5faee297baafbc31667954a404d0451916ef5c59 |
|
04-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
Adding SecretKeyFactory.PBKDF2WithHmacSHA1 support wrapper Bug: 3059950 Change-Id: I9de5e0ebed773818aeeb6831d48db308b09a4246
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
e0e967cc691aa03a9776e5c4af763cd882845fc3 |
|
24-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
Restore PBE Ciphers and SecreyKeyFactories if underlying algorithm is supported for better PKCS12 support This restores the Password Based Encryption (PBE) algorithms when we were including the underlying algorithms used (3DES, AES, DES, MD5, RC2, SHA1, SHA256) Specficially we leave out PBE definitions that include algorithms such as MD2, RIPEMD, Tiger that are not in our BouncyCastle jar. Bug: 2942581 Change-Id: I0a4ecc5b90b08b593b92a0a8adfea8f582f77da6
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
7493aa25d0d0a0b8396ebfc6e1395ffdfb6045d5 |
|
19-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
Restoring blowfish to bouncycastle Adding blowfish algoritms for RI parity. Also added KeyGenerator.ARCFOUR alias for RI compatability. Change-Id: I1ddf86bdc82a1056f3f671743709e9186e95f7c3
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
f7433bf801526ab2a93e1cadb7a25ded87f43ed4 |
|
21-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Restore BouncyCastle's RC4 implementation Change-Id: I99c9d547039679b093bf6da15c6dcdede42d2570
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
8e551503a8d09fb57fd4efe9a2aa0392e7ba56e9 |
|
13-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Fix PKCS12 and BKS KeyStore as well as SSL renegotiation Summary: - Added KeyStoreTest and fixed PKCS and BKS keystores to be fully functional - KeyStore and KeyStoreImpl improvements in libcore and bouncycastle for more RI-like behavior - SSL Renegotiation fix for new implementation Details: external/bouncycastle TwoFish added back for BKS KeyStore. Like RC2, it not supported as a general cipher, but instead used internally for KeyStore implementation. src/main/java/org/bouncycastle/crypto/engines/TwofishEngine.java bouncycastle.config Added back PBEWITHSHAANDTWOFISH, PBEWITHSHAANDTWOFISH-CBC, PBEWITHSHA1ANDRC2-CBC, PBEWITHHMACSHA, PBEWITHHMACSHA1 to support PKCS12 and BKS KeyStore implementations (as determined by new KeyStoreTest) src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java src/main/java/org/bouncycastle/jce/provider/JCEBlockCipher.java src/main/java/org/bouncycastle/jce/provider/JCEMac.java src/main/java/org/bouncycastle/jce/provider/JCESecretKeyFactory.java Don't throw an error when deleting a non-existing KeyStore entry. The RI documentation (and behavior) says it throws an error when it fails to remove an entry, not when the entry does not exist. src/main/java/org/bouncycastle/jce/provider/JDKKeyStore.java src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Try to make BC's PKCS KeyStore have a more RI-like getCreationDate behavior src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Make BC's PKCS KeyStore failfast on setting non-supported key, instead of failing later on get. src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Make BC's PKCS KeyStore handle setting a PrivateKey with an emtpy chain. src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Add more general avoidance of NullPointerExceptions on null aliases src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Added notes about changes improvements patches/README Regenerated patch with above changes patches/android.patch libcore KeyStore improvements based on KeyStoreTest - Fix UnrecoverableKeyException to be a subclass of UnrecoverableEntryException, which was keeping the new KeyStoreTest from compiling. luni/src/main/java/java/security/UnrecoverableKeyException.java - Fix to not convert UnrecoverableKeyException to KeyStoreException, which was only being done because of the UnrecoverableKeyException superclass bug. luni/src/main/java/java/security/KeyStoreSpi.java - Harmony KeyStore was being overly aggresive about throwing on null alias arguments in cases where the RI was happy to pass them to the KeyStoreSpi. luni/src/main/java/java/security/KeyStore.java - New test after PKCS12 regresion. It enumerates and excercises all methods on all available KeyStore implementations. Unfortunately, the main varieties of KeyStores made this a lot more complicated than I was originally expecting. It does clarifiy the differences between the RI and BC KeyStore implementations, especially for PKCS12, where in some ways the RI is more feature complete (setting key via byte[]), but in other ways BC goes beyond some RI limitations (allowing storage of certificates). luni/src/test/java/java/security/KeyStoreTest.java TestKeyStore improvements while writing KeyStoreTest - Renamed "keyStorePassword" working usages to clarify if it really means the "storePassword" on the whole KeyStore, or if it is a "keyPassword" on individual keys. - Moved TestKeyStore from javax.net.ssl to java.security luni/src/test/java/javax/net/ssl/SSLContextTest.java luni/src/test/java/javax/net/ssl/SSLEngineTest.java luni/src/test/java/javax/net/ssl/SSLSessionTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java support/src/test/java/java/security/StandardNames.java support/src/test/java/java/security/TestKeyStore.java support/src/test/java/javax/net/ssl/TestKeyStore.java support/src/test/java/javax/net/ssl/TestSSLContext.java Fixing up SSL renegotiation support. Now that we are not trying to prevent renegotiation, make sure it is working correctly. - Remove SSL_VERIFY_CLIENT_ONCE to take the default behavior of re-requesting client certificate on renegotiation. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java - Updated comments to reflect renegotiation. Bug fix to not clear out callback reference on handshake complete, since we need it for renegotiation. luni/src/main/native/NativeCrypto.cpp Updated for PKCS12 KeyStore support support/src/test/java/java/security/StandardNames.java Added javadoc when writint KeyStoreTest luni/src/test/java/java/security/ProviderTest.java frameworks/base Tracking changes to UnrecoverableKeyException superclass api/8.xml api/current.xml Change-Id: Idd09289b7ec510a2d981769e7bf077b101c26f88
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
b04bbc72336971137c5f3daceb4846605214d22b |
|
01-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Trim BouncyCastle *-OpenSSL algorithms These were not previously removed because they were believed to be part of Android OpenSSL native implementation. Change-Id: I00c4c70bd1950125c25c3d33747a8e1e3cdc85d4
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
10261d9785b26fbcfe273b7b8119907fda09a999 |
|
23-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Remove libcore's dependency on bouncycastle external/bouncycastle - Change to be the primary build for bouncycastle sources (as opposed to part of libcore) - Moved OpenSSLMessageDigest from libcore to OpenSSLDigest It uses NativeCrypto API from core, but implements a bouncycastle specific interface - restored registration of bouncycastle MessageDigests for SHA-1, SHA-256, MD5 OpenSSLProvider versions take precedence, but explicit provider of "BC" allows choice - enabled native versions of SHA-384 and SHA-512 - pruned MD4 implementation frameworks/base - frameworks and CoreTests modules now depend on bouncycastle - update preloades classes for NativeBN package change - moved CryptoTest to libcore libcore - core now builds without bouncycastle sources - core-tests, core-tests-support, core-tests-supportlib now depend on bouncycastle - removed libcore/openssl directory, moving NativeBN to java/math - minor cleanup of Provider, Security, Services style while working on ProviderTest - added new OpenSSLProvider registered as first provider to have priority over the others to ensure our native implementations are used - moved BouncyCastle to have priority as a provider over Harmony - JarVerifier and JarUtils now implicitly use OpenSSLMessageDigest - Cleanedup OpenSSLSignature, implementation needs to be finished to move to OpenSSLProvider - To avoid using PEMWriter from BouncyCastle, NativeCrypto now takes binary encoded certs and keys This is more efficient as well avoiding the base64 decode/encode of the binary data - removed SHA-224 to match the RI packages/apps/CertInstaller - CertificateInstaller module now depends on bouncycastle this is the only app to depend on bouncycastle system/core - updated BOOTCLASSPATH Change-Id: I42ac63a1669b03d0243f9714c89312227e48241d
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
d6008c36c9a54cd5886de68f00839959af11a344 |
|
22-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
restore missing sha1withDSA and remove broken aliases Change-Id: I83cdd570ba55fe5e652da0ecb9290740cd632c2f
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
7a6b43b187fb942402daa61e0b92496746f5bc1c |
|
21-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Aligning bouncycastle with RI supported algorithms Change-Id: I81156564372ac60d009e62fa9f8ef0ff2239dda5
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
c37f4a04ef89e73a39a59f3c5a179af8c8ab5974 |
|
21-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Upgrade bouncycastle from 1.34 to 1.45 This maintains the same set of provided algorithms as tested with libcore's javax.security.PreparerTest. A further checkin will try to bring the supported list in line with the RI. Details: Upgraded to JDK 1.6 version of 1.45 release bouncycastle.version First pass of triming unneeded files bouncycastle.config Compile with UTF-8 to avoid warnings Android.mk The updated patch patches/android.patch The rest of the files are generated from the release tar ball and the patch ./import_bouncycastle.sh import .../bcprov-jdk16-145.tar.gz src/main/java/... Change-Id: I1df5ad8a7161ec578415ae23f01c3b550e381927
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|
b61a96e7ef1a78acf013bbf08fe537e5b5f129ca |
|
26-Apr-2010 |
Peter Hallam <peterhal@google.com> |
merge more modules into luni
/external/bouncycastle/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
|