| 32c2297a959b72abdb18743f0519e1d8b7c7ea88 |
|
17-Mar-2011 |
Elliott Hughes <enh@google.com> |
Remove bogus "super()" calls.
I've left one in java.util.concurrent, since we have an upstream there.
Change-Id: I60945e48a41433fc7eaef6086433ec4bf434097f
|
| ad41624e761bcf1af9c8008eb45187fc13983717 |
|
07-Jan-2011 |
Elliott Hughes <enh@google.com> |
Retire SecurityManager.
This change removes all the code that was calling getSecurityManager, and
removes all use of AccessController.doPrivileged. It also changes the
implementation of AccessController so it doesn't actually do anything; it's
only there for source-level compatibility.
Bug: 2585285
Change-Id: I1f0295a4f12bce0316d8073011d8593fee116f71
|
| 6812a2e8bb43d9a875633a9ba255d9882c63e327 |
|
14-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
Rename internal SSLParameters to SSLParametersImpl to avoid collision with new javax.net.ssl.SSLParameters
Bug: 2672817
Change-Id: Iadf21b848eaf8850fce22721b9ba3739ab2e9fca
|
| 7365de1056414750d0a7d1fdd26025fd247f0d04 |
|
12-Aug-2010 |
Jesse Wilson <jessewilson@google.com> |
Sorting imports.
Change-Id: I8347bc625480a1c37a1ed9976193ddfedeb00bbc
|
| 6882e31b7ce2d04ebbc91c7a55d7840e8fdce8a5 |
|
20-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Bring SSLSocketImpl and SSLEngine in line with OpenSSLSocketImpl's cipher suites
Wrote an interoperability test between our OpenSSL and SSLEngine
based SSLSocket implementations. Used it to flush out problems between
the implementations, which mostly were in the non-native implementation.
Filling out the SSLEngine (and therefore non-native SSLSocket) support
led to the list of supported and default cipher suites now being the
same as out OpenSSL SSLSocket. Most of the work was making the the
NULL, RC4, and AES ciphers work with SSLEngine as well as some minor
bug fixes in related code.
Summary:
- changing test_SSLSocket_getSupportedCipherSuites_connect to try all
combinations of our two SSLContext/SSLSocket implementations
- fixed SSLEngine with *_WITH_NULL_* CipherSuites to use javax.crypto.NullCipher
- added *_AES_* cipher suites to SSLEngine (and therefore Java SSLSocketImpl)
- remove *_DH_* cipher suites which are not supported by the RI or our OpenSSL implementation
- fixed Java SSLSocket to not handshake on accept so will pass the basic SSLSocketTest
- added new KeyManagerFactoryTest while testing "DH_" cipher suite key types
This change depends on restoring bouncycastle's RC4 implementation (separate CL in external/bouncycastle)
Details:
Fixed SSLEngine with *_WITH_NULL_* CipherSuites by use javax.crypto.NullCipher
expectations/knownfailures.txt
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateSSLv3.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateTLS.java
Previously I had changed the string name of CipherSuites from
"TLS_..." to "SSL_..." where appropriate to match the RI. Since I was
doing maintenance on overall list, I renamed the CODE_TLS_... and
TLS_... static fields as well to match.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
Removed IDEA and RC2 CipherSuites to make it clear they are not
supported. While technically this happened as a side effect of the
assignment "supported = false" if the CipherSuite failed to load, we
truly intend not to support these. Also removed SSH_DH_* suites which
don't work with DSA keys and aren't supported by the RI or our OpenSSL
implementation.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
Old connection state code assumed that if a cipher was blocked, the
block size was 8 bytes. This is not true for the 16 byte AES ciphers.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionState.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateSSLv3.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateTLS.java
No wonder our OpenSSL implementation incorrect did a startHandshake
when accepting the socket... it got it from the Java implementation.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
Test for KeyManagerFactory (and KeyManager). TestKeyStore now creates
KeyManagers and TrustManagers from the keystore as a convenience for
KeyManagerFactoryTest (instead of having the code in the
TestSSLContext where we didn't keep a pointer to the created values).
luni/src/test/java/javax/net/ssl/KeyManagerFactoryTest.java
support/src/test/java/java/security/StandardNames.java
support/src/test/java/java/security/TestKeyStore.java
support/src/test/java/javax/net/ssl/TestSSLContext.java
Remove CIPHER_SUITES_SSLENGINE now that its the same as CIPHER_SUITES
luni/src/test/java/javax/net/ssl/SSLEngineTest.java
support/src/test/java/java/security/StandardNames.java
test_SSLSocket_getSupportedCipherSuites_connect now does
interoperability testing not just between the default SSLContext's
SSLSockets but between the four combinations of our two SSLContext. It
also now sends some test data bi-directionally between the client and
server.
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
Changed TestSSLContext.create to allow a different Provider for the
client and server SSLContexts.
luni/src/test/java/javax/net/ssl/SSLEngineTest.java
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
support/src/test/java/javax/net/ssl/TestSSLContext.java
RC4 is now available in bouncycastle for the non-OpenSSL SSLContext to
use for parity with the OpenSSL implementation.
support/src/test/java/java/security/StandardNames.java
Changed TestSSLSocketPair to use Futures like NativeCryptoTest so its
easier to choose between client and server errors while debuging.
support/src/test/java/javax/net/ssl/TestSSLSocketPair.java
Removed bogus import
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Change-Id: I080c0343a3f86f27b7c191a7b80b585b9ca52d93
|
| 7329fa972d9c20777444e5e1b13169d700de6567 |
|
29-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Fixes to support new dalvik.googlecode.com benchmarks
The following new benchmarks where tested with the below changes:
- DigestBenchmark
- MessageDigestBenchmark
- SSLSocketBenchmark
- SignatureBenchmark
Fix package name of OpenSSLProvider
luni/src/main/java/java/security/security.properties
Restore Java (vs OpenSSL) SSLSocket wrappers on SSLEngine for benchmarking
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketFactoryImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketFactoryImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketInputStream.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketOutputStream.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketWrapper.java
Restore HandshakeProtocol.socketOwner code for SSLSocket to function
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/HandshakeProtocol.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java
Remove unneeded OpenSSLMessageDigestJDK.getInstance since these are
registered via OpenSSLProvider and SHA224 which is not part of the RI.
We had already removed the BouncyCastle version of this.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigestJDK.java
luni/src/test/java/tests/targets/security/AllTests.java
luni/src/test/java/tests/targets/security/MessageDigestTestSHA224.java
luni/src/test/java/tests/targets/security/SignatureTestSHA224withRSA.java
Change-Id: I7daae7f0d9f50acad6df9157eac1b0133af83062
|