[] engineGetEncoded() + throws IOException + { + return ccmParams.getEncoded(); + } + + protected byte[] engineGetEncoded(String format) + throws IOException + { + if (!isASN1FormatString(format)) + { + throw new IOException("unknown format specified"); + } + + return ccmParams.getEncoded(); + } + + protected String engineToString() + { + return "CCM"; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec)) + { + if (GcmSpecUtil.gcmSpecExists()) + { + return GcmSpecUtil.extractGcmSpec(ccmParams.toASN1Primitive()); + } + return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8); + } + if (paramSpec == AEADParameterSpec.class) + { + return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8); + } + if (paramSpec == IvParameterSpec.class) + { + return new IvParameterSpec(ccmParams.getNonce()); + } + + throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName()); + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends SymmetricAlgorithmProvider @@ -857,40 +863,45 @@ public final class AES provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); - // END android-removed + + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); + */ + // END Android-removed: Unsupported algorithms provider.addAttributes("Cipher.AES", generalAesAttributes); provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); - // provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); + provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); + */ + // END Android-removed: Unsupported algorithms provider.addAttributes("Cipher.AESWRAP", generalAesAttributes); provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); @@ -899,81 +910,85 @@ public final class AES provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); provider.addAlgorithm("Alg.Alias.Cipher.AESKW", "AESWRAP"); - // BEGIN android-removed - // provider.addAttributes("Cipher.AESWRAPPAD", generalAesAttributes); - // provider.addAlgorithm("Cipher.AESWRAPPAD", PREFIX + "$WrapPad"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap_pad, "AESWRAPPAD"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_wrap_pad, "AESWRAPPAD"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap_pad, "AESWRAPPAD"); - // provider.addAlgorithm("Alg.Alias.Cipher.AESKWP", "AESWRAPPAD"); - // - // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); - // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAttributes("Cipher.CCM", generalAesAttributes); - // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); - // END android-removed - - // BEGIN android-changed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAttributes("Cipher.AESWRAPPAD", generalAesAttributes); + provider.addAlgorithm("Cipher.AESWRAPPAD", PREFIX + "$WrapPad"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap_pad, "AESWRAPPAD"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_wrap_pad, "AESWRAPPAD"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap_pad, "AESWRAPPAD"); + provider.addAlgorithm("Alg.Alias.Cipher.AESKWP", "AESWRAPPAD"); + + provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); + provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); + + provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAttributes("Cipher.CCM", generalAesAttributes); + provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); + */ + // END Android-removed: Unsupported algorithms + + // BEGIN Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM" provider.addAttributes("Cipher.AES/GCM/NOPADDING", generalAesAttributes); provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING"); - // END android-changed + // END Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM" provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); - // BEGIN android-removed - // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator.AESWRAPPAD", PREFIX + "$KeyGen"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap_pad, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap_pad, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap_pad, PREFIX + "$KeyGen256"); - - // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); - - // provider.addAlgorithm("Mac.AESCCMMAC", PREFIX + "$AESCCMMAC"); - // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes128_CCM.getId(), "AESCCMMAC"); - // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes192_CCM.getId(), "AESCCMMAC"); - // provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes256_CCM.getId(), "AESCCMMAC"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator.AESWRAPPAD", PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap_pad, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap_pad, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap_pad, PREFIX + "$KeyGen256"); + + provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); + + provider.addAlgorithm("Mac.AESCCMMAC", PREFIX + "$AESCCMMAC"); + provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes128_CCM.getId(), "AESCCMMAC"); + provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes192_CCM.getId(), "AESCCMMAC"); + provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes256_CCM.getId(), "AESCCMMAC"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc, "PBEWITHSHAAND128BITAES-CBC-BC"); provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc, "PBEWITHSHAAND192BITAES-CBC-BC"); @@ -1018,10 +1033,10 @@ public final class AES provider.addAlgorithm("Cipher.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC"); provider.addAlgorithm("Cipher.PBEWITHMD5AND256BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("SecretKeyFactory.AES", PREFIX + "$KeyFactory"); // provider.addAlgorithm("SecretKeyFactory", NISTObjectIdentifiers.aes, PREFIX + "$KeyFactory"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND128BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And128BitAESCBCOpenSSL"); provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And192BitAESCBCOpenSSL"); @@ -1075,10 +1090,10 @@ public final class AES provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); - // END android-removed + // END Android-removed: Unsupported algorithms } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java index c780d12c..d1305cbc 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java @@ -29,9 +29,9 @@ public final class ARC4 { public KeyGen() { - // BEGIN android-changed + // Android-changed: Use ARC4 for algorithm name to match name used in provider + // super("RC4", 128, new CipherKeyGenerator()); super("ARC4", 128, new CipherKeyGenerator()); - // END android-changed } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java index c0a09499..ebaa5c5f 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java @@ -3,16 +3,14 @@ package org.bouncycastle.jcajce.provider.symmetric; import org.bouncycastle.asn1.misc.MiscObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.engines.BlowfishEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.CMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; @@ -40,16 +38,18 @@ public final class Blowfish } } - // BEGIN android-removed - // public static class CMAC - // extends BaseMac - // { - // public CMAC() - // { - // super(new CMac(new BlowfishEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class CMAC + extends BaseMac + { + public CMAC() + { + super(new CMac(new BlowfishEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms public static class KeyGen extends BaseKeyGenerator @@ -80,13 +80,11 @@ public final class Blowfish public void configure(ConfigurableProvider provider) { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Mac.BLOWFISHCMAC", PREFIX + "$CMAC"); - // END android-removed provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, PREFIX + "$CBC"); - // END android-removed provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); provider.addAlgorithm("Alg.Alias.KeyGenerator", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, "BLOWFISH"); provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java index 5a4f8cda..c6dcd901 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java @@ -19,16 +19,14 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.engines.DESEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.engines.RFC3211WrapEngine; -// END android-removed import org.bouncycastle.crypto.generators.DESKeyGenerator; import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.CFBBlockCipherMac; // import org.bouncycastle.crypto.macs.CMac; // import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.paddings.ISO7816d4Padding; import org.bouncycastle.crypto.params.DESParameters; @@ -69,19 +67,21 @@ public final class DES } } - // BEGIN android-removed - // /** - // * DES CFB8 - // */ - // public static class DESCFB8 - // extends BaseMac - // { - // public DESCFB8() - // { - // super(new CFBBlockCipherMac(new DESEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * DES CFB8 + * + public static class DESCFB8 + extends BaseMac + { + public DESCFB8() + { + super(new CFBBlockCipherMac(new DESEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * DES64 @@ -116,49 +116,51 @@ public final class DES } } - // BEGIN android-removed - // static public class CMAC - // extends BaseMac - // { - // public CMAC() - // { - // super(new CMac(new DESEngine())); - // } - // } - // - // /** - // * DES9797Alg3with7816-4Padding - // */ - // public static class DES9797Alg3with7816d4 - // extends BaseMac - // { - // public DES9797Alg3with7816d4() - // { - // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); - // } - // } - // - // /** - // * DES9797Alg3 - // */ - // public static class DES9797Alg3 - // extends BaseMac - // { - // public DES9797Alg3() - // { - // super(new ISO9797Alg3Mac(new DESEngine())); - // } - // } - // - // public static class RFC3211 - // extends BaseWrapCipher - // { - // public RFC3211() - // { - // super(new RFC3211WrapEngine(new DESEngine()), 8); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class CMAC + extends BaseMac + { + public CMAC() + { + super(new CMac(new DESEngine())); + } + } + + /** + * DES9797Alg3with7816-4Padding + * + public static class DES9797Alg3with7816d4 + extends BaseMac + { + public DES9797Alg3with7816d4() + { + super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); + } + } + + /** + * DES9797Alg3 + * + public static class DES9797Alg3 + extends BaseMac + { + public DES9797Alg3() + { + super(new ISO9797Alg3Mac(new DESEngine())); + } + } + + public static class RFC3211 + extends BaseWrapCipher + { + public RFC3211() + { + super(new RFC3211WrapEngine(new DESEngine()), 8); + } + } + */ + // END Android-removed: Unsupported algorithms public static class AlgParamGen extends BaseAlgorithmParameterGenerator @@ -358,19 +360,21 @@ public final class DES } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndDES - // */ - // static public class PBEWithMD2KeyFactory - // extends DESPBEKeyFactory - // { - // public PBEWithMD2KeyFactory() - // { - // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * PBEWithMD2AndDES + * + static public class PBEWithMD2KeyFactory + extends DESPBEKeyFactory + { + public PBEWithMD2KeyFactory() + { + super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithMD5AndDES @@ -396,19 +400,21 @@ public final class DES } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndDES - // */ - // static public class PBEWithMD2 - // extends BaseBlockCipher - // { - // public PBEWithMD2() - // { - // super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD2, 64, 8); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * PBEWithMD2AndDES + * + static public class PBEWithMD2 + extends BaseBlockCipher + { + public PBEWithMD2() + { + super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD2, 64, 8); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithMD5AndDES @@ -448,81 +454,80 @@ public final class DES { provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher", OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); - // - // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); - // - // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Cipher", OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); + + addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); + + provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); - // BEGIN android-removed - // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); - // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); - // - // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); - // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); - // - // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); - // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); - // - // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // - // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); - // - // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); - // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); - // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); + provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); + + provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); + provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); + + provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); + provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); + + provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + + provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); + + provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); + provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); + provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters", OIWObjectIdentifiers.desCBC, "DES"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); // // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5"); provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - // END android-removed provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); - // BEGIN android-removed provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); - // END android-removed + // Android-removed: Unsupported algorithms + // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); - // END android-removed provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - // END android-removed provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java index c89fe348..9b2e57b4 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java @@ -1,21 +1,18 @@ package org.bouncycastle.jcajce.provider.symmetric; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import java.security.AlgorithmParameters; // import java.security.InvalidAlgorithmParameterException; -// END android-removed import java.security.SecureRandom; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import java.security.spec.AlgorithmParameterSpec; -// END android-removed import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import javax.crypto.SecretKey; import javax.crypto.spec.DESedeKeySpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.IvParameterSpec; -// END android-removed import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; @@ -23,21 +20,18 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.engines.DESedeEngine; import org.bouncycastle.crypto.engines.DESedeWrapEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.engines.RFC3211WrapEngine; -// END android-removed import org.bouncycastle.crypto.generators.DESedeKeyGenerator; import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.macs.CFBBlockCipherMac; // import org.bouncycastle.crypto.macs.CMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.paddings.ISO7816d4Padding; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -69,19 +63,21 @@ public final class DESede } } - // BEGIN android-removed - // /** - // * DESede CFB8 - // */ - // public static class DESedeCFB8 - // extends BaseMac - // { - // public DESedeCFB8() - // { - // super(new CFBBlockCipherMac(new DESedeEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * DESede CFB8 + * + public static class DESedeCFB8 + extends BaseMac + { + public DESedeCFB8() + { + super(new CFBBlockCipherMac(new DESedeEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * DESede64 @@ -106,7 +102,7 @@ public final class DESede super(new CBCBlockCipherMac(new DESedeEngine(), 64, new ISO7816d4Padding())); } } - + public static class CBCMAC extends BaseMac { @@ -116,16 +112,18 @@ public final class DESede } } - // BEGIN android-removed - // static public class CMAC - // extends BaseMac - // { - // public CMAC() - // { - // super(new CMac(new DESedeEngine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + static public class CMAC + extends BaseMac + { + public CMAC() + { + super(new CMac(new DESedeEngine())); + } + } + */ + // END Android-removed: Unsupported algorithms public static class Wrap extends BaseWrapCipher @@ -136,16 +134,18 @@ public final class DESede } } - // BEGIN android-removed - // public static class RFC3211 - // extends BaseWrapCipher - // { - // public RFC3211() - // { - // super(new RFC3211WrapEngine(new DESedeEngine()), 8); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class RFC3211 + extends BaseWrapCipher + { + public RFC3211() + { + super(new RFC3211WrapEngine(new DESedeEngine()), 8); + } + } + */ + // END Android-removed: Unsupported algorithms /** * DESede - the default for this is to generate a key in @@ -259,45 +259,47 @@ public final class DESede } } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[8]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("DES"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("DES"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + */ + // END Android-removed: Unsupported algorithms static public class KeyFactory extends BaseSecretKeyFactory @@ -381,38 +383,35 @@ public final class DESede public void configure(ConfigurableProvider provider) { provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); - // END android-removed provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); - // BEGIN android-changed + // BEGIN Android-changed: Make alias of DESEDEWRAP rather than separate algorithm provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); - // END android-changed - // BEGIN android-removed + // END Android-changed: Make alias of DESEDEWRAP rather than separate algorithm + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); // provider.addAlgorithm("Alg.Alias.Cipher.DESEDERFC3217WRAP", "DESEDEWRAP"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE"); provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP"); provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); - // END android-removed provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE"); if (provider.hasAlgorithm("MessageDigest", "SHA-1")) { provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); - // END android-removed provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); @@ -426,39 +425,41 @@ public final class DESede } provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); - // BEGIN android-removed - // provider.addAlgorithm("SecretKeyFactory", OIWObjectIdentifiers.desEDE, PREFIX + "$KeyFactory"); + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("SecretKeyFactory", OIWObjectIdentifiers.desEDE, PREFIX + "$KeyFactory"); - // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); - // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); + provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); + provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); - // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); + provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); - // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); + provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); - // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // END android-removed + provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java index b19a4d43..31c9bda1 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java @@ -13,9 +13,8 @@ import javax.crypto.spec.PBEParameterSpec; import org.bouncycastle.asn1.ASN1Encoding; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.pkcs.PBKDF2Params; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherParameters; @@ -34,99 +33,101 @@ public class PBEPBKDF2 } - // BEGIN android-removed - // public static class AlgParams - // extends BaseAlgorithmParameters - // { - // PBKDF2Params params; - // - // protected byte[] engineGetEncoded() - // { - // try - // { - // return params.getEncoded(ASN1Encoding.DER); - // } - // catch (IOException e) - // { - // throw new RuntimeException("Oooops! " + e.toString()); - // } - // } - - // protected byte[] engineGetEncoded( - // String format) - // { - // if (this.isASN1FormatString(format)) - // { - // return engineGetEncoded(); - // } - // - // return null; - // } - // - // protected AlgorithmParameterSpec localEngineGetParameterSpec( - // Class paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec == PBEParameterSpec.class) - // { - // return new PBEParameterSpec(params.getSalt(), - // params.getIterationCount().intValue()); - // } - // - // throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF2 PBE parameters object."); - // } - // - // protected void engineInit( - // AlgorithmParameterSpec paramSpec) - // throws InvalidParameterSpecException - // { - // if (!(paramSpec instanceof PBEParameterSpec)) - // { - // throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF2 PBE parameters algorithm parameters object"); - // } - // - // PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec; - // - // this.params = new PBKDF2Params(pbeSpec.getSalt(), - // pbeSpec.getIterationCount()); - // } - // - // protected void engineInit( - // byte[] params) - // throws IOException - // { - // this.params = PBKDF2Params.getInstance(ASN1Primitive.fromByteArray(params)); - // } - // - // protected void engineInit( - // byte[] params, - // String format) - // throws IOException - // { - // if (this.isASN1FormatString(format)) - // { - // engineInit(params); - // return; - // } - // - // throw new IOException("Unknown parameters format in PBKDF2 parameters object"); - // } - // - // protected String engineToString() - // { - // return "PBKDF2 Parameters"; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParams + extends BaseAlgorithmParameters + { + PBKDF2Params params; + + protected byte[] engineGetEncoded() + { + try + { + return params.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + throw new RuntimeException("Oooops! " + e.toString()); + } + } + + protected byte[] engineGetEncoded( + String format) + { + if (this.isASN1FormatString(format)) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == PBEParameterSpec.class) + { + return new PBEParameterSpec(params.getSalt(), + params.getIterationCount().intValue()); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF2 PBE parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (!(paramSpec instanceof PBEParameterSpec)) + { + throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF2 PBE parameters algorithm parameters object"); + } + + PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec; + + this.params = new PBKDF2Params(pbeSpec.getSalt(), + pbeSpec.getIterationCount()); + } + + protected void engineInit( + byte[] params) + throws IOException + { + this.params = PBKDF2Params.getInstance(ASN1Primitive.fromByteArray(params)); + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + engineInit(params); + return; + } + + throw new IOException("Unknown parameters format in PBKDF2 parameters object"); + } + + protected String engineToString() + { + return "PBKDF2 Parameters"; + } + } + */ + // END Android-removed: Unsupported algorithms public static class BasePBKDF2 extends BaseSecretKeyFactory { private int scheme; - // BEGIN ANDROID-ADDED + // BEGIN Android-added: Allow to specify a key using only the password. private int keySizeInBits; private int ivSizeInBits; - // END ANDROID-ADDED + // END Android-added: Allow to specify a key using only the password. private int defaultDigest; public BasePBKDF2(String name, int scheme) @@ -134,27 +135,27 @@ public class PBEPBKDF2 this(name, scheme, SHA1); } - // BEGIN ANDROID-CHANGED - // Was: public BasePBKDF2(String name, int scheme, int defaultDigest) + // BEGIN Android-changed: Allow to specify a key using only the password. + // public BasePBKDF2(String name, int scheme, int defaultDigest) private BasePBKDF2( String name, int scheme, int digest, int keySizeInBits, int ivSizeInBits) - // END ANDROID-CHANGED + // END Android-changed: Allow to specify a key using only the password. { super(name, PKCSObjectIdentifiers.id_PBKDF2); this.scheme = scheme; - // BEGIN ANDROID-ADDED + // BEGIN Android-added: Support key-restricted versions. this.keySizeInBits = keySizeInBits; this.ivSizeInBits = ivSizeInBits; - // END ANDROID-ADDED + // END Android-added: Support key-restricted versions. this.defaultDigest = digest; } - // BEGIN android-added + // BEGIN Android-added: Allow to specify a key using only the password. private BasePBKDF2(String name, int scheme, int digest) { this(name, scheme, digest, 0, 0); } - // END android-added + // END Android-added: Allow to specify a key using only the password. protected SecretKey engineGenerateSecret( KeySpec keySpec) @@ -164,9 +165,8 @@ public class PBEPBKDF2 { PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; - // BEGIN ANDROID-ADDED - // Allow to specify a key using only the password. The key will be generated later - // when other parameters are known. + // BEGIN Android-added: Allow to specify a key using only the password. + // The key will be generated later when other parameters are known. if (pbeSpec.getSalt() == null && pbeSpec.getIterationCount() == 0 && pbeSpec.getKeyLength() == 0 @@ -178,7 +178,7 @@ public class PBEPBKDF2 // cipherParameters, to be generated when the PBE parameters are known. null); } - // END ANDROID-ADDED + // END Android-added: Allow to specify a key using only the password. if (pbeSpec.getSalt() == null) { @@ -231,13 +231,15 @@ public class PBEPBKDF2 private int getDigestCode(ASN1ObjectIdentifier algorithm) throws InvalidKeySpecException { - // BEGIN android-removed - // if (algorithm.equals(CryptoProObjectIdentifiers.gostR3411Hmac)) - // { - // return GOST3411; - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (algorithm.equals(CryptoProObjectIdentifiers.gostR3411Hmac)) + { + return GOST3411; + } + else + */ + // END Android-removed: Unsupported algorithms if (algorithm.equals(PKCSObjectIdentifiers.id_hmacWithSHA1)) { return SHA1; @@ -263,62 +265,65 @@ public class PBEPBKDF2 } } - // BEGIN android-removed - // public static class PBKDF2withUTF8 - // extends BasePBKDF2 - // { - // public PBKDF2withUTF8() - // { - // super("PBKDF2", PKCS5S2_UTF8); - // } - // } - // - // public static class PBKDF2withSHA224 - // extends BasePBKDF2 - // { - // public PBKDF2withSHA224() - // { - // super("PBKDF2", PKCS5S2_UTF8, SHA224); - // } - // } - // - // public static class PBKDF2withSHA256 - // extends BasePBKDF2 - // { - // public PBKDF2withSHA256() - // { - // super("PBKDF2", PKCS5S2_UTF8, SHA256); - // } - // } - // - // public static class PBKDF2withSHA384 - // extends BasePBKDF2 - // { - // public PBKDF2withSHA384() - // { - // super("PBKDF2", PKCS5S2_UTF8, SHA384); - // } - // } - // - // public static class PBKDF2withSHA512 - // extends BasePBKDF2 - // { - // public PBKDF2withSHA512() - // { - // super("PBKDF2", PKCS5S2_UTF8, SHA512); - // } - // } - // - // public static class PBKDF2with8BIT - // extends BasePBKDF2 - // { - // public PBKDF2with8BIT() - // { - // super("PBKDF2", PKCS5S2); - // } - // } - - // BEGIN android-added + // BEGIN Android-removed: Unsupported algorithms + /* + public static class PBKDF2withUTF8 + extends BasePBKDF2 + { + public PBKDF2withUTF8() + { + super("PBKDF2", PKCS5S2_UTF8); + } + } + + public static class PBKDF2withSHA224 + extends BasePBKDF2 + { + public PBKDF2withSHA224() + { + super("PBKDF2", PKCS5S2_UTF8, SHA224); + } + } + + public static class PBKDF2withSHA256 + extends BasePBKDF2 + { + public PBKDF2withSHA256() + { + super("PBKDF2", PKCS5S2_UTF8, SHA256); + } + } + + public static class PBKDF2withSHA384 + extends BasePBKDF2 + { + public PBKDF2withSHA384() + { + super("PBKDF2", PKCS5S2_UTF8, SHA384); + } + } + public static class PBKDF2withSHA512 + extends BasePBKDF2 + { + public PBKDF2withSHA512() + { + super("PBKDF2", PKCS5S2_UTF8, SHA512); + } + } + + public static class PBKDF2with8BIT + extends BasePBKDF2 + { + public PBKDF2with8BIT() + { + super("PBKDF2", PKCS5S2); + } + } + */ + // END Android-removed: Unsupported algorithms + + // BEGIN Android-added: Android implementations of PBKDF2 algorithms. + // See note in Mappings below. public static class BasePBKDF2WithHmacSHA1 extends BasePBKDF2 { public BasePBKDF2WithHmacSHA1(String name, int scheme) { @@ -479,7 +484,7 @@ public class PBEPBKDF2 super("PBEWithHmacSHA512AndAES_256", PKCS5S2_UTF8, SHA512, 256, 128); } } - // END android-added + // END Android-added: Android implementations of PBKDF2 algorithms. public static class Mappings extends AlgorithmProvider @@ -492,45 +497,34 @@ public class PBEPBKDF2 public void configure(ConfigurableProvider provider) { - // BEGIN android-comment - // Context: many of these services used to be in - // com.android.org.bouncycastle.jcajce.provider.digest,SHA1, duplicated with respect to here. This - // class (PBEPBKDF2) wasn't present in Android until the upgrade to 1.56. Android added - // some other of these services in SHA1 (for fixed key sizes). Then the duplicate - // algorithms were removed upstream from SHA1 in - // b5634e3155e7fd8688599d3eef8e4f3c8a1db078 - // . As a result, when adapting BouncyCastle 1.56 from upstream, the Android code that - // had been added to SHA1 was moved here, and the rest of the services provided by this - // class were commented. - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8"); - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1", "PBKDF2"); - // END android-removed - // BEGIN android-changed - // Was: provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1ANDUTF8", "PBKDF2"); + // Android-note: Provided classes differ significantly from upstream. + // Before BC 1.56, this class was omitted in Android and the algorithms we desired + // were provided in org.bouncycastle.jcajce.provider.digest.SHA1. During that + // time, Android added some additional versions of these algorithms for fixed key sizes. + // BC eventually consolidated the algorithms into this class. As a result, when + // upgrading to BC 1.56, we added this class but replaced its contents with + // our versions. + // BEGIN Android-removed: Bouncy Castle versions of algorithms. + /* + provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1", "PBKDF2"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1ANDUTF8", "PBKDF2"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHASCII", PREFIX + "$PBKDF2with8BIT"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITH8BIT", "PBKDF2WITHASCII"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1AND8BIT", "PBKDF2WITHASCII"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA224", PREFIX + "$PBKDF2withSHA224"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA256", PREFIX + "$PBKDF2withSHA256"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA384", PREFIX + "$PBKDF2withSHA384"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA512", PREFIX + "$PBKDF2withSHA512"); + */ + // END Android-removed: Bouncy Castle versions of algorithms. + // BEGIN Android-added: Android versions of algorithms. provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WithHmacSHA1AndUTF8", "PBKDF2WithHmacSHA1"); - // END android-changed - // BEGin android-removed - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHASCII", PREFIX + "$PBKDF2with8BIT"); - // END android-removed - // BEGIN android-changed - // Was: - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITH8BIT", "PBKDF2WITHASCII"); - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1AND8BIT", "PBKDF2WITHASCII"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2with8BIT", "PBKDF2WithHmacSHA1And8BIT"); - // END android-changed - // BEGIN android-added provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2withASCII", "PBKDF2WithHmacSHA1And8BIT"); - // BEGIN android-removed - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA224", PREFIX + "$PBKDF2withSHA224"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA256", PREFIX + "$PBKDF2withSHA256"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA384", PREFIX + "$PBKDF2withSHA384"); - // provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA512", PREFIX + "$PBKDF2withSHA512"); - // END android-removed - // BEGIN android-added provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1", PREFIX + "$PBKDF2WithHmacSHA1UTF8"); provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA224", PREFIX + "$PBKDF2WithHmacSHA224UTF8"); provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA256", PREFIX + "$PBKDF2WithHmacSHA256UTF8"); @@ -547,7 +541,7 @@ public class PBEPBKDF2 provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA384AndAES_256", PREFIX + "$PBEWithHmacSHA384AndAES_256"); provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA512AndAES_256", PREFIX + "$PBEWithHmacSHA512AndAES_256"); provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1And8BIT", PREFIX + "$PBKDF2WithHmacSHA18BIT"); - // END android-added + // END Android-added: Android versions of algorithms. } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java index 7bc1e713..cd28eab3 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java @@ -12,28 +12,24 @@ import javax.crypto.spec.RC2ParameterSpec; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.pkcs.RC2CBCParameter; // import org.bouncycastle.crypto.CipherKeyGenerator; -// END android-removed import org.bouncycastle.crypto.engines.RC2Engine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.engines.RC2WrapEngine; // import org.bouncycastle.crypto.macs.CBCBlockCipherMac; // import org.bouncycastle.crypto.macs.CFBBlockCipherMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; import org.bouncycastle.util.Arrays; @@ -44,61 +40,63 @@ public final class RC2 { } - // BEGIN android-removed - // /** - // * RC2 - // */ - // static public class ECB - // extends BaseBlockCipher - // { - // public ECB() - // { - // super(new RC2Engine()); - // } - // } - // - // /** - // * RC2CBC - // */ - // static public class CBC - // extends BaseBlockCipher - // { - // public CBC() - // { - // super(new CBCBlockCipher(new RC2Engine()), 64); - // } - // } - // - // public static class Wrap - // extends BaseWrapCipher - // { - // public Wrap() - // { - // super(new RC2WrapEngine()); - // } - // } - // - // /** - // * RC2 - // */ - // public static class CBCMAC - // extends BaseMac - // { - // public CBCMAC() - // { - // super(new CBCBlockCipherMac(new RC2Engine())); - // } - // } - // - // public static class CFB8MAC - // extends BaseMac - // { - // public CFB8MAC() - // { - // super(new CFBBlockCipherMac(new RC2Engine())); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * RC2 + * + static public class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new RC2Engine()); + } + } + + /** + * RC2CBC + * + static public class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new RC2Engine()), 64); + } + } + + public static class Wrap + extends BaseWrapCipher + { + public Wrap() + { + super(new RC2WrapEngine()); + } + } + + /** + * RC2 + * + public static class CBCMAC + extends BaseMac + { + public CBCMAC() + { + super(new CBCBlockCipherMac(new RC2Engine())); + } + } + + public static class CFB8MAC + extends BaseMac + { + public CFB8MAC() + { + super(new CFBBlockCipherMac(new RC2Engine())); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithSHA1AndRC2 @@ -184,19 +182,21 @@ public final class RC2 } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndRC2 - // */ - // static public class PBEWithMD2KeyFactory - // extends PBESecretKeyFactory - // { - // public PBEWithMD2KeyFactory() - // { - // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + /** + * PBEWithMD2AndRC2 + * + static public class PBEWithMD2KeyFactory + extends PBESecretKeyFactory + { + public PBEWithMD2KeyFactory() + { + super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithMD5AndRC2 @@ -210,249 +210,251 @@ public final class RC2 } } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // RC2ParameterSpec spec = null; - - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // if (genParamSpec instanceof RC2ParameterSpec) - // { - // spec = (RC2ParameterSpec)genParamSpec; - // return; - // } - - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // AlgorithmParameters params; - - // if (spec == null) - // { - // byte[] iv = new byte[8]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // try - // { - // params = createParametersInstance("RC2"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // } - // else - // { - // try - // { - // params = createParametersInstance("RC2"); - // params.init(spec); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // } - - // return params; - // } - // } - - // public static class KeyGenerator - // extends BaseKeyGenerator - // { - // public KeyGenerator() - // { - // super("RC2", 128, new CipherKeyGenerator()); - // } - // } - - // public static class AlgParams - // extends BaseAlgorithmParameters - // { - // private static final short[] table = { - // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, - // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, - // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, - // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, - // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, - // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, - // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, - // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, - // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, - // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, - // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, - // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, - // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, - // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, - // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, - // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab - // }; - - // private static final short[] ekb = { - // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, - // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, - // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, - // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, - // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, - // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, - // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, - // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, - // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, - // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, - // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, - // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, - // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, - // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, - // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, - // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd - // }; - - // private byte[] iv; - // private int parameterVersion = 58; - - // protected byte[] engineGetEncoded() - // { - // return Arrays.clone(iv); - // } - - // protected byte[] engineGetEncoded( - // String format) - // throws IOException - // { - // if (this.isASN1FormatString(format)) - // { - // if (parameterVersion == -1) - // { - // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); - // } - // else - // { - // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); - // } - // } - - // if (format.equals("RAW")) - // { - // return engineGetEncoded(); - // } - - // return null; - // } - - // protected AlgorithmParameterSpec localEngineGetParameterSpec( - // Class paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec == RC2ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class) - // { - // if (parameterVersion != -1) - // { - // if (parameterVersion < 256) - // { - // return new RC2ParameterSpec(ekb[parameterVersion], iv); - // } - // else - // { - // return new RC2ParameterSpec(parameterVersion, iv); - // } - // } - // } - - // if (paramSpec == IvParameterSpec.class || paramSpec == AlgorithmParameterSpec.class) - // { - // return new IvParameterSpec(iv); - // } - - // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); - // } - - // protected void engineInit( - // AlgorithmParameterSpec paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec instanceof IvParameterSpec) - // { - // this.iv = ((IvParameterSpec)paramSpec).getIV(); - // } - // else if (paramSpec instanceof RC2ParameterSpec) - // { - // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); - // if (effKeyBits != -1) - // { - // if (effKeyBits < 256) - // { - // parameterVersion = table[effKeyBits]; - // } - // else - // { - // parameterVersion = effKeyBits; - // } - // } - - // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); - // } - // else - // { - // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); - // } - // } - - // protected void engineInit( - // byte[] params) - // throws IOException - // { - // this.iv = Arrays.clone(params); - // } - - // protected void engineInit( - // byte[] params, - // String format) - // throws IOException - // { - // if (this.isASN1FormatString(format)) - // { - // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); - - // if (p.getRC2ParameterVersion() != null) - // { - // parameterVersion = p.getRC2ParameterVersion().intValue(); - // } - - // iv = p.getIV(); - - // return; - // } - - // if (format.equals("RAW")) - // { - // engineInit(params); - // return; - // } - - // throw new IOException("Unknown parameters format in IV parameters object"); - // } - - // protected String engineToString() - // { - // return "RC2 Parameters"; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + RC2ParameterSpec spec = null; + + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (genParamSpec instanceof RC2ParameterSpec) + { + spec = (RC2ParameterSpec)genParamSpec; + return; + } + + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + AlgorithmParameters params; + + if (spec == null) + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + try + { + params = createParametersInstance("RC2"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + } + else + { + try + { + params = createParametersInstance("RC2"); + params.init(spec); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + } + + return params; + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("RC2", 128, new CipherKeyGenerator()); + } + } + + public static class AlgParams + extends BaseAlgorithmParameters + { + private static final short[] table = { + 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, + 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, + 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, + 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, + 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, + 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, + 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, + 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, + 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, + 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, + 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, + 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, + 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, + 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, + 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, + 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab + }; + + private static final short[] ekb = { + 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, + 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, + 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, + 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, + 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, + 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, + 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, + 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, + 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, + 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, + 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, + 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, + 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, + 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, + 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, + 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd + }; + + private byte[] iv; + private int parameterVersion = 58; + + protected byte[] engineGetEncoded() + { + return Arrays.clone(iv); + } + + protected byte[] engineGetEncoded( + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + if (parameterVersion == -1) + { + return new RC2CBCParameter(engineGetEncoded()).getEncoded(); + } + else + { + return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); + } + } + + if (format.equals("RAW")) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == RC2ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class) + { + if (parameterVersion != -1) + { + if (parameterVersion < 256) + { + return new RC2ParameterSpec(ekb[parameterVersion], iv); + } + else + { + return new RC2ParameterSpec(parameterVersion, iv); + } + } + } + + if (paramSpec == IvParameterSpec.class || paramSpec == AlgorithmParameterSpec.class) + { + return new IvParameterSpec(iv); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec instanceof IvParameterSpec) + { + this.iv = ((IvParameterSpec)paramSpec).getIV(); + } + else if (paramSpec instanceof RC2ParameterSpec) + { + int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); + if (effKeyBits != -1) + { + if (effKeyBits < 256) + { + parameterVersion = table[effKeyBits]; + } + else + { + parameterVersion = effKeyBits; + } + } + + this.iv = ((RC2ParameterSpec)paramSpec).getIV(); + } + else + { + throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); + } + } + + protected void engineInit( + byte[] params) + throws IOException + { + this.iv = Arrays.clone(params); + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); + + if (p.getRC2ParameterVersion() != null) + { + parameterVersion = p.getRC2ParameterVersion().intValue(); + } + + iv = p.getIV(); + + return; + } + + if (format.equals("RAW")) + { + engineInit(params); + return; + } + + throw new IOException("Unknown parameters format in IV parameters object"); + } + + protected String engineToString() + { + return "RC2 Parameters"; + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends AlgorithmProvider @@ -465,36 +467,38 @@ public final class RC2 public void configure(ConfigurableProvider provider) { - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); - // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); - // - // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); - // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); - // - // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); - // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); - // - // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); - // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); - // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.RC2_CBC, PREFIX + "$CBC"); - // - // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); - // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); - // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); - // - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); - // END android-removed + + // BEGIN Android-removed: Unsupported algorithms + /* + provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); + + provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); + provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); + + provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); + provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); + + provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); + provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); + provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); + provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.RC2_CBC, PREFIX + "$CBC"); + + provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); + provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); + provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); + + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); + */ + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); - // END android-removed provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); @@ -502,18 +506,16 @@ public final class RC2 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); - // END android-removed provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory"); - // BEGIN android-removed + // Android-removed: Unsupported algorithms // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); - // END android-removed provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java index 7ac79e7e..e955e9d0 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java @@ -6,44 +6,46 @@ import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; abstract class SymmetricAlgorithmProvider extends AlgorithmProvider { - // BEGIN android-removed - // protected void addCMacAlgorithm( - // ConfigurableProvider provider, - // String algorithm, - // String algorithmClassName, - // String keyGeneratorClassName) - // { - // provider.addAlgorithm("Mac." + algorithm + "-CMAC", algorithmClassName); - // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "CMAC", algorithm + "-CMAC"); - // - // provider.addAlgorithm("KeyGenerator." + algorithm + "-CMAC", keyGeneratorClassName); - // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "CMAC", algorithm + "-CMAC"); - // } - // - // protected void addGMacAlgorithm( - // ConfigurableProvider provider, - // String algorithm, - // String algorithmClassName, - // String keyGeneratorClassName) - // { - // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); - // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); - // - // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); - // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); - // } - // - // protected void addPoly1305Algorithm(ConfigurableProvider provider, - // String algorithm, - // String algorithmClassName, - // String keyGeneratorClassName) - // { - // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); - // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); - // - // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); - // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + protected void addCMacAlgorithm( + ConfigurableProvider provider, + String algorithm, + String algorithmClassName, + String keyGeneratorClassName) + { + provider.addAlgorithm("Mac." + algorithm + "-CMAC", algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "CMAC", algorithm + "-CMAC"); + + provider.addAlgorithm("KeyGenerator." + algorithm + "-CMAC", keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "CMAC", algorithm + "-CMAC"); + } + + protected void addGMacAlgorithm( + ConfigurableProvider provider, + String algorithm, + String algorithmClassName, + String keyGeneratorClassName) + { + provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); + + provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); + } + + protected void addPoly1305Algorithm(ConfigurableProvider provider, + String algorithm, + String algorithmClassName, + String keyGeneratorClassName) + { + provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); + + provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); + } + */ + // END Android-removed: Unsupported algorithms } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java index c666ac14..669be26a 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java @@ -1,26 +1,22 @@ package org.bouncycastle.jcajce.provider.symmetric; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.BlockCipher; // import org.bouncycastle.crypto.CipherKeyGenerator; -// END android-removed import org.bouncycastle.crypto.engines.TwofishEngine; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; // import org.bouncycastle.crypto.macs.GMac; -// END android-removed import org.bouncycastle.crypto.modes.CBCBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.GCMBlockCipher; -// END android-removed import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; // import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; // import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; // import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; -// END android-removed import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; public final class Twofish @@ -29,58 +25,60 @@ public final class Twofish { } - // BEGIN android-removed - // public static class ECB - // extends BaseBlockCipher - // { - // public ECB() - // { - // super(new BlockCipherProvider() - // { - // public BlockCipher get() - // { - // return new TwofishEngine(); - // } - // }); - // } - // } - // - // public static class KeyGen - // extends BaseKeyGenerator - // { - // public KeyGen() - // { - // super("Twofish", 256, new CipherKeyGenerator()); - // } - // } - // - // public static class GMAC - // extends BaseMac - // { - // public GMAC() - // { - // super(new GMac(new GCMBlockCipher(new TwofishEngine()))); - // } - // } - // - // public static class Poly1305 - // extends BaseMac - // { - // public Poly1305() - // { - // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); - // } - // } - // - // public static class Poly1305KeyGen - // extends BaseKeyGenerator - // { - // public Poly1305KeyGen() - // { - // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new TwofishEngine(); + } + }); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Twofish", 256, new CipherKeyGenerator()); + } + } + + public static class GMAC + extends BaseMac + { + public GMAC() + { + super(new GMac(new GCMBlockCipher(new TwofishEngine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); + } + } + */ + // END Android-removed: Unsupported algorithms /** * PBEWithSHAAndTwofish-CBC @@ -106,16 +104,18 @@ public final class Twofish } } - // BEGIN android-removed - // public static class AlgParams - // extends IvAlgorithmParameters - // { - // protected String engineToString() - // { - // return "Twofish IV"; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Twofish IV"; + } + } + */ + // END Android-removed: Unsupported algorithms public static class Mappings extends SymmetricAlgorithmProvider @@ -128,21 +128,21 @@ public final class Twofish public void configure(ConfigurableProvider provider) { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); - // END android-removed + // END Android-removed: Unsupported algorithms provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); - // END android-removed + // END Android-removed: Unsupported algorithms } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java index 1486d711..a4719729 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java @@ -152,10 +152,4 @@ public class BCPBEKey { return tryWrong; } - - // BEGIN android-added - public PBEKeySpec getPbeKeySpec() { - return pbeKeySpec; - } - // END android-added } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java index 63d7b351..74d22c5d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java @@ -20,14 +20,13 @@ import javax.crypto.SecretKey; import javax.crypto.ShortBufferException; import javax.crypto.interfaces.PBEKey; import javax.crypto.spec.IvParameterSpec; -// BEGIN android-added +// BEGIN Android-added: Various key-handling modifications import javax.crypto.spec.PBEKeySpec; -// END android-added +// END Android-added: Various key-handling modifications import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.RC2ParameterSpec; // import javax.crypto.spec.RC5ParameterSpec; -// END android-removed import org.bouncycastle.asn1.cms.GCMParameters; import org.bouncycastle.crypto.BlockCipher; @@ -41,20 +40,17 @@ import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.modes.CCMBlockCipher; import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.CTSBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.EAXBlockCipher; // import org.bouncycastle.crypto.modes.GCFBBlockCipher; -// END android-removed import org.bouncycastle.crypto.modes.GCMBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.GOFBBlockCipher; // import org.bouncycastle.crypto.modes.OCBBlockCipher; -// END android-removed import org.bouncycastle.crypto.modes.OFBBlockCipher; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; // import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; -// END android-removed import org.bouncycastle.crypto.modes.SICBlockCipher; import org.bouncycastle.crypto.paddings.BlockCipherPadding; import org.bouncycastle.crypto.paddings.ISO10126d2Padding; @@ -67,22 +63,19 @@ import org.bouncycastle.crypto.params.AEADParameters; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.ParametersWithSBox; -// END android-removed import org.bouncycastle.crypto.params.RC2Parameters; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.RC5Parameters; // import org.bouncycastle.jcajce.PBKDF1Key; // import org.bouncycastle.jcajce.PBKDF1KeyWithParameters; -// END android-removed import org.bouncycastle.jcajce.PKCS12Key; import org.bouncycastle.jcajce.PKCS12KeyWithParameters; import org.bouncycastle.jcajce.spec.AEADParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; // import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; -// END android-removed import org.bouncycastle.util.Strings; public class BaseBlockCipher @@ -96,16 +89,14 @@ public class BaseBlockCipher // private Class[] availableSpecs = { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // RC2ParameterSpec.class, // RC5ParameterSpec.class, - // END android-removed gcmSpecClass, IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed + // Android-removed: Unsupported algorithms // GOST28147ParameterSpec.class - // END android-removed }; private BlockCipher baseEngine; @@ -342,33 +333,35 @@ public class BaseBlockCipher new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); } } - // BEGIN android-removed - // else if (modeName.startsWith("PGP")) - // { - // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); - // - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher( - // new PGPCFBBlockCipher(baseEngine, inlineIV)); - // } - // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) - // { - // ivLength = 0; - // cipher = new BufferedGenericBlockCipher( - // new OpenPGPCFBBlockCipher(baseEngine)); - // } - // else if (modeName.startsWith("SIC")) - // { - // ivLength = baseEngine.getBlockSize(); - // if (ivLength < 16) - // { - // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); - // } - // fixedIv = false; - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new SICBlockCipher(baseEngine))); - // } - // END android-removed + // BEGIN Android-removed: Unsupported modes + /* + else if (modeName.startsWith("PGP")) + { + boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); + + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher( + new PGPCFBBlockCipher(baseEngine, inlineIV)); + } + else if (modeName.equalsIgnoreCase("OpenPGPCFB")) + { + ivLength = 0; + cipher = new BufferedGenericBlockCipher( + new OpenPGPCFBBlockCipher(baseEngine)); + } + else if (modeName.startsWith("SIC")) + { + ivLength = baseEngine.getBlockSize(); + if (ivLength < 16) + { + throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); + } + fixedIv = false; + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new SICBlockCipher(baseEngine))); + } + */ + // END Android-removed: Unsupported modes else if (modeName.startsWith("CTR")) { ivLength = baseEngine.getBlockSize(); @@ -376,20 +369,22 @@ public class BaseBlockCipher cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( new SICBlockCipher(baseEngine))); } - // BEGIN android-removed - // else if (modeName.startsWith("GOFB")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new GOFBBlockCipher(baseEngine))); - // } - // else if (modeName.startsWith("GCFB")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new GCFBBlockCipher(baseEngine))); - // } - // END android-removed + // BEGIN Android-removed: Unsupported modes + /* + else if (modeName.startsWith("GOFB")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new GOFBBlockCipher(baseEngine))); + } + else if (modeName.startsWith("GCFB")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new GCFBBlockCipher(baseEngine))); + } + */ + // END Android-removed: Unsupported modes else if (modeName.startsWith("CTS")) { ivLength = baseEngine.getBlockSize(); @@ -400,28 +395,30 @@ public class BaseBlockCipher ivLength = 13; // CCM nonce 7..13 bytes cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); } - // BEGIN android-removed - // else if (modeName.startsWith("OCB")) - // { - // if (engineProvider != null) - // { - // /* - // * RFC 7253 4.2. Nonce is a string of no more than 120 bits - // */ - // ivLength = 15; - // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); - // } - // else - // { - // throw new NoSuchAlgorithmException("can't support mode " + mode); - // } - // } - // else if (modeName.startsWith("EAX")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); - // } - // END android-removed + // BEGIN Android-removed: Unsupported modes + /* + else if (modeName.startsWith("OCB")) + { + if (engineProvider != null) + { + /* + * RFC 7253 4.2. Nonce is a string of no more than 120 bits + * + ivLength = 15; + cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); + } + else + { + throw new NoSuchAlgorithmException("can't support mode " + mode); + } + } + else if (modeName.startsWith("EAX")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); + } + */ + // END Android-removed: Unsupported modes else if (modeName.startsWith("GCM")) { ivLength = baseEngine.getBlockSize(); @@ -489,13 +486,13 @@ public class BaseBlockCipher } } - // BEGIN android-added + // BEGIN Android-added: Handling missing IVs // TODO(27995180): This might need to be removed if we drop support for BCPBE keys without IV // in PKCS12 private boolean isBCPBEKeyWithoutIV(Key key) { return (key instanceof BCPBEKey) && !(((BCPBEKey)key).getParam() instanceof ParametersWithIV); } - // END android-added + // END Android-added: Handling missing IVs protected void engineInit( int opmode, @@ -530,12 +527,12 @@ public class BaseBlockCipher // // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it). // - // BEGIN android-changed - // Was: if (scheme == PKCS12 || key instanceof PKCS12Key) + // BEGIN Android-changed: Don't use PKCS12 with missing IV. // If the key is a BCPBE one without an IV, ignore the fact that the scheme is PKCS12. // TODO(27995180): consider whether we want to keep support for these keys and PKCS12. + // if (scheme == PKCS12 || key instanceof PKCS12Key) if ((scheme == PKCS12 || key instanceof PKCS12Key) && !isBCPBEKeyWithoutIV(key)) - // END android-changed + // END Android-changed: Don't use PKCS12 with missing IV. { SecretKey k; try @@ -578,13 +575,13 @@ public class BaseBlockCipher } else if (pbeKeyParam == null) { - // BEGIN android-changed - // Was: param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName()); + // BEGIN Android-changed: Unreachable code // TODO(27995180): consider rejecting such keys for PKCS12 // See above for the android-changed with a TODO for the same bug that makes // this code unreachable. - // END android-changed - throw new IllegalStateException("Unreachable code"); + // param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName()); + throw new AssertionError("Unreachable code"); + // END Android-changed: Unreachable code } else { @@ -600,27 +597,29 @@ public class BaseBlockCipher ivParam = (ParametersWithIV)param; } } - // BEGIN android-removed - // else if (key instanceof PBKDF1Key) - // { - // PBKDF1Key k = (PBKDF1Key)key; - - // if (params instanceof PBEParameterSpec) - // { - // pbeSpec = (PBEParameterSpec)params; - // } - // if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null) - // { - // pbeSpec = new PBEParameterSpec(((PBKDF1KeyWithParameters)k).getSalt(), ((PBKDF1KeyWithParameters)k).getIterationCount()); - // } - - // param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS5S1, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName()); - // if (param instanceof ParametersWithIV) - // { - // ivParam = (ParametersWithIV)param; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (key instanceof PBKDF1Key) + { + PBKDF1Key k = (PBKDF1Key)key; + + if (params instanceof PBEParameterSpec) + { + pbeSpec = (PBEParameterSpec)params; + } + if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null) + { + pbeSpec = new PBEParameterSpec(((PBKDF1KeyWithParameters)k).getSalt(), ((PBKDF1KeyWithParameters)k).getIterationCount()); + } + + param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS5S1, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName()); + if (param instanceof ParametersWithIV) + { + ivParam = (ParametersWithIV)param; + } + } + */ + // END Android-removed: Unsupported algorithms else if (key instanceof BCPBEKey) { BCPBEKey k = (BCPBEKey)key; @@ -641,7 +640,7 @@ public class BaseBlockCipher else if (params instanceof PBEParameterSpec) { pbeSpec = (PBEParameterSpec)params; - // BEGIN android-added + // BEGIN Android-added: Allow PBE keys with only passwords. // At this point, k.getParam() == null, so the key hasn't been generated. If // the parameters have non-default values, recreate the BCPBEKey from algorithm // parameters as to generate the key. @@ -653,7 +652,7 @@ public class BaseBlockCipher k.getKeySize()), null /* CipherParameters */); } - // END android-added + // END Android-added: Allow PBE keys with only passwords. param = PBE.Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName()); } else @@ -681,10 +680,10 @@ public class BaseBlockCipher ivParam = (ParametersWithIV)param; } } - // BEGIN android-changed - // Was: else if (!(key instanceof RepeatedSecretKeySpec)) + // BEGIN Android-changed: Unsupported algorithm + // else if (!(key instanceof RepeatedSecretKeySpec)) else - // END android-changed + // END Android-changed: Unsupported algorithms { if (scheme == PKCS5S1 || scheme == PKCS5S1_UTF8 || scheme == PKCS5S2 || scheme == PKCS5S2_UTF8) { @@ -692,12 +691,12 @@ public class BaseBlockCipher } param = new KeyParameter(key.getEncoded()); } - // BEGIN android-removed + // BEGIN Android-removed: Unreachable // else // { // param = null; // } - // END android-removed + // END Android-removed: Unreachable if (params instanceof AEADParameterSpec) { @@ -748,86 +747,88 @@ public class BaseBlockCipher } } } - // BEGIN android-removed - // else if (params instanceof GOST28147ParameterSpec) - // { - // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - // - // param = new ParametersWithSBox( - // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); - // - // if (gost28147Param.getIV() != null && ivLength != 0) - // { - // if (param instanceof ParametersWithIV) - // { - // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), gost28147Param.getIV()); - // } - // else - // { - // param = new ParametersWithIV(param, gost28147Param.getIV()); - // } - // ivParam = (ParametersWithIV)param; - // } - // } - // else if (params instanceof RC2ParameterSpec) - // { - // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; - // - // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); - // - // if (rc2Param.getIV() != null && ivLength != 0) - // { - // if (param instanceof ParametersWithIV) - // { - // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc2Param.getIV()); - // } - // else - // { - // param = new ParametersWithIV(param, rc2Param.getIV()); - // } - // ivParam = (ParametersWithIV)param; - // } - // } - // else if (params instanceof RC5ParameterSpec) - // { - // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; - // - // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); - // if (baseEngine.getAlgorithmName().startsWith("RC5")) - // { - // if (baseEngine.getAlgorithmName().equals("RC5-32")) - // { - // if (rc5Param.getWordSize() != 32) - // { - // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); - // } - // } - // else if (baseEngine.getAlgorithmName().equals("RC5-64")) - // { - // if (rc5Param.getWordSize() != 64) - // { - // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); - // } - // } - // } - // else - // { - // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); - // } - // if ((rc5Param.getIV() != null) && (ivLength != 0)) - // { - // if (param instanceof ParametersWithIV) - // { - // param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc5Param.getIV()); - // } - // else - // { - // param = new ParametersWithIV(param, rc5Param.getIV()); - // } - // ivParam = (ParametersWithIV)param; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (params instanceof GOST28147ParameterSpec) + { + GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + + param = new ParametersWithSBox( + new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); + + if (gost28147Param.getIV() != null && ivLength != 0) + { + if (param instanceof ParametersWithIV) + { + param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), gost28147Param.getIV()); + } + else + { + param = new ParametersWithIV(param, gost28147Param.getIV()); + } + ivParam = (ParametersWithIV)param; + } + } + else if (params instanceof RC2ParameterSpec) + { + RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; + + param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); + + if (rc2Param.getIV() != null && ivLength != 0) + { + if (param instanceof ParametersWithIV) + { + param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc2Param.getIV()); + } + else + { + param = new ParametersWithIV(param, rc2Param.getIV()); + } + ivParam = (ParametersWithIV)param; + } + } + else if (params instanceof RC5ParameterSpec) + { + RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; + + param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); + if (baseEngine.getAlgorithmName().startsWith("RC5")) + { + if (baseEngine.getAlgorithmName().equals("RC5-32")) + { + if (rc5Param.getWordSize() != 32) + { + throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); + } + } + else if (baseEngine.getAlgorithmName().equals("RC5-64")) + { + if (rc5Param.getWordSize() != 64) + { + throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); + } + } + } + else + { + throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); + } + if ((rc5Param.getIV() != null) && (ivLength != 0)) + { + if (param instanceof ParametersWithIV) + { + param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc5Param.getIV()); + } + else + { + param = new ParametersWithIV(param, rc5Param.getIV()); + } + ivParam = (ParametersWithIV)param; + } + } + */ + // END Android-removed: Unsupported algorithms else if (gcmSpecClass != null && gcmSpecClass.isInstance(params)) { if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) @@ -869,27 +870,28 @@ public class BaseBlockCipher { ivRandom = new SecureRandom(); } + if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE)) { byte[] iv = new byte[ivLength]; - // BEGIN android-changed - // Was: ivRandom.nextBytes(iv); + // BEGIN Android-changed: For PBE keys with no IV, use IV of 0 rather than random // TODO(27995180): for such keys, consider whether we want to reject them or // allow them if the IV is passed in the parameters + // ivRandom.nextBytes(iv); if (!isBCPBEKeyWithoutIV(key)) { ivRandom.nextBytes(iv); } - // END android-changed + // END Android-changed: For PBE keys with no IV, use IV of 0 rather than random param = new ParametersWithIV(param, iv); ivParam = (ParametersWithIV)param; } else if (cipher.getUnderlyingCipher().getAlgorithmName().indexOf("PGPCFB") < 0) { - // BEGIN android-changed - // Was: throw new InvalidAlgorithmParameterException("no IV set when one expected"); + // BEGIN Android-changed: For PBE keys with no IV, use IV of 0 // TODO(27995180): for such keys, consider whether we want to reject them or // allow them if the IV is passed in the parameters + // throw new InvalidAlgorithmParameterException("no IV set when one expected"); if (!isBCPBEKeyWithoutIV(key)) { throw new InvalidAlgorithmParameterException("no IV set when one expected"); } else { @@ -897,7 +899,7 @@ public class BaseBlockCipher param = new ParametersWithIV(param, new byte[ivLength]); ivParam = (ParametersWithIV)param; } - // END android-changed + // END Android-changed: For PBE keys with no IV, use IV of 0 } } @@ -951,21 +953,23 @@ public class BaseBlockCipher ivParam = new ParametersWithIV(key, iv.getIV()); param = ivParam; } - // BEGIN android-removed - // else if (params instanceof GOST28147ParameterSpec) - // { - // // need to pick up IV and SBox. - // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - // - // param = new ParametersWithSBox(param, gost28147Param.getSbox()); - // - // if (gost28147Param.getIV() != null && ivLength != 0) - // { - // ivParam = new ParametersWithIV(key, gost28147Param.getIV()); - // param = ivParam; - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (params instanceof GOST28147ParameterSpec) + { + // need to pick up IV and SBox. + GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + + param = new ParametersWithSBox(param, gost28147Param.getSbox()); + + if (gost28147Param.getIV() != null && ivLength != 0) + { + ivParam = new ParametersWithIV(key, gost28147Param.getIV()); + param = ivParam; + } + } + */ + // END Android-removed: Unsupported algorithms } else { @@ -976,20 +980,22 @@ public class BaseBlockCipher ivParam = new ParametersWithIV(param, iv.getIV()); param = ivParam; } - // BEGIN android-removed - // else if (params instanceof GOST28147ParameterSpec) - // { - // // need to pick up IV and SBox. - // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - // - // param = new ParametersWithSBox(param, gost28147Param.getSbox()); - // - // if (gost28147Param.getIV() != null && ivLength != 0) - // { - // param = new ParametersWithIV(param, gost28147Param.getIV()); - // } - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (params instanceof GOST28147ParameterSpec) + { + // need to pick up IV and SBox. + GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + + param = new ParametersWithSBox(param, gost28147Param.getSbox()); + + if (gost28147Param.getIV() != null && ivLength != 0) + { + param = new ParametersWithIV(param, gost28147Param.getIV()); + } + } + */ + // END Android-removed: Unsupported algorithms } return param; } @@ -1192,9 +1198,9 @@ public class BaseBlockCipher private boolean isAEADModeName( String modeName) { - // BEGIN android-changed + // Android-changed: Unsupported modes + // return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName); return "CCM".equals(modeName) || "GCM".equals(modeName); - // END android-changed } /* diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java index 7102db50..45b24bff 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java @@ -22,15 +22,13 @@ import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.crypto.params.AEADParameters; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.params.RC2Parameters; // import org.bouncycastle.crypto.params.SkeinParameters; -// END android-removed import org.bouncycastle.jcajce.PKCS12Key; import org.bouncycastle.jcajce.spec.AEADParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jcajce.spec.SkeinParameterSpec; -// END android-removed public class BaseMac extends MacSpi implements PBE @@ -103,16 +101,16 @@ public class BaseMac int digest = SHA1; int keySize = 160; - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // if (macEngine.getAlgorithmName().startsWith("GOST")) // { - // digest = GOST3411; - // keySize = 256; + // digest = GOST3411; + // keySize = 256; // } - // BEGIN android-changed - // Was: else if (macEngine instanceof HMac) + // END Android-removed: Unsupported algorithms + // Android-changed: Adjust for missing if + // else if (macEngine instanceof HMac) if (macEngine instanceof HMac) - // END android-changed { if (!macEngine.getAlgorithmName().startsWith("SHA-1")) { @@ -136,13 +134,13 @@ public class BaseMac digest = SHA512; keySize = 512; } - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // else if (macEngine.getAlgorithmName().startsWith("RIPEMD160")) // { // digest = RIPEMD160; // keySize = 160; // } - // END android-removed + // END Android-removed: Unsupported algorithms else { throw new InvalidAlgorithmParameterException("no PKCS12 mapping for HMAC: " + macEngine.getAlgorithmName()); @@ -198,17 +196,18 @@ public class BaseMac { param = new ParametersWithIV(keyParam, ((IvParameterSpec)params).getIV()); } - // BEGIN android-removed - // else if (params instanceof RC2ParameterSpec) - // { - // param = new ParametersWithIV(new RC2Parameters(keyParam.getKey(), ((RC2ParameterSpec)params).getEffectiveKeyBits()), ((RC2ParameterSpec)params).getIV()); - // } - - // else if (params instanceof SkeinParameterSpec) - // { - // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(keyParam.getKey()).build(); - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (params instanceof RC2ParameterSpec) + { + param = new ParametersWithIV(new RC2Parameters(keyParam.getKey(), ((RC2ParameterSpec)params).getEffectiveKeyBits()), ((RC2ParameterSpec)params).getIV()); + } + else if (params instanceof SkeinParameterSpec) + { + param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(keyParam.getKey()).build(); + } + */ + // END Android-removed: Unsupported algorithms else if (params == null) { param = new KeyParameter(key.getEncoded()); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java index f2893080..9795e2da 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java @@ -15,10 +15,9 @@ import javax.crypto.SecretKey; import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.RC2ParameterSpec; // import javax.crypto.spec.RC5ParameterSpec; -// END android-removed import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DataLengthException; @@ -37,10 +36,9 @@ public class BaseStreamCipher // private Class[] availableSpecs = { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // RC2ParameterSpec.class, // RC5ParameterSpec.class, - // END android-removed IvParameterSpec.class, PBEParameterSpec.class }; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java index e2c86766..2d1080f2 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java @@ -22,10 +22,9 @@ import javax.crypto.NoSuchPaddingException; import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import javax.crypto.spec.RC2ParameterSpec; // import javax.crypto.spec.RC5ParameterSpec; -// END android-removed import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; @@ -51,10 +50,9 @@ public abstract class BaseWrapCipher { IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed + // Android-removed: Unsupported algorithms // RC2ParameterSpec.class, // RC5ParameterSpec.class - // END android-removed }; protected int pbeType = PKCS12; @@ -279,8 +277,6 @@ public abstract class BaseWrapCipher return null; } - // BEGIN android-changed - // added ShortBufferException to throws statement protected int engineDoFinal( byte[] input, int inputOffset, @@ -291,7 +287,6 @@ public abstract class BaseWrapCipher { return 0; } - // END android-changed protected byte[] engineWrap( Key key) diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java index 2e4f96b5..89c21734 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java @@ -1,27 +1,25 @@ package org.bouncycastle.jcajce.provider.symmetric.util; +// BEGIN Android-added: Needed for compatibility helper import java.lang.reflect.Method; +// END Android-added: Needed for compatibility helper import java.security.InvalidAlgorithmParameterException; import java.security.spec.AlgorithmParameterSpec; import javax.crypto.SecretKey; -// BEGIN android-added +// BEGIN Android-added: Allow IVs specified in parameters. import javax.crypto.spec.IvParameterSpec; -// END android-added +// END Android-added: Allow IVs specified in parameters. import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.PBEParameterSpec; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.PBEParametersGenerator; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.crypto.digests.GOST3411Digest; // import org.bouncycastle.crypto.digests.MD2Digest; // import org.bouncycastle.crypto.digests.RIPEMD160Digest; // import org.bouncycastle.crypto.digests.TigerDigest; -// END android-removed import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; @@ -29,9 +27,10 @@ import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator; import org.bouncycastle.crypto.params.DESParameters; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed +// BEGIN Android-changed: Use Android digests // import org.bouncycastle.crypto.util.DigestFactory; -// END android-removed +import org.bouncycastle.crypto.digests.AndroidDigestFactory; +// END Android-changed: Use Android digests public interface PBE { @@ -40,15 +39,13 @@ public interface PBE // static final int MD5 = 0; static final int SHA1 = 1; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // static final int RIPEMD160 = 2; // static final int TIGER = 3; - // END android-removed static final int SHA256 = 4; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // static final int MD2 = 5; // static final int GOST3411 = 6; - // END android-removed static final int SHA224 = 7; static final int SHA384 = 8; static final int SHA512 = 9; @@ -60,7 +57,6 @@ public interface PBE static final int PKCS5S1_UTF8 = 4; static final int PKCS5S2_UTF8 = 5; - /** * uses the appropriate mixer to generate the key and IV if necessary. */ @@ -76,20 +72,19 @@ public interface PBE { switch (hash) { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // case MD2: // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); // break; - // END android-removed case MD5: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S1ParametersGenerator(DigestFactory.createMD5()); generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed break; case SHA1: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S1ParametersGenerator(DigestFactory.createSHA1()); generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed break; default: throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); @@ -99,48 +94,54 @@ public interface PBE { switch (hash) { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // case MD2: // generator = new PKCS5S2ParametersGenerator(new MD2Digest()); // break; - // END android-removed case MD5: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createMD5()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed break; - case SHA1: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA1()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed break; - // BEGIN android-removed - // case RIPEMD160: - // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); - // break; - // case TIGER: - // generator = new PKCS5S2ParametersGenerator(new TigerDigest()); - // break; - // END android-removed - // BEGIN android-added - case SHA224: - generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA224()); + // BEGIN Android-removed: Unsupported algorithms + /* + case RIPEMD160: + generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); + break; + case TIGER: + generator = new PKCS5S2ParametersGenerator(new TigerDigest()); break; - // END android-added + */ + // END Android-removed: Unsupported algorithms case SHA256: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA256()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256()); - // END android-changed break; - // BEGIN android-added + // Android-removed: Unsupported algorithms + // case GOST3411: + // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); + // break; + case SHA224: + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA224()); + generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA224()); + break; case SHA384: + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA384()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA384()); break; case SHA512: + // Android-changed: Use Android digests + // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA512()); generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA512()); break; - // END android-added default: throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption."); } @@ -149,44 +150,52 @@ public interface PBE { switch (hash) { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // case MD2: // generator = new PKCS12ParametersGenerator(new MD2Digest()); // break; - // END android-removed case MD5: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createMD5()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed break; case SHA1: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA1()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed break; - // BEGIN android-removed - // case RIPEMD160: - // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); - // break; - // case TIGER: - // generator = new PKCS12ParametersGenerator(new TigerDigest()); - // break; - // END android-removed - // BEGIN android-added - case SHA224: - generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA224()); + // BEGIN Android-removed: Unsupported algorithms + /* + case RIPEMD160: + generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); break; - // END android-added + case TIGER: + generator = new PKCS12ParametersGenerator(new TigerDigest()); + break; + */ + // END Android-removed: Unsupported algorithms case SHA256: - // BEGIN android-changed + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA256()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); - // END android-changed break; - // BEGIN android-added + // Android-removed: Unsupported algorithms + // case GOST3411: + // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); + // break; + case SHA224: + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA224()); + generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA224()); + break; case SHA384: + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA384()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA384()); break; case SHA512: + // Android-changed: Use Android digests + // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA512()); generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA512()); break; default: @@ -235,7 +244,7 @@ public interface PBE if (ivSize != 0) { param = generator.generateDerivedParameters(keySize, ivSize); - // BEGIN ANDROID-ADDED + // BEGIN Android-added: Allow IVs specified in parameters. // PKCS5S2 doesn't specify that the IV must be generated from the password. If the // IV is passed as a parameter, use it. AlgorithmParameterSpec parameterSpecFromPBEParameterSpec = @@ -249,7 +258,7 @@ public interface PBE (KeyParameter) parametersWithIV.getParameters(), ivParameterSpec.getIV()); } - // END ANDROID-ADDED + // END Android-added: Allow IVs specified in parameters. } else { @@ -304,7 +313,7 @@ public interface PBE if (pbeKey.getIvSize() != 0) { param = generator.generateDerivedParameters(pbeKey.getKeySize(), pbeKey.getIvSize()); - // BEGIN ANDROID-ADDED + // BEGIN Android-added: Allow IVs specified in parameters. // PKCS5S2 doesn't specify that the IV must be generated from the password. If the // IV is passed as a parameter, use it. AlgorithmParameterSpec parameterSpecFromPBEParameterSpec = @@ -318,7 +327,7 @@ public interface PBE (KeyParameter) parametersWithIV.getParameters(), ivParameterSpec.getIV()); } - // END ANDROID-ADDED + // END Android-added: Allow IVs specified in parameters. } else { @@ -464,7 +473,7 @@ public interface PBE return param; } - // BEGIN android-added + // BEGIN Android-added: Add helper for 1.8 compatibility. /** * Invokes the method {@link PBEParameterSpec#getParameterSpec()} via reflection. * @@ -483,7 +492,7 @@ public interface PBE return null; } } - // END android-added + // END Android-added: Add helper for 1.8 compatibility. private static byte[] convertPassword(int type, PBEKeySpec keySpec) diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java index 9869b1c6..552a6e60 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java @@ -10,9 +10,9 @@ import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.Digest; -// BEGIN android-added +// BEGIN Android-added: Use Android digests import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added +// END Android-added: Use Android digests import org.bouncycastle.util.Strings; public class DigestFactory @@ -23,14 +23,16 @@ public class DigestFactory private static Set sha256 = new HashSet(); private static Set sha384 = new HashSet(); private static Set sha512 = new HashSet(); - // BEGIN android-removed - // private static Set sha512_224 = new HashSet(); - // private static Set sha512_256 = new HashSet(); - // private static Set sha3_224 = new HashSet(); - // private static Set sha3_256 = new HashSet(); - // private static Set sha3_384 = new HashSet(); - // private static Set sha3_512 = new HashSet(); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + private static Set sha512_224 = new HashSet(); + private static Set sha512_256 = new HashSet(); + private static Set sha3_224 = new HashSet(); + private static Set sha3_256 = new HashSet(); + private static Set sha3_384 = new HashSet(); + private static Set sha3_512 = new HashSet(); + */ + // END Android-removed: Unsupported algorithms private static Map oids = new HashMap(); @@ -59,27 +61,29 @@ public class DigestFactory sha512.add("SHA-512"); sha512.add(NISTObjectIdentifiers.id_sha512.getId()); - // BEGIN android-removed - // sha512_224.add("SHA512(224)"); - // sha512_224.add("SHA-512(224)"); - // sha512_224.add(NISTObjectIdentifiers.id_sha512_224.getId()); + // BEGIN Android-removed: Unsupported algorithms + /* + sha512_224.add("SHA512(224)"); + sha512_224.add("SHA-512(224)"); + sha512_224.add(NISTObjectIdentifiers.id_sha512_224.getId()); - // sha512_256.add("SHA512(256)"); - // sha512_256.add("SHA-512(256)"); - // sha512_256.add(NISTObjectIdentifiers.id_sha512_256.getId()); + sha512_256.add("SHA512(256)"); + sha512_256.add("SHA-512(256)"); + sha512_256.add(NISTObjectIdentifiers.id_sha512_256.getId()); - // sha3_224.add("SHA3-224"); - // sha3_224.add(NISTObjectIdentifiers.id_sha3_224.getId()); + sha3_224.add("SHA3-224"); + sha3_224.add(NISTObjectIdentifiers.id_sha3_224.getId()); - // sha3_256.add("SHA3-256"); - // sha3_256.add(NISTObjectIdentifiers.id_sha3_256.getId()); + sha3_256.add("SHA3-256"); + sha3_256.add(NISTObjectIdentifiers.id_sha3_256.getId()); - // sha3_384.add("SHA3-384"); - // sha3_384.add(NISTObjectIdentifiers.id_sha3_384.getId()); + sha3_384.add("SHA3-384"); + sha3_384.add(NISTObjectIdentifiers.id_sha3_384.getId()); - // sha3_512.add("SHA3-512"); - // sha3_512.add(NISTObjectIdentifiers.id_sha3_512.getId()); - // END android-removed + sha3_512.add("SHA3-512"); + sha3_512.add(NISTObjectIdentifiers.id_sha3_512.getId()); + */ + // END Android-removed: Unsupported algorithms oids.put("MD5", PKCSObjectIdentifiers.md5); @@ -133,65 +137,69 @@ public class DigestFactory if (sha1.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA1(); return AndroidDigestFactory.getSHA1(); - // END android-changed } if (md5.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createMD5(); return AndroidDigestFactory.getMD5(); - // END android-changed } if (sha224.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA224(); return AndroidDigestFactory.getSHA224(); - // END android-changed } if (sha256.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA256(); return AndroidDigestFactory.getSHA256(); - // END android-changed } if (sha384.contains(digestName)) { - // BEGIN android-changed + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA384(); return AndroidDigestFactory.getSHA384(); - // END android-changed } - if (sha512.contains(digestName)) { - // BEGIN android-changed + if (sha512.contains(digestName)) + { + // Android-changed: Use Android digests + // return org.bouncycastle.crypto.util.DigestFactory.createSHA512(); return AndroidDigestFactory.getSHA512(); - // END android-changed } - // BEGIN android-removed - // if (sha512_224.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA512_224(); - // } - // if (sha512_256.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA512_256(); - // } - // - // if (sha3_224.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_224(); - // } - // if (sha3_256.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_256(); - // } - // if (sha3_384.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_384(); - // } - // if (sha3_512.contains(digestName)) - // { - // return org.bouncycastle.crypto.util.DigestFactory.createSHA3_512(); - // } + // BEGIN Android-removed: Unsupported algorithms + /* + if (sha512_224.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA512_224(); + } + if (sha512_256.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA512_256(); + } + + if (sha3_224.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA3_224(); + } + if (sha3_256.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA3_256(); + } + if (sha3_384.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA3_384(); + } + if (sha3_512.contains(digestName)) + { + return org.bouncycastle.crypto.util.DigestFactory.createSHA3_512(); + } + */ + // END Android-removed: Unsupported algorithms return null; } @@ -205,14 +213,16 @@ public class DigestFactory || (sha256.contains(digest1) && sha256.contains(digest2)) || (sha384.contains(digest1) && sha384.contains(digest2)) || (sha512.contains(digest1) && sha512.contains(digest2)) - // BEGIN android-removed - // || (sha512_224.contains(digest1) && sha512_224.contains(digest2)) - // || (sha512_256.contains(digest1) && sha512_256.contains(digest2)) - // || (sha3_224.contains(digest1) && sha3_224.contains(digest2)) - // || (sha3_256.contains(digest1) && sha3_256.contains(digest2)) - // || (sha3_384.contains(digest1) && sha3_384.contains(digest2)) - // || (sha3_512.contains(digest1) && sha3_512.contains(digest2)) - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + || (sha512_224.contains(digest1) && sha512_224.contains(digest2)) + || (sha512_256.contains(digest1) && sha512_256.contains(digest2)) + || (sha3_224.contains(digest1) && sha3_224.contains(digest2)) + || (sha3_256.contains(digest1) && sha3_256.contains(digest2)) + || (sha3_384.contains(digest1) && sha3_384.contains(digest2)) + || (sha3_512.contains(digest1) && sha3_512.contains(digest2)) + */ + // END Android-removed: Unsupported algorithms || (md5.contains(digest1) && md5.contains(digest2)); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java index 51486012..4237ac6b 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java @@ -6,15 +6,13 @@ import java.security.AlgorithmParameters; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed /** * General JCA/JCE utility methods. @@ -107,24 +105,26 @@ public class JcaJceUtils { return "SHA512"; } - // BEGIN android-removed - // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - // { - // return "RIPEMD128"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - // { - // return "RIPEMD160"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - // { - // return "RIPEMD256"; - // } - // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - // { - // return "GOST3411"; - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + { + return "GOST3411"; + } + */ + // END Android-removed: Unsupported algorithms else { return digestAlgOID.getId(); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java index 1125a4ba..119d8eb5 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java @@ -4,17 +4,15 @@ import java.util.HashMap; import java.util.Map; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers; // import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed public class MessageDigestUtils { @@ -22,30 +20,32 @@ public class MessageDigestUtils static { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // digestOidMap.put(PKCSObjectIdentifiers.md2, "MD2"); // digestOidMap.put(PKCSObjectIdentifiers.md4, "MD4"); - // END android-removed + // END Android-removed: Unsupported algorithms digestOidMap.put(PKCSObjectIdentifiers.md5, "MD5"); digestOidMap.put(OIWObjectIdentifiers.idSHA1, "SHA-1"); digestOidMap.put(NISTObjectIdentifiers.id_sha224, "SHA-224"); digestOidMap.put(NISTObjectIdentifiers.id_sha256, "SHA-256"); digestOidMap.put(NISTObjectIdentifiers.id_sha384, "SHA-384"); digestOidMap.put(NISTObjectIdentifiers.id_sha512, "SHA-512"); - // BEGIN android-removed - // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD-128"); - // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD-160"); - // digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD-128"); - // digestOidMap.put(ISOIECObjectIdentifiers.ripemd128, "RIPEMD-128"); - // digestOidMap.put(ISOIECObjectIdentifiers.ripemd160, "RIPEMD-160"); - // digestOidMap.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411"); - // digestOidMap.put(GNUObjectIdentifiers.Tiger_192, "Tiger"); - // digestOidMap.put(ISOIECObjectIdentifiers.whirlpool, "Whirlpool"); - // digestOidMap.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224"); - // digestOidMap.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256"); - // digestOidMap.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384"); - // digestOidMap.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512"); - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD-128"); + digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD-160"); + digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD-128"); + digestOidMap.put(ISOIECObjectIdentifiers.ripemd128, "RIPEMD-128"); + digestOidMap.put(ISOIECObjectIdentifiers.ripemd160, "RIPEMD-160"); + digestOidMap.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411"); + digestOidMap.put(GNUObjectIdentifiers.Tiger_192, "Tiger"); + digestOidMap.put(ISOIECObjectIdentifiers.whirlpool, "Whirlpool"); + digestOidMap.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224"); + digestOidMap.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256"); + digestOidMap.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384"); + digestOidMap.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512"); + */ + // END Android-removed: Unsupported algorithms } /** diff --git a/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java b/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java index 0c41c882..22373486 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java @@ -30,18 +30,16 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.CertificationRequest; import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.X509Name; @@ -85,11 +83,10 @@ public class PKCS10CertificationRequest static { - // BEGIN android-removed - // Dropping MD2 + // Android-removed: Unsupported algorithms // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2")); - // END android-removed + // END Android-removed: Unsupported algorithms algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4")); @@ -109,14 +106,14 @@ public class PKCS10CertificationRequest algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5")); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - // END android-removed + // END Android-removed: Unsupported algorithms algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3")); algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); @@ -129,13 +126,13 @@ public class PKCS10CertificationRequest algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - // END android-removed + // END Android-removed: Unsupported algorithms // // reverse mappings @@ -145,15 +142,15 @@ public class PKCS10CertificationRequest oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410"); // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410"); - // END android-removed + // END Android-removed: Unsupported algorithms oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA"); - // END android-removed + // END Android-removed: Unsupported algorithms oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); @@ -187,10 +184,10 @@ public class PKCS10CertificationRequest // // RFC 4491 // - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - // END android-removed + // END Android-removed: Unsupported algorithms // // explicit params // @@ -633,24 +630,26 @@ public class PKCS10CertificationRequest { return "SHA512"; } - // BEGIN android-removed - // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - // { - // return "RIPEMD128"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - // { - // return "RIPEMD160"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - // { - // return "RIPEMD256"; - // } - // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - // { - // return "GOST3411"; - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + { + return "GOST3411"; + } + */ + // END Android-removed: Unsupported algorithms else { return digestAlgOID.getId(); diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java index 5cb5d526..dfc56d7e 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java @@ -60,29 +60,25 @@ public final class BouncyCastleProvider extends Provider private static final String[] SYMMETRIC_GENERIC = { - // BEGIN android-changed - // Was: "PBEPBKDF2", "TLSKDF" + // Android-changed: Remove unsupported algorithms, add our own version of PBEv2 AlgParams + // "PBEPBKDF2", "TLSKDF" "PBEPBKDF2", "PBEPKCS12", "PBES2AlgorithmParameters" }; private static final String[] SYMMETRIC_MACS = { - // BEGIN android-removed + // Android-removed: Unsupported algorithms // "SipHash", "Poly1305" - // END android-removed }; private static final String[] SYMMETRIC_CIPHERS = { - // BEGIN android-removed + // Android-changed: Unsupported algorithms // "AES", "ARC4", "ARIA", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede", // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5", // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "SM4", "TEA", "Twofish", "Threefish", // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20", "OpenSSLPBKDF" - // END android-removed - // BEGIN android-added "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish", - // END android-added }; /* @@ -94,22 +90,16 @@ public final class BouncyCastleProvider extends Provider // later ones configure it. private static final String[] ASYMMETRIC_GENERIC = { - // BEGIN android-removed + // Android-changed: Unsupported algorithms // "X509", "IES" - // END android-removed - // BEGIN android-added "X509" - // END android-added }; private static final String[] ASYMMETRIC_CIPHERS = { - // BEGIN android-removed + // Android-changed: Unsupported algorithms // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145", "GM" - // END android-removed - // BEGIN android-added "DSA", "DH", "EC", "RSA", - // END android-added }; /* @@ -118,13 +108,10 @@ public final class BouncyCastleProvider extends Provider private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest."; private static final String[] DIGESTS = { - // BEGIN android-removed + // Android-changed: Unsupported algorithms // "GOST3411", "Keccak", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", // "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool", "Blake2b" - // END android-removed - // BEGIN android-added "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", - // END android-added }; /* @@ -136,7 +123,7 @@ public final class BouncyCastleProvider extends Provider "BC", "BCFKS", "PKCS12" }; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // /* // * Configurable secure random // */ @@ -181,54 +168,56 @@ public final class BouncyCastleProvider extends Provider loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES); - // BEGIN android-removed - // loadAlgorithms(SECURE_RANDOM_PACKAGE, SECURE_RANDOMS); - // - // // - // // X509Store - // // - // put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); - // put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); - // put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); - // put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); - // - // put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); - // put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); - // put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); - // put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); + // Android-removed: Unsupported algorithms + /* + loadAlgorithms(SECURE_RANDOM_PACKAGE, SECURE_RANDOMS); + // - // // - // // X509StreamParser - // // - // put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); - // put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); - // put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); - // put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); + // X509Store // - // // - // // cipher engines - // // - // put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); + put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection"); + put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection"); + put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection"); + put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection"); + + put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts"); + put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs"); + put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts"); + put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs"); + // - // put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); + // X509StreamParser // + put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser"); + put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser"); + put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser"); + put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser"); + // - // put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); + // cipher engines // - // // Certification Path API - // put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); - // put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); - // put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); - // put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); - // END android-removed + put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES"); + + put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES"); + + + put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish"); + + // Certification Path API + put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi"); + put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi"); + put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); + put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); + */ + // END Android-removed: Unsupported algorithms put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi"); put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi"); put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi"); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi"); // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi"); // put("Alg.Alias.CertStore.X509LDAP", "LDAP"); - // END android-removed + // END Android-removed: Unsupported algorithms } private void loadAlgorithms(String packageName, String[] names) diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java index b6a9d6a5..b72a6f44 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java @@ -75,9 +75,7 @@ import org.bouncycastle.util.Selector; import org.bouncycastle.util.Store; import org.bouncycastle.util.StoreException; import org.bouncycastle.x509.X509AttributeCertificate; -// BEGIN android-removed -// import org.bouncycastle.x509.extension.X509ExtensionUtil; -// END android-removed +import org.bouncycastle.x509.extension.X509ExtensionUtil; class CertPathValidatorUtilities { @@ -657,22 +655,24 @@ class CertPathValidatorUtilities { Object obj = iter.next(); - // BEGIN android-removed - // if (obj instanceof X509Store) - // { - // X509Store certStore = (X509Store)obj; - // try - // { - // certs.addAll(certStore.getMatches(certSelect)); - // } - // catch (StoreException e) - // { - // throw new AnnotatedException( - // "Problem while picking certificates from X.509 store.", e); - // } - // } - // else - // END android-removed + // BEGIN Android-removed: Unknown reason + /* + if (obj instanceof Store) + { + Store certStore = (Store)obj; + try + { + certs.addAll(certStore.getMatches(certSelect)); + } + catch (StoreException e) + { + throw new AnnotatedException( + "Problem while picking certificates from X.509 store.", e); + } + } + else + */ + // END Android-removed: Unknown reason { CertStore certStore = (CertStore)obj; @@ -894,7 +894,9 @@ class CertPathValidatorUtilities { return; } + X500Principal certificateIssuer = crl_entry.getCertificateIssuer(); + X500Name certIssuer; if (certificateIssuer == null) { diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java index 20ca6f27..7d6a50cf 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java @@ -19,10 +19,9 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; -// END android-removed import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.asn1.sec.ECPrivateKeyStructure; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; @@ -205,23 +204,25 @@ public class JCEECPrivateKey ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); - // BEGIN android-removed - // if (ecP == null) // GOST Curve - // { - // ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); - // EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); - // - // ecSpec = new ECNamedCurveSpec( - // ECGOST3410NamedCurves.getName(oid), - // ellipticCurve, - // new ECPoint( - // gParam.getG().getAffineXCoord().toBigInteger(), - // gParam.getG().getAffineYCoord().toBigInteger()), - // gParam.getN(), - // gParam.getH()); - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (ecP == null) // GOST Curve + { + ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); + EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); + + ecSpec = new ECNamedCurveSpec( + ECGOST3410NamedCurves.getName(oid), + ellipticCurve, + new ECPoint( + gParam.getG().getAffineXCoord().toBigInteger(), + gParam.getG().getAffineYCoord().toBigInteger()), + gParam.getN(), + gParam.getH()); + } + else + */ + // END Android-removed: Unsupported algorithms { EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); @@ -335,13 +336,13 @@ public class JCEECPrivateKey try { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // if (algorithm.equals("ECGOST3410")) // { // info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); // } // else - // END android-removed + // END Android-removed: Unsupported algorithms { info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java index 94fb7289..654b5e1d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java @@ -18,11 +18,10 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.DEROctetString; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; // import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; -// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x9.X962Parameters; @@ -35,13 +34,11 @@ import org.bouncycastle.crypto.params.ECPublicKeyParameters; import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jce.ECGOST3410NamedCurveTable; -// END android-removed import org.bouncycastle.jce.interfaces.ECPointEncoder; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; -// END android-removed import org.bouncycastle.jce.spec.ECNamedCurveSpec; import org.bouncycastle.math.ec.ECCurve; import org.bouncycastle.math.ec.custom.sec.SecP256K1Point; @@ -55,9 +52,8 @@ public class JCEECPublicKey private org.bouncycastle.math.ec.ECPoint q; private ECParameterSpec ecSpec; private boolean withCompression; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // private GOST3410PublicKeyAlgParameters gostParams; - // END android-removed public JCEECPublicKey( String algorithm, @@ -67,9 +63,8 @@ public class JCEECPublicKey this.q = key.q; this.ecSpec = key.ecSpec; this.withCompression = key.withCompression; - // BEGIN android-removed + // Android-removed: Unsupported algorithms // this.gostParams = key.gostParams; - // END android-removed } public JCEECPublicKey( @@ -192,56 +187,58 @@ public class JCEECPublicKey private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) { - // BEGIN android-removed - // if (info.getAlgorithmId().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001)) - // { - // DERBitString bits = info.getPublicKeyData(); - // ASN1OctetString key; - // this.algorithm = "ECGOST3410"; - // - // try - // { - // key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); - // } - // catch (IOException ex) - // { - // throw new IllegalArgumentException("error recovering public key"); - // } - // - // byte[] keyEnc = key.getOctets(); - // byte[] x = new byte[32]; - // byte[] y = new byte[32]; - // - // for (int i = 0; i != x.length; i++) - // { - // x[i] = keyEnc[32 - 1 - i]; - // } - // - // for (int i = 0; i != y.length; i++) - // { - // y[i] = keyEnc[64 - 1 - i]; - // } - // - // gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); - // - // ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); - // - // ECCurve curve = spec.getCurve(); - // EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); - // - // this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); - // - // ecSpec = new ECNamedCurveSpec( - // ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), - // ellipticCurve, - // new ECPoint( - // spec.getG().getAffineXCoord().toBigInteger(), - // spec.getG().getAffineYCoord().toBigInteger()), - // spec.getN(), spec.getH()); - // - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (info.getAlgorithmId().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001)) + { + DERBitString bits = info.getPublicKeyData(); + ASN1OctetString key; + this.algorithm = "ECGOST3410"; + + try + { + key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes()); + } + catch (IOException ex) + { + throw new IllegalArgumentException("error recovering public key"); + } + + byte[] keyEnc = key.getOctets(); + byte[] x = new byte[32]; + byte[] y = new byte[32]; + + for (int i = 0; i != x.length; i++) + { + x[i] = keyEnc[32 - 1 - i]; + } + + for (int i = 0; i != y.length; i++) + { + y[i] = keyEnc[64 - 1 - i]; + } + + gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); + + ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); + + ECCurve curve = spec.getCurve(); + EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); + + this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); + + ecSpec = new ECNamedCurveSpec( + ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), + ellipticCurve, + new ECPoint( + spec.getG().getAffineXCoord().toBigInteger(), + spec.getG().getAffineYCoord().toBigInteger()), + spec.getN(), spec.getH()); + + } + else + */ + // END Android-removed: Unsupported algorithms { X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters()); ECCurve curve; @@ -330,54 +327,56 @@ public class JCEECPublicKey ASN1Encodable params; SubjectPublicKeyInfo info; - // BEGIN android-removed - // if (algorithm.equals("ECGOST3410")) - // { - // if (gostParams != null) - // { - // params = gostParams; - // } - // else - // { - // if (ecSpec instanceof ECNamedCurveSpec) - // { - // params = new GOST3410PublicKeyAlgParameters( - // ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), - // CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); - // } - // else - // { // strictly speaking this may not be applicable... - // ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); - // - // X9ECParameters ecP = new X9ECParameters( - // curve, - // EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), - // ecSpec.getOrder(), - // BigInteger.valueOf(ecSpec.getCofactor()), - // ecSpec.getCurve().getSeed()); - // - // params = new X962Parameters(ecP); - // } - // } - // - // BigInteger bX = this.q.getAffineXCoord().toBigInteger(); - // BigInteger bY = this.q.getAffineYCoord().toBigInteger(); - // byte[] encKey = new byte[64]; - // - // extractBytes(encKey, 0, bX); - // extractBytes(encKey, 32, bY); - // - // try - // { - // info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); - // } - // catch (IOException e) - // { - // return null; - // } - // } - // else - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (algorithm.equals("ECGOST3410")) + { + if (gostParams != null) + { + params = gostParams; + } + else + { + if (ecSpec instanceof ECNamedCurveSpec) + { + params = new GOST3410PublicKeyAlgParameters( + ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), + CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); + } + else + { // strictly speaking this may not be applicable... + ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + + X9ECParameters ecP = new X9ECParameters( + curve, + EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + ecSpec.getOrder(), + BigInteger.valueOf(ecSpec.getCofactor()), + ecSpec.getCurve().getSeed()); + + params = new X962Parameters(ecP); + } + } + + BigInteger bX = this.q.getAffineXCoord().toBigInteger(); + BigInteger bY = this.q.getAffineYCoord().toBigInteger(); + byte[] encKey = new byte[64]; + + extractBytes(encKey, 0, bX); + extractBytes(encKey, 32, bY); + + try + { + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); + } + catch (IOException e) + { + return null; + } + } + else + */ + // END Android-removed: Unsupported algorithms { if (ecSpec instanceof ECNamedCurveSpec) { diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java index b53b7aa2..97a38aca 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java @@ -88,24 +88,26 @@ class PKIXCRLUtil { Object obj = iter.next(); - // BEGIN android-removed - // if (obj instanceof Store) - // { - // Store store = (Store)obj; - - // try - // { - // crls.addAll(store.getMatches(crlSelect)); - // foundValidStore = true; - // } - // catch (StoreException e) - // { - // lastException = new AnnotatedException( - // "Exception searching in X.509 CRL store.", e); - // } - // } - // else - // END android-removed + // BEGIN Android-removed: Unknown reason + /* + if (obj instanceof Store) + { + Store store = (Store)obj; + + try + { + crls.addAll(store.getMatches(crlSelect)); + foundValidStore = true; + } + catch (StoreException e) + { + lastException = new AnnotatedException( + "Exception searching in X.509 CRL store.", e); + } + } + else + */ + // END Android-removed: Unknown reason { CertStore store = (CertStore)obj; diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java index 5d49d889..bd2331ab 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java @@ -1,8 +1,8 @@ package org.bouncycastle.jce.provider; -// BEGIN android-added +// BEGIN Android-added: Blacklist support import java.math.BigInteger; -// END android-added +// END Android-added: Blacklist support import java.security.InvalidAlgorithmParameterException; import java.security.PublicKey; import java.security.cert.CertPath; @@ -45,11 +45,11 @@ public class PKIXCertPathValidatorSpi public PKIXCertPathValidatorSpi() { } - // BEGIN android-added + // BEGIN Android-added: Avoid loading blacklist during class init private static class NoPreloadHolder { private final static CertBlacklist blacklist = new CertBlacklist(); } - // END android-added + // END Android-added: Avoid loading blacklist during class init public CertPathValidatorResult engineValidate( CertPath certPath, @@ -105,7 +105,7 @@ public class PKIXCertPathValidatorSpi { throw new CertPathValidatorException("Certification path is empty.", null, certPath, -1); } - // BEGIN android-added + // BEGIN Android-added: Support blacklisting known-bad certs { X509Certificate cert = (X509Certificate) certs.get(0); @@ -120,7 +120,7 @@ public class PKIXCertPathValidatorSpi } } } - // END android-added + // END Android-added: Support blacklisting known-bad certs // // (b) @@ -300,7 +300,7 @@ public class PKIXCertPathValidatorSpi for (index = certs.size() - 1; index >= 0; index--) { - // BEGIN android-added + // BEGIN Android-added: Support blacklisting known-bad certs if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) { // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs String message = "Certificate revocation of public key " + workingPublicKey; @@ -308,7 +308,7 @@ public class PKIXCertPathValidatorSpi AnnotatedException e = new AnnotatedException(message); throw new CertPathValidatorException(e.getMessage(), e, certPath, index); } - // END android-added + // END Android-added: Support blacklisting known-bad certs // try // { // diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java index 4a0166b2..a35fa650 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java @@ -58,9 +58,9 @@ import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.Extensions; import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.asn1.x509.KeyUsage; -// BEGIN android-added +// BEGIN Android-added: Unknown reason import org.bouncycastle.asn1.x509.X509Name; -// END android-added +// END Android-added: Unknown reason import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; import org.bouncycastle.jce.X509Principal; import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; @@ -570,20 +570,20 @@ public class X509CertificateObject } } - // BEGIN android-changed + // BEGIN Android-added: Cache encoded certificates private byte[] encoded; - // END android-changed + // END Android-added: Cache encoded certificates public byte[] getEncoded() throws CertificateEncodingException { try { - // BEGIN android-changed + // BEGIN Android-changed: Cache encoded certificates if (encoded == null) { encoded = c.getEncoded(ASN1Encoding.DER); } return encoded; - // END android-changed + // END Android-changed: Cache encoded certificates } catch (IOException e) { @@ -904,9 +904,9 @@ public class X509CertificateObject list.add(genName.getEncoded()); break; case GeneralName.directoryName: - // BEGIN android-changed + // BEGIN Android-changed: Unknown reason list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); - // END android-changed + // END Android-changed: Unknown reason break; case GeneralName.dNSName: case GeneralName.rfc822Name: diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java index b12b1df7..a2ac86f8 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java @@ -14,9 +14,8 @@ import org.bouncycastle.asn1.ASN1Null; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; @@ -68,14 +67,16 @@ class X509SignatureUtil if (params != null && !derNull.equals(params)) { - // BEGIN android-removed - // if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) - // { - // RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); - // - // return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) + { + RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params); + + return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1"; + } + */ + // END Android-removed: Unsupported algorithms if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) { ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); @@ -118,24 +119,26 @@ class X509SignatureUtil { return "SHA512"; } - // BEGIN android-removed - // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - // { - // return "RIPEMD128"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - // { - // return "RIPEMD160"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - // { - // return "RIPEMD256"; - // } - // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - // { - // return "GOST3411"; - // } - // END android-removed + // BEGIN Android-removed: Unsupported algorithms + /* + else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + { + return "GOST3411"; + } + */ + // END Android-removed: Unsupported algorithms else { return digestAlgOID.getId(); diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java b/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java index ecf910f4..4762ec52 100644 --- a/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java +++ b/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java @@ -25,16 +25,14 @@ import org.bouncycastle.asn1.ASN1Encoding; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; -// BEGIN android-removed +// Android-removed: Unsupported algorithms // import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import org.bouncycastle.jce.X509Principal; @@ -48,10 +46,10 @@ class X509Util static { - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption); // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption); - // END android-removed + // END Android-removed: Unsupported algorithms algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); @@ -69,14 +67,14 @@ class X509Util algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - // END android-removed + // END Android-removed: Unsupported algorithms algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); @@ -89,13 +87,13 @@ class X509Util algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - // END android-removed + // END Android-removed: Unsupported algorithms // // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. @@ -115,10 +113,10 @@ class X509Util // // RFC 4491 // - // BEGIN android-removed + // BEGIN Android-removed: Unsupported algorithms // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94); // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); - // END android-removed + // END Android-removed: Unsupported algorithms // // explicit params diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java b/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java index 28bf5507..325b8fbc 100644 --- a/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/x509/X509V3CertificateGenerator.java @@ -38,7 +38,6 @@ import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; import org.bouncycastle.jce.X509Principal; - import org.bouncycastle.x509.extension.X509ExtensionUtil; /** |