diff --git a/android/src/main/java/org/conscrypt/Platform.java b/android/src/main/java/org/conscrypt/Platform.java index d5488245c..870e4c4f7 100644 --- a/android/src/main/java/org/conscrypt/Platform.java +++ b/android/src/main/java/org/conscrypt/Platform.java @@ -457,94 +457,6 @@ public static void checkServerTrusted(X509TrustManager tm, X509Certificate[] cha } } - /** - * Wraps an old AndroidOpenSSL key instance. This is not needed on platform - * builds since we didn't backport, so return null. This code is from - * Chromium's net/android/java/src/org/chromium/net/DefaultAndroidKeyStore.java - */ - @SuppressWarnings("LiteralClassName") - public static OpenSSLKey wrapRsaKey(PrivateKey javaKey) { - // This fixup only applies to pre-JB-MR1 - if (Build.VERSION.SDK_INT >= 17) { - return null; - } - - // First, check that this is a proper instance of OpenSSLRSAPrivateKey - // or one of its sub-classes. - Class superClass; - try { - superClass = - Class.forName("org.apache.harmony.xnet.provider.jsse.OpenSSLRSAPrivateKey"); - } catch (Exception e) { - // This may happen if the target device has a completely different - // implementation of the java.security APIs, compared to vanilla - // Android. Highly unlikely, but still possible. - Log.e(TAG, "Cannot find system OpenSSLRSAPrivateKey class: " + e); - return null; - } - if (!superClass.isInstance(javaKey)) { - // This may happen if the PrivateKey was not created by the - // Conscrypt provider, which should be the default. That could happen if an - // OEM decided to implement a different default provider. Also highly unlikely. - Log.e(TAG, - "Private key is not an OpenSSLRSAPrivateKey instance, its class name is:" - + javaKey.getClass().getCanonicalName()); - return null; - } - - try { - // Use reflection to invoke the 'getOpenSSLKey()' method on - // the private key. This returns another Java object that wraps - // a native EVP_PKEY. Note that the method is final, so calling - // the superclass implementation is ok. - Method getKey = superClass.getDeclaredMethod("getOpenSSLKey"); - getKey.setAccessible(true); - Object opensslKey = null; - try { - opensslKey = getKey.invoke(javaKey); - } finally { - getKey.setAccessible(false); - } - if (opensslKey == null) { - // Bail when detecting OEM "enhancement". - Log.e(TAG, "Could not getOpenSSLKey on instance: " + javaKey.toString()); - return null; - } - - // Use reflection to invoke the 'getPkeyContext' method on the - // result of the getOpenSSLKey(). This is an 32-bit integer - // which is the address of an EVP_PKEY object. Note that this - // method these days returns a 64-bit long, but since this code - // path is used for older Android versions, it may still return - // a 32-bit int here. To be on the safe side, we cast the return - // value via Number rather than directly to Integer or Long. - Method getPkeyContext; - try { - getPkeyContext = opensslKey.getClass().getDeclaredMethod("getPkeyContext"); - } catch (Exception e) { - // Bail here too, something really not working as expected. - Log.e(TAG, "No getPkeyContext() method on OpenSSLKey member:" + e); - return null; - } - getPkeyContext.setAccessible(true); - long evp_pkey = 0; - try { - evp_pkey = ((Number) getPkeyContext.invoke(opensslKey)).longValue(); - } finally { - getPkeyContext.setAccessible(false); - } - if (evp_pkey == 0) { - // The PrivateKey is probably rotten for some reason. - Log.e(TAG, "getPkeyContext() returned null"); - return null; - } - return new OpenSSLKey(evp_pkey); - } catch (Exception e) { - Log.e(TAG, "Error during conversion of privatekey instance: " + javaKey.toString(), e); - return null; - } - } - /** * Logs to the system EventLog system. */ diff --git a/common/src/main/java/org/conscrypt/OpenSSLKey.java b/common/src/main/java/org/conscrypt/OpenSSLKey.java index 6eb94f477..e5e81f7cb 100644 --- a/common/src/main/java/org/conscrypt/OpenSSLKey.java +++ b/common/src/main/java/org/conscrypt/OpenSSLKey.java @@ -178,11 +178,6 @@ private static OpenSSLKey getOpenSSLKey(PrivateKey key) { if (key instanceof OpenSSLKeyHolder) { return ((OpenSSLKeyHolder) key).getOpenSSLKey(); } - - if ("RSA".equals(key.getAlgorithm())) { - return Platform.wrapRsaKey(key); - } - return null; } diff --git a/common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java b/common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java index 6371bbbf4..c7e09febf 100644 --- a/common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java +++ b/common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java @@ -96,12 +96,7 @@ static OpenSSLRSAPrivateKey getInstance(OpenSSLKey key) { return new OpenSSLRSAPrivateKey(key, params); } - static OpenSSLKey wrapPlatformKey(RSAPrivateKey rsaPrivateKey) - throws InvalidKeyException { - OpenSSLKey wrapper = Platform.wrapRsaKey(rsaPrivateKey); - if (wrapper != null) { - return wrapper; - } + static OpenSSLKey wrapPlatformKey(RSAPrivateKey rsaPrivateKey) { return new OpenSSLKey(NativeCrypto.getRSAPrivateKeyWrapper(rsaPrivateKey, rsaPrivateKey .getModulus().toByteArray()), true); } diff --git a/openjdk/src/main/java/org/conscrypt/Platform.java b/openjdk/src/main/java/org/conscrypt/Platform.java index d10252465..b74a0dbb9 100644 --- a/openjdk/src/main/java/org/conscrypt/Platform.java +++ b/openjdk/src/main/java/org/conscrypt/Platform.java @@ -343,14 +343,6 @@ static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, Str } } - /** - * Wraps an old AndroidOpenSSL key instance. This is not needed on RI. - */ - @SuppressWarnings("unused") - static OpenSSLKey wrapRsaKey(@SuppressWarnings("unused") PrivateKey javaKey) { - return null; - } - /** * Logs to the system EventLog system. */ diff --git a/platform/src/main/java/org/conscrypt/Platform.java b/platform/src/main/java/org/conscrypt/Platform.java index 8ab21c853..aeb77fd16 100644 --- a/platform/src/main/java/org/conscrypt/Platform.java +++ b/platform/src/main/java/org/conscrypt/Platform.java @@ -264,14 +264,6 @@ static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, Str } } - /** - * Wraps an old AndroidOpenSSL key instance. This is not needed on platform - * builds since we didn't backport, so return null. - */ - static OpenSSLKey wrapRsaKey(PrivateKey key) { - return null; - } - /** * Logs to the system EventLog system. */