Age | Commit message (Collapse) | Author |
|
b2a687151e am: b56197f5fd am: 630facd786 am: 77321115ab am: 87804b8da9 am: 883aa9d8f8
am: 8221e0766e
Change-Id: I65459162d9af9e07fa7a5de294d7bd54375c5d0b
|
|
b2a687151e am: b56197f5fd am: 630facd786 am: 77321115ab am: 87804b8da9
am: 883aa9d8f8
Change-Id: I845c8716a1f37a5d6a74ff4779d98704313a41bd
|
|
b2a687151e am: b56197f5fd am: 630facd786 am: 77321115ab
am: 87804b8da9
Change-Id: I71dcde16b772afb4d12aaca388b636193c6c58cf
|
|
b2a687151e am: b56197f5fd am: 630facd786 am: 77321115ab
Change-Id: I6c4990456568483d2718cfe7597aa3a56cbd1836
|
|
This fix from upstream fixes a problem where the number of iterations
used to confirm that a number is prime was based off the length of the
key rather than the length of the factors p and q. Fewer iterations
are called for for a longer number, so this resulted in a
lower-than-expected confidence in the primality of the key factors.
This only affects apps that use RSAKeyPairGenerator directly (which is
not a public API), rather than those that use
java.security.KeyPairGenerator.
Upstream commits:
https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839
https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad
Bug: 79148652
Test: make
Change-Id: I759a226afc9dbd948611eed99ad89ab7f59b09f8
|
|
Helps simplify build rules and reasoning about unbundled versions
of BC etc. We now unconditionally compile both implementations of
the factory interface into all variants of the library but always
select the conscrypt version at runtime.
Test: make
Test: CtsLibcoreTestCases
Change-Id: I246520005921606ab76a16ed9c2046632a4fb91d
|
|
When a BC cipher is initialized with a BC PBE key that has no IV and
an IV isn't passed in the parameters, BC 1.52 initialized the cipher
with an all-zero IV, and we've been carrying that behavior as a
compatibility patch. We want to move to a world where that situation
is rejected, so start out with an error log warning developers that
the behavior will change in the future.
Bug: 27995180
Bug: 70275132
Test: cts -m CtsLibcoreTestCases
Change-Id: I2d73fb2f97f21cdf4c48f70b8dbc93a2a074f48d
|
|
In cases where BC algorithms need access to other algorithms, switch to
using the default implementation of JCA algorithms rather than always
using the BC version. Some non-deprecated BC algorithms can access
deprecated BC implementations by using this scheme, and in general we want
to use Conscrypt algorithms when available.
Also comment out a class that isn't ever used.
Bug: 68057944
Test: cts -m CtsLibcoreTestCases
Test: cts -m CtsKeystoreTestCases
Change-Id: Iec4f395b0c6c59865ff6179a4edd3124d2967da9
|
|
The default implementation of the BKS KeyStore always requests the Bouncy
Castle implementation of JCA algorithms, which will fail when those
algorithms are deprecated. Have it use the default provider instead, which
will result in it using Conscrypt versions instead when available.
Bug: 67626877
Test: cts -m CtsLibcoreTestCases
Change-Id: I0e8bef840581169dec210fa804554ac1d46fa65e
|
|
We intended to remove some lingering ciphers that weren't particularly useful,
but it turns out that some KeyStore implementations require them to be
present. Add a note for the enlightenment of future generations.
Test: make bouncycastle
Change-Id: I158bb047ce5253e468afad2bfcea6b38b333dc35
|
|
For the most part, this is just changing markers that had no explanatory
text and adding an explanation. Some more detail on two of the common
explanations:
"Unsupported algorithms": We choose not to ship a whole lot of the
various crypto algorithms that Bouncy Castle supports. Justfying each
individual choice to disable a given algorithm is out of place in the
code and also doesn't have a natural home (since each algorithm is
disabled in upwards of a dozen places), so just mark where algorithms
are disabled due to being unsupported.
"Unknown reason": I looked in the history and couldn't find any
justification for the change. Generally these changes were made in
commits with descriptions like "bouncycastle 1.49 upgrade" from multiple
years ago. I don't want to change behavior in this change, so I left
these changes as they were; these can be revisited in the future if
desired.
This change also reverts some diffs from upstream, both inside disabled
blocks of code (which is irrelevant) and ones that are active but have
no behavioral change (for example, an added package-visible constructor
that isn't called by any class in the package). There're also a number
of whitespace-only changes that revert diffs from upstream.
Bug: 63092064
Test: cts -m CtsLibcoreTestCases
Change-Id: I27c61063eda849455bc93edaf180acefb5eed217
|
|
Merge remote-tracking branch 'aosp/upstream-master' into merge-157
Notable changes or modifications beyond a simple merge:
* Omitted a lot of new code that's unnecessary for us
* Commented out new algorithm support, mostly ARIA and GM
* Default DSA key size returned to 1024
* Restored org.bouncycastle.asn1.pkcs.Attribute, it was removed
previously but modifications to code we use need it
This change integrates a change from Bouncy Castle that increases the
default key size for DH from 1024 to 2048, which seems like a good
idea because 1024-bit keys are at the end of acceptable security at this
point. This shouldn't be a problem for apps, because this only affects
the default (so anyone who cares can specify a key size) and only
affects creating new keys.
Test: cts -m CtsLibcoreTestCases
Test: cts -m CtsLibcoreFileIOTestCases
Test: cts -m CtsLibcoreJsr166TestCases
Test: cts -m CtsLibcoreOjTestCases
Test: cts -m CtsLibcoreOkHttpTestCases
Test: cts -m CtsLibcoreWycheproofBCTestCases
Bug: 38331562
Bug: 31801320
Change-Id: I56d1945b565f568c699edc36881e502cab855ddf
|
|
Test: no tests needed, this branch is only for diffing against upstream
Change-Id: I0bfc36b8c07bf4698383ee28ab771907fc1fa7fc
|
|
The PBEKeySpec constructor doesn't allow an empty salt or iteration count,
and throws an exception if it sees one.
Bug: 38161557
Test: cts -m CtsLibcoreTestCases
(cherry picked from commit 65832e311cb5fda062d79599b149232b47294fea)
Change-Id: I69d05471af364f69793e83268c826d24ac82052e
Merged-In: I23fa5d10003637584f856738940f54bddb0657dc
Merged-In: I585d00f30e8848563d74d3f244f073d91d5db268
|
|
The PBEKeySpec constructor doesn't allow an empty salt or iteration count,
and throws an exception if it sees one.
Bug: 38161557
Test: cts -m CtsLibcoreTestCases
Change-Id: Ib03360275e3a820efddc8de472dd4044070fdaba
|
|
We have a patch in KeyAgreementSpi that changes the set of exceptions that
are caught from within Bouncy Castle from Exception to only
IllegalStateException.
This patch was introduced in the upgrade to BC 1.56, and there's no
explanation why it was introduced. Prior to that upgrade, upstream caught
no exceptions and we caught IllegalStateException. (See aosp/318406.)
This shouldn't cause any problems for users, as the set of exceptions that
is thrown by the internal key agreement class is an implementation detail
and InvalidKeyException and IllegalStateException are the only documented
exceptions thrown from KeyAgreement#doPhase() (which is the public API this
backs), so any other exception type would be unexpected anyway.
Bug: 36712087
Test: cts -m CtsLibcoreTestCases
Change-Id: Idb18fe0cf7bcf5a86e8805c362941528249aad2a
|
|
|
|
Bug: 29631070
Test: run cts -m CtsLibcoreTestCases
Change-Id: I649a89e8f7a6bf9b72da61114cb7c42510777140
|
|
There's no way to reach these files since they are package permissions
and nothing within the package references them.
Test: cts-tradefed run cts -m CtsLibcoreTestCases
Change-Id: I9d8ed1b2d58afb6ace617fe937dab42d6738b9ac
|
|
Merge remote-tracking branch 'aosp/upstream-master' into merge-to-156
Test: ran the following cts modules: CtsLibcoreFileIOTestCases CtsLibcoreJavaUtilCollectionsTestCases CtsLibcoreJsr166TestCases CtsLibcoreLegacy22TestCases CtsLibcoreOjTestCases CtsLibcoreOkHttpTestCases CtsLibcoreTestCases
Bug: 31076342
Change-Id: Iceb926dc5a312b2047bf19d1c82fb16e42bc1461
|
|
Test: no tests needed, this branch is for easy diffing against upstream
Change-Id: Ib75613e1211e7f02f225b9020ba31f2b45acc8d8
|
|
Java 8 allows to specify a PBE key using only the password (as opposed
to password + salt + iteration count) and generate the encryption key
later by specifying the rest of the parameters in an AlgorithmParameters
object.
Adding these AlgorithmParameters in BouncyCastle together with support
in ciphers.
Bug: 29631070
Test: run CtsLibcoreTestCases
Change-Id: I0edb36e51374e3e60d8beb10d6178a304f022520
|
|
Bug: 29631070
Test: run CtsLibcoreTestCases
Change-Id: I5fd344c1de7c687585bc65a582e468501ee9154d
|
|
different package"
|
|
Use org.bouncycastle.jcajce.provider.asymmetric.x509.X509CertificateObject
instead of org.bouncycastle.jce.provider.X509CertificateObject.
These classes serve the same purpose, the latter is kept by BouncyCastle
only in case developers have serialized instances. The former is better as
it uses the more up-to-date hash equivalent to that of Java 8.
In Java 8, the hash code in the abstract class Certificate was changed.
This led TrustedCertificateStore#testMultipleIssuers to fail as it uses
HashSets for comparison and org.bouncycastle.jce.provider.X509CertificateObject
was still using the old definition (while conscrypt generated ones use the
ones in the abstract class). After this commit the certificate generator
uses a more up-to-date version of the class, in which the hash coincides
with the one in Java 8 and the test now passes and everything's great.
Bug: 31287348
Test: old-cts run cts --class com.android.org.conscrypt.TrustedCertificateStoreTest
Change-Id: I4e373380f8a3e669cfcdf8ce7386f58e559c0c16
|
|
This reverts commit 4d0e19131da68053fe1a73d43052bedadb107c70
(cherry picked from commit 48c093f131532fc163625304c60d0a8d07689327)
Bug: 26231099
Bug: 26234568
Bug: 29876633
Change-Id: I7d194de82506cf3da4dbb0b2cc67b72f3623abe7
|
|
48c093f131 am: b529b45d02 am: 11297dc70a am: 15f85eeba9 am: 7148f9f891 am: 485552e5d2 am: c47471be71
am: dc814878da
Change-Id: I470e04d374d859355fefe83a830eadf233e21655
|
|
48c093f131 am: b529b45d02 am: 11297dc70a
am: 15f85eeba9
Change-Id: I8106c27afc25af631db4bb0464f5c8376f1318a4
|
|
48c093f131 am: b529b45d02
am: 11297dc70a
Change-Id: I7487863d94dc7021e8d12cd9b2ab9e794ad1b573
|
|
am: 48c093f131
Change-Id: Id2e98d77e8a855b30880b2fb1e189f49781c6e6c
|
|
This reverts commit 4d0e19131da68053fe1a73d43052bedadb107c70
Bug: 26231099
Bug: 26234568
Bug: 29876633
Change-Id: I44c0c68f1e92caf6547c9e3b494ec5b82b8cff5f
|
|
Using the default locale can result in bad behaviour, for example
when the locales numberformat doesn't use arabic numerals.
bug: 28384942
Change-Id: I4e240d9710c0427d809410df3a762c80125a821c
|
|
This reverts commit 7ddf37c01b68ff9d2de3a9dcb637d2b962b442ef.
Not needed anymore because of:
d4fa9f4ddc1c1f193b623c8da80384b4c510a1b4
Bug: 27265238
Bug: 28108158
Bug: 28174137
Change-Id: Icce1fd747459f07fbe5a4991897083315f78153d
|
|
nyc-dev
|
|
Bug: 20447540
Bug: 26929227
Change-Id: I390fb8f70aa5ce982e54cdc7068d47af2c5f7a0a
|
|
For android, it's already hardcoded in System.java
It was trying to use
System.getProperty("line.separator");
causing the class not to be compile-time initializable, causing
performance problems, see bug.
Bug: 28108158
Change-Id: I2a2549ce477d94e95e8239d97307eaaf50c05d6b
|
|
|
|
|
|
Also, for such keys, do not create a random IV nor throw an exception
when decrypting, just assume the IV is 0.
Bug: 27224566
Bug: 27994930
Bug: 27995180
Change-Id: I4d8dd44e7390199fc60797f9bd2c56174d8dfcba
|
|
This is a follow-up to 867b6e16a13ab7a83cdf9b6f83249ccbf80b552c
which modified JCA DSA Signature implementation to reject keys
which don't use sensible parameters. Unfortunately, that commit was
too strict and rejected keys not just when signing, but also when
verifying.
For backwards compatibility reasons this commit removes the checks
from signature verification logic. Keys that don't use sensible
parameters are still rejected during attempts to produce new
signatures.
Bug: 24082558
Bug: 27947262
Change-Id: I2e1f76dc56c15c25000b70063428d460854e7b57
|
|
Testing OCSP support needs some ASN.1 creation utilities. Bouncycastle
has them, but we don't want to bloat up the built-in libraries. Add some
new targets that will allow us to enable OCSP testing in the core-tests
module without spreading it elsewhere.
(cherry picked from commit 4eb438010b8024cfa97cdad1906a8e6963a16f5b)
Bug: 27812109
Change-Id: I4a75fc0d5186c70a764baa751ceab75d1a44539d
|
|
nyc-dev
|
|
Seems the right thing to do, there's nothing else to check
(cherry picked from commit 352a2b5ce27f9b73d9a1a920eb7223e7c0b6c730)
Bug: 27063703
Change-Id: I51c961feae9bf99ee961d5a80d3db83d6177ad48
|
|
|
|
Fix was now agreed with BC maintainer
(cherry picked from commit c50bf623dd894b82d48379baacb8b74de52a9087)
Bug: 27061541
Change-Id: Idac385bc5101d1b744b70ee4a1d26682df348003
|
|
present" into nyc-dev
|
|
(cherry picked from commit 74e960449ba0a4633c2164d9b7708dcfb558030d)
Bug: 27269590
Change-Id: Ief933e31875aec69cb96c1691a9a6480e6719dac
|
|
Bug: 27224566
Change-Id: I41ffba9a23770c1c0deea6969c0a4d8c551d8ab3
|
|
Since the digest specified was a NullDigest, its effective length during
initialization is 0 bytes, so there is no way to tell if the key
strength is appropriate at that time.
Bug: 21630204
Bug: 27247313
Change-Id: I0f60ac5d62ae54119fd432cf828a2282418e8f39
|
|
bc2920a011
am: abff585398
* commit 'abff585398e17ca95561cb7e0612f865077d9c01':
GCMParameters: fix insecure tag size
|