Skip to content

Commit

Permalink
Remove Platform.wrapRsa(). (#1168)
Browse files Browse the repository at this point in the history 
No longer useful as we are minSdk 19 everywhere now.
  • Loading branch information
@prbprbprb
prbprbprb authored Sep 28, 2023
1 parent 932d847 commit a05fd9e
Show file tree
Hide file tree
Showing 5 changed files with 1 addition and 115 deletions.
88 changes: 0 additions & 88 deletions android/src/main/java/org/conscrypt/Platform.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -457,94 +457,6 @@ public static void checkServerTrusted(X509TrustManager tm, X509Certificate[] cha
}
}

/**
* Wraps an old AndroidOpenSSL key instance. This is not needed on platform
* builds since we didn't backport, so return null. This code is from
* Chromium's net/android/java/src/org/chromium/net/DefaultAndroidKeyStore.java
*/
@SuppressWarnings("LiteralClassName")
public static OpenSSLKey wrapRsaKey(PrivateKey javaKey) {
// This fixup only applies to pre-JB-MR1
if (Build.VERSION.SDK_INT >= 17) {
return null;
}

// First, check that this is a proper instance of OpenSSLRSAPrivateKey
// or one of its sub-classes.
Class<?> superClass;
try {
superClass =
Class.forName("org.apache.harmony.xnet.provider.jsse.OpenSSLRSAPrivateKey");
} catch (Exception e) {
// This may happen if the target device has a completely different
// implementation of the java.security APIs, compared to vanilla
// Android. Highly unlikely, but still possible.
Log.e(TAG, "Cannot find system OpenSSLRSAPrivateKey class: " + e);
return null;
}
if (!superClass.isInstance(javaKey)) {
// This may happen if the PrivateKey was not created by the
// Conscrypt provider, which should be the default. That could happen if an
// OEM decided to implement a different default provider. Also highly unlikely.
Log.e(TAG,
"Private key is not an OpenSSLRSAPrivateKey instance, its class name is:"
+ javaKey.getClass().getCanonicalName());
return null;
}

try {
// Use reflection to invoke the 'getOpenSSLKey()' method on
// the private key. This returns another Java object that wraps
// a native EVP_PKEY. Note that the method is final, so calling
// the superclass implementation is ok.
Method getKey = superClass.getDeclaredMethod("getOpenSSLKey");
getKey.setAccessible(true);
Object opensslKey = null;
try {
opensslKey = getKey.invoke(javaKey);
} finally {
getKey.setAccessible(false);
}
if (opensslKey == null) {
// Bail when detecting OEM "enhancement".
Log.e(TAG, "Could not getOpenSSLKey on instance: " + javaKey.toString());
return null;
}

// Use reflection to invoke the 'getPkeyContext' method on the
// result of the getOpenSSLKey(). This is an 32-bit integer
// which is the address of an EVP_PKEY object. Note that this
// method these days returns a 64-bit long, but since this code
// path is used for older Android versions, it may still return
// a 32-bit int here. To be on the safe side, we cast the return
// value via Number rather than directly to Integer or Long.
Method getPkeyContext;
try {
getPkeyContext = opensslKey.getClass().getDeclaredMethod("getPkeyContext");
} catch (Exception e) {
// Bail here too, something really not working as expected.
Log.e(TAG, "No getPkeyContext() method on OpenSSLKey member:" + e);
return null;
}
getPkeyContext.setAccessible(true);
long evp_pkey = 0;
try {
evp_pkey = ((Number) getPkeyContext.invoke(opensslKey)).longValue();
} finally {
getPkeyContext.setAccessible(false);
}
if (evp_pkey == 0) {
// The PrivateKey is probably rotten for some reason.
Log.e(TAG, "getPkeyContext() returned null");
return null;
}
return new OpenSSLKey(evp_pkey);
} catch (Exception e) {
Log.e(TAG, "Error during conversion of privatekey instance: " + javaKey.toString(), e);
return null;
}
}

/**
* Logs to the system EventLog system.
*/
Expand Down
5 changes: 0 additions & 5 deletions common/src/main/java/org/conscrypt/OpenSSLKey.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,11 +178,6 @@ private static OpenSSLKey getOpenSSLKey(PrivateKey key) {
if (key instanceof OpenSSLKeyHolder) {
return ((OpenSSLKeyHolder) key).getOpenSSLKey();
}

if ("RSA".equals(key.getAlgorithm())) {
return Platform.wrapRsaKey(key);
}

return null;
}

Expand Down
7 changes: 1 addition & 6 deletions common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,12 +96,7 @@ static OpenSSLRSAPrivateKey getInstance(OpenSSLKey key) {
return new OpenSSLRSAPrivateKey(key, params);
}

static OpenSSLKey wrapPlatformKey(RSAPrivateKey rsaPrivateKey)
throws InvalidKeyException {
OpenSSLKey wrapper = Platform.wrapRsaKey(rsaPrivateKey);
if (wrapper != null) {
return wrapper;
}
static OpenSSLKey wrapPlatformKey(RSAPrivateKey rsaPrivateKey) {
return new OpenSSLKey(NativeCrypto.getRSAPrivateKeyWrapper(rsaPrivateKey, rsaPrivateKey
.getModulus().toByteArray()), true);
}
Expand Down
8 changes: 0 additions & 8 deletions openjdk/src/main/java/org/conscrypt/Platform.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -343,14 +343,6 @@ static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, Str
}
}

/**
* Wraps an old AndroidOpenSSL key instance. This is not needed on RI.
*/
@SuppressWarnings("unused")
static OpenSSLKey wrapRsaKey(@SuppressWarnings("unused") PrivateKey javaKey) {
return null;
}

/**
* Logs to the system EventLog system.
*/
Expand Down
8 changes: 0 additions & 8 deletions platform/src/main/java/org/conscrypt/Platform.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,14 +264,6 @@ static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, Str
}
}

/**
* Wraps an old AndroidOpenSSL key instance. This is not needed on platform
* builds since we didn't backport, so return null.
*/
static OpenSSLKey wrapRsaKey(PrivateKey key) {
return null;
}

/**
* Logs to the system EventLog system.
*/
Expand Down

0 comments on commit a05fd9e

Please sign in to comment.