aba5e8c281fb9c6be23229246473fa0b433dd997 |
|
25-May-2011 |
Brian Carlstrom <bdc@google.com> |
OpenSSLSocketImpl should tolerate X509KeyManager returning null values While this started out as the small fix in OpenSSLSocketImpl.setCertificate and the corresponding test test_SSLSocket_clientAuth_bogusAlias, the need to test the behavior of the X509KeyManager returning null on the RI led to test maintenance to get libcore.javax.net.ssl tests working on RI 7 thanks to a test dependency that was added on the new InetAddress.getLoopbackAddress(). Change-Id: I3d8ed1ce453cc3a0b53e23e39c02e6a71413649c
|
6c78b7b94c232063ec559436b48b33751373ecf1 |
|
19-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
Toward EC TLS support Summary: - javax.net.ssl tests are now working on the RI - KeyManager can now handle EC_EC and EC_RSA - OpenSSLSocketImpl.startHandshake now works if KeyManager contains EC certificates Details: Add CipherSuite.getKeyType to provide X509KeyManager key type strings, refactored from OpenSSLServerSocketImpl.checkEnabledCipherSuites. getKeyType is now also used in OpenSSLSocketImpl.startHandshake to avoid calling setCertificate for unnecessary key types. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java New CipherSuiteTest to cover new getKeyType as well as existing functionality luni/src/test/java/org/apache/harmony/xnet/provider/jsse/CipherSuiteTest.java Add support to KeyManager implementation for key types of the form EC_EC and EC_RSA. The first part implies the KeyPair algorithm (EC in these new key types) with a potentially different signature algorithm (EC vs RSA in these) luni/src/main/java/org/apache/harmony/xnet/provider/jsse/KeyManagerImpl.java Update NativeCrypto.keyType to support EC_EC and EC_RSA in addition to EC which was added earlier. Change from array of KEY_TYPES to named KEY_TYPE_* constants. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java Overhauled KeyManagerFactoryTest to cover EC, EC_EC, EC_RSA cases luni/src/test/java/libcore/javax/net/ssl/KeyManagerFactoryTest.java support/src/test/java/libcore/java/security/StandardNames.java Changed TestKeyStore.createKeyStore from always using BKS to now use JKS on the RI between BC EC Keys and RI X509 certificates. Because JKS requires a password, we now default "password" on the RI. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/javax/net/ssl/SSLContextTest.java support/src/test/java/libcore/java/security/StandardNames.java TestKeyStore.create now accepts key types like EC_RSA. Changed TestKeyStore.createKeys to allow a PrivateKeyEntry to be specified for signing to enable creation of EC_RSA test certificate. Added getRootCertificate/rootCertificate to allow lookup of PrivateKeyEntry for signing. Changed TestKeyStore.getPrivateKey to take explicit signature algorithm to retrieve EC_EC vs EC_RSA entries. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/java/security/KeyStoreTest.java luni/src/test/java/libcore/javax/net/ssl/KeyManagerFactoryTest.java luni/src/test/java/libcore/java/security/cert/PKIXParametersTest.java luni/src/test/java/libcore/javax/net/ssl/TrustManagerFactoryTest.java luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java support/src/test/java/libcore/java/security/StandardNames.java Added support for EC cipher suites on the RI. Also test with and without new TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher suite which is used to specify the new TLS secure renegotiation. luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java support/src/test/java/libcore/java/security/StandardNames.java New TestKeyManager and additional logging in TestTrustManager. Logging in both is disabled by default using DevNullPrintStream. support/src/test/java/libcore/javax/net/ssl/TestKeyManager.java support/src/test/java/libcore/javax/net/ssl/TestTrustManager.java support/src/test/java/libcore/java/io/DevNullPrintStream.java Bug: 3058375 Change-Id: Ia5e2a00a025858e10d1076b900886994b481e05a
|
f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8a |
|
30-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
CloseGuard: finalizers for closeable objects should log complaints Introducing CloseGuard which warns when resources are implictly cleaned up by finalizers when an explicit termination method, to use the Effective Java "Issue 7: Avoid finalizers" terminology, should have been used by the caller. libcore classes that can use CloseGuard now do so. Bug: 3041575 Change-Id: I4a4e3554addaf3075c823feb0a0ff0ad1c1f6196
|
4557728efb66c455a52b7669a8eefef7a9e54854 |
|
11-Aug-2010 |
Jesse Wilson <jessewilson@google.com> |
Moving tests to be under the libcore.* package. This is indended to make it easier to run on VMs that restrict the packages from which application classes can be loaded. For example, on the RI you need to use the bootclasspath to load these tests. Change-Id: I52193f35c5fcca18b5a3e1d280505b1e29b388af
|