From f1d6765ce4bf870105c281c2883730c501dcee51 Mon Sep 17 00:00:00 2001 From: Geremy Condra Date: Tue, 10 Dec 2013 13:31:49 -0800 Subject: [PATCH] Add ANSSI intermediate to the on-device blacklist. (cherry picked from commit 6f40a55cc851f2fc004a91fca67d183347a92b97) Bug: 12080281 Change-Id: I2d261d2d8422a03d4ce5dbe159a497aad5939d43 --- .../org/bouncycastle/jce/provider/CertBlacklist.java | 8 ++++++-- patches/bcprov.patch | 12 ++++++++---- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java index 6cc89274..39ba0ff9 100644 --- a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java +++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java @@ -137,7 +137,8 @@ private static final Set readSerialBlackList(String path) { new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), new BigInteger("3e75ced46b693021218830ae86a82a71", 16), new BigInteger("864", 16), - new BigInteger("827", 16) + new BigInteger("827", 16), + new BigInteger("31da7", 16) )); // attempt to augment it with values taken from gservices @@ -184,7 +185,10 @@ private static final Set readPublicKeyBlackList(String path) { "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(), // Subject: CN=*.EGO.GOV.TR 93 // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri - "783333c9687df63377efceddd82efa9101913e8e".getBytes() + "783333c9687df63377efceddd82efa9101913e8e".getBytes(), + // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL + // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification + "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes() )); // attempt to augment it with values taken from gservices diff --git a/patches/bcprov.patch b/patches/bcprov.patch index e6e7f401..5c3c75ef 100644 --- a/patches/bcprov.patch +++ b/patches/bcprov.patch @@ -6777,8 +6777,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/BouncyCastlePro private void loadAlgorithms(String packageName, String[] names) diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/CertBlacklist.java bcprov-jdk15on-149/org/bouncycastle/jce/provider/CertBlacklist.java --- bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/CertBlacklist.java 1970-01-01 00:00:00.000000000 +0000 -+++ bcprov-jdk15on-149/org/bouncycastle/jce/provider/CertBlacklist.java 2013-01-16 01:38:43.000000000 +0000 -@@ -0,0 +1,224 @@ ++++ bcprov-jdk15on-149/org/bouncycastle/jce/provider/CertBlacklist.java 2013-12-10 21:31:49.000000000 +0000 +@@ -0,0 +1,228 @@ +/* + * Copyright (C) 2012 The Android Open Source Project + * @@ -6918,7 +6918,8 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/CertBlacklist.j + new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16), + new BigInteger("3e75ced46b693021218830ae86a82a71", 16), + new BigInteger("864", 16), -+ new BigInteger("827", 16) ++ new BigInteger("827", 16), ++ new BigInteger("31da7", 16) + )); + + // attempt to augment it with values taken from gservices @@ -6965,7 +6966,10 @@ diff -Naur bcprov-jdk15on-149.orig/org/bouncycastle/jce/provider/CertBlacklist.j + "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(), + // Subject: CN=*.EGO.GOV.TR 93 + // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri -+ "783333c9687df63377efceddd82efa9101913e8e".getBytes() ++ "783333c9687df63377efceddd82efa9101913e8e".getBytes(), ++ // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL ++ // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification ++ "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes() + )); + + // attempt to augment it with values taken from gservices