| 99b4489d0555c6e0e5df941cbfad4cf250c8f0b8 |
|
07-Jun-2013 |
Elliott Hughes <enh@google.com> |
Fix @deprecated javadoc orthography.
Change-Id: I6db6d91e21b8e1aca5b5338534196fd5bdef8a06
|
| a2805c5e3a29414dc9d600a5322d0bc4491fddd6 |
|
28-May-2013 |
Kenny Root <kroot@google.com> |
Use the jarjar names of security providers
The platform was using the security.properties file, but running the
tests outside of the platform was using the registerDefaultProviders()
call. Those won't work with a jarjar'd library.
Change-Id: If0472d99b45c274a63003c53bf91a37bfb23fda4
|
| 38375a4d0b3d34e2babbd2f6a013976c7c439696 |
|
24-Apr-2013 |
Kenny Root <kroot@google.com> |
Move JSSE to new package
To help with shipping the JSSE with apps that want to bundle it, move
it to a new package so that the tangles in other parts of the library
can be untangled.
Change-Id: I810b6861388635301e28aee5b9b47b8e6b35b430
|
| 7d0ed36dc9b07dc16f309360373833f86a418c3e |
|
08-Mar-2013 |
Kenny Root <kroot@google.com> |
Revert "Put DRLCertFactory as first provider"
OpenSSL provider now passes all the tests.
This reverts commit b01f3e895e3ae81bdf9c054ada18c503a2f01086.
|
| b01f3e895e3ae81bdf9c054ada18c503a2f01086 |
|
06-Mar-2013 |
Kenny Root <kroot@google.com> |
Put DRLCertFactory as first provider
In order to safely check-in the OpenSSL X.509 certificate provider, move
DRLCertFactory to the top so it is selected while the OpenSSL-backed one
is finished up.
Change-Id: I16ce61b47027d5b369dca84ac9ea69b9391c9e88
|
| d43b9ef11a1095967a3396b246639b563e1a4128 |
|
12-Sep-2012 |
Kenny Root <kroot@google.com> |
Add consistent reasons for NullPointerException
Semi-automated replacement of empty and non-conforming
NullPointerException reason messages.
(cherry-pick of 86acc043d3334651ee26c65467d78d6cefedd397.)
Change-Id: I6d893979f5c20a50e841e32af9fd7b2d8bc9d54d
|
| 86acc043d3334651ee26c65467d78d6cefedd397 |
|
12-Sep-2012 |
Kenny Root <kroot@google.com> |
Add consistent reasons for NullPointerException
Semi-automated replacement of empty and non-conforming
NullPointerException reason messages.
Change-Id: Iedeb4b21949e973c4042ce5982dda315f2e785e1
|
| a7ef55258ac71153487357b861c7639d627df82f |
|
22-Feb-2011 |
Elliott Hughes <enh@google.com> |
Simplify internal libcore logging.
Expose LOGE and friends for use from Java. This is handy because it lets me use
printf debugging even when I've broken String or CharsetEncoder or something
equally critical. It also lets us remove internal use of java.util.logging,
which is slow and ugly.
I've also changed Thread.suspend/resume/stop to actually throw
UnsupportedOperationException rather than just logging one and otherwise
doing nothing.
Bug: 3477960
Change-Id: I0c3f804b1a978bf9911cb4a9bfd90b2466f8798f
|
| ad41624e761bcf1af9c8008eb45187fc13983717 |
|
07-Jan-2011 |
Elliott Hughes <enh@google.com> |
Retire SecurityManager.
This change removes all the code that was calling getSecurityManager, and
removes all use of AccessController.doPrivileged. It also changes the
implementation of AccessController so it doesn't actually do anything; it's
only there for source-level compatibility.
Bug: 2585285
Change-Id: I1f0295a4f12bce0316d8073011d8593fee116f71
|
| a695e8fafadd2591cd148e78f19bc6d7c15121bb |
|
05-Jan-2011 |
Jesse Wilson <jessewilson@google.com> |
Just use String for upper case/lower case operations.
Change-Id: If686975f659412c555684ed0032694e854e3aa8c
http://b/2183747
|
| a5c608e59f9d574ea4bc65e9dff44aae2f34fd26 |
|
01-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
TrustManager improvements
Overhaul of TrustManagerImpl
- PKIXParameters can now be final in TrustManagerImpl because we
always immediately create an IndexedPKIXParameters instead of only
doing it in SSLParametersImpl.createDefaultTrustManager.
- Use new KeyStore constructor for IndexedPKIXParameters to remove
duplicate logic for creating set of TrustAnchors from a KeyStore.
- Improved checkTrusted/cleanupCertChain to remove special cases for
directly trusting the end cert or pruning only self signed certs. To
support b/2530852, we need to stop prune the chain as soon as we
find any trust anchor (using newly improved
TrustManagerImpl.isTrustAnchor), which could be at the beginning,
middle, or end. That means cleanupCertChain can return an empty
chain if everything was trusted directly. (and we don't need to do
extra checks on exception cases to see if the problem was just that
the trust anchor was in the chain)
- isDirectlyTrusted -> isTrustAnchor here as well, using new
IndexedPKIXParameters.isTrustAnchor APIs
- Fix incorrect assumption in getAcceptedIssuers that all TrustAnchor
instances have non-null results for getTrustedCert.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
Removed indexing in createDefaultTrustManager since we always index now
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParametersImpl.java
Overhaul of IndexedPKIXParameters
- Single map from subject X500Principal to TrustAnchors
instead of two different X500Principal keyed maps to check
- Removed map based on encoded cert. For b/2530852, we want to treat
certs as equal if they have the same name and public key, not
byte-for-byte equality, which can be done with the remaining map.
Revamped isDirectlyTrusted into isTrustAnchor(cert) to perform this
new name/key based comparison.
- Added helper isTrustAnchor(cert, anchors) to reuse code in
non-IndexedPKIXParameters case in TrustManagerImpl.
- Added constructor from KeyStore
- Moved anchor indexing code to index() from old constructor
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java
TestKeyStore.getPrivateKey allowed some existing test simplification.
luni/src/test/java/libcore/java/security/KeyStoreTest.java
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
support/src/test/java/libcore/java/security/TestKeyStore.java
Added missing "fail()" before catching expected exceptions.
luni/src/test/java/libcore/java/security/KeyStoreTest.java
Expanded KeyManagerFactoryTest to excercise ManagerFactoryParameters b/1628001
luni/src/test/java/libcore/javax/net/ssl/KeyManagerFactoryTest.java
Added KeyStoreBuilderParametersTest because I thought I saw a bug in
KeyStoreBuilderParameters, but this convinced me otherwise.
luni/src/test/java/libcore/javax/net/ssl/KeyStoreBuilderParametersTest.java
New TrustManagerFactory test modeled on expanded KeyManagerFactoryTest.
test_TrustManagerFactory_intermediate specifically is targeting the
new functionality of b/2530852 to handling trust anchors within the
chain.
luni/src/test/java/libcore/javax/net/ssl/TrustManagerFactoryTest.java
support/src/test/java/libcore/java/security/StandardNames.java
Some initial on tests for Elliptic Curve (b/3058375) after the RI
started reporting it was supported. Removed old @KnownFailure
tags. Skipped a test on the RI that it can't handle. Improved some
assert messages.
luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java
luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java
support/src/test/java/libcore/java/security/StandardNames.java
support/src/test/java/libcore/java/security/TestKeyStore.java
Removed unneeded bytes->javax->bytes->java case of which can just go bytes->java directly.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
Removed super()
luni/src/main/java/javax/net/ssl/KeyStoreBuilderParameters.java
Made Security.secprops final
luni/src/main/java/java/security/Security.java
Pulled SamplingProfiler fix from dalvik-dev branch
git cherry-pick --no-commit f9dc3450e8f23cab91efc9df99bb860221ac3d6c
dalvik/src/main/java/dalvik/system/SamplingProfiler.java
Bug: 2530852
Change-Id: I95e0c7ee6a2f66b6986b3a9da9583d1ae52f94dd
|
| 735f93475d1d54ad7b2d1c2376adc0fcf4d4c7a1 |
|
05-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
Favor Harmony's CertificateFactory.X509 over BouncyCastle's
Bug: 2225935
Change-Id: Ibca92c9fa34fc539ebb8ea86fb0ced62e3dbe5de
|
| 7365de1056414750d0a7d1fdd26025fd247f0d04 |
|
12-Aug-2010 |
Jesse Wilson <jessewilson@google.com> |
Sorting imports.
Change-Id: I8347bc625480a1c37a1ed9976193ddfedeb00bbc
|
| 12cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9 |
|
23-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Remove libcore's dependency on bouncycastle
external/bouncycastle
- Change to be the primary build for bouncycastle sources (as opposed to part of libcore)
- Moved OpenSSLMessageDigest from libcore to OpenSSLDigest
It uses NativeCrypto API from core, but implements a bouncycastle specific interface
- restored registration of bouncycastle MessageDigests for SHA-1, SHA-256, MD5
OpenSSLProvider versions take precedence, but explicit provider of "BC" allows choice
- enabled native versions of SHA-384 and SHA-512
- pruned MD4 implementation
frameworks/base
- frameworks and CoreTests modules now depend on bouncycastle
- update preloades classes for NativeBN package change
- moved CryptoTest to libcore
libcore
- core now builds without bouncycastle sources
- core-tests, core-tests-support, core-tests-supportlib now depend on bouncycastle
- removed libcore/openssl directory, moving NativeBN to java/math
- minor cleanup of Provider, Security, Services style while working on ProviderTest
- added new OpenSSLProvider registered as first provider to have
priority over the others to ensure our native implementations are used
- moved BouncyCastle to have priority as a provider over Harmony
- JarVerifier and JarUtils now implicitly use OpenSSLMessageDigest
- Cleanedup OpenSSLSignature, implementation needs to be finished to move to OpenSSLProvider
- To avoid using PEMWriter from BouncyCastle, NativeCrypto now takes binary encoded certs and keys
This is more efficient as well avoiding the base64 decode/encode of the binary data
- removed SHA-224 to match the RI
packages/apps/CertInstaller
- CertificateInstaller module now depends on bouncycastle
this is the only app to depend on bouncycastle
system/core
- updated BOOTCLASSPATH
Change-Id: I6205366b12baec4331b4a76e2c85d8324bf64b2c
|
| 897538a36c18f4db8f9f68ee566aec0bda842e9f |
|
29-May-2010 |
Elliott Hughes <enh@google.com> |
Remove the last exception message catalog.
Bug: 1251121
Change-Id: I45931b9ff908531bda06d6569a4e9618986f821b
|
| f33eae7e84eb6d3b0f4e86b59605bb3de73009f3 |
|
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove all trailing whitespace from the dalvik team-maintained parts of libcore.
Gentlemen, you may now set your editors to "strip trailing whitespace"...
Change-Id: I85b2f6c80e5fbef1af6cab11789790b078c11b1b
|
| fd6bb3510c2f94d636f3572dcf5f7f4dcd1a2726 |
|
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove //$NON-NLS-\d$ cruft.
Mostly done by perl(1), with manual cleanup of the few misspelled instances.
This makes our trailing whitespace slightly worse, but I'll fix all that with
a follow-on change.
Change-Id: I0b4ca98819be6f9519c4ba980d759bd1ee1a0303
|
| cec4dd4b1d33f78997603d0f89c0d0e56e64dbcd |
|
26-Apr-2010 |
Peter Hallam <peterhal@google.com> |
merge more modules into luni
|