Do not run Bazel with a custom JAVA_HOME, because Bazel now comes with an embedded JDK9 for running itself and the host tools.

PiperOrigin-RevId: 206848312
GitOrigin-RevId: 7858df73f14c76e16d4b7444b346ebc737f5c341

PiperOrigin-RevId: 206842990
GitOrigin-RevId: 3b5b9a7eb2c0ea8db804bdce72e688a3b8c705f2

PiperOrigin-RevId: 206805592
GitOrigin-RevId: d2f6d3fd28e53ac323650486ca74754eac9d4417

PiperOrigin-RevId: 206775553
GitOrigin-RevId: 84021ec16c42a4e43c4df618c9534bcba3a8a9a4

PiperOrigin-RevId: 206773274
GitOrigin-RevId: 16d81d868a62309a73b9bf6d05fd675cfd871497

Change signature constructor to accept HashType instead of signature algorithm, because it works more reliably.

PiperOrigin-RevId: 206736012
GitOrigin-RevId: b1a198e13a380b9bf208c606aa3adec3fd6d7bc2

 + Add EcdsaSignatureEncoding parameter into constructor of ecdsa_sign/verify_boringssl
 + str2bn/bn2str subtle_util_boringssl.
 + Methods transform back and forth between IEEE_P1363 and DER encoding.

The rests of changes are just consequences of constructor change.

PiperOrigin-RevId: 206673897
GitOrigin-RevId: b41a79aed3c317ed6104e945dc1834bb4df0b358

PiperOrigin-RevId: 206672018
GitOrigin-RevId: 92a051513d577c53562a4be8e72bc448f1e89a45

PiperOrigin-RevId: 206649350
GitOrigin-RevId: 996777a20ce05a07c41c6fffa2b4f0652ab27a80

PiperOrigin-RevId: 206364889
GitOrigin-RevId: ec5048ca6494104e2197b6f956b95a2e201afc7f

PiperOrigin-RevId: 206342564
GitOrigin-RevId: 3e0e15cb40395fd6f9e5af917c23c84de081b532

Make str2bn return a bssl::UniquePtr instead of a raw pointer, in order to avoid easy to miss memory leaks.

This also should fix the existing potential leak in rsa_ssa_pss_verify_boringssl.cc.

PiperOrigin-RevId: 206331453
GitOrigin-RevId: 8fd6f92082c695ca6e390065ab689138cdbaf1a6

PiperOrigin-RevId: 206279840
GitOrigin-RevId: d77309c992f7328cb4ef4ad193e82d8d175003a4

Modify constructor of EcdsaSignJce to throw GeneralSecurityException.

PiperOrigin-RevId: 206063228
GitOrigin-RevId: 6c7516734da5b49f4055718d87f1da47b24ba890

PiperOrigin-RevId: 206051640
GitOrigin-RevId: c48ddf5fbdd7152044e20a21820849578980d60c

Performing the checks in both release.sh (to fail early) and run_test.sh (where they're actually required).

Also, quoting cleanup in run_test.sh.

PiperOrigin-RevId: 206040628
GitOrigin-RevId: da6dc3b744001940260512cfbfd76b1943ffdb71

PiperOrigin-RevId: 206035572
GitOrigin-RevId: daf347df71221d2033fac1a6d624f3a7a7106c41

PiperOrigin-RevId: 206028981
GitOrigin-RevId: 6d07e2ccb2f7c0b94a30d5d1be6f7169456253dc

The test now handles test vectors with invalid tags correctly.

PiperOrigin-RevId: 205958958
GitOrigin-RevId: 6c64ae5239ec65709a4aee69621e03f733de1774

PiperOrigin-RevId: 205833627
GitOrigin-RevId: e8e4149a655917a39dd45e4f4df1ba6fdcde240d

Fix a typo name in go proto

PiperOrigin-RevId: 205828380
GitOrigin-RevId: 801c5b0d5d10cfc34857df93624ebbb23c89cb67

This allows to skip whole test groups and hence leads to less output
in the test logs.

PiperOrigin-RevId: 205820927
GitOrigin-RevId: 65390684270505d89a5446f86bcee5388c7942bb

*** Reason for rollback ***

We split rsa PSS from PKCS1, this encoding is not needed.

*** Original change description ***

Add enum RsaSignatureEncoding

***

PiperOrigin-RevId: 205695849
GitOrigin-RevId: 6a207fb0de4aa24def3531e6f663b978099c67db

PiperOrigin-RevId: 205657904
GitOrigin-RevId: 7523f0021d17b79ab9eb4f365dd17ac65bbb4711

Swift-friendly initializers for TinkRegistryConfig. It wasn't possible to call the initializers due to a bug in Swift bridging of returned error argument to throwable.

Also, whitelist Voice iOS for cleartext.

PiperOrigin-RevId: 205459460
GitOrigin-RevId: 1cd4873c7fc77d10bd1b7baab7edd0ea10b2d97f

PiperOrigin-RevId: 205453513
GitOrigin-RevId: 7813e3d687b6c798fd476c28647d5deb26349ec3

PiperOrigin-RevId: 205358501
GitOrigin-RevId: db2d087b424a0fcd1fb94e4d6fc6904d4c1d429d

PiperOrigin-RevId: 205358322
GitOrigin-RevId: 859f5844a331d5f5f232abce28c22eb0770fc71d

Crunchy uses this format for ephemeral points in hybrid encryption.

PiperOrigin-RevId: 205294945
GitOrigin-RevId: 8e670c4bef2084717a8d149a646b4e4a3c790a0b

PiperOrigin-RevId: 205230447
GitOrigin-RevId: 1dbfa6a5013fd35f356bd6f795801713de0dce61

PiperOrigin-RevId: 205223825
GitOrigin-RevId: 5f0cda50bf3291e9ccef132729bb3e7a5400557b

PiperOrigin-RevId: 205110275
GitOrigin-RevId: ea401a11f7712928b5b997e160ca37c47e640995

Extending validation of key/format parameters.

PiperOrigin-RevId: 205088914
GitOrigin-RevId: 4d5e1e82a4b4bd7045b8c1de8798273d91c53934

PiperOrigin-RevId: 205080507
GitOrigin-RevId: 350da8300cba50deca4f3e326a92ff6a12c42430

*** Reason for rollback ***

I fixed the broken builds in AdSpam.

*** Original change description ***

Automated g4 rollback of changelist 205009482.

*** Reason for rollback ***

TAP has detected that 10 or more targets failed to build at cl/205009482.
If this is an error, please file a bug at go/autorollback-bug.
TAP checked that the following target built at cl/205009481 but failed to build at cl/205009482.
 To see all broken targets, please visit http://test/205009482.
 You can also see the results on sponge for the broken targets:
  https://sponge.corp.google.com/invocations?searchFor=label%...

***

PiperOrigin-RevId: 205080258
GitOrigin-RevId: d6c88086f1e28f0b959954330f9301da0e048d93

*** Reason for rollback ***

TAP has detected that 10 or more targets failed to build at cl/205009482.
If this is an error, please file a bug at go/autorollback-bug.
TAP checked that the following target built at cl/205009481 but failed to build at cl/205009482.
 To see all broken targets, please visit http://test/205009482.
 You can also see the results on sponge for the broken targets:
  https://sponge.corp.google.com/invocations?searchFor=label%3Atap+label%3Apostsubmit+cl%3A205009482+target%3A%2F%2Fwireless%2Fandroid%2Fapps%2Fafma%2Fsignals%2Frestricted%2Ftesting%2Fsignalchecker%3AProtoCheckerTest+TAP_BUILD_FLAGS_SUFFIX%3ACAMQBVhe
and for for previously passing target:
  https://sponge.corp.google.com/invocations?searchFor=label%3Atap+label%3Apostsubmit+cl%3A205009481+target%3A%2F%2Fwireless%2Fandroid%2Fapps%2Fafma%2Fsignals%2Frestricted%2Ftesting%2Fsignalchecker%3AProtoCheckerTest+TAP_BUILD_FLAGS_SUFFIX%3ACAMQBVhe
Questions? Comments? See the URL: go/autorollback

*** Original change description ***

Implementations of KeysetReader should always return new KeysetReader instances.

***

PiperOrigin-RevId: 205012951
GitOrigin-RevId: 99e91f1bd905d93ab76a11e9e5e178dc8873d12c

It's similar to LEGACY, but it uses a randomly generated key id.

PiperOrigin-RevId: 205010378
GitOrigin-RevId: d2fa6b16b2e2fe7dd67aedef9adbb97819c24537

PiperOrigin-RevId: 205009482
GitOrigin-RevId: cf0148128e3da07d9e0870475277383980ae0076

GitOrigin-RevId: db4c55dc6c9a7daeb59b8decb8ee997e8781e6e0

NoExternal

PiperOrigin-RevId: 204765216
GitOrigin-RevId: 7f20929c10b907bd272219a27d6ee55487654283