Package: android-platform-tools-base Followup-For: Bug #1058331 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu noble ubuntu-patch Control: tags -1 patch
Dear Maintainer, I apologise for submitting it as a debdiff, salsa repository appears to be out of date. The attached patch resolves ftbfs due to the internal sun.security and BouncyCastle API changes. In Ubuntu, the attached patch was applied to achieve the following: * Resolve the failure to build from source (LP: #2056088): - d/p/{der-output-stream.patch, add-exports.patch}: sun.security PKCS7 class now only supports encoding to DerOutputStream. Explicitly instantiate it. - d/p/bouncycastle177-compat.patch: use ASN1OutputStream instead of remove DerOutputStream. Thanks for considering the patch. -- System Information: Debian Release: trixie/sid APT prefers mantic-updates APT policy: (500, 'mantic-updates'), (500, 'mantic-security'), (500, 'mantic'), (100, 'mantic-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.5.0-21-generic (SMP w/32 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
diff -Nru android-platform-tools-base-2.2.2/debian/patches/add-exports.patch android-platform-tools-base-2.2.2/debian/patches/add-exports.patch --- android-platform-tools-base-2.2.2/debian/patches/add-exports.patch 2023-02-03 03:01:58.000000000 +1300 +++ android-platform-tools-base-2.2.2/debian/patches/add-exports.patch 2024-03-06 13:16:37.000000000 +1300 @@ -5,7 +5,7 @@ } +compileJava { -+ options.compilerArgs << '--add-exports' << 'java.base/sun.security.pkcs=ALL-UNNAMED' << '--add-exports' << 'java.base/sun.security.x509=ALL-UNNAMED' ++ options.compilerArgs << '--add-exports' << 'java.base/sun.security.pkcs=ALL-UNNAMED' << '--add-exports' << 'java.base/sun.security.x509=ALL-UNNAMED' << '--add-exports' << 'java.base/sun.security.util=ALL-UNNAMED' +} + task initSdkForTests(type: JavaExec) { diff -Nru android-platform-tools-base-2.2.2/debian/patches/bouncycastle177-compat.patch android-platform-tools-base-2.2.2/debian/patches/bouncycastle177-compat.patch --- android-platform-tools-base-2.2.2/debian/patches/bouncycastle177-compat.patch 1970-01-01 12:00:00.000000000 +1200 +++ android-platform-tools-base-2.2.2/debian/patches/bouncycastle177-compat.patch 2024-03-06 13:16:37.000000000 +1300 @@ -0,0 +1,57 @@ +Description: bouncycastle 1.77 compatibility patch + Remove usages of DerOutputStream that is no longer public. +Author: Vladimir Petko <vladimir.pe...@canonical.com> +Bug-Ubuntu: https://bugs.launchpad.net/debian/+source/android-platform-tools-base/+bug/2056088 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058331 +Forwarded: not-needed +Last-Update: 2024-03-06 + +--- a/build-system/builder/src/main/java/com/android/builder/internal/packaging/sign/SignatureExtension.java ++++ b/build-system/builder/src/main/java/com/android/builder/internal/packaging/sign/SignatureExtension.java +@@ -29,7 +29,8 @@ + + import org.apache.commons.codec.binary.Base64; + import org.bouncycastle.asn1.ASN1InputStream; +-import org.bouncycastle.asn1.DEROutputStream; ++import org.bouncycastle.asn1.ASN1OutputStream; ++import org.bouncycastle.asn1.ASN1Encoding; + import org.bouncycastle.cert.jcajce.JcaCertStore; + import org.bouncycastle.cms.CMSException; + import org.bouncycastle.cms.CMSProcessableByteArray; +@@ -610,12 +611,12 @@ + /* + * DEROutputStream is not closeable! OMG! + */ +- DEROutputStream dos = null; ++ ASN1OutputStream dos = null; + try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) { +- dos = new DEROutputStream(outputBytes); ++ dos = ASN1OutputStream.create(outputBytes, ASN1Encoding.DER); + dos.writeObject(asn1.readObject()); + +- DEROutputStream toClose = dos; ++ ASN1OutputStream toClose = dos; + dos = null; + toClose.close(); + } catch (IOException e) { +--- a/build-system/builder/src/main/java/com/android/builder/signing/SignedJarApkCreator.java ++++ b/build-system/builder/src/main/java/com/android/builder/signing/SignedJarApkCreator.java +@@ -33,7 +33,8 @@ + import com.google.common.io.Files; + + import org.bouncycastle.asn1.ASN1InputStream; +-import org.bouncycastle.asn1.DEROutputStream; ++import org.bouncycastle.asn1.ASN1OutputStream; ++import org.bouncycastle.asn1.ASN1Encoding; + import org.bouncycastle.cert.jcajce.JcaCertStore; + import org.bouncycastle.cms.CMSException; + import org.bouncycastle.cms.CMSProcessableByteArray; +@@ -400,7 +401,7 @@ + CMSSignedData sigData = gen.generate(data, false); + + try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) { +- DEROutputStream dos = new DEROutputStream(mOutputJar); ++ ASN1OutputStream dos = ASN1OutputStream.create(mOutputJar, ASN1Encoding.DER); + try { + dos.writeObject(asn1.readObject()); + } finally { diff -Nru android-platform-tools-base-2.2.2/debian/patches/der-output-stream.patch android-platform-tools-base-2.2.2/debian/patches/der-output-stream.patch --- android-platform-tools-base-2.2.2/debian/patches/der-output-stream.patch 1970-01-01 12:00:00.000000000 +1200 +++ android-platform-tools-base-2.2.2/debian/patches/der-output-stream.patch 2024-03-06 13:16:37.000000000 +1300 @@ -0,0 +1,30 @@ +Description: workaround removal of pkcs7.encodeSignedData(OutputStream) + pkcs7.encodeSignedData(OutputStream) was removed in Java 21. + Explicitly instantiate DerOutputStream to encode pkcs7 contents. +Author: Vladimir Petko <vladimir.pe...@canonical.com> +Bug-Ubuntu: https://bugs.launchpad.net/debian/+source/android-platform-tools-base/+bug/2056088 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058331 +Forwarded: not-needed +Last-Update: 2024-03-06 + +--- a/sdklib/src/main/java/com/android/sdklib/internal/build/SignedJarBuilder.java ++++ b/sdklib/src/main/java/com/android/sdklib/internal/build/SignedJarBuilder.java +@@ -25,6 +25,7 @@ + import sun.security.pkcs.SignerInfo; + import sun.security.x509.AlgorithmId; + import sun.security.x509.X500Name; ++import sun.security.util.DerOutputStream; + + import java.io.BufferedOutputStream; + import java.io.ByteArrayOutputStream; +@@ -394,6 +395,9 @@ + new X509Certificate[] { publicKey }, + new SignerInfo[] { signerInfo }); + +- pkcs7.encodeSignedData(mOutputJar); ++ try (DerOutputStream derout = new DerOutputStream()) { ++ pkcs7.encodeSignedData(derout); ++ mOutputJar.write(derout.toByteArray()); ++ } + } + } diff -Nru android-platform-tools-base-2.2.2/debian/patches/series android-platform-tools-base-2.2.2/debian/patches/series --- android-platform-tools-base-2.2.2/debian/patches/series 2023-02-03 03:01:58.000000000 +1300 +++ android-platform-tools-base-2.2.2/debian/patches/series 2024-03-06 13:16:37.000000000 +1300 @@ -22,3 +22,5 @@ ecj-compatibility.patch asm-dependency.patch add-exports.patch +der-output-stream.patch +bouncycastle177-compat.patch