diff options
author | Sergio Giro <sgiro@google.com> | 2015-04-24 14:59:41 +0100 |
---|---|---|
committer | ] <sgiro@google.com> | 2015-05-06 10:51:45 +0100 |
commit | 367fb0bc4adc380cbe1f1a82c2a975dbf834be4c (patch) | |
tree | 574a9329fb00f193817e065db9d222f383a90c53 | |
parent | 7f729f07947047c1ceaad8a78febacd1269a62b3 (diff) | |
download | android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.tar.gz android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.tar.bz2 android_external_bouncycastle-367fb0bc4adc380cbe1f1a82c2a975dbf834be4c.zip |
bouncycastle: throw exception in failure expecting PKIX parameters
bug: 20545284
(cherry picked from commit fa0ac9cf9f44a17bb77070574674f2ef0ecc3498)
Change-Id: Ie640314c35a5a98fac32e15144eaf776e4f861cb
-rw-r--r-- | bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java | 10 | ||||
-rw-r--r-- | patches/bcprov.patch | 28 |
2 files changed, 33 insertions, 5 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java index d902812..3fdedad 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java @@ -81,10 +81,18 @@ public class PKIXCertPathValidatorSpi { paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters(); } - else + // BEGIN android-changed + // else + else if (params instanceof PKIXExtendedParameters) + // END android-changed { paramsPKIX = (PKIXExtendedParameters)params; } + // BEGIN android-added + else { + throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters"); + } + // END android-added if (paramsPKIX.getTrustAnchors() == null) { diff --git a/patches/bcprov.patch b/patches/bcprov.patch index e0e0154..cf0cb72 100644 --- a/patches/bcprov.patch +++ b/patches/bcprov.patch @@ -1261,7 +1261,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/D registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java --- bcprov-jdk15on-152.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-03-01 12:03:02.000000000 +0000 -+++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2014-07-28 19:51:54.000000000 +0000 ++++ bcprov-jdk15on-152/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2015-04-09 13:10:16.000000000 +0000 @@ -1,8 +1,10 @@ package org.bouncycastle.jcajce.provider.asymmetric; @@ -8494,7 +8494,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCRLUtil.jav diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java --- bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-03-01 12:03:02.000000000 +0000 -+++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-04-09 13:10:16.000000000 +0000 ++++ bcprov-jdk15on-152/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2015-04-24 13:59:41.000000000 +0000 @@ -1,5 +1,8 @@ package org.bouncycastle.jce.provider; @@ -8516,7 +8516,27 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathVal public CertPathValidatorResult engineValidate( CertPath certPath, -@@ -98,6 +106,22 @@ +@@ -73,10 +81,18 @@ + { + paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters(); + } +- else ++ // BEGIN android-changed ++ // else ++ else if (params instanceof PKIXExtendedParameters) ++ // END android-changed + { + paramsPKIX = (PKIXExtendedParameters)params; + } ++ // BEGIN android-added ++ else { ++ throw new InvalidAlgorithmParameterException("Expecting PKIX algorithm parameters"); ++ } ++ // END android-added + + if (paramsPKIX.getTrustAnchors() == null) + { +@@ -98,6 +114,22 @@ { throw new CertPathValidatorException("Certification path is empty.", null, certPath, 0); } @@ -8539,7 +8559,7 @@ diff -Naur bcprov-jdk15on-152.orig/org/bouncycastle/jce/provider/PKIXCertPathVal // // (b) -@@ -277,6 +301,15 @@ +@@ -277,6 +309,15 @@ for (index = certs.size() - 1; index >= 0; index--) { |