diff options
| author | Geremy Condra <gcondra@google.com> | 2012-07-27 11:52:11 -0700 |
|---|---|---|
| committer | Geremy Condra <gcondra@google.com> | 2012-07-27 13:56:00 -0700 |
| commit | ffa48740407cf1c2dc0e114da954130247f4149d (patch) | |
| tree | 4ef8e2785529423c8d5d91e5d6f6d8e4fce26cac /patches | |
| parent | 89b880fc4071497a2d69a1b3280da3989c76c39a (diff) | |
| download | android_external_bouncycastle-ffa48740407cf1c2dc0e114da954130247f4149d.tar.gz android_external_bouncycastle-ffa48740407cf1c2dc0e114da954130247f4149d.tar.bz2 android_external_bouncycastle-ffa48740407cf1c2dc0e114da954130247f4149d.zip | |
Added patch to the README and android.patches.
(cherry picked from commit 089355c44e80af84267f0ab3e5369416bfd2d4cf)
Bug: http://code.google.com/p/android/issues/detail?id=35547
Change-Id: I58b9e8c258256194ab848c52a29fd270f8f9ad97
Diffstat (limited to 'patches')
| -rw-r--r-- | patches/README | 1 | ||||
| -rw-r--r-- | patches/android.patch | 187 |
2 files changed, 113 insertions, 75 deletions
diff --git a/patches/README b/patches/README index d56a5d8..c0f5697 100644 --- a/patches/README +++ b/patches/README @@ -30,6 +30,7 @@ Other performance (both speed and memory) and correctness changes: - Make BouncyCastleProvider.PROVIDER_NAME final - Added wrapper for SecretKeyFactory.PBKDF2WithHmacSHA1 - Added DSA support to JDKKeyManager.engineGetKeySpec +- Fixed CertBlacklist to do a by-value comparison of public keys Other security changes: - Blacklist fraudulent Comodo certificates in PKIXCertPathValidatorSpi diff --git a/patches/android.patch b/patches/android.patch index 20ed108..40a24f8 100644 --- a/patches/android.patch +++ b/patches/android.patch @@ -1,6 +1,6 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1InputStream.java bcprov-jdk16-146/org/bouncycastle/asn1/ASN1InputStream.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1InputStream.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/ASN1InputStream.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/ASN1InputStream.java 2012-07-27 18:48:00.011478563 +0000 @@ -363,7 +363,9 @@ case BMP_STRING: return new DERBMPString(bytes); @@ -14,7 +14,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1InputStream.java bcpr case GENERALIZED_TIME: diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk16-146/org/bouncycastle/asn1/ASN1Null.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1Null.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/ASN1Null.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/ASN1Null.java 2012-07-27 18:47:59.981477999 +0000 @@ -8,9 +8,11 @@ public abstract class ASN1Null extends ASN1Object @@ -30,7 +30,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/ASN1Null.java bcprov-jdk1 { diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERBoolean.java bcprov-jdk16-146/org/bouncycastle/asn1/DERBoolean.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERBoolean.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/DERBoolean.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/DERBoolean.java 2012-07-27 18:47:59.981477999 +0000 @@ -5,7 +5,9 @@ public class DERBoolean extends ASN1Object @@ -104,7 +104,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERBoolean.java bcprov-jd } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk16-146/org/bouncycastle/asn1/DERNull.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERNull.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/DERNull.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/DERNull.java 2012-07-27 18:47:59.981477999 +0000 @@ -10,9 +10,13 @@ { public static final DERNull INSTANCE = new DERNull(); @@ -123,7 +123,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERNull.java bcprov-jdk16 diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERObjectIdentifier.java bcprov-jdk16-146/org/bouncycastle/asn1/DERObjectIdentifier.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERObjectIdentifier.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/DERObjectIdentifier.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/DERObjectIdentifier.java 2012-07-27 18:48:00.011478563 +0000 @@ -110,7 +110,13 @@ } } @@ -156,7 +156,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERObjectIdentifier.java public String getId() diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERPrintableString.java bcprov-jdk16-146/org/bouncycastle/asn1/DERPrintableString.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERPrintableString.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/DERPrintableString.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/DERPrintableString.java 2012-07-27 18:48:00.011478563 +0000 @@ -9,7 +9,9 @@ extends ASN1Object implements DERString @@ -192,7 +192,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/DERPrintableString.java b public String getString() diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcprov-jdk16-146/org/bouncycastle/asn1/cms/ContentInfo.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/cms/ContentInfo.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/cms/ContentInfo.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/cms/ContentInfo.java 2012-07-27 18:48:00.011478563 +0000 @@ -12,7 +12,9 @@ public class ContentInfo @@ -206,7 +206,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/cms/ContentInfo.java bcpr private DEREncodable content; diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java 2012-07-27 18:48:00.011478563 +0000 @@ -37,10 +37,13 @@ public static EncryptedPrivateKeyInfo getInstance( Object obj) @@ -224,7 +224,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyI return new EncryptedPrivateKeyInfo((ASN1Sequence)obj); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2012-07-27 18:47:59.981477999 +0000 @@ -10,8 +10,10 @@ // static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); @@ -282,7 +282,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifier static final ASN1ObjectIdentifier id_hmacWithSHA512 = digestAlgorithm.branch("11"); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java 2012-07-27 18:47:59.981477999 +0000 @@ -19,7 +19,9 @@ private AlgorithmIdentifier maskGenAlgorithm; private AlgorithmIdentifier pSourceAlgorithm; @@ -296,7 +296,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java 2012-07-27 18:47:59.981477999 +0000 @@ -20,7 +20,9 @@ private DERInteger saltLength; private DERInteger trailerField; @@ -310,7 +310,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java public final static DERInteger DEFAULT_TRAILER_FIELD = new DERInteger(1); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/util/ASN1Dump.java bcprov-jdk16-146/org/bouncycastle/asn1/util/ASN1Dump.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/util/ASN1Dump.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/util/ASN1Dump.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/util/ASN1Dump.java 2012-07-27 18:48:00.011478563 +0000 @@ -79,7 +79,9 @@ { Object o = e.nextElement(); @@ -324,7 +324,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/util/ASN1Dump.java bcprov buf.append("NULL"); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/AttCertIssuer.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/AttCertIssuer.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/AttCertIssuer.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/AttCertIssuer.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/AttCertIssuer.java 2012-07-27 18:48:00.011478563 +0000 @@ -45,7 +45,7 @@ ASN1TaggedObject obj, boolean explicit) @@ -336,7 +336,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/AttCertIssuer.java b /** diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/BasicConstraints.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/BasicConstraints.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/BasicConstraints.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/BasicConstraints.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/BasicConstraints.java 2012-07-27 18:48:00.011478563 +0000 @@ -14,7 +14,9 @@ public class BasicConstraints extends ASN1Encodable @@ -383,7 +383,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/BasicConstraints.jav diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java 2012-07-27 18:48:00.011478563 +0000 @@ -96,11 +96,15 @@ } if (onlyContainsUserCerts) @@ -422,7 +422,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/IssuingDistributionP seq = new DERSequence(vec); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Extensions.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Extensions.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Extensions.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Extensions.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Extensions.java 2012-07-27 18:48:00.011478563 +0000 @@ -400,7 +400,9 @@ if (ext.isCritical()) @@ -436,7 +436,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Extensions.java v.add(ext.getValue()); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Name.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Name.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Name.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509Name.java 2012-07-27 18:48:00.011478563 +0000 @@ -249,8 +249,10 @@ */ public static final Hashtable SymbolLookUp = DefaultLookUp; @@ -474,7 +474,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509Name.java bcprov String name = token.substring(0, index); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509NameTokenizer.java --- bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2012-05-11 05:31:26.610725423 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/asn1/x509/X509NameTokenizer.java 2012-07-27 18:48:00.011478563 +0000 @@ -58,6 +58,17 @@ } else @@ -502,7 +502,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/asn1/x509/X509NameTokenizer.ja \ No newline at end of file diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/PBEParametersGenerator.java bcprov-jdk16-146/org/bouncycastle/crypto/PBEParametersGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/PBEParametersGenerator.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/crypto/PBEParametersGenerator.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/crypto/PBEParametersGenerator.java 2012-07-27 18:48:00.021478751 +0000 @@ -136,7 +136,8 @@ public static byte[] PKCS12PasswordToBytes( char[] password) @@ -522,7 +522,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/PBEParametersGenerator. } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk16-146/org/bouncycastle/crypto/digests/OpenSSLDigest.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2012-07-27 18:48:00.021478751 +0000 @@ -0,0 +1,159 @@ +/* + * Copyright (C) 2008 The Android Open Source Project @@ -685,7 +685,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.j +} diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/engines/RC2Engine.java bcprov-jdk16-146/org/bouncycastle/crypto/engines/RC2Engine.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/engines/RC2Engine.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/crypto/engines/RC2Engine.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/crypto/engines/RC2Engine.java 2012-07-27 18:48:00.011478563 +0000 @@ -313,4 +313,4 @@ out[outOff + 6] = (byte)x76; out[outOff + 7] = (byte)(x76 >> 8); @@ -695,7 +695,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/engines/RC2Engine.java \ No newline at end of file diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java bcprov-jdk16-146/org/bouncycastle/crypto/generators/DHParametersHelper.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/generators/DHParametersHelper.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/crypto/generators/DHParametersHelper.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/crypto/generators/DHParametersHelper.java 2012-07-27 18:48:00.021478751 +0000 @@ -3,10 +3,17 @@ import java.math.BigInteger; import java.security.SecureRandom; @@ -748,7 +748,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/generators/DHParameters } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk16-146/org/bouncycastle/crypto/macs/HMac.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/macs/HMac.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/crypto/macs/HMac.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/crypto/macs/HMac.java 2012-07-27 18:48:00.021478751 +0000 @@ -32,23 +32,23 @@ { blockLengths = new Hashtable(); @@ -790,7 +790,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-j private static int getByteLength( diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk16-146/org/bouncycastle/crypto/signers/RSADigestSigner.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/crypto/signers/RSADigestSigner.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/crypto/signers/RSADigestSigner.java 2012-07-27 18:48:00.021478751 +0000 @@ -46,8 +46,10 @@ oidMap.put("SHA-384", NISTObjectIdentifiers.id_sha384); oidMap.put("SHA-512", NISTObjectIdentifiers.id_sha512); @@ -806,7 +806,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/signers/RSADigestSigner diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java bcprov-jdk16-146/org/bouncycastle/crypto/util/PrivateKeyFactory.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/crypto/util/PrivateKeyFactory.java 2012-07-27 18:48:00.031478939 +0000 @@ -12,7 +12,9 @@ import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; @@ -888,7 +888,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PrivateKeyFactory. diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java bcprov-jdk16-146/org/bouncycastle/crypto/util/PublicKeyFactory.java --- bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PublicKeyFactory.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/crypto/util/PublicKeyFactory.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/crypto/util/PublicKeyFactory.java 2012-07-27 18:48:00.031478939 +0000 @@ -15,12 +15,16 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; @@ -967,7 +967,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/crypto/util/PublicKeyFactory.j diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/ECNamedCurveTable.java bcprov-jdk16-146/org/bouncycastle/jce/ECNamedCurveTable.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/ECNamedCurveTable.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/ECNamedCurveTable.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/ECNamedCurveTable.java 2012-07-27 18:48:00.031478939 +0000 @@ -3,7 +3,9 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.nist.NISTNamedCurves; @@ -1031,7 +1031,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/ECNamedCurveTable.java bcp } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk16-146/org/bouncycastle/jce/PKCS10CertificationRequest.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/PKCS10CertificationRequest.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/PKCS10CertificationRequest.java 2012-07-27 18:48:00.041479127 +0000 @@ -80,15 +80,20 @@ static @@ -1281,7 +1281,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/PKCS10CertificationRequest return digestAlgOID.getId(); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk16-146/org/bouncycastle/jce/provider/BouncyCastleProvider.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2012-07-27 18:48:00.031478939 +0000 @@ -45,7 +45,10 @@ { private static String info = "BouncyCastle Security Provider v1.46"; @@ -2445,8 +2445,8 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/BouncyCastleProvi { diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk16-146/org/bouncycastle/jce/provider/CertBlacklist.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/CertBlacklist.java 2012-05-11 05:31:26.630725775 +0000 -@@ -0,0 +1,171 @@ ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/CertBlacklist.java 2012-07-27 18:48:00.031478939 +0000 +@@ -0,0 +1,177 @@ +/* + * Copyright (C) 2012 The Android Open Source Project + * @@ -2593,8 +2593,9 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertBlacklist.jav + String pubkeyBlacklist = readBlacklist(path); + if (!pubkeyBlacklist.equals("")) { + for (String value : pubkeyBlacklist.split(",")) { ++ value = value.trim(); + if (isPubkeyHash(value)) { -+ bl.add(Hex.decode(value)); ++ bl.add(value.getBytes()); + } else { + System.logW("Tried to blacklist invalid pubkey " + value); + } @@ -2610,7 +2611,12 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertBlacklist.jav + digest.update(encoded, 0, encoded.length); + byte[] out = new byte[digest.getDigestSize()]; + digest.doFinal(out, 0); -+ return pubkeyBlacklist.contains(out); ++ for (byte[] blacklisted : pubkeyBlacklist) { ++ if (Arrays.equals(blacklisted, Hex.encode(out))) { ++ return true; ++ } ++ } ++ return false; + } + + public boolean isSerialNumberBlackListed(BigInteger serial) { @@ -2620,7 +2626,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertBlacklist.jav +} diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java bcprov-jdk16-146/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java 2012-07-27 18:48:00.031478939 +0000 @@ -24,6 +24,7 @@ import java.security.spec.DSAPublicKeySpec; import java.text.ParseException; @@ -2802,7 +2808,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/CertPathValidator CRLDistPoint crldp, ExtendedPKIXParameters pkixParams) diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEBlockCipher.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEBlockCipher.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEBlockCipher.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEBlockCipher.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEBlockCipher.java 2012-07-27 18:48:00.031478939 +0000 @@ -17,8 +17,10 @@ import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; @@ -3267,7 +3273,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEBlockCipher.ja */ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDHKeyAgreement.java 2012-07-27 18:48:00.031478939 +0000 @@ -36,10 +36,12 @@ static @@ -3287,7 +3293,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDHKeyAgreement algorithms.put("DESEDE", i192); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDigestUtil.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDigestUtil.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDigestUtil.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDigestUtil.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEDigestUtil.java 2012-07-27 18:48:00.031478939 +0000 @@ -12,7 +12,9 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.MD5Digest; @@ -3370,7 +3376,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEDigestUtil.jav || (sha512.contains(digest1) && sha512.contains(digest2)) diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPrivateKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPrivateKey.java 2012-07-27 18:48:00.031478939 +0000 @@ -20,7 +20,9 @@ import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; @@ -3442,7 +3448,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPrivateKey.j info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), keyStructure.getDERObject()); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPublicKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPublicKey.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPublicKey.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEECPublicKey.java 2012-07-27 18:48:00.031478939 +0000 @@ -20,8 +20,10 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; @@ -3690,7 +3696,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEECPublicKey.ja { diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEKeyGenerator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEKeyGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEKeyGenerator.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEKeyGenerator.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEKeyGenerator.java 2012-07-27 18:48:00.031478939 +0000 @@ -57,6 +57,11 @@ { try @@ -3926,7 +3932,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEKeyGenerator.j } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEMac.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEMac.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEMac.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEMac.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEMac.java 2012-07-27 18:48:00.031478939 +0000 @@ -11,25 +11,39 @@ import org.bouncycastle.crypto.CipherParameters; @@ -4456,7 +4462,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEMac.java bcpro } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSACipher.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSACipher.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSACipher.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSACipher.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSACipher.java 2012-07-27 18:48:00.031478939 +0000 @@ -535,48 +535,50 @@ } } @@ -4554,7 +4560,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSACipher.java } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java 2012-07-27 18:48:00.031478939 +0000 @@ -125,7 +125,9 @@ */ public byte[] getEncoded() @@ -4568,7 +4574,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateCrtK } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateKey.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateKey.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPrivateKey.java 2012-07-27 18:48:00.031478939 +0000 @@ -77,7 +77,9 @@ public byte[] getEncoded() @@ -4582,7 +4588,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPrivateKey. } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPublicKey.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPublicKey.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPublicKey.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPublicKey.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCERSAPublicKey.java 2012-07-27 18:48:00.031478939 +0000 @@ -90,7 +90,9 @@ public byte[] getEncoded() @@ -4596,7 +4602,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCERSAPublicKey.j } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCESecretKeyFactory.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCESecretKeyFactory.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCESecretKeyFactory.java 2012-07-27 18:48:00.031478939 +0000 @@ -250,29 +250,31 @@ } } @@ -4773,7 +4779,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCESecretKeyFacto } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEStreamCipher.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEStreamCipher.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEStreamCipher.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JCEStreamCipher.java 2012-07-27 18:48:00.041479127 +0000 @@ -13,20 +13,26 @@ import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; @@ -5079,7 +5085,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JCEStreamCipher.j */ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameterGenerator.java 2012-07-27 18:48:00.031478939 +0000 @@ -11,18 +11,24 @@ import javax.crypto.spec.DHGenParameterSpec; import javax.crypto.spec.DHParameterSpec; @@ -5505,7 +5511,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParam } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKAlgorithmParameters.java 2012-07-27 18:48:00.031478939 +0000 @@ -10,21 +10,27 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; @@ -7005,7 +7011,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKAlgorithmParam } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDSASigner.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDSASigner.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDSASigner.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDSASigner.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDSASigner.java 2012-07-27 18:48:00.031478939 +0000 @@ -23,13 +23,17 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; @@ -7156,7 +7162,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDSASigner.java extends JDKDSASigner diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDigestSignature.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDigestSignature.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDigestSignature.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDigestSignature.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKDigestSignature.java 2012-07-27 18:48:00.031478939 +0000 @@ -23,15 +23,21 @@ import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.CipherParameters; @@ -7332,7 +7338,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKDigestSignatur } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyFactory.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyFactory.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyFactory.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyFactory.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyFactory.java 2012-07-27 18:48:00.031478939 +0000 @@ -36,17 +36,21 @@ import org.bouncycastle.asn1.pkcs.RSAPrivateKeyStructure; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; @@ -7718,7 +7724,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyFactory.jav } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyPairGenerator.java 2012-07-27 18:48:00.031478939 +0000 @@ -6,9 +6,11 @@ import org.bouncycastle.crypto.generators.DHParametersGenerator; import org.bouncycastle.crypto.generators.DSAKeyPairGenerator; @@ -8062,7 +8068,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyPairGenerat } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyStore.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyStore.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyStore.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyStore.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKKeyStore.java 2012-07-27 18:48:00.031478939 +0000 @@ -39,7 +39,12 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; @@ -8165,7 +8171,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKKeyStore.java } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKMessageDigest.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKMessageDigest.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKMessageDigest.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKMessageDigest.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKMessageDigest.java 2012-07-27 18:48:00.031478939 +0000 @@ -57,36 +57,38 @@ { super(new SHA1Digest()); @@ -8612,7 +8618,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKMessageDigest. } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java 2012-07-27 18:48:00.031478939 +0000 @@ -260,10 +260,13 @@ } } @@ -8782,7 +8788,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/JDKPKCS12KeyStore return null; diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PBE.java bcprov-jdk16-146/org/bouncycastle/jce/provider/PBE.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PBE.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PBE.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PBE.java 2012-07-27 18:48:00.031478939 +0000 @@ -7,12 +7,18 @@ import org.bouncycastle.crypto.CipherParameters; @@ -8857,7 +8863,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PBE.java bcprov-j break; diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPath.java bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPath.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPath.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPath.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPath.java 2012-07-27 18:48:00.041479127 +0000 @@ -33,7 +33,9 @@ import org.bouncycastle.asn1.pkcs.ContentInfo; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; @@ -8922,7 +8928,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPath.java throw new CertificateEncodingException("unsupported encoding: " + encoding); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java 2012-07-27 18:48:00.031478939 +0000 @@ -1,5 +1,8 @@ package org.bouncycastle.jce.provider; @@ -8991,7 +8997,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXCertPathValid // diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java 2012-07-27 18:48:00.031478939 +0000 @@ -1533,7 +1533,9 @@ for (Enumeration e = permitted.getObjects(); e.hasMoreElements();) { @@ -9005,7 +9011,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/PKIXNameConstrain subtreesMap.put(tagNo, new HashSet()); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/WrapCipherSpi.java bcprov-jdk16-146/org/bouncycastle/jce/provider/WrapCipherSpi.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/WrapCipherSpi.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/WrapCipherSpi.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/WrapCipherSpi.java 2012-07-27 18:48:00.031478939 +0000 @@ -22,8 +22,10 @@ import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; @@ -9137,7 +9143,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/WrapCipherSpi.jav } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509CertificateObject.java bcprov-jdk16-146/org/bouncycastle/jce/provider/X509CertificateObject.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509CertificateObject.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/X509CertificateObject.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/X509CertificateObject.java 2012-07-27 18:48:00.031478939 +0000 @@ -520,12 +520,20 @@ return JDKKeyFactory.createPublicKeyFromPublicKeyInfo(c.getSubjectPublicKeyInfo()); } @@ -9171,7 +9177,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509CertificateOb signature = Signature.getInstance(sigName, BouncyCastleProvider.PROVIDER_NAME); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk16-146/org/bouncycastle/jce/provider/X509SignatureUtil.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/X509SignatureUtil.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/X509SignatureUtil.java 2012-07-27 18:48:00.031478939 +0000 @@ -25,7 +25,9 @@ class X509SignatureUtil @@ -9264,7 +9270,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/X509SignatureUtil return digestAlgOID.getId(); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/EC.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/EC.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/EC.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/EC.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/EC.java 2012-07-27 18:48:00.031478939 +0000 @@ -4,8 +4,10 @@ import org.bouncycastle.asn1.DERObjectIdentifier; @@ -9396,7 +9402,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/EC.jav private void addSignatureAlgorithm( diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/ECUtil.java 2012-07-27 18:48:00.031478939 +0000 @@ -1,10 +1,14 @@ package org.bouncycastle.jce.provider.asymmetric.ec; @@ -9483,7 +9489,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/ECU return name; diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyAgreement.java 2012-07-27 18:48:00.031478939 +0000 @@ -24,20 +24,26 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DerivationFunction; @@ -9811,7 +9817,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/Key } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/KeyPairGenerator.java 2012-07-27 18:48:00.031478939 +0000 @@ -10,10 +10,14 @@ import java.util.Hashtable; @@ -10010,7 +10016,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/Key +} diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/asymmetric/ec/Signature.java 2012-07-27 18:48:00.031478939 +0000 @@ -18,15 +18,21 @@ import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; @@ -10239,7 +10245,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/asymmetric/ec/Sig +} diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/AES.java bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/AES.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/AES.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/AES.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/AES.java 2012-07-27 18:48:00.031478939 +0000 @@ -13,8 +13,10 @@ import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.engines.AESFastEngine; @@ -10604,7 +10610,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/AES.jav } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/ARC4.java bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/ARC4.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/ARC4.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/ARC4.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/ARC4.java 2012-07-27 18:48:00.031478939 +0000 @@ -27,7 +27,9 @@ { public KeyGen() @@ -10618,7 +10624,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/ARC4.ja diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/Blowfish.java bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/Blowfish.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/Blowfish.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/Blowfish.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/Blowfish.java 2012-07-27 18:48:00.031478939 +0000 @@ -57,7 +57,9 @@ public Mappings() { @@ -10632,7 +10638,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/Blowfis put("AlgorithmParameters.BLOWFISH", "org.bouncycastle.jce.provider.symmetric.Blowfish$AlgParams"); diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/DESede.java bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/DESede.java --- bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/DESede.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/DESede.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/jce/provider/symmetric/DESede.java 2012-07-27 18:48:00.031478939 +0000 @@ -14,11 +14,15 @@ import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.engines.DESedeEngine; @@ -10798,7 +10804,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/jce/provider/symmetric/DESede. } diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/openssl/PEMUtilities.java bcprov-jdk16-146/org/bouncycastle/openssl/PEMUtilities.java --- bcprov-jdk16-146.orig/org/bouncycastle/openssl/PEMUtilities.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/openssl/PEMUtilities.java 2012-05-11 05:31:26.630725775 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/openssl/PEMUtilities.java 2012-07-27 18:48:00.031478939 +0000 @@ -45,10 +45,12 @@ PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes192_CBC); PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes256_CBC); @@ -10818,7 +10824,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/openssl/PEMUtilities.java bcpr static int getKeySize(String algorithm) diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk16-146/org/bouncycastle/x509/X509Util.java --- bcprov-jdk16-146.orig/org/bouncycastle/x509/X509Util.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/x509/X509Util.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/x509/X509Util.java 2012-07-27 18:48:00.011478563 +0000 @@ -44,14 +44,18 @@ static @@ -10980,7 +10986,7 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk1 diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/x509/extension/X509ExtensionUtil.java bcprov-jdk16-146/org/bouncycastle/x509/extension/X509ExtensionUtil.java --- bcprov-jdk16-146.orig/org/bouncycastle/x509/extension/X509ExtensionUtil.java 2011-02-23 20:08:56.000000000 +0000 -+++ bcprov-jdk16-146/org/bouncycastle/x509/extension/X509ExtensionUtil.java 2012-05-11 05:31:26.620725599 +0000 ++++ bcprov-jdk16-146/org/bouncycastle/x509/extension/X509ExtensionUtil.java 2012-07-27 18:48:00.011478563 +0000 @@ -62,7 +62,9 @@ { GeneralName genName = GeneralName.getInstance(it.nextElement()); @@ -10992,3 +10998,34 @@ diff -Naur bcprov-jdk16-146.orig/org/bouncycastle/x509/extension/X509ExtensionUt switch (genName.getTagNo()) { case GeneralName.ediPartyName: +diff -Naur bcprov-jdk16-146.orig/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java.rej bcprov-jdk16-146/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java.rej +--- bcprov-jdk16-146.orig/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java.rej 1970-01-01 00:00:00.000000000 +0000 ++++ bcprov-jdk16-146/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java.rej 2012-07-27 18:47:59.931477059 +0000 +@@ -0,0 +1,27 @@ ++--- src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java +++++ src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java ++@@ -144,8 +144,9 @@ ++ String pubkeyBlacklist = readBlacklist(path); ++ if (!pubkeyBlacklist.equals("")) { ++ for (String value : pubkeyBlacklist.split(",")) { +++ value = value.trim(); ++ if (isPubkeyHash(value)) { ++- bl.add(Hex.decode(value)); +++ bl.add(value.getBytes()); ++ } else { ++ System.logW("Tried to blacklist invalid pubkey " + value); ++ } ++@@ -161,7 +162,12 @@ ++ digest.update(encoded, 0, encoded.length); ++ byte[] out = new byte[digest.getDigestSize()]; ++ digest.doFinal(out, 0); ++- return pubkeyBlacklist.contains(out); +++ for (byte[] blacklisted : pubkeyBlacklist) { +++ if (Arrays.equals(blacklisted, Hex.encode(out))) { +++ return true; +++ } +++ } +++ return false; ++ } ++ ++ public boolean isSerialNumberBlackListed(BigInteger serial) { |