Bouncycastle is only partially supported by Android. In its function as a Java Security Provider, it should be replaced by conscrypt.
As far as I can tell, Bouncycastle is only ever explicitly used for its HKDF implementation right now, which isn't part of the Java Cryptography Architecture and therefore not included in conscrypt. Bouncycastle is however a massive dependency just for HKDF, so I suggest using Tink for HKDF, as it's actually already a transitive dependency through the androidx.security:security-crypto library.
If you agree with changing this, I'd be happy to implement it.
theScrabi
commented
4 years ago
Bouncycastle is only partially supported by Android. In its function as a Java Security Provider, it should be replaced by conscrypt.
As far as I can tell, Bouncycastle is only ever explicitly used for its HKDF implementation right now, which isn't part of the Java Cryptography Architecture and therefore not included in conscrypt. Bouncycastle is however a massive dependency just for HKDF, so I suggest using Tink for HKDF, as it's actually already a transitive dependency through the
androidx.security:security-cryptolibrary.If you agree with changing this, I'd be happy to implement it.