86acc043d3334651ee26c65467d78d6cefedd397 |
12-Sep-2012 |
Kenny Root <kroot@google.com> |
Add consistent reasons for NullPointerException Semi-automated replacement of empty and non-conforming NullPointerException reason messages. Change-Id: Iedeb4b21949e973c4042ce5982dda315f2e785e1
uth/Subject.java
uth/x500/X500Principal.java
|
eb1d33cde8b3ebdaf32daaa83eac684ea901d57f |
08-Jun-2011 |
Elliott Hughes <enh@google.com> |
Kill more dead code and tests. Change-Id: I2de9c90823a369b9fcef595219fa68c4c61fd5b6
uth/SubjectDomainCombiner.java
uth/package.html
|
e26b27faf689c17b7894c78caee32432176349ec |
04-Jun-2011 |
Elliott Hughes <enh@google.com> |
Remove more dead "security theater" cruft. There's probably still more stuff lying around that isn't useful, but this was all I had time for on this particular Friday afternoon... Change-Id: I69593f6c9ab5534d581c703cc85a9766ba8e40e5
uth/AuthPermission.java
uth/PrivateCredentialPermission.java
|
1b3c5388d0fffde4392007eb1b0be011a5dfae82 |
12-May-2011 |
Brian Carlstrom <bdc@google.com> |
Make CertInstaller installed CA certs trusted by applications via default TrustManager (2 of 6) frameworks/base Adding IKeyChainService APIs for CertInstaller and Settings use keystore/java/android/security/IKeyChainService.aidl libcore Improve exceptions to include more information luni/src/main/java/javax/security/auth/x500/X500Principal.java Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods. Added support for adding user CAs in a separate directory for system. Added support for removing system CAs by placing a copy in a sytem directory luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash to make sure the implementing algorithms doe not change since TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to 1.0.0) luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Extensive test of new TrustedCertificateStore behavior luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java TestKeyStore improvements - Refactored TestKeyStore to provide simpler createCA method (and internal createCertificate) - Cleaned up to remove use of BouncyCastle specific X509Principal in the TestKeyStore API when the public X500Principal would do. - Cleaned up TestKeyStore support methods to not throw Exception to remove need for static blocks for catch clauses in tests. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/java/security/KeyStoreTest.java luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Added private PKIXParameters contructor for use by IndexedPKIXParameters to avoid wart of having to lookup and pass a TrustAnchor to satisfy the super-class sanity check. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java luni/src/main/java/java/security/cert/PKIXParameters.java packages/apps/CertInstaller Change CertInstaller to call IKeyChainService.installCertificate for CA certs to pass them to the KeyChainServiceTest which will make them available to all apps through the TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask. src/com/android/certinstaller/CertInstaller.java Added installCaCertsToKeyChain and hasCaCerts accessor for use by CertInstaller. Use hasUserCertificate() internally. Cleanup coding style. src/com/android/certinstaller/CredentialHelper.java packages/apps/KeyChain Added MANAGE_ACCOUNTS so that IKeyChainService.reset implementation can remove KeyChain accounts. AndroidManifest.xml Implement new IKeyChainService methods: - Added IKeyChainService.installCaCertificate to install certs provided by CertInstaller using the TrustedCertificateStore. - Added IKeyChainService.reset to allow Settings to remove the KeyChain accounts so that any app granted access to keystore credentials are revoked when the keystore is reset. src/com/android/keychain/KeyChainService.java packages/apps/Settings Changed com.android.credentials.RESET credential reset action to also call IKeyChainService.reset to remove any installed user CAs and remove KeyChain accounts to have AccountManager revoke credential granted to private keys removed during the RESET. src/com/android/settings/CredentialStorage.java Added toast text value for failure case res/values/strings.xml system/core Have init create world readable /data/misc/keychain to allow apps to access user added CA certificates installed by the CertInstaller. rootdir/init.rc Change-Id: Ief57672eea38b3eece23b14c94dedb9ea4713744
uth/x500/X500Principal.java
|
4f11ebea266eada830d507b8f011e811a8e5d7bc |
20-Apr-2011 |
Elliott Hughes <enh@google.com> |
Add getnameinfo(3) (and gai_strerror(3)). There's quite a large corresponding change to InetAddress, plus I've changed the documentation for all the Permission classes to match the handful that we'd already documented as legacy cruft. Bug: http://b/3107501 Change-Id: Ia67aba79f0ab13e64085bd4a2df20ad0776bcc5b
uth/AuthPermission.java
uth/PrivateCredentialPermission.java
|
32c2297a959b72abdb18743f0519e1d8b7c7ea88 |
17-Mar-2011 |
Elliott Hughes <enh@google.com> |
Remove bogus "super()" calls. I've left one in java.util.concurrent, since we have an upstream there. Change-Id: I60945e48a41433fc7eaef6086433ec4bf434097f
uth/DestroyFailedException.java
uth/PrivateCredentialPermission.java
uth/Subject.java
uth/SubjectDomainCombiner.java
uth/callback/PasswordCallback.java
uth/callback/UnsupportedCallbackException.java
uth/login/LoginException.java
ert/X509Certificate.java
|
b16edf548fa6bb9cd93b238e7820bc92195e5e2f |
25-Feb-2011 |
Elliott Hughes <enh@google.com> |
Fix more FindBugs warnings: BC_EQUALS_METHOD_SHOULD_WORK_FOR_ALL_OBJECTS. "The equals(Object o) method shouldn't make any assumptions about the type of o. It should simply return false if o is not the same type as this." Change-Id: Ib16eb57e8876ec117634b4c9b069a4dccc61c657
uth/PrivateCredentialPermission.java
|
78e3320540c8bdcbefba5ae1222ee18f6679ab33 |
13-Jan-2011 |
Elliott Hughes <enh@google.com> |
Most callers of toLowerCase/toUpperCase should pass Locale.US to avoid problems in Turkey. Some callers should be replaced with equalsIgnoreCase instead. The one exception is StreamTokenizer, where the RI uses the default locale, which is arguably the right thing to do. No-one cares because that's legacy API, but I've added a test anyway. I've left HttpCookie and GeneralName for my co-conspirators because the appropriate resolutions aren't as obvious there... Bug: 3325637 Change-Id: Ia37a1caaa91b11763ae43e61e445adb45c30f793
uth/x500/X500Principal.java
|
ad41624e761bcf1af9c8008eb45187fc13983717 |
07-Jan-2011 |
Elliott Hughes <enh@google.com> |
Retire SecurityManager. This change removes all the code that was calling getSecurityManager, and removes all use of AccessController.doPrivileged. It also changes the implementation of AccessController so it doesn't actually do anything; it's only there for source-level compatibility. Bug: 2585285 Change-Id: I1f0295a4f12bce0316d8073011d8593fee116f71
uth/Subject.java
uth/SubjectDomainCombiner.java
ert/X509Certificate.java
|
7f0c06f737b6f1f6b3a5bb30111f95dd0ca586a2 |
02-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
Don't use StringBuffer where we don't need to. I've left xalan alone, because that's just one big steaming heap. Change-Id: Ibf7b2b5e347196d4de857217b022003ccc409ac5
uth/Subject.java
|
7365de1056414750d0a7d1fdd26025fd247f0d04 |
12-Aug-2010 |
Jesse Wilson <jessewilson@google.com> |
Sorting imports. Change-Id: I8347bc625480a1c37a1ed9976193ddfedeb00bbc
ert/Certificate.java
ert/X509Certificate.java
|
55b2d1c3f492f6140ad6dd18a4bec4ec2643d664 |
05-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Fixing the last API deltas between Dalvik and Java 6. This addresses some problems with generic type signatures (missing <?>) and new factory methods for XML factory classes. Change-Id: I9cd886e38b8bc9d495ae4e5ed70f71f27ac3f0cc
uth/Subject.java
|
8ee6350602b1cf57f82e07e2c200ef2feb19a239 |
29-May-2010 |
Elliott Hughes <enh@google.com> |
Merge "Remove the last exception message catalog." into dalvik-dev
|
897538a36c18f4db8f9f68ee566aec0bda842e9f |
29-May-2010 |
Elliott Hughes <enh@google.com> |
Remove the last exception message catalog. Bug: 1251121 Change-Id: I45931b9ff908531bda06d6569a4e9618986f821b
ert/X509Certificate.java
|
018b67accb28954d35f3cd697be3428e9b45b7d8 |
28-May-2010 |
Jesse Wilson <jessewilson@google.com> |
Further small fixes to increase API compatibility with RI v6. Highlights: code was moved from SSLContextImpl to its superclass. took X500Principal code from Harmony Tested with Harmony's tests.api.javax.security.auth.x500.X500PrincipalTest. Change-Id: I89b46d4b47e692a5461916cca972e05de95f3280
uth/x500/X500Principal.java
|
2313047d797e4daece04da8e8ed406d26b589f82 |
22-May-2010 |
Elliott Hughes <enh@google.com> |
Remove more localized exception messages. Change-Id: I88eba4180e66d328c23a266f133b96d53cf62d40
uth/AuthPermission.java
uth/PrivateCredentialPermission.java
uth/Subject.java
uth/callback/PasswordCallback.java
uth/x500/X500Principal.java
|
f33eae7e84eb6d3b0f4e86b59605bb3de73009f3 |
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove all trailing whitespace from the dalvik team-maintained parts of libcore. Gentlemen, you may now set your editors to "strip trailing whitespace"... Change-Id: I85b2f6c80e5fbef1af6cab11789790b078c11b1b
uth/AuthPermission.java
uth/PrivateCredentialPermission.java
uth/Subject.java
uth/SubjectDomainCombiner.java
uth/callback/PasswordCallback.java
uth/x500/X500Principal.java
ert/Certificate.java
ert/X509Certificate.java
|
fd6bb3510c2f94d636f3572dcf5f7f4dcd1a2726 |
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove //$NON-NLS-\d$ cruft. Mostly done by perl(1), with manual cleanup of the few misspelled instances. This makes our trailing whitespace slightly worse, but I'll fix all that with a follow-on change. Change-Id: I0b4ca98819be6f9519c4ba980d759bd1ee1a0303
uth/AuthPermission.java
uth/PrivateCredentialPermission.java
uth/Subject.java
uth/SubjectDomainCombiner.java
uth/callback/PasswordCallback.java
uth/x500/X500Principal.java
ert/X509Certificate.java
|
cec4dd4b1d33f78997603d0f89c0d0e56e64dbcd |
26-Apr-2010 |
Peter Hallam <peterhal@google.com> |
merge more modules into luni
uth/AuthPermission.java
uth/DestroyFailedException.java
uth/Destroyable.java
uth/PrivateCredentialPermission.java
uth/Subject.java
uth/SubjectDomainCombiner.java
uth/callback/Callback.java
uth/callback/CallbackHandler.java
uth/callback/PasswordCallback.java
uth/callback/UnsupportedCallbackException.java
uth/callback/package.html
uth/login/LoginException.java
uth/login/package.html
uth/package.html
uth/x500/X500Principal.java
uth/x500/package.html
ert/Certificate.java
ert/CertificateEncodingException.java
ert/CertificateException.java
ert/CertificateExpiredException.java
ert/CertificateNotYetValidException.java
ert/CertificateParsingException.java
ert/X509Certificate.java
ert/package.html
|