| 6d2a17ab04ab0967e3bff7fe6280066ef66d1d76 |
|
11-Jun-2012 |
Geremy Condra <gcondra@google.com> |
Added basic cert pinning support.
This has four main changes:
First, it adds a CertPinManager to TrustManagerImpl that checks to
ensure that the chain is properly pinned.
Second, it adds the CertPinManager and associated classes to
implement cert pinning at this level.
Third, it changes the callers of checkServerTrusted to pass in a
hostname where possible, allowing them to make use of the pinning
transparently.
Finally, it changes checkServerTrusted to return the ultimate
chain that was verified, which is useful for implementing pinning
at a higher level.
cherry-picked from 5315f29b2de4aace0077b78f0b99634fda440b85
Change-Id: I150e010da3e2aeed57bd5330ff113d3a7fbbee2a
|
| 5315f29b2de4aace0077b78f0b99634fda440b85 |
|
11-Jun-2012 |
Geremy Condra <gcondra@google.com> |
Added basic cert pinning support.
This has four main changes:
First, it adds a CertPinManager to TrustManagerImpl that checks to
ensure that the chain is properly pinned.
Second, it adds the CertPinManager and associated classes to
implement cert pinning at this level.
Third, it changes the callers of checkServerTrusted to pass in a
hostname where possible, allowing them to make use of the pinning
transparently.
Finally, it changes checkServerTrusted to return the ultimate
chain that was verified, which is useful for implementing pinning
at a higher level.
Change-Id: I150e010da3e2aeed57bd5330ff113d3a7fbbee2a
|
| 20484654bc7c2407da40226d5188acfc37ee1c2b |
|
09-Aug-2011 |
Elliott Hughes <enh@google.com> |
Remove more cruft.
Unused imports and bogus comments.
(cherry-pick of 9af8c0318fac8bf03ee145da01b0c38a503791fc.)
Change-Id: I2bddb32028b71964407e86c4dbef5516673c27eb
|
| 7c935d4e4ca990334200cf5eb4fbcfac718c6b45 |
|
04-Jun-2012 |
gcollins <gcollins@antennasoftware.com> |
CertificateRequest should handle case where certificate is requested but none is available.
Android SSL client was not handling a CertificateRequest where there was no cert to send.
It had a problem because it was assuming that if the CertificateMessage response is not null,
it means there is a cert included, which is not true (if it has no cert to send an empty CertificateMessage
is sent to the server). So I updated the CertificateVerify creation check to also check whether the CertificateMessage
contained any certs (ClientHandshakeImpl.java).
In testing I found that the same error was in the server code so I made the same change there
(ServerHandshakeImpl.java).
I added two test cases to SSLEngineTest - one to directly test the scenario (test_SSLEngine_clientAuthWantedNoClientCert)
and one to just double-check that the server would not allow the connection if setNeedClientAuth (test_SSLEngine_clientAuthNeededNoClientCert).
Bug: http://code.google.com/p/android/issues/detail?id=31903
Change-Id: Ideb57d6ccbcdd54ca24dc3063e60aba2653c8414
|
| b9f9831a0800adbb6b67ab5bdc62292aa034992b |
|
28-Mar-2012 |
Brian Carlstrom <bdc@google.com> |
Use WRAP/UNWRAP for key exchange
Bug: http://code.google.com/p/android/issues/detail?id=12955
Change-Id: I1a2be021e0a22ec6a00ba354fb3f19a78c601be9
|
| 90b140190f219fd63ede200a63da40bf9e6ca98d |
|
06-Jun-2011 |
Elliott Hughes <enh@google.com> |
Remove some unnecessary cruft.
Change-Id: I8d83954d42f3511a24a44a33c3b28f04af6d3b82
|
| fb0ec0e650bf8be35acb0d47da0311a7c446aa33 |
|
14-Jan-2011 |
Elliott Hughes <enh@google.com> |
Remove useless android-changed comments.
I've changed useful ones to regular comments or TODOs, as appropriate.
I've left ones in code like java.util.concurrent where we really are
tracking an upstream source, making the change markers useful.
I've left a handful of others where I intend to actually investigate
the implied TODOs before deciding how to resolve them.
Change-Id: Iaf71059b818596351cf8ee5a3cf3c85586051fa6
|
| 4ae3fd787741bfe1b808f447dcb0785250024119 |
|
19-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
Elliptic Crypto support for OpenSSLSocketImpl
Summary:
- Enable Elliptic Crypto support for OpenSSL based SSLSocket instances
- More RI compliant usage of key types, client auth types, and server auth types
- Steps toward TLS_EMPTY_RENEGOTIATION_INFO_SCSV support, currently test updates
Details:
Elliptic Curve changes
CipherSuite updates for EC
- Adding KEY_EXCHANGE_EC* and corresponding CipherSuites Updated
isAnonymous, getKeyType (now renamed getServerKeyType) to handle
new EC cases. Added new getAuthType for use by
checkServerTrusted callers.
- Restructured code to handle two SUITES_BY_CODE_* arrays
- Remove KEY_EXCHANGE_DH_* definitions which unused because the
corresponding CipherSuites were previously disabled.
- Changed AES CipherSuites definitions to use "_CBC" to match other definitions.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
openssl EC
- NativeCrypto now registers TLS_EC_* cipher suites and has update default list
- Improved auth type arguments to checkClientTrusted/checkServerTrusted
- NativeCrypto support for emphemeral EC keys
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
luni/src/main/native/NativeCrypto.cpp
non-openssl SSL/TLS cleanups
- cleanup around code trying to cope with DiffieHellman vs DH since either should work.
- changed client to use new CipherSuite.getAuthType shared with NativeCrypto implementation
- changed server to use CipherSuite.getKeyType
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/HandshakeProtocol.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/KeyManagerImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java
Consolidate CertificateRequestType code into CipherSuite so that its
shared between java and openssl implementations. This includes the
KEY_TYPE_ string constants, TLS_CT_* byte constants and the 'String
keyType(byte)' (now renamed getClientKeyType) code that depends on them.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CertificateRequest.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java
Tests
Differentiate between supported list of cipher suites openssl-based
SSLSocket and SSLEngine based, since the SSLEngine code does not support EC.
luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java
luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java
Added testing for expected default cipher suites. Before we just ensured the values were valid.
luni/src/test/java/libcore/javax/net/ssl/SSLSocketFactoryTest.java
support/src/test/java/libcore/java/security/StandardNames.java
Updated to handle new EC cipher suites codes. Added test for new getClientKeyType.
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/CipherSuiteTest.java
Better use of "standard names" particularly to correctly deal with
the subtle differences between key types, client auth types, and
server auth types. TestKeyManager and TestTrustManager now verify
the values they are passed are acceptable.
support/src/test/java/libcore/java/security/StandardNames.java
support/src/test/java/libcore/javax/net/ssl/TestKeyManager.java
support/src/test/java/libcore/javax/net/ssl/TestTrustManager.java
Changed to timeout after 30 seconds and to log to reveal both client and server issues.
support/src/test/java/libcore/javax/net/ssl/TestSSLSocketPair.java
Bug: 3058375
Change-Id: I14d1d0285d591c99cc211324f3595a5be682cab1
|
| 7365de1056414750d0a7d1fdd26025fd247f0d04 |
|
12-Aug-2010 |
Jesse Wilson <jessewilson@google.com> |
Sorting imports.
Change-Id: I8347bc625480a1c37a1ed9976193ddfedeb00bbc
|
| 6882e31b7ce2d04ebbc91c7a55d7840e8fdce8a5 |
|
20-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Bring SSLSocketImpl and SSLEngine in line with OpenSSLSocketImpl's cipher suites
Wrote an interoperability test between our OpenSSL and SSLEngine
based SSLSocket implementations. Used it to flush out problems between
the implementations, which mostly were in the non-native implementation.
Filling out the SSLEngine (and therefore non-native SSLSocket) support
led to the list of supported and default cipher suites now being the
same as out OpenSSL SSLSocket. Most of the work was making the the
NULL, RC4, and AES ciphers work with SSLEngine as well as some minor
bug fixes in related code.
Summary:
- changing test_SSLSocket_getSupportedCipherSuites_connect to try all
combinations of our two SSLContext/SSLSocket implementations
- fixed SSLEngine with *_WITH_NULL_* CipherSuites to use javax.crypto.NullCipher
- added *_AES_* cipher suites to SSLEngine (and therefore Java SSLSocketImpl)
- remove *_DH_* cipher suites which are not supported by the RI or our OpenSSL implementation
- fixed Java SSLSocket to not handshake on accept so will pass the basic SSLSocketTest
- added new KeyManagerFactoryTest while testing "DH_" cipher suite key types
This change depends on restoring bouncycastle's RC4 implementation (separate CL in external/bouncycastle)
Details:
Fixed SSLEngine with *_WITH_NULL_* CipherSuites by use javax.crypto.NullCipher
expectations/knownfailures.txt
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateSSLv3.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateTLS.java
Previously I had changed the string name of CipherSuites from
"TLS_..." to "SSL_..." where appropriate to match the RI. Since I was
doing maintenance on overall list, I renamed the CODE_TLS_... and
TLS_... static fields as well to match.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
Removed IDEA and RC2 CipherSuites to make it clear they are not
supported. While technically this happened as a side effect of the
assignment "supported = false" if the CipherSuite failed to load, we
truly intend not to support these. Also removed SSH_DH_* suites which
don't work with DSA keys and aren't supported by the RI or our OpenSSL
implementation.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
Old connection state code assumed that if a cipher was blocked, the
block size was 8 bytes. This is not true for the 16 byte AES ciphers.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionState.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateSSLv3.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateTLS.java
No wonder our OpenSSL implementation incorrect did a startHandshake
when accepting the socket... it got it from the Java implementation.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
Test for KeyManagerFactory (and KeyManager). TestKeyStore now creates
KeyManagers and TrustManagers from the keystore as a convenience for
KeyManagerFactoryTest (instead of having the code in the
TestSSLContext where we didn't keep a pointer to the created values).
luni/src/test/java/javax/net/ssl/KeyManagerFactoryTest.java
support/src/test/java/java/security/StandardNames.java
support/src/test/java/java/security/TestKeyStore.java
support/src/test/java/javax/net/ssl/TestSSLContext.java
Remove CIPHER_SUITES_SSLENGINE now that its the same as CIPHER_SUITES
luni/src/test/java/javax/net/ssl/SSLEngineTest.java
support/src/test/java/java/security/StandardNames.java
test_SSLSocket_getSupportedCipherSuites_connect now does
interoperability testing not just between the default SSLContext's
SSLSockets but between the four combinations of our two SSLContext. It
also now sends some test data bi-directionally between the client and
server.
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
Changed TestSSLContext.create to allow a different Provider for the
client and server SSLContexts.
luni/src/test/java/javax/net/ssl/SSLEngineTest.java
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
support/src/test/java/javax/net/ssl/TestSSLContext.java
RC4 is now available in bouncycastle for the non-OpenSSL SSLContext to
use for parity with the OpenSSL implementation.
support/src/test/java/java/security/StandardNames.java
Changed TestSSLSocketPair to use Futures like NativeCryptoTest so its
easier to choose between client and server errors while debuging.
support/src/test/java/javax/net/ssl/TestSSLSocketPair.java
Removed bogus import
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Change-Id: I080c0343a3f86f27b7c191a7b80b585b9ca52d93
|
| b7eec62f6db198a76b67d7915b03e59189c6df4f |
|
02-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
TestKeyStore only use RSA by default & fixing SSLEngine client auth with DSA client and RSA server
Summary:
Goal here was to just make most tests faster by only having
TestKeyStore create RSA keys by default. However, when I did that
SSLEngineTest#test_SSLEngine_clientAuth started working, so I ended up
investigating a much deeper issue with DSA client authentication
against an RSA SSLEngine server.
Details:
Changed the TestKeyStore.get singleton to only contain RSA
keys. TestKeyStore.create now requires the caller enumerate what
keys they want if they need more than that or an alternative.
support/src/test/java/javax/net/ssl/TestKeyStore.java
Changed test_SSLSocket_getSupportedCipherSuites_connect to
explicitly request RSA and DSA keys since it needs both to try
connecting all possible cipher suites.
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
Fixing SSLEngine client authentication when server uses RSA but client uses DSA
Fixed java.net.ssl.SSLEngineTest#test_SSLEngine_clientAuth
expectations/knownfailures.txt
Added CiperSuite.authType field which contains the algorithm name
such as RSA, DSA, DH, that the client will use to authenticate the
server. Like the cipherName, hmacName, and hashName, this is
logically derivable from the the CiperSuite.KEY_EXCHANGE_*, but we
remember it to avoid repeatedly doing large cascading "if" tests to
determine which key algorithm should be used for each
case.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
Fixed a number of client certificate authentication bugs in SSLEngine
- Changed ClientHandshakeImpl's in the SSL/Tls Certificate message
code to mirror ServerHandshakeImpl's implementation to properly
use chooseEngineClientAlias in the SSLEngine case.
- Changed to use the client certifcates key algorithm for computing
the signature for the SSL/TLS CertificateVerify
message. Previously we used the cipher suites negoitated key
exchange method, but if the client may select a certificate with
a different algorithm if the server provides a CA for another
algorithm.
- Also changed to use CipherSuite.isAnonymous in two places rather
than the inlined equivalent.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java
Fixed client authentication to use the client's certificate (not
the server's) to do verify the CertificateVerify message signature.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java
Fixed bug in DigitalSignature which did not Signature.update in
verifySignature, so it could never have properly authenticated DSA
signatures.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java
Added CertificateMessage getAuthType convenience
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CertificateMessage.java
Made CertificateRequest certificate_authorities final, found we were double allocating it
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CertificateRequest.java
Cleaning up imports of HandshakeProtocol while working on its subclasses.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/HandshakeProtocol.java
Cleaned up while looking at X509KeyManager implementations while debugging.
support/src/test/java/org/apache/harmony/xnet/tests/support/X509KeyManagerImpl.java
Change-Id: I74b98754c11000cbfea416f1571c380c9c67abf3
|
| 7329fa972d9c20777444e5e1b13169d700de6567 |
|
29-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Fixes to support new dalvik.googlecode.com benchmarks
The following new benchmarks where tested with the below changes:
- DigestBenchmark
- MessageDigestBenchmark
- SSLSocketBenchmark
- SignatureBenchmark
Fix package name of OpenSSLProvider
luni/src/main/java/java/security/security.properties
Restore Java (vs OpenSSL) SSLSocket wrappers on SSLEngine for benchmarking
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketFactoryImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketFactoryImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketInputStream.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketOutputStream.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSocketWrapper.java
Restore HandshakeProtocol.socketOwner code for SSLSocket to function
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/HandshakeProtocol.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java
Remove unneeded OpenSSLMessageDigestJDK.getInstance since these are
registered via OpenSSLProvider and SHA224 which is not part of the RI.
We had already removed the BouncyCastle version of this.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigestJDK.java
luni/src/test/java/tests/targets/security/AllTests.java
luni/src/test/java/tests/targets/security/MessageDigestTestSHA224.java
luni/src/test/java/tests/targets/security/SignatureTestSHA224withRSA.java
Change-Id: I7daae7f0d9f50acad6df9157eac1b0133af83062
|
| aacf6f9741dea0f12fbff5e7696e53f251177280 |
|
20-May-2010 |
Brian Carlstrom <bdc@google.com> |
Enable Diffie-Hellman cipher suites
Enable Diffie-Hellman cipher suites in NativeCrypto (and in
StandardNames to match for testing). This means we now have the same
default cipher suite list as RI 5.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
support/src/test/java/javax/net/ssl/StandardNames.java
Enabling DH made it obvious that the RI check for enable cipher suites
on SSLServerSocket.accept was not as stringent as first
thought. Apparently they don't care if all enabled cipher suites have
certificates/keys, just that at least one of them will work, even if
its anonymous. Factored out the logic to check this into
checkEnabledCipherSuites for clarity along with the supporting
checkForPrivateKey. Also only check if the socket is in server mode,
since its fine to have nothing configured for server acting as a
client for handshake purposes.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java
The real work to enable Diffie-Hellman was to use
SSL_CTX_set_tmp_dh_callback to set a callback to get DH
parameters. There are two ways to create the parameters. The first is
to use DH_generate_parameters_ex which is very slow (minutes) as is
recommended as install time option. The second is to use
DSA_generate_parameters_ex followed by DSA_dup_DH, which is faster for
a single call, but must be done every time, so slower overall. We
currently take the second approach to just have DH working.
luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
Changed ephemeral RSA keys to be stored per SSL in AppData, not in a static global.
luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
Fix LS_ to TLS_ typo in commented out constant. Removed easy to miss wrapping in array definition.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
Renamed CipherSuites defaultPretendant to defaultCipherSuites which
led to renaming the CipherSuites constants to follow the coding style.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerKeyExchange.java
Change-Id: Ia38de48cabb699b24fe6e341ba79f34e3da8b543
|
| f33eae7e84eb6d3b0f4e86b59605bb3de73009f3 |
|
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove all trailing whitespace from the dalvik team-maintained parts of libcore.
Gentlemen, you may now set your editors to "strip trailing whitespace"...
Change-Id: I85b2f6c80e5fbef1af6cab11789790b078c11b1b
|
| 6b811c5daec1b28e6f63b57f98a032236f2c3cf7 |
|
03-May-2010 |
Peter Hallam <peterhal@google.com> |
Merge awt-kernel, icu, luni-kernel, prefs, security-kernel, x-net into luni
Merge xml except xmlpull and kxml into luni
|