ab8b84ad3847788d83da557606aa27d4102e6b52 |
13-Jul-2011 |
Fred Quintana <fredq@google.com> |
Make the KeyChain handled its own grants rather than having AccountManagerService handle them. Change-Id: I89d272b22766f85019c1f947153d69e6dbb74c68
ndroid/security/IKeyChainService.aidl
ndroid/security/KeyChain.java
|
74e6bd7b7783fb506d7525e9ba40aac980745eaf |
06-Jul-2011 |
Brian Carlstrom <bdc@google.com> |
Merge "New KeyChain API for credential installation"
|
db93b78385d694402760ad63de0795f3902030d9 |
01-Jul-2011 |
Brian Carlstrom <bdc@google.com> |
Build cert chain in KeyChain.getCertificateChain Bug: 4970298 Change-Id: Id91391233528edc2a4da5ebe92ec85d381f170de
ndroid/security/KeyChain.java
|
ca43c458ad0ee8cfa7f5eabc8ba1a65ae473976b |
30-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
New KeyChain API for credential installation Bug: 3497064 Change-Id: Ie5c20e87a436b7ab66258d08b719ab8bb1f1d86d
ndroid/security/KeyChain.java
|
a00a2b33ccc6bc079c3ee57a938f62947b48a001 |
29-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
KeyChain API for credential installation Bug: 3497064 Change-Id: I4ac4d8b5559496b1632d63c2129e2bafd240893f
ndroid/security/Credentials.java
ndroid/security/KeyChain.java
|
6da00334478df64921b68fcbb45c9d1eef6f35bd |
27-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
Moving ssl_certificate layout, resources, and helper code to SslCertificate Add IKeyChainService.deleteCaCertificate Change-Id: If42341bc732efcfe4f958c00cdd6c0fec11a3c75
ndroid/security/IKeyChainService.aidl
|
67c30dfe8e4bff11a4660ac23e8679b5deb59457 |
24-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
Replace KeyChainActivity placeholder UI with more polished dialog (1 of 5) frameworks/base Extended KeyChain.chooserPrivateKeyAlias to allow caller to supply preferred choice to be selected in chooser. This allows Email settings to highlight the current choice when allowing user to change settings. keystore/java/android/security/KeyChain.java api/current.txt Implemented KeyChain functionality to pass host and port information to KeyChainActivity for display. keystore/java/android/security/KeyChain.java KeyChain now sends a PendingIntent as part of the Intent it sends to the KeyChainActivity which can be used to identify the caller in reliable way. keystore/java/android/security/KeyChain.java Moved .pfx/.p12/.cer/.crt constants to Credentials for reuse. Added Credentials.install variant with no value for use from KeyChainActivity keystore/java/android/security/Credentials.java packages/apps/CertInstaller Source of extension constants now in Credentials src/com/android/certinstaller/CertFile.java packages/apps/Browser Have browser supply host and port information to KeyChain.choosePrivateKeyAlias Tracking KeyChain.choosePrivateKeyAlias API change src/com/android/browser/Tab.java packages/apps/Email Tracking KeyChain.choosePrivateKeyAlias API change src/com/android/email/view/CertificateSelector.java packages/apps/KeyChain KeyChain now depends on bouncycastle X509Name for formatting X500Principals, since the 4 X500Principal formatting options could not format emailAddress attributes in a human readable way and its the most important attribute to display for client certificates in most cases. Android.mk Changing the UI to a dialog, make the activity style transparent. AndroidManifest.xml res/values/styles.xml Layout for chooser dialog res/layout/cert_chooser.xml Layout for list items in chooser res/layout/cert_item.xml New resources for dialog including comments for translators. res/values/strings.xml New dialog based KeyChainActivity. Now also shows requesting app and requesting server. Now can preselect a specified alias. New link directly to CertInstaller. src/com/android/keychain/KeyChainActivity.java Fix KeyChainTestActivity to work with TestKeyStore changes that were causing network activity on the UI to look up the name of localhost. Also track KeyChain.choosePrivateKeyAlias API change. tests/src/com/android/keychain/tests/KeyChainTestActivity.java Change-Id: I07128fba8750f9a6bcb9c6be5da04df992403d69
ndroid/security/Credentials.java
ndroid/security/KeyChain.java
|
42f6528b988e3ae320cda63a2bd63d30d9e56183 |
10-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
New KeyChain API for application access to keystore credentials The KeyChain API is Currently in use by Browser and validated by Email for client certificate authentication. Change-Id: Ifeab416be594457a05747406e31656e71795cb53
ndroid/security/KeyChain.java
ndroid/security/KeyChainAliasCallback.java
ndroid/security/KeyChainException.java
|
93201f545b67da15cb69830a5988810aef52c0b2 |
10-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
KeyChain API refinements Change-Id: I177ab4642e6cd1aa13526c14f0a707175fd79655
ndroid/security/IKeyChainAliasCallback.aidl
ndroid/security/IKeyChainAliasResponse.aidl
ndroid/security/KeyChain.java
ndroid/security/KeyChainAliasCallback.java
ndroid/security/KeyChainAliasResponse.java
ndroid/security/KeyChainException.java
|
9d7faa91be6661eccf73494f1ab96ae9a28d42d7 |
07-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
Change KeyChain to assume PEM encoded keystore entries Summary: - Changed KeyChain to assume PEM encoded keystore entries - Moved convertToPem from CertInstaller for reuse with other Credentials helpers - Added convertFromPem for use decoding keystore entries Change-Id: I340168b88aefa458d01e81324824e2e08b1d7c4e
ndroid/security/Credentials.java
ndroid/security/KeyChain.java
|
7e4b1a488dd02c4bf6156379e36834e9e01c5b1b |
02-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
Restore ResponseCodes for use with getLastError Change-Id: I41b5bc9cbb6c05672c92d5864e889fd2b0186141
ndroid/security/KeyStore.java
|
5cfee3fabb3482c6a6df1c8b6f21e843cf214527 |
31-May-2011 |
Brian Carlstrom <bdc@google.com> |
Integrating keystore with keyguard (Part 1 of 4) Summary: frameworks/base keystore rewrite keyguard integration with keystore on keyguard entry or keyguard change KeyStore API simplification packages/apps/Settings Removed com.android.credentials.SET_PASSWORD intent support Added keyguard requirement for keystore use packages/apps/CertInstaller Tracking KeyStore API changes Fix for NPE in CertInstaller when certificate lacks basic constraints packages/apps/KeyChain Tracking KeyStore API changes Details: frameworks/base Move keystore from C to C++ while rewriting password implementation. Removed global variables. Added many comments. cmds/keystore/Android.mk cmds/keystore/keystore.h cmds/keystore/keystore.c => cmds/keystore/keystore.cpp cmds/keystore/keystore_cli.c => cmds/keystore/keystore_cli.cpp Changed saveLockPattern and saveLockPassword to notify the keystore on changes so that the keystore master key can be reencrypted when the keyguard changes. core/java/com/android/internal/widget/LockPatternUtils.java Changed unlock screens to pass values for keystore unlock or initialization policy/src/com/android/internal/policy/impl/PasswordUnlockScreen.java policy/src/com/android/internal/policy/impl/PatternUnlockScreen.java KeyStore API changes - renamed test() to state(), which now return a State enum - made APIs with byte[] key arguments private - added new KeyStore.isEmpty used to determine if a keyguard is required keystore/java/android/security/KeyStore.java In addition to tracking KeyStore API changes, added new testIsEmpty and improved some existing tests to validate expect values. keystore/tests/src/android/security/KeyStoreTest.java packages/apps/Settings Removing com.android.credentials.SET_PASSWORD intent with the removal of the ability to set an explicit keystore password now that the keyguard value is used. Changed to ensure keyguard is enabled for keystore install or unlock. Cleaned up interwoven dialog handing into discrete dialog helper classes. AndroidManifest.xml src/com/android/settings/CredentialStorage.java Remove layout for entering new password res/layout/credentials_dialog.xml Remove enable credentials checkbox res/xml/security_settings_misc.xml src/com/android/settings/SecuritySettings.java Added ability to specify minimum quality key to ChooseLockGeneric Activity. Used by CredentialStorage, but could also be used by CryptKeeperSettings. Changed ChooseLockGeneric to understand minimum quality for keystore in addition to DPM and device encryption. src/com/android/settings/ChooseLockGeneric.java Changed to use getActivePasswordQuality from getKeyguardStoredPasswordQuality based on experience in CredentialStorage. Removed bogus class javadoc. src/com/android/settings/CryptKeeperSettings.java Tracking KeyStore API changes src/com/android/settings/vpn/VpnSettings.java src/com/android/settings/wifi/WifiSettings.java Removing now unused string resources res/values-af/strings.xml res/values-am/strings.xml res/values-ar/strings.xml res/values-bg/strings.xml res/values-ca/strings.xml res/values-cs/strings.xml res/values-da/strings.xml res/values-de/strings.xml res/values-el/strings.xml res/values-en-rGB/strings.xml res/values-es-rUS/strings.xml res/values-es/strings.xml res/values-fa/strings.xml res/values-fi/strings.xml res/values-fr/strings.xml res/values-hr/strings.xml res/values-hu/strings.xml res/values-in/strings.xml res/values-it/strings.xml res/values-iw/strings.xml res/values-ja/strings.xml res/values-ko/strings.xml res/values-lt/strings.xml res/values-lv/strings.xml res/values-ms/strings.xml res/values-nb/strings.xml res/values-nl/strings.xml res/values-pl/strings.xml res/values-pt-rPT/strings.xml res/values-pt/strings.xml res/values-rm/strings.xml res/values-ro/strings.xml res/values-ru/strings.xml res/values-sk/strings.xml res/values-sl/strings.xml res/values-sr/strings.xml res/values-sv/strings.xml res/values-sw/strings.xml res/values-th/strings.xml res/values-tl/strings.xml res/values-tr/strings.xml res/values-uk/strings.xml res/values-vi/strings.xml res/values-zh-rCN/strings.xml res/values-zh-rTW/strings.xml res/values-zu/strings.xml res/values/strings.xml packages/apps/CertInstaller Tracking KeyStore API changes src/com/android/certinstaller/CertInstaller.java Fix for NPE in CertInstaller when certificate lacks basic constraints src/com/android/certinstaller/CredentialHelper.java packages/apps/KeyChain Tracking KeyStore API changes src/com/android/keychain/KeyChainActivity.java src/com/android/keychain/KeyChainService.java support/src/com/android/keychain/tests/support/IKeyChainServiceTestSupport.aidl support/src/com/android/keychain/tests/support/KeyChainServiceTestSupport.java tests/src/com/android/keychain/tests/KeyChainServiceTest.java Change-Id: Ic141fb5d4b43d12fe62cb1e29c7cbd891b4be35d
ndroid/security/KeyStore.java
|
ba1a667b1d6c95050f6c88316ac58fe9e0ff878b |
25-May-2011 |
Brian Carlstrom <bdc@google.com> |
Remove need for onActivityResult from KeyChain API Change-Id: I97bb9db06978f6dc039d22bfee116671d7b3e336
ndroid/security/IKeyChainAliasResponse.aidl
ndroid/security/IKeyChainService.aidl
ndroid/security/KeyChain.java
ndroid/security/KeyChainAliasResponse.java
ndroid/security/KeyChainResult.java
|
d752472d9abf03fda637d43716bc6bd632e1f5c3 |
18-May-2011 |
Brian Carlstrom <bdc@google.com> |
Move to KeyChain.bind Change-Id: Ic3c6e0e9be9bcfdc882cf97cec38cca70b23d0a1
ndroid/security/KeyChain.java
|
8e9929c4d0730de4c9f01435a7cfe2db8855e24d |
17-May-2011 |
Brian Carlstrom <bdc@google.com> |
Simplify KeyChain API by removing now unneeded CA certificate lookup (1 of 3) frameworks/base Remove getCaCertificates and findIssuer from IKeyChainService, these are now done via libcore's TrustedCertificateStore (as part of the default TrustManager implementation) keystore/java/android/security/IKeyChainService.aidl Simplify KeyChain API. Now that the CA certificates are visible through the default TrustManager, the KeyChain is solely focused on retrieving PrivateKeys and their associated certificates. The calling API for KeyChain to simply a single KeyChain.get() call that returns a KeyChainResult, removing the need for a KeyChain instance that needs to be closed. keystore/java/android/security/KeyChain.java keystore/java/android/security/KeyChainResult.java master/libcore Remove getDefaultIndexedPKIXParameters and getIndexedPKIXParameters which was used as part of the prototype of looking up CAs via the KeyChain but is obsoleted by the new default TrustManager implementation. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParametersImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java packages/apps/KeyChain Tracking simplified IKeyChainService, removing now unneeded implementation, updating tests. src/com/android/keychain/KeyChainService.java tests/src/com/android/keychain/tests/KeyChainServiceTest.java tests/src/com/android/keychain/tests/KeyChainTestActivity.java Change-Id: I847b28c2f467c85f24d2b693a2fecc1cb46426b4
ndroid/security/IKeyChainService.aidl
ndroid/security/KeyChain.java
ndroid/security/KeyChainResult.java
|
2627d53f65be672e9a27f735975de1bf3aebfec1 |
13-May-2011 |
Brian Carlstrom <bdc@google.com> |
Make CertInstaller installed CA certs trusted by applications via default TrustManager (1 of 6) frameworks/base Adding IKeyChainService APIs for CertInstaller and Settings use keystore/java/android/security/IKeyChainService.aidl libcore Improve exceptions to include more information luni/src/main/java/javax/security/auth/x500/X500Principal.java Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods. Added support for adding user CAs in a separate directroy for system. Added support for removeing system CAs by placing a copy in a sytem directory luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash to make sure the implementing algortims doe not change since TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to 1.0.0) luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Extensive test of new TrustedCertificateStore behavior luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java TestKeyStore improvements - Refactored TestKeyStore to provide simpler createCA method (and internal createCertificate) - Cleaned up to remove use of BouncyCastle specific X509Principal in the TestKeyStore API when the public X500Principal would do. - Cleaned up TestKeyStore support methods to not throw Exception to remove need for static blocks for catch clauses in tests. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/java/security/KeyStoreTest.java luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java packages/apps/CertInstaller Change CertInstaller to call IKeyChainService.installCertificate for CA certs to pass them to the KeyChainServiceTest which will make them available to all apps through the TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask. src/com/android/certinstaller/CertInstaller.java Added installCaCertsToKeyChain and hasCaCerts accessor for use by CertInstaller. Use hasUserCertificate() internally. Cleanup coding style. src/com/android/certinstaller/CredentialHelper.java packages/apps/KeyChain Added MANAGE_ACCOUNTS so that IKeyChainService.reset implementation can remove KeyChain accounts. AndroidManifest.xml Implement new IKeyChainService methods: - Added IKeyChainService.installCaCertificate to install certs provided by CertInstaller using the TrustedCertificateStore. - Added IKeyChainService.reset to allow Settings to remove the KeyChain accounts so that any app granted access to keystore credentials are revoked when the keystore is reset. src/com/android/keychain/KeyChainService.java packages/apps/Settings Changed com.android.credentials.RESET credential reset action to also call IKeyChainService.reset to remove any installed user CAs and remove KeyChain accounts to have AccountManager revoke credential granted to private keys removed during the RESET. src/com/android/settings/CredentialStorage.java Added toast text value for failure case res/values/strings.xml system/core Have init create world readable /data/misc/keychain to allow apps to access user added CA certificates installed by the CertInstaller. rootdir/init.rc Change-Id: I2e4b169cbb35d32d97f5d6a00d988fa389eadcb2
ndroid/security/IKeyChainService.aidl
|
4a9e1a2494f2e48b157506d7c731187907b7fd4e |
23-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Expose Credentials.UNLOCK_ACTION for callers that want to use startActivityForResult Change-Id: I729b2d8257bda3e7ff7858741ebd5415404880e7
ndroid/security/Credentials.java
|
b9a07c18e678da35b4c2a618b315fa174a21e818 |
11-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Adding KeyChain API and IKeyChainService Change-Id: Id3eaa2d1315481f199777b50e875811e3532988a
ndroid/security/IKeyChainService.aidl
ndroid/security/KeyChain.java
|
46703b099516c383a6882815bcf9cd4df0ec538d |
07-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Tolerate missing AccountManager resource, not just missing resource name In addition to the primary change in the subject, also some minor cleanup of javadoc, typos, CloseGuard warning, etc found while working on a new AbstractAccountAuthenticator. Change-Id: I73f3408773a43a0021a15f8d051fd3dbbdf898a5
ndroid/security/KeyStore.java
|
527f01e76d07b45bdf7ba97ffee0e9b358de658c |
20-Jan-2011 |
Chia-chi Yeh <chiachi@android.com> |
Update the path of the intent to unlock keystore. Change-Id: Ia81d0c172f2be6d04cba4db6e6798058f321605d
ndroid/security/Credentials.java
|
460c26e9875833dc494575b5c43f08c8baa15f34 |
12-Nov-2010 |
Elliott Hughes <enh@google.com> |
Use deliberately public API rather than org.apache cruft. InputStreamHelper is scheduled for deletion. As a bonus, the new code is more efficient. Change-Id: Ied8b87fa24f8506cf748b0d4c99ee7e2ae201483
ndroid/security/SystemKeyStore.java
|
8bdf5935c0db4a66ab33a10b43398d2523cfa15d |
15-Oct-2010 |
Dianne Hackborn <hackbod@google.com> |
Work on issue #3101415: Crespo apps seem to have their UID changed over time. fsync! Change-Id: Ie6c5397202579935ac69bf61d3e7b3081ecf269c
ndroid/security/SystemKeyStore.java
|
c5e630a004d144ba1d4cd1d37dd98eb70a7ec1d8 |
08-Oct-2010 |
Hung-ying Tyan <tyanh@google.com> |
Use explicit intent for installing credentials. http://b/issue?id=3020049 Change-Id: I429c5b2c9f3b876e6197894a9437952d71d5c472
ndroid/security/Credentials.java
|
8d578836dc4f9fb41532b8b3dd7a6b168d6f4f9d |
10-Sep-2010 |
Rich Cannings <richc@google.com> |
Remove the use of FileInputStream.available() Bug: 2976294 Change-Id: I34b13cedbf1d2338163ef74454817c318a3a24f5
ndroid/security/SystemKeyStore.java
|
34c47c855815d731e6deb55748ff690b0ec7b53f |
09-Mar-2010 |
Nick Kralevich <nnk@google.com> |
Don't rely on the system locale for converting to/from bytes. By default, when java converts Strings to bytes, it uses the default system locale. This can be specified by the -Dfile.encoding option. If no file encoding is specified, java uses ISO8859_1. Unfortunately, not all unicode characters can be mapped to ISO8859_1. Unmappable characters may be replaced by a byte within ISO8859_1, which may change the meaning of the String. This is especially problematic for password strings, and has been used to compromise the security of passwords in the past. Thankfully, Android uses UTF-8 by default, so this bug doesn't effect Android devices. However, it's recommended to explicitly list the character set when converting to/from bytes to avoid the potential ambiguity. Change-Id: Iec927e27ed3fc103696c439f6bd3e8779a37ade8
ndroid/security/KeyStore.java
|
1ff8fee7c8e4fcd4ef12c6c5d1055b7eccf5809b |
22-Feb-2010 |
Oscar Montemayor <oam@google.com> |
Better file permissions enforcement on system keystore.
ndroid/security/SystemKeyStore.java
|
d12feb97667498378a472c5a7895a9fcd8056ec5 |
06-Feb-2010 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: minor improvements. Make constants final. Only converts ArrayLists to arrays when necessary.
ndroid/security/KeyStore.java
|
b62e8132df0d19a39a700324475b3df2de78e0b0 |
15-Jan-2010 |
Oscar Montemayor <oam@google.com> |
Apps on SD card. Added support for retrieving and generating keys as Hex Strings.
ndroid/security/SystemKeyStore.java
|
8da98e30d8b2ae6e203f769dab0d6ec34cab3011 |
06-Jan-2010 |
Oscar Montemayor <oam@google.com> |
Apps on SD card project. A simple keystore to store system-only key material, by leveraging file system access permissions.
ndroid/security/SystemKeyStore.java
|
8c596c6cce542dcd5c73e8b1aaef666757e36ec4 |
24-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: remove classes used by old keystore.
ndroid/security/Reply.java
ndroid/security/ServiceCommand.java
|
f1ece5d0c16fa3e79390e41ad9bec020c77d7720 |
24-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: return null when response code indicates an error.
ndroid/security/KeyStore.java
|
ec05c46ea9d1dc175b09f93df0b9fea5a43b2d5a |
24-Sep-2009 |
Hung-ying Tyan <tyanh@google.com> |
Remove old keystore and related files.
ndroid/security/CertTool.java
ndroid/security/Keystore.java
|
613fcc850686dfe71cec9809c3694be9cf02cdc7 |
21-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: rename scan() to saw().
ndroid/security/KeyStore.java
|
44039172627d1c15737ea73836ad375559d76211 |
21-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: add java interface.
ndroid/security/Credentials.java
ndroid/security/KeyStore.java
|
9b7a3f1a6437605022568cad0b92d5006a2ab391 |
17-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
Add a helper class to send out credentials. Change-Id: I9a550c6edc55d5c2c601223c011922b183cb4d30
ndroid/security/Credentials.java
|
5b680802b6774491fbcee69e394d097d4bfcf42e |
16-Sep-2009 |
Hung-ying Tyan <tyanh@google.com> |
Fix a minor bug in is_alnum_string()... and remove some verbose logging
ndroid/security/ServiceCommand.java
|
a7df557aa2573a4718c7bbd069268e62bc036753 |
11-Sep-2009 |
Hung-ying Tyan <tyanh@google.com> |
Add tests and misc fixes on keystore. * Refactor netkeystore.c to make client and server code testable. * Add a client test for setting new passwd and changing passwd. * Exclude "." and ".." from reset_keystore(). * Change ServerCommand.executeCommand() to accept variable length of arguments and add convert() to marshalling the args to bytes. * Keystore.java is revised accordingly.
ndroid/security/Keystore.java
ndroid/security/ServiceCommand.java
|
9249cc69b83c7b055ae477c4539bdc451fe7f9b9 |
08-Sep-2009 |
Hung-ying Tyan <tyanh@google.com> |
Add two CertTool helper classes. Also add the unlock action string to Keystore.
ndroid/security/CertTool.java
ndroid/security/Keystore.java
|
801b73f661cbdf92de94b7e552a190fcbbdc3168 |
07-Sep-2009 |
Chung-yih Wang <cywang@google.com> |
Replace the delimiter whitespace with '\0'. + Use '\0' as the delimiter. + Allow whitespace character for keystore password. In previous implementation, we use space as the delimiter. That will stop user from using passphrase with whitespace character.
ndroid/security/Keystore.java
|
09960230bf3d46ec1e7cbcfd8b07dfe007b9fa96 |
01-Sep-2009 |
Chung-yih Wang <cywang@google.com> |
Store CA certificate chain into one single key entry with PEM format. Extract all CA certificates in a PKCS12 keystore into a single entry in keystore with multiple PEMs.
ndroid/security/CertTool.java
|
20a1156c6fd30f3ec1336894d6ae7e00298ad65b |
31-Jul-2009 |
Hung-ying Tyan <tyanh@google.com> |
Make certificate-handling-related constants public
ndroid/security/CertTool.java
|
f1ab36f9ab82220de679ff0ca5164995b7d30214 |
05-Aug-2009 |
repo sync <cywang@google.com> |
Fix network order for marshalling in keystore interface. This will fix the endian issue for heterogeneous architectures in keystore marshalling interface.
ndroid/security/ServiceCommand.java
|
dc1d5704a725d207b98de1b117847297958d9148 |
03-Aug-2009 |
Chung-yih Wang <cywang@google.com> |
Fix the auto notification cleanup when vpn is disconnected. + add the log print if the browser give the incorrect data in addCertificate().
ndroid/security/CertTool.java
|
e81f51f44b4cfb8316de1d206038414ee6f6e96b |
01-Aug-2009 |
Hung-ying Tyan <tyanh@google.com> |
Change some log.i to log.d.
ndroid/security/ServiceCommand.java
|
fd3db87e28e5b9ed186a15944234f6ff520773c6 |
28-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Support x509-user-cert mime type in browser. + Fix the public key matching and intent parameter mismatch.
ndroid/security/CertTool.java
|
719eba5bb1fbc72e3b55450f16b38a6be5640055 |
24-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Change to SPKAC certificate request format for keygen.
ndroid/security/CertTool.java
|
24988b34919d65d4e66be69ec0885154c47e85b7 |
22-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Cleanup the old keystore APIs.
ndroid/security/Keystore.java
|
22726cf8174fe00a097c89b8da397b10626cdd00 |
21-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Return error codes for storing the key/cert in addPkcs12Keystore()
ndroid/security/CertTool.java
|
c9c119e7338cab292385118229f884a88fead3a2 |
16-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Support addPkcs12Keystore function in CertTool library. The function will be called from the credential storage for decoding the pkcs12 file and saving the certs/keys into mini-keystore.
ndroid/security/CertTool.java
|
699ca3f2518360ea3250ff5a0e5d39e122c64a91 |
04-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Add password field for WiFi configuration. 1. the certtool.h is modified for avoiding the side effect, for saving the configuration with wpa_supplicant. 2. put the loadLibrary back in CertTool.java 3. Fix incorrect JNI declarations.
ndroid/security/CertTool.java
|
bf20b9963add781a35de658f3228760015a163c9 |
02-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Migrate to the CertTool library. Keystore is reimplemented and it is mainly for storing (key, value) pair generically. The certificate related APIs are moved to the class CertTool instead. Updates: Provide the getInstance() which gives the singleton. Fix the missing construction of the BIO in cert.c.
ndroid/security/CertTool.java
|
116d890aea63a4191a93412f5cecf5defad25201 |
03-Jul-2009 |
Hung-ying Tyan <tyanh@google.com> |
Fix null data handling in ServiceCommand.writeCommand()
ndroid/security/ServiceCommand.java
|
fa927c046a916fceb077d1ecf2552d76e73da912 |
02-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Remove the null-termination for Java string compatibility. 1. Also change the keyname delimiter in CertTool.java. 2. Return NOTFOUND if the result.len==0 in the listKeys(). 3. Define the keystore states in the class Keystore.
ndroid/security/CertTool.java
ndroid/security/Keystore.java
|
eec11827a6c06b029030f43c8d54fd871cc3347d |
01-Jul-2009 |
Chung-yih Wang <cywang@google.com> |
Add CertTool for handling the keygen and certificate download. 1. Have the new Keystore for mini-keystore impelemntation. 2. Add CertTool library and jni dll for handling keygen and certificates. 3. Make Reply hidden. 4. Revert some 'incorrect' change and correct the description.
ndroid/security/CertTool.java
ndroid/security/Keystore.java
ndroid/security/Reply.java
ndroid/security/ServiceCommand.java
|
3af8e9389e008c0076b86cc6b3c6f005e7473d10 |
20-Jun-2009 |
Grace Kloba <klobag@google.com> |
Change addCertificate to take byte[] instead of String as we don't know the encoding. In WebView, if we run into the certificate, we will save it to the Keystore instead of sending it to the WebKit.
ndroid/security/Keystore.java
|
6d531bf0513de7778c380d649bc0e554478f78f9 |
16-Jun-2009 |
Chung-yih Wang <cywang@google.com> |
Change the keystore APIs. 1. simplify the keypair selection in UI. 2. add the user certificate and key into the keystore for keygen feature.
ndroid/security/Keystore.java
|
396c69ca8d938c8705faf602b87729072bf8839c |
16-Jun-2009 |
Hung-ying Tyan <tyanh@google.com> |
Change the first parameter of Keystore.generateKeyPair() to int. * changes change the parameter to the index to the supported key strengths remove the exception class as it is not useful now
ndroid/security/Keystore.java
ndroid/security/UnsupportedKeyStrengthException.java
|
1d51e50d5d484c5d9e620b1d6736adc9aa99ae84 |
16-Jun-2009 |
Hung-ying Tyan <tyanh@google.com> |
Add keygen API to Keystore.
ndroid/security/Keystore.java
ndroid/security/UnsupportedKeyStrengthException.java
|
10e371f18247dc7fb64bfa0f0528501acc17be79 |
10-Jun-2009 |
Chung-yih Wang <cywang@google.com> |
Provide the Keystore feature in the framework. -- added the keystore library for Java application. -- changed the marshalling of the keystore function return.
ndroid/security/Keystore.java
ndroid/security/ServiceCommand.java
|