Original change: undetermined

Change-Id: I62a06c86525381274fc100060b440aa9bc515045
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

Request Document: go/android3p
For CL Reviewers: go/android3p#reviewing-a-cl
For Build Team: go/ab-third-party-imports
Bug: http://b/395909261
Original import of the code can be found at: https://googleplex-android.googlesource.com/platform/external/tink-java/+/refs/heads/third-party-review.
Security Questionnaire: http://b/395909261#comment1
Test: Manual testing

Change-Id: Idad8d9193c589ce32c8894958a6324f0a99f0449

PiperOrigin-RevId: 707033290
Change-Id: I8562ccaf68b99d7bf1e124d11da0b3542e9a0491

PiperOrigin-RevId: 706789066
Change-Id: I4e758ed164f5ca6a686e64db4e5144d7c10e248d

Also, do some refactoring to AesCmacPrfTestUtil:
- Rename to just "TestVector".
- Add a create function.

And let WycheproofTestUtil.readJson throw IOException instead of Exception.

PiperOrigin-RevId: 705532834
Change-Id: I293805381dc5ae7ae95c0104363990ff4a343654

PiperOrigin-RevId: 705410844
Change-Id: Ib695b3f2d6d2e993bef49d5ae281e409875ea142

This allows you to apply it at the narrowest possible scope, rather than on the enclosing method/class, e.g.

```
@AccessesPartialKey
var key =
    AesGcmKey.builder()
        .setParameters(...)
        .setKeyBytes(...)
        .build();
```

PiperOrigin-RevId: 704693926
Change-Id: I4b5520f3ba71b4d8560cebb7c1cd647caf72a755

PiperOrigin-RevId: 702765219
Change-Id: Id87c40896a6cfa06492d8d3fa44a055c0bda664a

This is the same as in C++ and in the cross language tests. It would be good to add more and also do decryption. I want to add more, but I prefer to at least do it for at least C++ and Java at the same time.

PiperOrigin-RevId: 702640386
Change-Id: I27500871df3678871bba91c6caf23183e669ef18

Also, refactor the tests a bit.

PiperOrigin-RevId: 701896627
Change-Id: Ie639fe8832b2ebaf84ea2b3af0cb3239e9efede8

Fix typos in AndroidKeystore

Fixed a few typos and added hyphens to adjectives with numbers.

Closes ##48

PiperOrigin-RevId: 701001909
Change-Id: I338a831326cb2aaa9ee8855eee9629a758488b11

PiperOrigin-RevId: 700499139
Change-Id: I48bda335be536cebf2caf85adc428cb8010f5eeb

Make X-AES-GCM Predefined Parameter naming consistent with the [C2SP](https://github.com/C2SP/C2SP/blob/main/XAES-256-GCM.md) Spec

PiperOrigin-RevId: 700114924
Change-Id: I8b95c61f62e2dfec0696e7311452254c1e7aa7d7

When AesCmac was refactored from the Mac to the Prf interface, these tests were left unchanged, so they still test the PrfAesCmac via the Mac interface. It's better to directly test PrfAesCmac. This also allows us to remove some tests.

Also, move the FIPS test case into its own test. This allows us to remove some assume statements.

PiperOrigin-RevId: 699859081
Change-Id: Id077b7a582f5ae093400265096cd8cafdc81a474

PiperOrigin-RevId: 698740312
Change-Id: Ib41fcfe456bcd4d75e6080124a87a3815b82f9d9

PiperOrigin-RevId: 698739705
Change-Id: I34e714677ef4226034c50ce52500ab5537c4618d

PiperOrigin-RevId: 698381768
Change-Id: I4d97aee7cf67c617565a2d0a39ca4e5ff7842e80

PiperOrigin-RevId: 698353972
Change-Id: I9f7bc6b20299c9cb2ec310b08812149c80da4555

PiperOrigin-RevId: 698343849
Change-Id: I8ed36c07b8d9036e3fcefc081542d4e9828574eb

PiperOrigin-RevId: 698015764
Change-Id: Id79586e5711f8d9982a705a3ae0491288d4e6030

PiperOrigin-RevId: 697953615
Change-Id: I0ba28195f5004cb122456309686580646224d3e5

PiperOrigin-RevId: 697592425
Change-Id: I8694fd37b9042ff9cdbe9bbcca4fd0707705dcdd

PiperOrigin-RevId: 696899020
Change-Id: Ic106e5ed828c4d8dfaf91b1dc7217dbd17da9226

NOTE: The test vector for `LEGACY` keys was generate appending a `0x00` byte to the original message.
PiperOrigin-RevId: 696825082
Change-Id: I8f4ac19e77e9e7e594faa0787dbf9e38ccd6e647

Android uses Conscrypt and has support since API level 31. This increases the performance by a factor of 3-5, and also lowers the memory usage.

PiperOrigin-RevId: 695240015
Change-Id: I63efaa8743a2d299423f3f353b0ce4595b956d14

PiperOrigin-RevId: 694403603
Change-Id: I3bf87bb260e13f161fdf2810fe91059b43fc4d39

PiperOrigin-RevId: 694067972
Change-Id: I289a44569abf5bdfe8e6ca0d441c0d50b66c0af7

PiperOrigin-RevId: 693715147
Change-Id: Ic3463594f04c6de40a5a05e15fa8298a07e0c921

Implementations of the StreamingAEAD interface should achives nOAE, and not OAE2 security.

PiperOrigin-RevId: 693249896
Change-Id: I338bae6220536d09864c39c6e7a7d4ef06e9798c

PiperOrigin-RevId: 693123259
Change-Id: I8ffb27bbce668bba87ed6fe8e78f2bb1dbbb3ae6

PiperOrigin-RevId: 691821140
Change-Id: I5e95a6f4b459b8511fed4a57bfaf7cc34fb8f63f

PiperOrigin-RevId: 691749033
Change-Id: I77edb9badb1c96a63a4b1a9a40736cb7960be6c1

This doesn't change the behavior, and still uses the same algorithm. But it will make it simpler to use X25519Conscrypt in the future.

PiperOrigin-RevId: 691726633
Change-Id: I80f05fa31088e2e9d71efbd9e125c38cdeaa5440

PiperOrigin-RevId: 691444837
Change-Id: Ic18a7cb6396fbcce2eff98b1537d6c7bff1a3c2d

Android uses Conscrypt and has support since API level 31. This increases the performance by a factor of 3-5, and also lowers the memory usage.

PiperOrigin-RevId: 691378379
Change-Id: Ic1e86a0be97d84655479258ea4dae4976e5fe452

Our implementation doesn't work with Bouncycastle, and we don't intend to add support. Since the main goal here is to support Conscrypt, it is better to limit this class to only use Conscrypt. This also makes the testing easier.

We also make it an object so that we can keep the same provider instance.

Additinally, we add an interface for X25519, so that we can provide the pure Java implementation from subtle using the same interface.

PiperOrigin-RevId: 691002085
Change-Id: I7b7692bb789637d006d58adeacb8b88a18a98196

Upgrade protobuf to 4.28.2

The version currently in use (4.28.0) is vulnerable to [CVE-2024-7254](https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-735f-pc8j-v9w8).

Closes ##46

PiperOrigin-RevId: 690919955
Change-Id: Ieb980bacccc7a2b3f0aa585eb514896ed1ca9599

Fix examples in Tink's javadocs to reflect the latest recommended way to use `KeysetHandle::getPrimitive`.

PiperOrigin-RevId: 690630446
Change-Id: Ief48b161e4ebf2420506b06da6b090ef583288e5