From a05fd9e9e51ebebd489d5af45309214a2116d7ba Mon Sep 17 00:00:00 2001
From: Pete Bentley <44170157+prbprbprb@users.noreply.github.com>
Date: Thu, 28 Sep 2023 10:43:20 +0100
Subject: [PATCH] Remove Platform.wrapRsa(). (#1168)

No longer useful as we are minSdk 19 everywhere now.
---
 .../src/main/java/org/conscrypt/Platform.java | 88 -------------------
 .../main/java/org/conscrypt/OpenSSLKey.java   |  5 --
 .../org/conscrypt/OpenSSLRSAPrivateKey.java   |  7 +-
 .../src/main/java/org/conscrypt/Platform.java |  8 --
 .../src/main/java/org/conscrypt/Platform.java |  8 --
 5 files changed, 1 insertion(+), 115 deletions(-)

diff --git a/android/src/main/java/org/conscrypt/Platform.java b/android/src/main/java/org/conscrypt/Platform.java
index d5488245c..870e4c4f7 100644
--- a/android/src/main/java/org/conscrypt/Platform.java
+++ b/android/src/main/java/org/conscrypt/Platform.java
@@ -457,94 +457,6 @@ public static void checkServerTrusted(X509TrustManager tm, X509Certificate[] cha
         }
     }
 
-    /**
-     * Wraps an old AndroidOpenSSL key instance. This is not needed on platform
-     * builds since we didn't backport, so return null. This code is from
-     * Chromium's net/android/java/src/org/chromium/net/DefaultAndroidKeyStore.java
-     */
-    @SuppressWarnings("LiteralClassName")
-    public static OpenSSLKey wrapRsaKey(PrivateKey javaKey) {
-        // This fixup only applies to pre-JB-MR1
-        if (Build.VERSION.SDK_INT >= 17) {
-            return null;
-        }
-
-        // First, check that this is a proper instance of OpenSSLRSAPrivateKey
-        // or one of its sub-classes.
-        Class<?> superClass;
-        try {
-            superClass =
-                    Class.forName("org.apache.harmony.xnet.provider.jsse.OpenSSLRSAPrivateKey");
-        } catch (Exception e) {
-            // This may happen if the target device has a completely different
-            // implementation of the java.security APIs, compared to vanilla
-            // Android. Highly unlikely, but still possible.
-            Log.e(TAG, "Cannot find system OpenSSLRSAPrivateKey class: " + e);
-            return null;
-        }
-        if (!superClass.isInstance(javaKey)) {
-            // This may happen if the PrivateKey was not created by the
-            // Conscrypt provider, which should be the default. That could happen if an
-            // OEM decided to implement a different default provider. Also highly unlikely.
-            Log.e(TAG,
-                    "Private key is not an OpenSSLRSAPrivateKey instance, its class name is:"
-                            + javaKey.getClass().getCanonicalName());
-            return null;
-        }
-
-        try {
-            // Use reflection to invoke the 'getOpenSSLKey()' method on
-            // the private key. This returns another Java object that wraps
-            // a native EVP_PKEY. Note that the method is final, so calling
-            // the superclass implementation is ok.
-            Method getKey = superClass.getDeclaredMethod("getOpenSSLKey");
-            getKey.setAccessible(true);
-            Object opensslKey = null;
-            try {
-                opensslKey = getKey.invoke(javaKey);
-            } finally {
-                getKey.setAccessible(false);
-            }
-            if (opensslKey == null) {
-                // Bail when detecting OEM "enhancement".
-                Log.e(TAG, "Could not getOpenSSLKey on instance: " + javaKey.toString());
-                return null;
-            }
-
-            // Use reflection to invoke the 'getPkeyContext' method on the
-            // result of the getOpenSSLKey(). This is an 32-bit integer
-            // which is the address of an EVP_PKEY object. Note that this
-            // method these days returns a 64-bit long, but since this code
-            // path is used for older Android versions, it may still return
-            // a 32-bit int here. To be on the safe side, we cast the return
-            // value via Number rather than directly to Integer or Long.
-            Method getPkeyContext;
-            try {
-                getPkeyContext = opensslKey.getClass().getDeclaredMethod("getPkeyContext");
-            } catch (Exception e) {
-                // Bail here too, something really not working as expected.
-                Log.e(TAG, "No getPkeyContext() method on OpenSSLKey member:" + e);
-                return null;
-            }
-            getPkeyContext.setAccessible(true);
-            long evp_pkey = 0;
-            try {
-                evp_pkey = ((Number) getPkeyContext.invoke(opensslKey)).longValue();
-            } finally {
-                getPkeyContext.setAccessible(false);
-            }
-            if (evp_pkey == 0) {
-                // The PrivateKey is probably rotten for some reason.
-                Log.e(TAG, "getPkeyContext() returned null");
-                return null;
-            }
-            return new OpenSSLKey(evp_pkey);
-        } catch (Exception e) {
-            Log.e(TAG, "Error during conversion of privatekey instance: " + javaKey.toString(), e);
-            return null;
-        }
-    }
-
     /**
      * Logs to the system EventLog system.
      */
diff --git a/common/src/main/java/org/conscrypt/OpenSSLKey.java b/common/src/main/java/org/conscrypt/OpenSSLKey.java
index 6eb94f477..e5e81f7cb 100644
--- a/common/src/main/java/org/conscrypt/OpenSSLKey.java
+++ b/common/src/main/java/org/conscrypt/OpenSSLKey.java
@@ -178,11 +178,6 @@ private static OpenSSLKey getOpenSSLKey(PrivateKey key) {
         if (key instanceof OpenSSLKeyHolder) {
             return ((OpenSSLKeyHolder) key).getOpenSSLKey();
         }
-
-        if ("RSA".equals(key.getAlgorithm())) {
-            return Platform.wrapRsaKey(key);
-        }
-
         return null;
     }
 
diff --git a/common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java b/common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java
index 6371bbbf4..c7e09febf 100644
--- a/common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java
+++ b/common/src/main/java/org/conscrypt/OpenSSLRSAPrivateKey.java
@@ -96,12 +96,7 @@ static OpenSSLRSAPrivateKey getInstance(OpenSSLKey key) {
         return new OpenSSLRSAPrivateKey(key, params);
     }
 
-    static OpenSSLKey wrapPlatformKey(RSAPrivateKey rsaPrivateKey)
-            throws InvalidKeyException {
-        OpenSSLKey wrapper = Platform.wrapRsaKey(rsaPrivateKey);
-        if (wrapper != null) {
-            return wrapper;
-        }
+    static OpenSSLKey wrapPlatformKey(RSAPrivateKey rsaPrivateKey) {
         return new OpenSSLKey(NativeCrypto.getRSAPrivateKeyWrapper(rsaPrivateKey, rsaPrivateKey
                 .getModulus().toByteArray()), true);
     }
diff --git a/openjdk/src/main/java/org/conscrypt/Platform.java b/openjdk/src/main/java/org/conscrypt/Platform.java
index d10252465..b74a0dbb9 100644
--- a/openjdk/src/main/java/org/conscrypt/Platform.java
+++ b/openjdk/src/main/java/org/conscrypt/Platform.java
@@ -343,14 +343,6 @@ static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, Str
         }
     }
 
-    /**
-     * Wraps an old AndroidOpenSSL key instance. This is not needed on RI.
-     */
-    @SuppressWarnings("unused")
-    static OpenSSLKey wrapRsaKey(@SuppressWarnings("unused") PrivateKey javaKey) {
-        return null;
-    }
-
     /**
      * Logs to the system EventLog system.
      */
diff --git a/platform/src/main/java/org/conscrypt/Platform.java b/platform/src/main/java/org/conscrypt/Platform.java
index 8ab21c853..aeb77fd16 100644
--- a/platform/src/main/java/org/conscrypt/Platform.java
+++ b/platform/src/main/java/org/conscrypt/Platform.java
@@ -264,14 +264,6 @@ static void checkServerTrusted(X509TrustManager tm, X509Certificate[] chain, Str
         }
     }
 
-    /**
-     * Wraps an old AndroidOpenSSL key instance. This is not needed on platform
-     * builds since we didn't backport, so return null.
-     */
-    static OpenSSLKey wrapRsaKey(PrivateKey key) {
-        return null;
-    }
-
     /**
      * Logs to the system EventLog system.
      */