Merge branch 'cm-13.0' of https://github.com/CyanogenMod/android_libcore into replicant-6.0HEADreplicant-6.0-0001replicant-6.0

7 files changed, 153 insertions, 20 deletions

diff --git a/luni/src/main/native/libcore_icu_NativeIDN.cpp b/luni/src/main/native/libcore_icu_NativeIDN.cpp
index 43f3ce5..9786b9d 100644
--- a/luni/src/main/native/libcore_icu_NativeIDN.cpp
+++ b/luni/src/main/native/libcore_icu_NativeIDN.cpp
@@ -37,7 +37,8 @@ static jstring NativeIDN_convertImpl(JNIEnv* env, jclass, jstring javaSrc, jint
     if (src.get() == NULL) {
         return NULL;
     }
-    UChar dst[256];
+    static const size_t kDstSize = 512;
+    UChar dst[kDstSize];
     UErrorCode status = U_ZERO_ERROR;
 
     // We're stuck implementing IDNA-2003 for now since that's what we specify.
@@ -47,10 +48,10 @@ static jstring NativeIDN_convertImpl(JNIEnv* env, jclass, jstring javaSrc, jint
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
     size_t resultLength = toAscii
-        ? uidna_IDNToASCII(src.get(), src.size(), &dst[0], sizeof(dst), flags, NULL, &status)
-        : uidna_IDNToUnicode(src.get(), src.size(), &dst[0], sizeof(dst), flags, NULL, &status);
+        ? uidna_IDNToASCII(src.get(), src.size(), &dst[0], kDstSize, flags, NULL, &status)
+        : uidna_IDNToUnicode(src.get(), src.size(), &dst[0], kDstSize, flags, NULL, &status);
 #pragma GCC diagnostic pop
-
+    
     if (U_FAILURE(status)) {
         jniThrowException(env, "java/lang/IllegalArgumentException", u_errorName(status));
         return NULL;
diff --git a/luni/src/test/java/com/android/org/bouncycastle/crypto/digests/DigestTest.java b/luni/src/test/java/com/android/org/bouncycastle/crypto/digests/DigestTest.java
index 8708214..fce8507 100644
--- a/luni/src/test/java/com/android/org/bouncycastle/crypto/digests/DigestTest.java
+++ b/luni/src/test/java/com/android/org/bouncycastle/crypto/digests/DigestTest.java
@@ -19,6 +19,7 @@ package com.android.org.bouncycastle.crypto.digests;
 import junit.framework.TestCase;
 import com.android.org.bouncycastle.crypto.Digest;
 import com.android.org.bouncycastle.crypto.ExtendedDigest;
+import tests.util.SummaryStatistics;
 
 /**
  * Implements unit tests for our JNI wrapper around OpenSSL. We use the
@@ -36,6 +37,7 @@ public class DigestTest extends TestCase {
      * @param newDigest The new digest implementation, provided by OpenSSL
      */
     public void doTestMessageDigest(Digest oldDigest, Digest newDigest) {
+        final int WARMUP = 10;
         final int ITERATIONS = 100;
 
         byte[] data = new byte[1024];
@@ -54,27 +56,31 @@ public class DigestTest extends TestCase {
             data[i] = (byte)i;
         }
 
-        long oldTime = 0;
-        long newTime = 0;
+        SummaryStatistics oldTime = new SummaryStatistics();
+        SummaryStatistics newTime = new SummaryStatistics();
 
-        for (int j = 0; j < ITERATIONS; j++) {
-            long t0 = System.currentTimeMillis();
+        for (int j = 0; j < ITERATIONS + WARMUP; j++) {
+            long t0 = System.nanoTime();
             for (int i = 0; i < 4; i++) {
                 oldDigest.update(data, 0, data.length);
             }
             int oldLength = oldDigest.doFinal(oldHash, 0);
-            long t1 = System.currentTimeMillis();
+            long t1 = System.nanoTime();
 
-            oldTime = oldTime + (t1 - t0);
+            if (j >= WARMUP) {
+                oldTime.add(t1 - t0);
+            }
 
-            long t2 = System.currentTimeMillis();
+            long t2 = System.nanoTime();
             for (int i = 0; i < 4; i++) {
                 newDigest.update(data, 0, data.length);
             }
             int newLength = newDigest.doFinal(newHash, 0);
-            long t3 = System.currentTimeMillis();
+            long t3 = System.nanoTime();
 
-            newTime = newTime + (t3 - t2);
+            if (j >= WARMUP) {
+              newTime.add(t3 - t2);
+            }
 
             assertEquals("Hash sizes must be equal", oldLength, newLength);
 
@@ -83,10 +89,13 @@ public class DigestTest extends TestCase {
             }
         }
 
-        System.out.println("Time for " + ITERATIONS + " x old hash processing: " + oldTime + " ms");
-        System.out.println("Time for " + ITERATIONS + " x new hash processing: " + newTime + " ms");
+        System.out.println("Time for " + ITERATIONS + " x old hash processing: "
+                + oldTime.toString());
+        System.out.println("Time for " + ITERATIONS + " x new hash processing: "
+                + newTime.toString());
 
-        assertTrue("New hash should be faster", newTime < oldTime);
+        assertTrue("New hash should be faster:\nold=" + oldTime.toString() + "\nnew="
+                + newTime.toString(), newTime.mean() < oldTime.mean());
     }
 
     /**
diff --git a/luni/src/test/java/libcore/java/lang/ref/FinalizeTest.java b/luni/src/test/java/libcore/java/lang/ref/FinalizeTest.java
index ef303bd..d71b5b0 100644
--- a/luni/src/test/java/libcore/java/lang/ref/FinalizeTest.java
+++ b/luni/src/test/java/libcore/java/lang/ref/FinalizeTest.java
@@ -69,13 +69,18 @@ public final class FinalizeTest extends TestCase {
 
     static class X {}
 
-    // http://b/issue?id=2136462
-    public void testBackFromTheDead() throws Exception {
+    // Helper function since we do not want a vreg to keep the allocated object live.
+    // For b/25851249
+    private void exceptionInConstructor() {
         try {
             new ConstructionFails();
         } catch (AssertionError expected) {
         }
+    }
 
+    // http://b/issue?id=2136462
+    public void testBackFromTheDead() throws Exception {
+        exceptionInConstructor();
         FinalizationTester.induceFinalization();
         assertTrue("object whose constructor threw was not finalized", ConstructionFails.finalized);
     }
diff --git a/luni/src/test/java/libcore/java/net/IDNTest.java b/luni/src/test/java/libcore/java/net/IDNTest.java
index f01eca3..37f3505 100644
--- a/luni/src/test/java/libcore/java/net/IDNTest.java
+++ b/luni/src/test/java/libcore/java/net/IDNTest.java
@@ -37,4 +37,15 @@ public class IDNTest extends TestCase {
         String longInput = makePunyString(512);
         assertEquals(longInput, IDN.toUnicode(longInput));
     }
+
+    // http://b/30765246
+    public void testLongDomainName() {
+        String label63 = "123456789-123456789-123456789-123456789-123456789-123456789-123";
+        String host255 = label63 + "." + label63 + "." + label63 + "." + label63;
+        try {
+            IDN.toASCII(host255.substring(3) + ".com");
+            fail();
+        } catch (IllegalArgumentException expected) {
+        }
+    }
 }
diff --git a/luni/src/test/java/libcore/javax/crypto/CipherTest.java b/luni/src/test/java/libcore/javax/crypto/CipherTest.java
index dd7d6e7..398c688 100644
--- a/luni/src/test/java/libcore/javax/crypto/CipherTest.java
+++ b/luni/src/test/java/libcore/javax/crypto/CipherTest.java
@@ -3203,6 +3203,29 @@ public final class CipherTest extends TestCase {
         }
     }
 
+    // Test that when reading GCM parameters encoded using ASN1, a value for the tag size
+    // not present indicates a value of 12.
+    // https://b/29876633
+    public void test_DefaultGCMTagSizeAlgorithmParameterSpec() throws Exception {
+        final String AES = "AES";
+        final String AES_GCM = "AES/GCM/NoPadding";
+        byte[] input = new byte[16];
+        byte[] key = new byte[16];
+        Cipher cipher = Cipher.getInstance(AES_GCM, "BC");
+        AlgorithmParameters param = AlgorithmParameters.getInstance("GCM");
+        param.init(new byte[] {
+            (byte) 48,    // DER encoding : tag_Sequence
+            (byte) 14,    // DER encoding : total length
+            (byte) 4,     // DER encoding : tag_OctetString
+            (byte) 12,    // DER encoding : counter length
+            (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0,
+            (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0 });
+        cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, AES), param);
+        byte[] ciphertext = cipher.update(input);
+        byte[] tag = cipher.doFinal();
+        assertEquals(12, tag.length);
+    }
+
     public void testAES_ECB_PKCS5Padding_ShortBuffer_Failure() throws Exception {
         for (String provider : AES_PROVIDERS) {
             testAES_ECB_PKCS5Padding_ShortBuffer_Failure(provider);
@@ -3515,4 +3538,72 @@ public final class CipherTest extends TestCase {
         cipher.init(Cipher.ENCRYPT_MODE, keyGen.generateKeyPair().getPublic());
         cipher.doFinal(new byte[] {1,2,3,4});
     }
+
+    /*
+     * Check that two AAD updates are equivalent to one.
+     * http://b/27371173
+     */
+    public void test_AESGCMNoPadding_UpdateAADTwice_Success() throws Exception {
+        SecretKeySpec key = new SecretKeySpec(new byte[16], "AES");
+        GCMParameterSpec spec = new GCMParameterSpec(128, new byte[12]);
+        Cipher c1 = Cipher.getInstance("AES/GCM/NoPadding");
+        Cipher c2 = Cipher.getInstance("AES/GCM/NoPadding");
+
+        c1.init(Cipher.ENCRYPT_MODE, key, spec);
+        c1.updateAAD(new byte[] {
+                0x01, 0x02, 0x03, 0x04, 0x05,
+        });
+        c1.updateAAD(new byte[] {
+                0x06, 0x07, 0x08, 0x09, 0x10,
+        });
+
+        c2.init(Cipher.ENCRYPT_MODE, key, spec);
+        c2.updateAAD(new byte[] {
+                0x01, 0x02, 0x03, 0x04, 0x05,
+                0x06, 0x07, 0x08, 0x09, 0x10,
+        });
+
+        assertEquals(Arrays.toString(c1.doFinal()), Arrays.toString(c2.doFinal()));
+    }
+
+    /*
+     * Check that GCM encryption with old and new instances update correctly.
+     * http://b/26694388
+     */
+    public void test_AESGCMNoPadding_Reuse_Success() throws Exception {
+        SecretKeySpec key = new SecretKeySpec(new byte[16], "AES");
+        GCMParameterSpec spec = new GCMParameterSpec(128, new byte[12]);
+        Cipher c1 = Cipher.getInstance("AES/GCM/NoPadding");
+        Cipher c2 = Cipher.getInstance("AES/GCM/NoPadding");
+
+        // Pollute the c1 cipher with AAD
+        c1.init(Cipher.ENCRYPT_MODE, key, spec);
+        c1.updateAAD(new byte[] {
+                0x01, 0x02, 0x03, 0x04, 0x05,
+        });
+
+        // Now init each again and make sure the outputs are the same
+        c1.init(Cipher.ENCRYPT_MODE, key, spec);
+        c2.init(Cipher.ENCRYPT_MODE, key, spec);
+
+        byte[] aad = new byte[] {
+                0x10, 0x20, 0x30, 0x40, 0x50, 0x60,
+        };
+        c1.updateAAD(aad);
+        c2.updateAAD(aad);
+
+        assertEquals(Arrays.toString(c1.doFinal()), Arrays.toString(c2.doFinal()));
+
+        // .doFinal should also reset the state, so check that as well.
+        byte[] aad2 = new byte[] {
+                0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11,
+        };
+
+        Cipher c3 = Cipher.getInstance("AES/GCM/NoPadding");
+        c3.init(Cipher.ENCRYPT_MODE, key, spec);
+
+        c1.updateAAD(aad2);
+        c3.updateAAD(aad2);
+        assertEquals(Arrays.toString(c1.doFinal()), Arrays.toString(c3.doFinal()));
+    }
 }
diff --git a/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java b/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java
index a434d94..bc2b626 100644
--- a/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java
+++ b/luni/src/test/java/libcore/javax/net/ssl/SSLSessionTest.java
@@ -99,7 +99,7 @@ public class SSLSessionTest extends TestCase {
         assertTrue("s.server.getLastAccessedTime()=" + s.server.getLastAccessedTime() + " " +
                    "s.client.getLastAccessedTime()=" + s.client.getLastAccessedTime(),
                    Math.abs(s.server.getLastAccessedTime()
-                            - s.client.getLastAccessedTime()) < 1 * 1000);
+                            - s.client.getLastAccessedTime()) <= 1 * 1000);
         assertTrue(s.server.getLastAccessedTime() >=
                    s.server.getCreationTime());
         assertTrue(s.client.getLastAccessedTime() >=
diff --git a/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java b/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java
index bf2d0f8..11dfb3d 100644
--- a/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java
+++ b/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java
@@ -1559,7 +1559,23 @@ public class SSLSocketTest extends TestCase {
             @Override
             public void run(SSLSocketFactory sslSocketFactory) throws Exception {
                 ClientHello clientHello = captureTlsHandshakeClientHello(sslSocketFactory);
-                String[] cipherSuites = new String[clientHello.cipherSuites.size()];
+                final String[] cipherSuites;
+
+                // RFC 5746 allows you to send an empty "renegotiation_info" extension *or*
+                // a special signaling cipher suite. The TLS API has no way to check or
+                // indicate that a certain TLS extension should be used.
+                HelloExtension renegotiationInfoExtension = clientHello.findExtensionByType(
+                        HelloExtension.TYPE_RENEGOTIATION_INFO);
+                if (renegotiationInfoExtension != null &&
+                        renegotiationInfoExtension.data.length == 1 &&
+                        renegotiationInfoExtension.data[0] == 0) {
+                    cipherSuites = new String[clientHello.cipherSuites.size() + 1];
+                    cipherSuites[clientHello.cipherSuites.size()] =
+                            StandardNames.CIPHER_SUITE_SECURE_RENEGOTIATION;
+                } else {
+                    cipherSuites = new String[clientHello.cipherSuites.size()];
+                }
+
                 for (int i = 0; i < clientHello.cipherSuites.size(); i++) {
                     CipherSuite cipherSuite = clientHello.cipherSuites.get(i);
                     cipherSuites[i] = cipherSuite.getAndroidName();