From 87490acd76f544251011cf49753d4d0a61f86a66 Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Thu, 26 Sep 2013 11:06:21 -0700 Subject: Restore SHA-224 In the StandardNames 8 document, SHA-224 has made a comeback. Change-Id: I2cfd04df026502efa3ccbae17eb509588f43292f --- patches/bcpkix.patch | 355 ++++-------------------------- patches/bcprov.patch | 605 +++++++++++++-------------------------------------- 2 files changed, 195 insertions(+), 765 deletions(-) (limited to 'patches') diff --git a/patches/bcpkix.patch b/patches/bcpkix.patch index 78354bd..df6b920 100644 --- a/patches/bcpkix.patch +++ b/patches/bcpkix.patch @@ -477,7 +477,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedData.java bcpki * Replace the SignerInformation store associated with this diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedGenerator.java bcpkix-jdk15on-149/org/bouncycastle/cms/CMSSignedGenerator.java --- bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedGenerator.java 2013-05-31 21:17:22.000000000 +0000 -+++ bcpkix-jdk15on-149/org/bouncycastle/cms/CMSSignedGenerator.java 2013-05-25 02:14:15.000000000 +0000 ++++ bcpkix-jdk15on-149/org/bouncycastle/cms/CMSSignedGenerator.java 2013-09-26 18:06:21.000000000 +0000 @@ -23,8 +23,10 @@ import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.cms.AttributeTable; @@ -502,15 +502,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedGenerator.java import org.bouncycastle.util.Arrays; import org.bouncycastle.util.Store; import org.bouncycastle.x509.X509AttributeCertificate; -@@ -49,25 +53,33 @@ - public static final String DATA = CMSObjectIdentifiers.data.getId(); - - public static final String DIGEST_SHA1 = OIWObjectIdentifiers.idSHA1.getId(); -- public static final String DIGEST_SHA224 = NISTObjectIdentifiers.id_sha224.getId(); -+ // BEGIN android-removed -+ // public static final String DIGEST_SHA224 = NISTObjectIdentifiers.id_sha224.getId(); -+ // END android-removed - public static final String DIGEST_SHA256 = NISTObjectIdentifiers.id_sha256.getId(); +@@ -54,17 +58,21 @@ public static final String DIGEST_SHA384 = NISTObjectIdentifiers.id_sha384.getId(); public static final String DIGEST_SHA512 = NISTObjectIdentifiers.id_sha512.getId(); public static final String DIGEST_MD5 = PKCSObjectIdentifiers.md5.getId(); @@ -537,34 +529,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedGenerator.java + // END android-removed private static final String ENCRYPTION_ECDSA_WITH_SHA1 = X9ObjectIdentifiers.ecdsa_with_SHA1.getId(); -- private static final String ENCRYPTION_ECDSA_WITH_SHA224 = X9ObjectIdentifiers.ecdsa_with_SHA224.getId(); -+ // BEGIN android-removed -+ // private static final String ENCRYPTION_ECDSA_WITH_SHA224 = X9ObjectIdentifiers.ecdsa_with_SHA224.getId(); -+ // END android-removed - private static final String ENCRYPTION_ECDSA_WITH_SHA256 = X9ObjectIdentifiers.ecdsa_with_SHA256.getId(); - private static final String ENCRYPTION_ECDSA_WITH_SHA384 = X9ObjectIdentifiers.ecdsa_with_SHA384.getId(); - private static final String ENCRYPTION_ECDSA_WITH_SHA512 = X9ObjectIdentifiers.ecdsa_with_SHA512.getId(); -@@ -80,13 +92,17 @@ - NO_PARAMS.add(ENCRYPTION_DSA); - NO_PARAMS.add(ENCRYPTION_ECDSA); - NO_PARAMS.add(ENCRYPTION_ECDSA_WITH_SHA1); -- NO_PARAMS.add(ENCRYPTION_ECDSA_WITH_SHA224); -+ // BEGIN android-removed -+ // NO_PARAMS.add(ENCRYPTION_ECDSA_WITH_SHA224); -+ // END android-removed - NO_PARAMS.add(ENCRYPTION_ECDSA_WITH_SHA256); - NO_PARAMS.add(ENCRYPTION_ECDSA_WITH_SHA384); - NO_PARAMS.add(ENCRYPTION_ECDSA_WITH_SHA512); - - EC_ALGORITHMS.put(DIGEST_SHA1, ENCRYPTION_ECDSA_WITH_SHA1); -- EC_ALGORITHMS.put(DIGEST_SHA224, ENCRYPTION_ECDSA_WITH_SHA224); -+ // BEGIN android-removed -+ // EC_ALGORITHMS.put(DIGEST_SHA224, ENCRYPTION_ECDSA_WITH_SHA224); -+ // END android-removed - EC_ALGORITHMS.put(DIGEST_SHA256, ENCRYPTION_ECDSA_WITH_SHA256); - EC_ALGORITHMS.put(DIGEST_SHA384, ENCRYPTION_ECDSA_WITH_SHA384); - EC_ALGORITHMS.put(DIGEST_SHA512, ENCRYPTION_ECDSA_WITH_SHA512); -@@ -144,14 +160,16 @@ + private static final String ENCRYPTION_ECDSA_WITH_SHA224 = X9ObjectIdentifiers.ecdsa_with_SHA224.getId(); +@@ -144,14 +152,16 @@ throw new IllegalArgumentException("can't mix ECDSA with anything but SHA family digests"); } } @@ -589,7 +555,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedGenerator.java return encOID; } -@@ -270,31 +288,33 @@ +@@ -270,31 +280,33 @@ certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrStore)); } @@ -650,7 +616,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedGenerator.java * Add the attribute certificates contained in the passed in store to the diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedHelper.java bcpkix-jdk15on-149/org/bouncycastle/cms/CMSSignedHelper.java --- bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedHelper.java 2013-05-31 21:17:22.000000000 +0000 -+++ bcpkix-jdk15on-149/org/bouncycastle/cms/CMSSignedHelper.java 2013-05-25 02:14:15.000000000 +0000 ++++ bcpkix-jdk15on-149/org/bouncycastle/cms/CMSSignedHelper.java 2013-09-26 18:06:21.000000000 +0000 @@ -19,8 +19,10 @@ import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.ASN1TaggedObject; @@ -677,15 +643,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedHelper.java bcp import org.bouncycastle.util.CollectionStore; import org.bouncycastle.util.Store; import org.bouncycastle.x509.NoSuchStoreException; -@@ -60,31 +64,43 @@ - - static - { -- addEntries(NISTObjectIdentifiers.dsa_with_sha224, "SHA224", "DSA"); -+ // BEGIN android-removed -+ // addEntries(NISTObjectIdentifiers.dsa_with_sha224, "SHA224", "DSA"); -+ // END android-removed - addEntries(NISTObjectIdentifiers.dsa_with_sha256, "SHA256", "DSA"); +@@ -65,12 +69,16 @@ addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA"); addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA"); addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA"); @@ -705,31 +663,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedHelper.java bcp + // END android-removed addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA"); addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA"); -- addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA"); -+ // BEGIN android-removed -+ // addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA"); -+ // END android-removed - addEntries(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256", "RSA"); - addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384", "RSA"); - addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512", "RSA"); - addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1", "ECDSA"); -- addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224", "ECDSA"); -+ // BEGIN android-removed -+ // addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224", "ECDSA"); -+ // END android-removed - addEntries(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256", "ECDSA"); - addEntries(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384", "ECDSA"); - addEntries(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512", "ECDSA"); - addEntries(X9ObjectIdentifiers.id_dsa_with_sha1, "SHA1", "DSA"); - addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA"); -- addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA"); -+ // BEGIN android-removed -+ // addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA"); -+ // END android-removed - addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA"); - addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA"); - addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA"); -@@ -97,30 +113,38 @@ + addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA"); +@@ -97,27 +105,31 @@ encryptionAlgs.put(PKCSObjectIdentifiers.rsaEncryption.getId(), "RSA"); encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA"); encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa.getId(), "RSA"); @@ -757,10 +692,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedHelper.java bcp + // END android-removed digestAlgs.put(PKCSObjectIdentifiers.md5.getId(), "MD5"); digestAlgs.put(OIWObjectIdentifiers.idSHA1.getId(), "SHA1"); -- digestAlgs.put(NISTObjectIdentifiers.id_sha224.getId(), "SHA224"); -+ // BEGIN android-removed -+ // digestAlgs.put(NISTObjectIdentifiers.id_sha224.getId(), "SHA224"); -+ // END android-removed + digestAlgs.put(NISTObjectIdentifiers.id_sha224.getId(), "SHA224"); digestAlgs.put(NISTObjectIdentifiers.id_sha256.getId(), "SHA256"); digestAlgs.put(NISTObjectIdentifiers.id_sha384.getId(), "SHA384"); digestAlgs.put(NISTObjectIdentifiers.id_sha512.getId(), "SHA512"); @@ -778,14 +710,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedHelper.java bcp + // END android-removed digestAliases.put("SHA1", new String[] { "SHA-1" }); -- digestAliases.put("SHA224", new String[] { "SHA-224" }); -+ // BEGIN android-removed -+ // digestAliases.put("SHA224", new String[] { "SHA-224" }); -+ // END android-removed - digestAliases.put("SHA256", new String[] { "SHA-256" }); - digestAliases.put("SHA384", new String[] { "SHA-384" }); - digestAliases.put("SHA512", new String[] { "SHA-512" }); -@@ -190,65 +214,67 @@ + digestAliases.put("SHA224", new String[] { "SHA-224" }); +@@ -190,65 +202,67 @@ } } @@ -912,7 +838,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSSignedHelper.java bcp AlgorithmIdentifier fixAlgID(AlgorithmIdentifier algId) { -@@ -336,35 +362,35 @@ +@@ -336,35 +350,35 @@ return new CollectionStore(new ArrayList()); } @@ -1054,7 +980,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/CMSUtils.java bcpkix-jdk { diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java bcpkix-jdk15on-149/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java --- bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java 2013-05-31 21:17:22.000000000 +0000 -+++ bcpkix-jdk15on-149/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java 2012-09-17 23:04:47.000000000 +0000 ++++ bcpkix-jdk15on-149/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java 2013-09-26 18:06:21.000000000 +0000 @@ -4,7 +4,9 @@ import java.util.Map; @@ -1066,15 +992,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureAlgor import org.bouncycastle.asn1.eac.EACObjectIdentifiers; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; -@@ -28,31 +30,43 @@ - - public DefaultCMSSignatureAlgorithmNameGenerator() - { -- addEntries(NISTObjectIdentifiers.dsa_with_sha224, "SHA224", "DSA"); -+ // BEGIN android-removed -+ // addEntries(NISTObjectIdentifiers.dsa_with_sha224, "SHA224", "DSA"); -+ // END android-removed - addEntries(NISTObjectIdentifiers.dsa_with_sha256, "SHA256", "DSA"); +@@ -33,12 +35,16 @@ addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA"); addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA"); addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA"); @@ -1094,31 +1012,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureAlgor + // END android-removed addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA"); addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA"); -- addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA"); -+ // BEGIN android-removed -+ // addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA"); -+ // END android-removed - addEntries(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256", "RSA"); - addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384", "RSA"); - addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512", "RSA"); - addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1", "ECDSA"); -- addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224", "ECDSA"); -+ // BEGIN android-removed -+ // addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224", "ECDSA"); -+ // END android-removed - addEntries(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256", "ECDSA"); - addEntries(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384", "ECDSA"); - addEntries(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512", "ECDSA"); - addEntries(X9ObjectIdentifiers.id_dsa_with_sha1, "SHA1", "DSA"); - addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA"); -- addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA"); -+ // BEGIN android-removed -+ // addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA"); -+ // END android-removed - addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA"); - addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA"); - addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA"); -@@ -66,26 +80,32 @@ + addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA"); +@@ -66,26 +72,30 @@ encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA"); encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa, "RSA"); encryptionAlgs.put(PKCSObjectIdentifiers.id_RSASSA_PSS, "RSAandMGF1"); @@ -1144,10 +1039,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureAlgor + // END android-removed digestAlgs.put(PKCSObjectIdentifiers.md5, "MD5"); digestAlgs.put(OIWObjectIdentifiers.idSHA1, "SHA1"); -- digestAlgs.put(NISTObjectIdentifiers.id_sha224, "SHA224"); -+ // BEGIN android-removed -+ // digestAlgs.put(NISTObjectIdentifiers.id_sha224, "SHA224"); -+ // END android-removed + digestAlgs.put(NISTObjectIdentifiers.id_sha224, "SHA224"); digestAlgs.put(NISTObjectIdentifiers.id_sha256, "SHA256"); digestAlgs.put(NISTObjectIdentifiers.id_sha384, "SHA384"); digestAlgs.put(NISTObjectIdentifiers.id_sha512, "SHA512"); @@ -1168,8 +1060,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureAlgor /** diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java bcpkix-jdk15on-149/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java --- bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java 2013-05-31 21:17:22.000000000 +0000 -+++ bcpkix-jdk15on-149/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java 2012-09-17 23:04:47.000000000 +0000 -@@ -16,21 +16,29 @@ ++++ bcpkix-jdk15on-149/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java 2013-09-26 18:06:21.000000000 +0000 +@@ -16,21 +16,27 @@ static { @@ -1181,10 +1073,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureEncry + // END android-removed RSA_PKCS1d5.add(PKCSObjectIdentifiers.md5WithRSAEncryption); RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha1WithRSAEncryption); -- RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // BEGIN android-removed -+ // RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // END android-removed + RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha224WithRSAEncryption); RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha256WithRSAEncryption); RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha384WithRSAEncryption); RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha512WithRSAEncryption); @@ -1209,7 +1098,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/cms/DefaultCMSSignatureEncry public AlgorithmIdentifier findEncryptionAlgorithm(AlgorithmIdentifier signatureAlgorithm) diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java bcpkix-jdk15on-149/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java --- bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java 2013-05-31 21:17:22.000000000 +0000 -+++ bcpkix-jdk15on-149/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcpkix-jdk15on-149/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java 2013-09-26 18:06:21.000000000 +0000 @@ -5,7 +5,9 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; @@ -1221,7 +1110,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultDigestAlgori import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -@@ -25,53 +27,71 @@ +@@ -25,16 +27,20 @@ // // digests // @@ -1233,10 +1122,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultDigestAlgori + // END android-removed digestOids.put(OIWObjectIdentifiers.sha1WithRSA, OIWObjectIdentifiers.idSHA1); -- digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224); -+ // BEGIN android-removed -+ // digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224); -+ // END android-removed + digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224); digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256); digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384); digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512); @@ -1249,21 +1135,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultDigestAlgori digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5); digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1); - digestOids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, OIWObjectIdentifiers.idSHA1); -- digestOids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, NISTObjectIdentifiers.id_sha224); -+ // BEGIN android-removed -+ // digestOids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, NISTObjectIdentifiers.id_sha224); -+ // END android-removed - digestOids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, NISTObjectIdentifiers.id_sha256); - digestOids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, NISTObjectIdentifiers.id_sha384); - digestOids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, NISTObjectIdentifiers.id_sha512); - digestOids.put(X9ObjectIdentifiers.id_dsa_with_sha1, OIWObjectIdentifiers.idSHA1); - -- digestOids.put(NISTObjectIdentifiers.dsa_with_sha224, NISTObjectIdentifiers.id_sha224); -+ // BEGIN android-removed -+ // digestOids.put(NISTObjectIdentifiers.dsa_with_sha224, NISTObjectIdentifiers.id_sha224); -+ // END android-removed - digestOids.put(NISTObjectIdentifiers.dsa_with_sha256, NISTObjectIdentifiers.id_sha256); +@@ -50,12 +56,14 @@ digestOids.put(NISTObjectIdentifiers.dsa_with_sha384, NISTObjectIdentifiers.id_sha384); digestOids.put(NISTObjectIdentifiers.dsa_with_sha512, NISTObjectIdentifiers.id_sha512); @@ -1283,11 +1155,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultDigestAlgori + // END android-removed digestNameToOids.put("SHA-1", OIWObjectIdentifiers.idSHA1); -- digestNameToOids.put("SHA-224", NISTObjectIdentifiers.id_sha224); -+ // BEGIN android-removed -+ // digestNameToOids.put("SHA-224", NISTObjectIdentifiers.id_sha224); -+ // END android-removed - digestNameToOids.put("SHA-256", NISTObjectIdentifiers.id_sha256); + digestNameToOids.put("SHA-224", NISTObjectIdentifiers.id_sha224); +@@ -63,15 +71,19 @@ digestNameToOids.put("SHA-384", NISTObjectIdentifiers.id_sha384); digestNameToOids.put("SHA-512", NISTObjectIdentifiers.id_sha512); @@ -1316,7 +1185,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultDigestAlgori public AlgorithmIdentifier find(AlgorithmIdentifier sigAlgId) diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java bcpkix-jdk15on-149/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java --- bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java 2013-05-31 21:17:22.000000000 +0000 -+++ bcpkix-jdk15on-149/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcpkix-jdk15on-149/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java 2013-09-26 18:06:21.000000000 +0000 @@ -9,7 +9,9 @@ import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; @@ -1328,7 +1197,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlg import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -@@ -32,19 +34,25 @@ +@@ -32,13 +34,17 @@ private static final ASN1ObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1; private static final ASN1ObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1; private static final ASN1ObjectIdentifier ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS; @@ -1350,24 +1219,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlg algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); - algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption); -- algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); -- algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // END android-removed - algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); -@@ -52,45 +60,59 @@ - algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -- algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -+ // END android-removed +@@ -56,12 +62,14 @@ algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); @@ -1387,19 +1239,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlg + // END android-removed algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); -- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); -+ // END android-removed - algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); - algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); - algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); - algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); -- algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // END android-removed + algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); +@@ -74,11 +82,13 @@ algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); @@ -1418,25 +1259,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlg // // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. - // The parameters field SHALL be NULL for RSA based signature algorithms. - // - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); -- noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // BEGIN android-removed -+ // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // END android-removed - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); - noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); -- noParams.add(NISTObjectIdentifiers.dsa_with_sha224); -+ // BEGIN android-removed -+ // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); -+ // END android-removed - noParams.add(NISTObjectIdentifiers.dsa_with_sha256); - noParams.add(NISTObjectIdentifiers.dsa_with_sha384); - noParams.add(NISTObjectIdentifiers.dsa_with_sha512); -@@ -98,20 +120,26 @@ +@@ -98,8 +108,10 @@ // // RFC 4491 // @@ -1449,12 +1272,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlg // // PKCS 1.5 encrypted algorithms - // - pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha1WithRSAEncryption); -- pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // BEGIN android-removed -+ // pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // END android-removed +@@ -109,9 +121,11 @@ pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha256WithRSAEncryption); pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha384WithRSAEncryption); pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha512WithRSAEncryption); @@ -1469,27 +1287,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlg // // explicit params -@@ -119,8 +147,10 @@ - AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); - params.put("SHA1WITHRSAANDMGF1", createPSSParams(sha1AlgId, 20)); - -- AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); -- params.put("SHA224WITHRSAANDMGF1", createPSSParams(sha224AlgId, 28)); -+ // BEGIN android-removed -+ // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); -+ // params.put("SHA224WITHRSAANDMGF1", createPSSParams(sha224AlgId, 28)); -+ // END android-removed - - AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); - params.put("SHA256WITHRSAANDMGF1", createPSSParams(sha256AlgId, 32)); -@@ -134,19 +164,25 @@ - // - // digests - // -- digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224); -+ // BEGIN android-removed -+ // digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224); -+ // END android-removed +@@ -138,15 +152,19 @@ digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256); digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384); digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512); @@ -1518,8 +1316,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/DefaultSignatureAlg private static AlgorithmIdentifier generate(String signatureAlgorithm) diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java bcpkix-jdk15on-149/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java --- bcpkix-jdk15on-149.orig/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java 2013-05-31 21:17:22.000000000 +0000 -+++ bcpkix-jdk15on-149/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java 2013-05-25 02:14:15.000000000 +0000 -@@ -4,22 +4,30 @@ ++++ bcpkix-jdk15on-149/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java 2013-09-26 18:06:21.000000000 +0000 +@@ -4,20 +4,26 @@ import java.util.HashMap; import java.util.Map; @@ -1551,37 +1349,9 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/bc/BcDefaultDigestP +// import org.bouncycastle.crypto.digests.RIPEMD256Digest; +// END android-removed import org.bouncycastle.crypto.digests.SHA1Digest; --import org.bouncycastle.crypto.digests.SHA224Digest; -+// BEGIN android-removed -+// import org.bouncycastle.crypto.digests.SHA224Digest; -+// END android-removed + import org.bouncycastle.crypto.digests.SHA224Digest; import org.bouncycastle.crypto.digests.SHA256Digest; - import org.bouncycastle.crypto.digests.SHA384Digest; - import org.bouncycastle.crypto.digests.SHA512Digest; -@@ -41,13 +49,15 @@ - return new SHA1Digest(); - } - }); -- table.put(NISTObjectIdentifiers.id_sha224, new BcDigestProvider() -- { -- public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) -- { -- return new SHA224Digest(); -- } -- }); -+ // BEGIN android-removed -+ // table.put(NISTObjectIdentifiers.id_sha224, new BcDigestProvider() -+ // { -+ // public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) -+ // { -+ // return new SHA224Digest(); -+ // } -+ // }); -+ // END android-removed - table.put(NISTObjectIdentifiers.id_sha256, new BcDigestProvider() - { - public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier) -@@ -76,48 +86,50 @@ +@@ -76,48 +82,50 @@ return new MD5Digest(); } }); @@ -1676,7 +1446,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/bc/BcDefaultDigestP } diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/jcajce/OperatorHelper.java bcpkix-jdk15on-149/org/bouncycastle/operator/jcajce/OperatorHelper.java --- bcpkix-jdk15on-149.orig/org/bouncycastle/operator/jcajce/OperatorHelper.java 2013-05-31 21:17:22.000000000 +0000 -+++ bcpkix-jdk15on-149/org/bouncycastle/operator/jcajce/OperatorHelper.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcpkix-jdk15on-149/org/bouncycastle/operator/jcajce/OperatorHelper.java 2013-09-26 18:06:21.000000000 +0000 @@ -20,7 +20,9 @@ import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; @@ -1688,14 +1458,7 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/jcajce/OperatorHelp import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; -@@ -47,24 +49,34 @@ - // reverse mappings - // - oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA"); -- oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); -+ // BEGIN android-removed -+ // oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); -+ // END android-removed +@@ -51,11 +53,15 @@ oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); @@ -1713,40 +1476,8 @@ diff -Naur bcpkix-jdk15on-149.orig/org/bouncycastle/operator/jcajce/OperatorHelp + // END android-removed oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); -- oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); -+ // BEGIN android-removed -+ // oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); -+ // END android-removed - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA"); - oids.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); - oids.put(OIWObjectIdentifiers.dsaWithSHA1, "SHA1WITHDSA"); -- oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); -+ // BEGIN android-removed -+ // oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); -+ // END android-removed - oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA"); - - oids.put(OIWObjectIdentifiers.idSHA1, "SHA-1"); -@@ -305,10 +317,12 @@ - { - return "SHA1"; - } -- else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) -- { -- return "SHA224"; -- } -+ // BEGIN android-removed -+ // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) -+ // { -+ // return "SHA224"; -+ // } -+ // END android-removed - else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) - { - return "SHA256"; -@@ -321,22 +335,24 @@ + oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); +@@ -321,22 +327,24 @@ { return "SHA512"; } diff --git a/patches/bcprov.patch b/patches/bcprov.patch index e6e7f40..ce5fedf 100644 --- a/patches/bcprov.patch +++ b/patches/bcprov.patch @@ -146,7 +146,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/asn1/cms/ContentInfo.java bc private ASN1Encodable content; diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java bcprov-jdk15on-149/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java --- bcprov-jdk15on-149.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java 2013-09-26 18:06:21.000000000 +0000 @@ -10,8 +10,10 @@ // static final ASN1ObjectIdentifier pkcs_1 = new ASN1ObjectIdentifier("1.2.840.113549.1.1"); @@ -160,18 +160,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifi static final ASN1ObjectIdentifier md5WithRSAEncryption = pkcs_1.branch("4"); static final ASN1ObjectIdentifier sha1WithRSAEncryption = pkcs_1.branch("5"); static final ASN1ObjectIdentifier srsaOAEPEncryptionSET = pkcs_1.branch("6"); -@@ -22,7 +24,9 @@ - static final ASN1ObjectIdentifier sha256WithRSAEncryption = pkcs_1.branch("11"); - static final ASN1ObjectIdentifier sha384WithRSAEncryption = pkcs_1.branch("12"); - static final ASN1ObjectIdentifier sha512WithRSAEncryption = pkcs_1.branch("13"); -- static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); -+ // BEGIN android-removed -+ // static final ASN1ObjectIdentifier sha224WithRSAEncryption = pkcs_1.branch("14"); -+ // END android-removed - - // - // pkcs-3 OBJECT IDENTIFIER ::= { -@@ -66,13 +70,17 @@ +@@ -66,13 +68,17 @@ // md2 OBJECT IDENTIFIER ::= // {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2} // @@ -191,17 +180,6 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifi // // md5 OBJECT IDENTIFIER ::= -@@ -81,7 +89,9 @@ - static final ASN1ObjectIdentifier md5 = digestAlgorithm.branch("5"); - - static final ASN1ObjectIdentifier id_hmacWithSHA1 = digestAlgorithm.branch("7"); -- static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); -+ // BEGIN android-removed -+ // static final ASN1ObjectIdentifier id_hmacWithSHA224 = digestAlgorithm.branch("8"); -+ // END android-removed - static final ASN1ObjectIdentifier id_hmacWithSHA256 = digestAlgorithm.branch("9"); - static final ASN1ObjectIdentifier id_hmacWithSHA384 = digestAlgorithm.branch("10"); - static final ASN1ObjectIdentifier id_hmacWithSHA512 = digestAlgorithm.branch("11"); diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java bcprov-jdk15on-149/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java --- bcprov-jdk15on-149.orig/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2013-05-31 21:16:46.000000000 +0000 +++ bcprov-jdk15on-149/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java 2013-05-25 02:14:15.000000000 +0000 @@ -313,8 +291,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/asn1/x509/X509NameTokenizer. } diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactory.java --- bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 1970-01-01 00:00:00.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-05-01 01:48:41.000000000 +0000 -@@ -0,0 +1,83 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactory.java 2013-09-26 18:06:21.000000000 +0000 +@@ -0,0 +1,87 @@ +/* + * Copyright (C) 2012 The Android Open Source Project + * @@ -386,6 +364,10 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigest + return FACTORY.getSHA1(); + } + ++ public static Digest getSHA224() { ++ return FACTORY.getSHA224(); ++ } ++ + public static Digest getSHA256() { + return FACTORY.getSHA256(); + } @@ -400,8 +382,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigest +} diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java --- bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 1970-01-01 00:00:00.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2012-09-17 23:04:47.000000000 +0000 -@@ -0,0 +1,37 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java 2013-09-26 18:06:21.000000000 +0000 +@@ -0,0 +1,40 @@ +/* + * Copyright (C) 2012 The Android Open Source Project + * @@ -429,6 +411,9 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigest + public Digest getSHA1() { + return new SHA1Digest(); + } ++ public Digest getSHA224() { ++ return new SHA224Digest(); ++ } + public Digest getSHA256() { + return new SHA256Digest(); + } @@ -441,8 +426,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigest +} diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java --- bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 1970-01-01 00:00:00.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2012-09-17 23:04:47.000000000 +0000 -@@ -0,0 +1,27 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java 2013-09-26 18:06:21.000000000 +0000 +@@ -0,0 +1,28 @@ +/* + * Copyright (C) 2012 The Android Open Source Project + * @@ -466,14 +451,15 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigest +interface AndroidDigestFactoryInterface { + public Digest getMD5(); + public Digest getSHA1(); ++ public Digest getSHA224(); + public Digest getSHA256(); + public Digest getSHA384(); + public Digest getSHA512(); +} diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java --- bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 1970-01-01 00:00:00.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2012-09-17 23:04:47.000000000 +0000 -@@ -0,0 +1,37 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java 2013-09-26 18:06:21.000000000 +0000 +@@ -0,0 +1,40 @@ +/* + * Copyright (C) 2012 The Android Open Source Project + * @@ -501,6 +487,9 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigest + public Digest getSHA1() { + return new OpenSSLDigest.SHA1(); + } ++ public Digest getSHA224() { ++ return new OpenSSLDigest.SHA224(); ++ } + public Digest getSHA256() { + return new OpenSSLDigest.SHA256(); + } @@ -513,8 +502,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/AndroidDigest +} diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java bcprov-jdk15on-149/org/bouncycastle/crypto/digests/OpenSSLDigest.java --- bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/OpenSSLDigest.java 1970-01-01 00:00:00.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2013-04-24 05:37:59.000000000 +0000 -@@ -0,0 +1,159 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/crypto/digests/OpenSSLDigest.java 2013-09-26 18:06:21.000000000 +0000 +@@ -0,0 +1,166 @@ +/* + * Copyright (C) 2008 The Android Open Source Project + * @@ -653,6 +642,13 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/digests/OpenSSLDigest + public SHA1() { super("SHA-1", EVP_MD, SIZE, BLOCK_SIZE); } + } + ++ public static class SHA224 extends OpenSSLDigest { ++ private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha224"); ++ private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); ++ private static final int BLOCK_SIZE = NativeCrypto.EVP_MD_block_size(EVP_MD); ++ public SHA224() { super("SHA-224", EVP_MD, SIZE, BLOCK_SIZE); } ++ } ++ + public static class SHA256 extends OpenSSLDigest { + private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha256"); + private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); @@ -881,8 +877,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/generators/PKCS5S2Par public PKCS5S2ParametersGenerator(Digest digest) diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/macs/HMac.java bcprov-jdk15on-149/org/bouncycastle/crypto/macs/HMac.java --- bcprov-jdk15on-149.orig/org/bouncycastle/crypto/macs/HMac.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/crypto/macs/HMac.java 2013-05-25 02:14:15.000000000 +0000 -@@ -36,23 +36,31 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/crypto/macs/HMac.java 2013-09-26 18:06:21.000000000 +0000 +@@ -36,14 +36,18 @@ { blockLengths = new Hashtable(); @@ -906,11 +902,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/macs/HMac.java bcprov + // END android-removed blockLengths.put("SHA-1", Integers.valueOf(64)); -- blockLengths.put("SHA-224", Integers.valueOf(64)); -+ // BEGIN android-removed -+ // blockLengths.put("SHA-224", Integers.valueOf(64)); -+ // END android-removed - blockLengths.put("SHA-256", Integers.valueOf(64)); + blockLengths.put("SHA-224", Integers.valueOf(64)); +@@ -51,8 +55,10 @@ blockLengths.put("SHA-384", Integers.valueOf(128)); blockLengths.put("SHA-512", Integers.valueOf(128)); @@ -925,8 +918,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/macs/HMac.java bcprov private static int getByteLength( diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java bcprov-jdk15on-149/org/bouncycastle/crypto/signers/RSADigestSigner.java --- bcprov-jdk15on-149.orig/org/bouncycastle/crypto/signers/RSADigestSigner.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/crypto/signers/RSADigestSigner.java 2012-09-17 23:04:47.000000000 +0000 -@@ -39,18 +39,24 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/crypto/signers/RSADigestSigner.java 2013-09-26 18:06:21.000000000 +0000 +@@ -39,9 +39,11 @@ */ static { @@ -940,11 +933,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/crypto/signers/RSADigestSign + // END android-removed oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1); -- oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); -+ // BEGIN android-removed -+ // oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); -+ // END android-removed - oidMap.put("SHA-256", NISTObjectIdentifiers.id_sha256); + oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224); +@@ -49,8 +51,10 @@ oidMap.put("SHA-384", NISTObjectIdentifiers.id_sha384); oidMap.put("SHA-512", NISTObjectIdentifiers.id_sha512); @@ -1137,7 +1127,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/D } diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/DSA.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/DSA.java 2013-09-26 18:06:21.000000000 +0000 @@ -27,33 +27,43 @@ provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); @@ -1150,23 +1140,11 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/D provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); -- addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); -- addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); + addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); + addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); - addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); - addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); -- -- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); -- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); -- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); -- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); -- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); -- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); -- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); -- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); -- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); + // BEGIN android-removed -+ // addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); -+ // addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); + // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); + // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); + // END android-removed @@ -1184,6 +1162,16 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/D + provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); + provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); +- provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); +- provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); +- provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); +- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); +- provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); +- provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); +- provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); +- provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); +- provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); +- - provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); + // END android-changed @@ -1201,7 +1189,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/D registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/EC.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2013-05-25 02:14:15.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/EC.java 2013-09-26 18:06:21.000000000 +0000 @@ -1,7 +1,9 @@ package org.bouncycastle.jcajce.provider.asymmetric; @@ -1289,20 +1277,16 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/E provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); -@@ -65,25 +77,31 @@ +@@ -65,25 +77,29 @@ provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); - provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); -- -- addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); + // BEGIN android-removed + // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); + // END android-removed -+ -+ // BEGIN android-removed -+ // addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // END android-removed + + addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); @@ -1339,7 +1323,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/E } diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/RSA.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/RSA.java 2013-09-26 18:06:21.000000000 +0000 @@ -3,7 +3,9 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; @@ -1431,7 +1415,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/R provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); -@@ -68,101 +78,113 @@ +@@ -68,73 +78,81 @@ registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); @@ -1569,12 +1553,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/R provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); } - -- addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // BEGIN android-removed -+ // addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // END android-removed - addDigestSignature(provider, "SHA256", PREFIX + "DigestSignatureSpi$SHA256", PKCSObjectIdentifiers.sha256WithRSAEncryption); +@@ -144,25 +162,27 @@ addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); @@ -1639,7 +1618,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/X // certificate factories. diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-05-25 02:14:15.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java 2013-09-26 18:06:21.000000000 +0000 @@ -23,11 +23,16 @@ import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; @@ -1662,7 +1641,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/d import org.bouncycastle.crypto.params.ParametersWithRandom; public class DSASigner -@@ -216,45 +221,49 @@ +@@ -216,7 +221,9 @@ { public stdDSA() { @@ -1673,24 +1652,28 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/d } } -- static public class dsa224 -- extends DSASigner -- { -- public dsa224() -- { +@@ -225,7 +232,9 @@ + { + public dsa224() + { - super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); -- } -- } -- -- static public class dsa256 -- extends DSASigner -- { -- public dsa256() -- { ++ // BEGIN android-changed ++ super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); ++ // END android-changed + } + } + +@@ -234,27 +243,31 @@ + { + public dsa256() + { - super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); -- } -- } -- ++ // BEGIN android-changed ++ super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); ++ // END android-changed + } + } + - static public class dsa384 - extends DSASigner - { @@ -1709,24 +1692,6 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/d - } - } + // BEGIN android-removed -+ // static public class dsa224 -+ // extends DSASigner -+ // { -+ // public dsa224() -+ // { -+ // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); -+ // } -+ // } -+ // -+ // static public class dsa256 -+ // extends DSASigner -+ // { -+ // public dsa256() -+ // { -+ // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); -+ // } -+ // } -+ // + // static public class dsa384 + // extends DSASigner + // { @@ -2253,7 +2218,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/e throw new InvalidAlgorithmParameterException("unknown curve OID: " + curveName); diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2013-05-25 02:14:15.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2013-09-26 18:06:21.000000000 +0000 @@ -16,15 +16,22 @@ import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; @@ -2295,31 +2260,18 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/e } } -@@ -82,21 +91,25 @@ +@@ -87,7 +96,9 @@ + { + public ecDSA224() + { +- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); ++ // BEGIN android-changed ++ super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); ++ // END android-changed } } -- static public class ecDSA224 -- extends SignatureSpi -- { -- public ecDSA224() -- { -- super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); -- } -- } -+ // BEGIN android-removed -+ // static public class ecDSA224 -+ // extends SignatureSpi -+ // { -+ // public ecDSA224() -+ // { -+ // super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); -+ // } -+ // } -+ // END android-removed - - static public class ecDSA256 - extends SignatureSpi +@@ -96,7 +107,9 @@ { public ecDSA256() { @@ -2565,7 +2517,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/e +} diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java 2013-09-26 18:06:21.000000000 +0000 @@ -26,7 +26,9 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; @@ -2594,24 +2546,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/r else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) { initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); -@@ -213,10 +217,12 @@ - { - initFromSpec(OAEPParameterSpec.DEFAULT); - } -- else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-224ANDMGF1PADDING")) -- { -- initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT)); -- } -+ // BEGIN android-removed -+ // else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-224ANDMGF1PADDING")) -+ // { -+ // initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT)); -+ // } -+ // END android-removed - else if (pad.equals("OAEPWITHSHA256ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-256ANDMGF1PADDING")) - { - initFromSpec(new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT)); -@@ -539,48 +545,50 @@ +@@ -539,48 +543,50 @@ } } @@ -2708,7 +2643,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/r } diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2012-09-17 23:04:47.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java 2013-09-26 18:06:21.000000000 +0000 @@ -17,24 +17,31 @@ import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; @@ -2754,7 +2689,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/r import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; -@@ -261,25 +268,31 @@ +@@ -261,7 +268,9 @@ { public SHA1() { @@ -2765,27 +2700,18 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/r } } -- static public class SHA224 -- extends DigestSignatureSpi -- { -- public SHA224() -- { +@@ -270,7 +279,9 @@ + { + public SHA224() + { - super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); -- } -- } -+ // BEGIN android-removed -+ // static public class SHA224 -+ // extends DigestSignatureSpi -+ // { -+ // public SHA224() -+ // { -+ // super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); -+ // } -+ // } -+ // END android-removed ++ // BEGIN android-changed ++ super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); ++ // END android-changed + } + } - static public class SHA256 - extends DigestSignatureSpi +@@ -279,7 +290,9 @@ { public SHA256() { @@ -2812,21 +2738,21 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/r public SHA512() { - super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine())); -- } -- } -- -- static public class MD2 -- extends DigestSignatureSpi -- { -- public MD2() -- { -- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); + // BEGIN android-changed + super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); + // END android-changed } } +- static public class MD2 +- extends DigestSignatureSpi +- { +- public MD2() +- { +- super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); +- } +- } +- - static public class MD4 - extends DigestSignatureSpi - { @@ -2861,21 +2787,21 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/asymmetric/r public MD5() { - super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine())); -+ // BEGIN android-changed -+ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); -+ // END android-changed - } - } - +- } +- } +- - static public class RIPEMD160 - extends DigestSignatureSpi - { - public RIPEMD160() - { - super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); -- } -- } -- ++ // BEGIN android-changed ++ super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); ++ // END android-changed + } + } + - static public class RIPEMD128 - extends DigestSignatureSpi - { @@ -6243,8 +6169,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/symmetric/ut } diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/util/DigestFactory.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2012-09-17 23:04:47.000000000 +0000 -@@ -10,19 +10,26 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/jcajce/provider/util/DigestFactory.java 2013-09-26 18:06:21.000000000 +0000 +@@ -10,12 +10,17 @@ import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.Digest; @@ -6268,47 +6194,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/util/DigestF import org.bouncycastle.util.Strings; public class DigestFactory - { - private static Set md5 = new HashSet(); - private static Set sha1 = new HashSet(); -- private static Set sha224 = new HashSet(); -+ // BEGIN android-removed -+ // private static Set sha224 = new HashSet(); -+ // END android-removed - private static Set sha256 = new HashSet(); - private static Set sha384 = new HashSet(); - private static Set sha512 = new HashSet(); -@@ -38,9 +45,11 @@ - sha1.add("SHA-1"); - sha1.add(OIWObjectIdentifiers.idSHA1.getId()); - -- sha224.add("SHA224"); -- sha224.add("SHA-224"); -- sha224.add(NISTObjectIdentifiers.id_sha224.getId()); -+ // BEGIN android-removed -+ // sha224.add("SHA224"); -+ // sha224.add("SHA-224"); -+ // sha224.add(NISTObjectIdentifiers.id_sha224.getId()); -+ // END android-removed - - sha256.add("SHA256"); - sha256.add("SHA-256"); -@@ -61,9 +70,11 @@ - oids.put("SHA-1", OIWObjectIdentifiers.idSHA1); - oids.put(OIWObjectIdentifiers.idSHA1.getId(), OIWObjectIdentifiers.idSHA1); - -- oids.put("SHA224", NISTObjectIdentifiers.id_sha224); -- oids.put("SHA-224", NISTObjectIdentifiers.id_sha224); -- oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224); -+ // BEGIN android-removed -+ // oids.put("SHA224", NISTObjectIdentifiers.id_sha224); -+ // oids.put("SHA-224", NISTObjectIdentifiers.id_sha224); -+ // oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224); -+ // END android-removed - - oids.put("SHA256", NISTObjectIdentifiers.id_sha256); - oids.put("SHA-256", NISTObjectIdentifiers.id_sha256); -@@ -85,27 +96,39 @@ +@@ -85,27 +90,39 @@ if (sha1.contains(digestName)) { @@ -6320,21 +6206,17 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/util/DigestF if (md5.contains(digestName)) { - return new MD5Digest(); -- } -- if (sha224.contains(digestName)) -- { -- return new SHA224Digest(); -- } + // BEGIN android-changed + return AndroidDigestFactory.getMD5(); + // END android-changed -+ } -+ // BEGIN android-removed -+ // if (sha224.contains(digestName)) -+ // { -+ // return new SHA224Digest(); -+ // } -+ // END android-removed + } + if (sha224.contains(digestName)) + { +- return new SHA224Digest(); ++ // BEGIN android-changed ++ return AndroidDigestFactory.getSHA224(); ++ // END android-changed + } if (sha256.contains(digestName)) { - return new SHA256Digest(); @@ -6358,20 +6240,9 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jcajce/provider/util/DigestF } return null; -@@ -116,7 +139,9 @@ - String digest2) - { - return (sha1.contains(digest1) && sha1.contains(digest2)) -- || (sha224.contains(digest1) && sha224.contains(digest2)) -+ // BEGIN android-removed -+ // || (sha224.contains(digest1) && sha224.contains(digest2)) -+ // END android-removed - || (sha256.contains(digest1) && sha256.contains(digest2)) - || (sha384.contains(digest1) && sha384.contains(digest2)) - || (sha512.contains(digest1) && sha512.contains(digest2)) diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java bcprov-jdk15on-149/org/bouncycastle/jce/PKCS10CertificationRequest.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationRequest.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jce/PKCS10CertificationRequest.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jce/PKCS10CertificationRequest.java 2013-09-26 18:06:21.000000000 +0000 @@ -30,14 +30,18 @@ import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERNull; @@ -6393,7 +6264,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationReque import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x509.X509Name; -@@ -81,15 +85,20 @@ +@@ -81,8 +85,11 @@ static { @@ -6407,26 +6278,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationReque algorithms.put("MD5WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("MD5WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.4")); algorithms.put("RSAWITHMD5", new DERObjectIdentifier("1.2.840.113549.1.1.4")); - algorithms.put("SHA1WITHRSAENCRYPTION", new DERObjectIdentifier("1.2.840.113549.1.1.5")); - algorithms.put("SHA1WITHRSA", new DERObjectIdentifier("1.2.840.113549.1.1.5")); -- algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); -- algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // END android-removed - algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); -@@ -97,57 +106,78 @@ - algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -- algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -+ // END android-removed - algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); +@@ -102,12 +109,14 @@ algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("RSAWITHSHA1", new DERObjectIdentifier("1.2.840.113549.1.1.5")); @@ -6446,19 +6298,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationReque + // END android-removed algorithms.put("SHA1WITHDSA", new DERObjectIdentifier("1.2.840.10040.4.3")); algorithms.put("DSAWITHSHA1", new DERObjectIdentifier("1.2.840.10040.4.3")); -- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); -+ // END android-removed - algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); - algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); - algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); - algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); -- algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // END android-removed - algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); + algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); +@@ -120,11 +129,13 @@ algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); @@ -6477,12 +6318,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationReque // // reverse mappings - // - oids.put(new DERObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA"); -- oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); -+ // BEGIN android-removed -+ // oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA"); -+ // END android-removed +@@ -134,11 +145,16 @@ oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA"); oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA"); oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA"); @@ -6501,40 +6337,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationReque + // END android-removed oids.put(new DERObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA"); oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA"); -- oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); -+ // BEGIN android-removed -+ // oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); -+ // END android-removed - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA"); - oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA"); - oids.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); - oids.put(OIWObjectIdentifiers.dsaWithSHA1, "SHA1WITHDSA"); -- oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); -+ // BEGIN android-removed -+ // oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA"); -+ // END android-removed - oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA"); - - // -@@ -161,27 +191,35 @@ - // The parameters field SHALL be NULL for RSA based signature algorithms. - // - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); -- noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // BEGIN android-removed -+ // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // END android-removed - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); - noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); -- noParams.add(NISTObjectIdentifiers.dsa_with_sha224); -+ // BEGIN android-removed -+ // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); -+ // END android-removed - noParams.add(NISTObjectIdentifiers.dsa_with_sha256); - + oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA"); +@@ -172,8 +188,10 @@ // // RFC 4491 // @@ -6547,36 +6351,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationReque // // explicit params // - AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); - params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); - -- AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); -- params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); -+ // BEGIN android-removed -+ // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); -+ // params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); -+ // END android-removed - - AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); - params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); -@@ -600,10 +638,12 @@ - { - return "SHA1"; - } -- else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) -- { -- return "SHA224"; -- } -+ // BEGIN android-removed -+ // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) -+ // { -+ // return "SHA224"; -+ // } -+ // END android-removed - else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) - { - return "SHA256"; -@@ -616,22 +656,24 @@ +@@ -616,22 +634,24 @@ { return "SHA512"; } @@ -6619,7 +6394,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/PKCS10CertificationReque return digestAlgOID.getId(); diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java bcprov-jdk15on-149/org/bouncycastle/jce/provider/BouncyCastleProvider.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2013-05-25 02:14:15.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jce/provider/BouncyCastleProvider.java 2013-09-26 18:06:21.000000000 +0000 @@ -64,13 +64,20 @@ private static final String[] SYMMETRIC_MACS = @@ -6678,7 +6453,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/BouncyCastlePro + // "GOST3411", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224", "SHA256", "SHA384", "SHA512", "SHA3", "Tiger", "Whirlpool" + // END android-removed + // BEGIN android-added -+ "MD5", "SHA1", "SHA256", "SHA384", "SHA512", ++ "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", + // END android-added }; @@ -7904,7 +7679,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/X509Certificate case GeneralName.rfc822Name: diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java bcprov-jdk15on-149/org/bouncycastle/jce/provider/X509SignatureUtil.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/X509SignatureUtil.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jce/provider/X509SignatureUtil.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/jce/provider/X509SignatureUtil.java 2013-09-26 18:06:21.000000000 +0000 @@ -14,7 +14,9 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERNull; @@ -7937,24 +7712,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/X509SignatureUt if (sigAlgId.getObjectId().equals(X9ObjectIdentifiers.ecdsa_with_SHA2)) { ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params); -@@ -98,10 +102,12 @@ - { - return "SHA1"; - } -- else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) -- { -- return "SHA224"; -- } -+ // BEGIN android-removed -+ // else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID)) -+ // { -+ // return "SHA224"; -+ // } -+ // END android-removed - else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID)) - { - return "SHA256"; -@@ -114,22 +120,24 @@ +@@ -114,22 +118,24 @@ { return "SHA512"; } @@ -7997,7 +7755,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/X509SignatureUt return digestAlgOID.getId(); diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/x509/X509Util.java bcprov-jdk15on-149/org/bouncycastle/x509/X509Util.java --- bcprov-jdk15on-149.orig/org/bouncycastle/x509/X509Util.java 2013-05-31 21:16:46.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/x509/X509Util.java 2013-01-31 02:26:40.000000000 +0000 ++++ bcprov-jdk15on-149/org/bouncycastle/x509/X509Util.java 2013-09-26 18:06:21.000000000 +0000 @@ -25,12 +25,16 @@ import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.DERNull; @@ -8017,7 +7775,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/x509/X509Util.java bcprov-jd import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import org.bouncycastle.jce.X509Principal; -@@ -44,14 +48,18 @@ +@@ -44,8 +48,10 @@ static { @@ -8030,24 +7788,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/x509/X509Util.java bcprov-jd algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption); algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption); - algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption); -- algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); -- algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption); -+ // END android-removed - algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption); - algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption); -@@ -59,45 +67,59 @@ - algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption); - algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -- algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); -+ // END android-removed +@@ -63,12 +69,14 @@ algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS); @@ -8067,19 +7808,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/x509/X509Util.java bcprov-jd + // END android-removed algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1); algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1); -- algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); -+ // END android-removed - algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256); - algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384); - algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512); - algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1); - algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1); -- algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // BEGIN android-removed -+ // algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // END android-removed + algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224); +@@ -81,11 +89,13 @@ algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256); algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384); algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512); @@ -8098,25 +7828,7 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/x509/X509Util.java bcprov-jd // // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. - // The parameters field SHALL be NULL for RSA based signature algorithms. - // - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1); -- noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // BEGIN android-removed -+ // noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224); -+ // END android-removed - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384); - noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512); - noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1); -- noParams.add(NISTObjectIdentifiers.dsa_with_sha224); -+ // BEGIN android-removed -+ // noParams.add(NISTObjectIdentifiers.dsa_with_sha224); -+ // END android-removed - noParams.add(NISTObjectIdentifiers.dsa_with_sha256); - noParams.add(NISTObjectIdentifiers.dsa_with_sha384); - noParams.add(NISTObjectIdentifiers.dsa_with_sha512); -@@ -105,8 +127,10 @@ +@@ -105,8 +115,10 @@ // // RFC 4491 // @@ -8129,16 +7841,3 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/x509/X509Util.java bcprov-jd // // explicit params -@@ -114,8 +138,10 @@ - AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); - params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20)); - -- AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); -- params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); -+ // BEGIN android-removed -+ // AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE); -+ // params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28)); -+ // END android-removed - - AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE); - params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32)); -- cgit v1.2.3