bouncycastle: throw exception in failure expecting PKIX parameters

bug: 20545284 (cherry picked from commit fa0ac9cf9f44a17bb77070574674f2ef0ecc3498) Change-Id: Ie640314c35a5a98fac32e15144eaf776e4f861cb
author: Sergio Giro <sgiro@google.com> 2015-04-24 14:59:41 +0100
committer: ] <sgiro@google.com> 2015-05-06 10:51:45 +0100
commit: 367fb0bc4adc380cbe1f1a82c2a975dbf834be4c (patch)
tree: 574a9329fb00f193817e065db9d222f383a90c53
parent: 7f729f07947047c1ceaad8a78febacd1269a62b3 (diff)
download: android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.tar.gz
android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.tar.bz2
android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.zip
2 files changed, 33 insertions, 5 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
index d902812..3fdedad 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
@@ -81,10 +81,18 @@ public class PKIXCertPathValidatorSpi
         {
             paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters();
         }
-        else
+        // BEGIN android-changed
+        // else
+        else if (params instanceof PKIXExtendedParameters)
+        // END android-changed
         {
             paramsPKIX = (PKIXExtendedParameters)params;
         }
+        // BEGIN android-added
+        else {
+            throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters");
+        }
+        // END android-added
 
         if (paramsPKIX.getTrustAnchors() == null)
         {
diff --git a/patches/bcprov.patch b/patches/bcprov.patch
index e0e0154..cf0cb72 100644
--- a/patches/bcprov.patch
+++ b/patches/bcprov.patch
@@ -1261,7 +1261,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/D
                  registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA");
 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java
 --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java	2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java	2014-07-28 19:51:54.000000000 +0000
++++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java	2015-04-09 13:10:16.000000000 +0000
 @@ -1,8 +1,10 @@
  package org.bouncycastle.jcajce.provider.asymmetric;
  
@@ -8494,7 +8494,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.jav
  
 diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
 --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java	2015-03-01 12:03:02.000000000 +0000
-+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java	2015-04-09 13:10:16.000000000 +0000
++++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java	2015-04-24 13:59:41.000000000 +0000
 @@ -1,5 +1,8 @@
  package org.bouncycastle.jce.provider;
  
@@ -8516,7 +8516,27 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathVal
  
      public CertPathValidatorResult engineValidate(
              CertPath certPath,
-@@ -98,6 +106,22 @@
+@@ -73,10 +81,18 @@
+         {
+             paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters();
+         }
+-        else
++        // BEGIN android-changed
++        // else
++        else if (params instanceof PKIXExtendedParameters)
++        // END android-changed
+         {
+             paramsPKIX = (PKIXExtendedParameters)params;
+         }
++        // BEGIN android-added
++        else {
++            throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters");
++        }
++        // END android-added
+ 
+         if (paramsPKIX.getTrustAnchors() == null)
+         {
+@@ -98,6 +114,22 @@
          {
              throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0);
          }
@@ -8539,7 +8559,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathVal
  
          //
          // (b)
-@@ -277,6 +301,15 @@
+@@ -277,6 +309,15 @@
  
          for (index = certs.size() - 1; index >= 0; index--)
          {
author	Sergio Giro <sgiro@google.com>	2015-04-24 14:59:41 +0100
committer	] <sgiro@google.com>	2015-05-06 10:51:45 +0100
commit	367fb0bc4adc380cbe1f1a82c2a975dbf834be4c (patch)
tree	574a9329fb00f193817e065db9d222f383a90c53
parent	7f729f07947047c1ceaad8a78febacd1269a62b3 (diff)
download	android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.tar.gz android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.tar.bz2 android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.zip