From 4c644ac2ef70bf0ffa37a1ab64217a862c011cf5 Mon Sep 17 00:00:00 2001
From: Kevin Jones <kevin@vcsjones.com>
Date: Fri, 19 Nov 2021 02:59:51 +0000
Subject: [PATCH 1/3] Fix Android cryptraphic primitive asserts.

---
 .../pal_evp.c                                          |  4 +---
 .../pal_hmac.c                                         |  4 ++--
 .../pal_rsa.c                                          |  4 +++-
 .../Cryptography/HashProviderDispenser.OpenSsl.cs      | 10 ++++++++++
 4 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_evp.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_evp.c
index 3156d524503fd2..04ff98209b0c4b 100644
--- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_evp.c
+++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_evp.c
@@ -50,9 +50,7 @@ static jobject GetMessageDigestInstance(JNIEnv* env, intptr_t type)
 
 int32_t CryptoNative_EvpDigestOneShot(intptr_t type, void* source, int32_t sourceSize, uint8_t* md, uint32_t* mdSize)
 {
-    abort_if_invalid_pointer_argument (source);
-
-    if (!type || !md || !mdSize || sourceSize < 0)
+    if (!type || !md || !mdSize || sourceSize < 0 || (sourceSize > 0 && !source))
         return FAIL;
 
     JNIEnv* env = GetJNIEnv();
diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_hmac.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_hmac.c
index 7632eed59050fd..0dccef8d2c590c 100644
--- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_hmac.c
+++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_hmac.c
@@ -82,10 +82,10 @@ int32_t CryptoNative_HmacReset(jobject ctx)
 
 int32_t CryptoNative_HmacUpdate(jobject ctx, uint8_t* data, int32_t len)
 {
-    if (!ctx)
+    // Callers are expected to skip update calls with no data.
+    if (!ctx || !data || len <= 0)
         return FAIL;
 
-    abort_if_invalid_pointer_argument (data);
     JNIEnv* env = GetJNIEnv();
     jbyteArray dataBytes = make_java_byte_array(env, len);
     (*env)->SetByteArrayRegion(env, dataBytes, 0, len, (jbyte*)data);
diff --git a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_rsa.c b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_rsa.c
index 54613c6e64b513..91fcc38ffb29e3 100644
--- a/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_rsa.c
+++ b/src/libraries/Native/Unix/System.Security.Cryptography.Native.Android/pal_rsa.c
@@ -44,10 +44,12 @@ PALEXPORT void AndroidCryptoNative_RsaDestroy(RSA* rsa)
 
 PALEXPORT int32_t AndroidCryptoNative_RsaPublicEncrypt(int32_t flen, uint8_t* from, uint8_t* to, RSA* rsa, RsaPadding padding)
 {
-    abort_if_invalid_pointer_argument (from);
     abort_if_invalid_pointer_argument (to);
     abort_if_invalid_pointer_argument (rsa);
 
+    if ((flen > 0 && !from) || flen < 0)
+        return RSA_FAIL;
+
     JNIEnv* env = GetJNIEnv();
 
     int32_t ret = RSA_FAIL;
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/HashProviderDispenser.OpenSsl.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/HashProviderDispenser.OpenSsl.cs
index 669faad082928a..ab439c615c9efd 100644
--- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/HashProviderDispenser.OpenSsl.cs
+++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/HashProviderDispenser.OpenSsl.cs
@@ -94,6 +94,11 @@ public EvpHashProvider(IntPtr algorithmEvp)
 
             public override void AppendHashData(ReadOnlySpan<byte> data)
             {
+                if (data.IsEmpty)
+                {
+                    return;
+                }
+
                 _running = true;
                 Check(Interop.Crypto.EvpDigestUpdate(_ctx, data, data.Length));
             }
@@ -166,6 +171,11 @@ public HmacHashProvider(IntPtr algorithmEvp, ReadOnlySpan<byte> key)
 
             public override void AppendHashData(ReadOnlySpan<byte> data)
             {
+                if (data.IsEmpty)
+                {
+                    return;
+                }
+
                 _running = true;
                 Check(Interop.Crypto.HmacUpdate(_hmacCtx, data, data.Length));
             }

From 9ed54d242c2e4215c6378275430e612a8d971cf4 Mon Sep 17 00:00:00 2001
From: Kevin Jones <kevin@vcsjones.com>
Date: Fri, 19 Nov 2021 13:23:08 -0500
Subject: [PATCH 2/3] Add missing TargetsAndroid define

---
 .../tests/System.Security.Cryptography.Tests.csproj            | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj b/src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj
index 7b7211285d8478..9a72b40c5971ef 100644
--- a/src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj
+++ b/src/libraries/System.Security.Cryptography/tests/System.Security.Cryptography.Tests.csproj
@@ -6,6 +6,9 @@
     <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
     <EnableDllImportGenerator>true</EnableDllImportGenerator>
   </PropertyGroup>
+  <PropertyGroup>
+    <UseAndroidCrypto Condition="'$(TargetsAndroid)' == 'true'">true</UseAndroidCrypto>
+  </PropertyGroup>
   <ItemGroup>
     <Compile Include="$(CommonTestPath)System\IO\ConnectedStreams.cs"
              Link="Common\System\IO\ConnectedStreams.cs" />

From 7e9afd1cec146c8454087dd1386d296bc38b0a35 Mon Sep 17 00:00:00 2001
From: Kevin Jones <kevin@vcsjones.com>
Date: Fri, 19 Nov 2021 13:33:18 -0500
Subject: [PATCH 3/3] Exclude RC2 one shot tests on Android

---
 .../AlgorithmImplementations/RC2/RC2CipherOneShotTests.cs        | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RC2/RC2CipherOneShotTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RC2/RC2CipherOneShotTests.cs
index 24d2befc125c4d..1fae853ae27081 100644
--- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RC2/RC2CipherOneShotTests.cs
+++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/RC2/RC2CipherOneShotTests.cs
@@ -10,6 +10,7 @@
 namespace System.Security.Cryptography.Encryption.RC2.Tests
 {
     [SkipOnPlatform(TestPlatforms.Browser, "Not supported on Browser")]
+    [ConditionalClass(typeof(RC2Factory), nameof(RC2Factory.IsSupported))]
     public class RC2CipherOneShotTests : SymmetricOneShotBase
     {
         protected override byte[] Key => new byte[]