Change OkHttp test infrastructure to not use BC provider

The OkHttp test infrastructure specifically requests the implementations from
the BC provider, most likely because they wanted their tests to behave the
same on desktops as on devices, and Bouncy Castle used to be the default
provider of most or all required functions.  With BC's implementations being
deprecated and most users relying on the Conscrypt implementations instead
(since they're the default), switch to the Conscrypt implementations.

Bug: 67626877
Test: cts -m CtsLibcoreOkHttpTestCases
Change-Id: I83b26ed5aa9bab34eedaf6690cbfe40101b360d8

1 files changed, 4 insertions, 2 deletions

diff --git a/mockwebserver/src/main/java/com/squareup/okhttp/internal/HeldCertificate.java b/mockwebserver/src/main/java/com/squareup/okhttp/internal/HeldCertificate.java
index 2fff99c..8fb7e8a 100644
--- a/mockwebserver/src/main/java/com/squareup/okhttp/internal/HeldCertificate.java
+++ b/mockwebserver/src/main/java/com/squareup/okhttp/internal/HeldCertificate.java
@@ -129,13 +129,15 @@ public final class HeldCertificate {
             new BasicConstraints(maxIntermediateCas));
       }
 
+      // Android-changed: Use AndroidOpenSSL provider instead of BC.
       X509Certificate certificate = generator.generateX509Certificate(
-          signedByKeyPair.getPrivate(), "BC");
+          signedByKeyPair.getPrivate(), "AndroidOpenSSL");
       return new HeldCertificate(certificate, heldKeyPair);
     }
 
     public KeyPair generateKeyPair() throws GeneralSecurityException {
-      KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
+      // Android-changed: Don't specify provider for KeyPairGenerator instance.
+      KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
       keyPairGenerator.initialize(1024, new SecureRandom());
       return keyPairGenerator.generateKeyPair();
     }