diff options
Diffstat (limited to 'x-net/src')
3 files changed, 27 insertions, 18 deletions
diff --git a/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigest.java b/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigest.java index f8067df..919d9e1 100644 --- a/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigest.java +++ b/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigest.java @@ -18,6 +18,8 @@ package org.apache.harmony.xnet.provider.jsse; import org.bouncycastle.crypto.ExtendedDigest; +import java.security.NoSuchAlgorithmException; + /** * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. */ @@ -60,6 +62,14 @@ public class OpenSSLMessageDigest implements ExtendedDigest { */ private OpenSSLMessageDigest(String algorithm) { this.algorithm = algorithm; + + // We don't support MD2 anymore. This needs to also check for aliases + // and OIDs. + if ("MD2".equalsIgnoreCase(algorithm) || "1.2.840.113549.2.2" + .equalsIgnoreCase(algorithm)) { + throw new RuntimeException(algorithm + " not supported"); + } + ctx = NativeCrypto.EVP_new(); try { NativeCrypto.EVP_DigestInit(ctx, algorithm.replace("-", "").toLowerCase()); diff --git a/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigestJDK.java b/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigestJDK.java index 4336214..4ba3a74 100644 --- a/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigestJDK.java +++ b/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigestJDK.java @@ -40,7 +40,14 @@ public class OpenSSLMessageDigestJDK extends MessageDigest { */ private OpenSSLMessageDigestJDK(String algorithm) throws NoSuchAlgorithmException { super(algorithm); - + + // We don't support MD2 anymore. This needs to also check for aliases + // and OIDs. + if ("MD2".equalsIgnoreCase(algorithm) || "1.2.840.113549.2.2" + .equalsIgnoreCase(algorithm)) { + throw new NoSuchAlgorithmException(algorithm); + } + ctx = NativeCrypto.EVP_new(); try { NativeCrypto.EVP_DigestInit(ctx, getAlgorithm().replace("-", "").toLowerCase()); diff --git a/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java b/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java index 472c9df..3db6301 100644 --- a/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java +++ b/x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java @@ -16,7 +16,6 @@ package org.apache.harmony.xnet.provider.jsse; -import java.lang.reflect.Method; import java.security.InvalidKeyException; import java.security.InvalidParameterException; import java.security.NoSuchAlgorithmException; @@ -85,6 +84,15 @@ public class OpenSSLSignature extends Signature { throw new NoSuchAlgorithmException(algorithm); } + // We don't support MD2 anymore. This needs to also check for aliases + // and OIDs. + if ("MD2withRSA".equalsIgnoreCase(algorithm) || + "MD2withRSAEncryption".equalsIgnoreCase(algorithm) || + "1.2.840.113549.1.1.2".equalsIgnoreCase(algorithm) || + "MD2/RSA".equalsIgnoreCase(algorithm)) { + throw new NoSuchAlgorithmException("MD2withRSA"); + } + // For the special combination of DSA and SHA1, we need to pass the // algorithm name as a pair consisting of crypto algorithm and hash // algorithm. For all other (RSA) cases, passing the hash algorithm @@ -204,20 +212,4 @@ public class OpenSSLSignature extends Signature { NativeCrypto.EVP_free(ctx); } } - - // TODO Just for debugging purposes, remove later. - private static void log(String tag, String msg) { - try { - Class clazz = Class.forName("android.util.Log"); - Method method = clazz.getMethod("d", new Class[] { - String.class, String.class - }); - method.invoke(null, new Object[] { - tag, msg - }); - } catch (Exception ex) { - // Silently ignore. - } - } - } |