| 16ec6489f8339c55fb65db423c4a997a9f91d089 |
|
12-Feb-2014 |
Kenny Root <kroot@google.com> |
Late binding: support NullCipher
NullCipher is a special case that needs to never reset its spiImpl
Bug: 12971024
Change-Id: I0e1e4a6525808959e068810c3a8c239baacf8a95
|
| beff0f1375b635c692d48190aa69a06986b5111f |
|
06-Feb-2014 |
Kenny Root <kroot@google.com> |
Late binding: reinitializing causes selection
The Sun PKCS#11 document says that calling initialization with different
keys causes a new provider and service will be chosen. Currently the RI
fails these tests, but it seems like the correct thing to do.
Change-Id: Ie40d8ef5f0996477e157ffbc0d9f145448df3df1
|
| 07c8c69f59b60684fe07b003b3462e8d9687f422 |
|
06-Feb-2014 |
Kenny Root <kroot@google.com> |
Late binding: fix refactor mistake in Cipher
Refactoring led to the tool changing "continue;" into "return sap;"
which will give you an invalid configuration.
Change-Id: I4b1a3b3fc9ffdf489739b4a1ef65276ca021f1f6
|
| 0a64887ae9127d081fc6e312ba1f06f727453800 |
|
05-Feb-2014 |
Kenny Root <kroot@google.com> |
Improve JCE getInstance documentation
If a Provider instance is supplied, it will be asked directly to satisfy
the request. Make that clear in the documentation.
Change-Id: I06b945a540b99db970b96a37e312f1e0fae93bf9
|
| 3ed78a8925825daccdba23fda1f69cbb3aa77a24 |
|
05-Feb-2014 |
Kenny Root <kroot@google.com> |
Late binding: supplied Provider should be used
If a program supplies a Provider object, it should be used instead of
looking at the registered providers.
Bug: 12890254
Change-Id: Ia4d1ac88a1ed20ab6ad6a11d2d5f53ee51310544
|
| 85dab151e734557d356fb45c45cf7d4548dd6fdc |
|
30-Sep-2013 |
Kenny Root <kroot@google.com> |
Late binding: add support to Cipher
This enables late binding support for Cipher algorithms. It will now pay
attention to SupportedKeyClasses and SupportedKeyFormats after the
Cipher#init(...) is called on the instance instead of selecting the
provider when Cipher#getInstance(...) creates the instance.
Change-Id: I27802f1f8b96d81dd2a269741d080dbe68232c9f
|
| e722ddfbbd83104acea33d93a390c7fb233db1bb |
|
05-Dec-2013 |
Xizhi Zhu (Steven) <xizhi.zhu@gmail.com> |
Fix Cipher doc.
Duplicated words in the doc.
Change-Id: Ic400197781f1dea114e3755dc630c8dc58696fc2
Signed-off-by: Xizhi Zhu <xizhi.zhu@gmail.com>
|
| 57323260f130e086301b1b7c0d3124a6c51f9fa8 |
|
31-May-2013 |
Kenny Root <kroot@google.com> |
Move initialization check higher for updateAAD
This allows the tests to pass on the RI and Dalvik by ordering the
exceptions in the same way.
Change-Id: Icb5a313f86c90ed8f1d703b5cb996783ca3a214b
|
| d416195acbc08f2b3bdd5d5532d40438465d99e9 |
|
13-May-2013 |
Kenny Root <kroot@google.com> |
Add classes for AEAD encryption
New classes in Java 7 for Authenicated Encryption with Additional Data
(AEAD). This allows the use of encryption modes such as Galois/Counter
Mode with performs the equivalent of MAC and encryption simultaneously
and consequently makes encryption safer to use for implementors.
Change-Id: I6302826b096044ade5f62a667dc240e3ab07b351
|
| d43b9ef11a1095967a3396b246639b563e1a4128 |
|
12-Sep-2012 |
Kenny Root <kroot@google.com> |
Add consistent reasons for NullPointerException
Semi-automated replacement of empty and non-conforming
NullPointerException reason messages.
(cherry-pick of 86acc043d3334651ee26c65467d78d6cefedd397.)
Change-Id: I6d893979f5c20a50e841e32af9fd7b2d8bc9d54d
|
| 86acc043d3334651ee26c65467d78d6cefedd397 |
|
12-Sep-2012 |
Kenny Root <kroot@google.com> |
Add consistent reasons for NullPointerException
Semi-automated replacement of empty and non-conforming
NullPointerException reason messages.
Change-Id: Iedeb4b21949e973c4042ce5982dda315f2e785e1
|
| c1e57ed799a4fea200144330823f4acbb5330395 |
|
21-May-2012 |
Brian Carlstrom <bdc@google.com> |
Revert "Revert "Cut down on object allocation in CipherInputStream""
This reverts commit 6b3f9499cf6647263b51741e4187a26a54500072.
Bug: 6523748
Bug: 6478569
Change-Id: Ic422e5fa320995600bdae7a42816652e16b8728b
|
| 70ca530ee3212a8434f852b952a0f330d2d34bb7 |
|
21-May-2012 |
Brian Carlstrom <bdc@google.com> |
Revert "Cut down on object allocation in CipherInputStream"
This reverts commit 4dda1fc15343339bd075860ce650bb744db3fbf2.
|
| 6b3f9499cf6647263b51741e4187a26a54500072 |
|
21-May-2012 |
Brian Carlstrom <bdc@google.com> |
Revert "Cut down on object allocation in CipherInputStream"
This reverts commit 4dda1fc15343339bd075860ce650bb744db3fbf2.
|
| 4dda1fc15343339bd075860ce650bb744db3fbf2 |
|
17-May-2012 |
Brian Carlstrom <bdc@google.com> |
Cut down on object allocation in CipherInputStream
Bug: 6478569
Change-Id: I214a9b701d9fbe71be3681298d8c49172bc2f85f
|
| 347b2a604114602da9bc4ae040278f74d11c2f51 |
|
26-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Avoid loading all CA certs into Zygote memory, lazily load instead (2 of 3)
Previously the CA certs stored in the BKS KeyStore at
/system/etc/security/cacerts.bks was loaded in the Zygote. As the the
number of CAs are started to increase, this is causing more and more
memory to be used for rarely used CAs. The new AndroidCAStore KeyStore
implementation reads the CAs as needed out of individual PEM
certificate files. The files can be efficiently found because they are
named based on a hash CA's subject name, similar to OpenSSL.
Bug: 1109242
Details:
build
Removing old cacerts.bks from GRANDFATHERED_ALL_PREBUILT and
adding new cacerts directory to core PRODUCT_PACKAGES
core/legacy_prebuilts.mk
target/product/core.mk
libcore
cacerts build changes. Move cacerts prebuilt logic to new
CaCerts.mk from NativeCode.mk where it didn't make sense. Updated
Android.mk's dalvik-host target to install new cacerts files.
Android.mk
CaCerts.mk
NativeCode.mk
Remove old cacerts.bks and add remove certimport.sh script used to
generate it. Preserved the useful comments from certimport.sh in
the new README.cacerts
luni/src/main/files/cacerts.bks
luni/src/main/files/certimport.sh
luni/src/main/files/README.cacerts
Recanonicalize cacerts files using updated vendor/google/tools/cacerts/certimport.py
(See below discussion of certimport.py changes for details)
luni/src/main/files/cacerts/00673b5b.0
luni/src/main/files/cacerts/03e16f6c.0
luni/src/main/files/cacerts/08aef7bb.0
luni/src/main/files/cacerts/0d188d89.0
luni/src/main/files/cacerts/10531352.0
luni/src/main/files/cacerts/111e6273.0
luni/src/main/files/cacerts/1155c94b.0
luni/src/main/files/cacerts/119afc2e.0
luni/src/main/files/cacerts/11a09b38.0
luni/src/main/files/cacerts/12d55845.0
luni/src/main/files/cacerts/17b51fe6.0
luni/src/main/files/cacerts/1920cacb.0
luni/src/main/files/cacerts/1dac3003.0
luni/src/main/files/cacerts/1dbdda5b.0
luni/src/main/files/cacerts/1dcd6f4c.0
luni/src/main/files/cacerts/1df5ec47.0
luni/src/main/files/cacerts/1e8e7201.0
luni/src/main/files/cacerts/1eb37bdf.0
luni/src/main/files/cacerts/219d9499.0
luni/src/main/files/cacerts/23f4c490.0
luni/src/main/files/cacerts/27af790d.0
luni/src/main/files/cacerts/2afc57aa.0
luni/src/main/files/cacerts/2e8714cb.0
luni/src/main/files/cacerts/2fa87019.0
luni/src/main/files/cacerts/2fb1850a.0
luni/src/main/files/cacerts/33815e15.0
luni/src/main/files/cacerts/343eb6cb.0
luni/src/main/files/cacerts/399e7759.0
luni/src/main/files/cacerts/3a3b02ce.0
luni/src/main/files/cacerts/3ad48a91.0
luni/src/main/files/cacerts/3c58f906.0
luni/src/main/files/cacerts/3c860d51.0
luni/src/main/files/cacerts/3d441de8.0
luni/src/main/files/cacerts/3e7271e8.0
luni/src/main/files/cacerts/418595b9.0
luni/src/main/files/cacerts/455f1b52.0
luni/src/main/files/cacerts/46b2fd3b.0
luni/src/main/files/cacerts/48478734.0
luni/src/main/files/cacerts/4d654d1d.0
luni/src/main/files/cacerts/4e18c148.0
luni/src/main/files/cacerts/4fbd6bfa.0
luni/src/main/files/cacerts/5021a0a2.0
luni/src/main/files/cacerts/5046c355.0
luni/src/main/files/cacerts/524d9b43.0
luni/src/main/files/cacerts/56b8a0b6.0
luni/src/main/files/cacerts/57692373.0
luni/src/main/files/cacerts/58a44af1.0
luni/src/main/files/cacerts/594f1775.0
luni/src/main/files/cacerts/5a3f0ff8.0
luni/src/main/files/cacerts/5a5372fc.0
luni/src/main/files/cacerts/5cf9d536.0
luni/src/main/files/cacerts/5e4e69e7.0
luni/src/main/files/cacerts/60afe812.0
luni/src/main/files/cacerts/635ccfd5.0
luni/src/main/files/cacerts/67495436.0
luni/src/main/files/cacerts/69105f4f.0
luni/src/main/files/cacerts/6adf0799.0
luni/src/main/files/cacerts/6e8bf996.0
luni/src/main/files/cacerts/6fcc125d.0
luni/src/main/files/cacerts/72f369af.0
luni/src/main/files/cacerts/72fa7371.0
luni/src/main/files/cacerts/74c26bd0.0
luni/src/main/files/cacerts/75680d2e.0
luni/src/main/files/cacerts/7651b327.0
luni/src/main/files/cacerts/76579174.0
luni/src/main/files/cacerts/7999be0d.0
luni/src/main/files/cacerts/7a481e66.0
luni/src/main/files/cacerts/7a819ef2.0
luni/src/main/files/cacerts/7d3cd826.0
luni/src/main/files/cacerts/7d453d8f.0
luni/src/main/files/cacerts/81b9768f.0
luni/src/main/files/cacerts/8470719d.0
luni/src/main/files/cacerts/84cba82f.0
luni/src/main/files/cacerts/85cde254.0
luni/src/main/files/cacerts/86212b19.0
luni/src/main/files/cacerts/87753b0d.0
luni/src/main/files/cacerts/882de061.0
luni/src/main/files/cacerts/895cad1a.0
luni/src/main/files/cacerts/89c02a45.0
luni/src/main/files/cacerts/8f7b96c4.0
luni/src/main/files/cacerts/9339512a.0
luni/src/main/files/cacerts/9685a493.0
luni/src/main/files/cacerts/9772ca32.0
luni/src/main/files/cacerts/9d6523ce.0
luni/src/main/files/cacerts/9dbefe7b.0
luni/src/main/files/cacerts/9f533518.0
luni/src/main/files/cacerts/a0bc6fbb.0
luni/src/main/files/cacerts/a15b3b6b.0
luni/src/main/files/cacerts/a3896b44.0
luni/src/main/files/cacerts/a7605362.0
luni/src/main/files/cacerts/a7d2cf64.0
luni/src/main/files/cacerts/ab5346f4.0
luni/src/main/files/cacerts/add67345.0
luni/src/main/files/cacerts/b0f3e76e.0
luni/src/main/files/cacerts/bc3f2570.0
luni/src/main/files/cacerts/bcdd5959.0
luni/src/main/files/cacerts/bda4cc84.0
luni/src/main/files/cacerts/bdacca6f.0
luni/src/main/files/cacerts/bf64f35b.0
luni/src/main/files/cacerts/c0cafbd2.0
luni/src/main/files/cacerts/c215bc69.0
luni/src/main/files/cacerts/c33a80d4.0
luni/src/main/files/cacerts/c527e4ab.0
luni/src/main/files/cacerts/c7e2a638.0
luni/src/main/files/cacerts/c8763593.0
luni/src/main/files/cacerts/ccc52f49.0
luni/src/main/files/cacerts/cdaebb72.0
luni/src/main/files/cacerts/cf701eeb.0
luni/src/main/files/cacerts/d16a5865.0
luni/src/main/files/cacerts/d537fba6.0
luni/src/main/files/cacerts/d64f06f3.0
luni/src/main/files/cacerts/d777342d.0
luni/src/main/files/cacerts/d8274e24.0
luni/src/main/files/cacerts/dbc54cab.0
luni/src/main/files/cacerts/ddc328ff.0
luni/src/main/files/cacerts/e48193cf.0
luni/src/main/files/cacerts/e60bf0c0.0
luni/src/main/files/cacerts/e775ed2d.0
luni/src/main/files/cacerts/e7b8d656.0
luni/src/main/files/cacerts/e8651083.0
luni/src/main/files/cacerts/ea169617.0
luni/src/main/files/cacerts/eb375c3e.0
luni/src/main/files/cacerts/ed049835.0
luni/src/main/files/cacerts/ed524cf5.0
luni/src/main/files/cacerts/ee7cd6fb.0
luni/src/main/files/cacerts/f4996e82.0
luni/src/main/files/cacerts/f58a60fe.0
luni/src/main/files/cacerts/f61bff45.0
luni/src/main/files/cacerts/f80cc7f6.0
luni/src/main/files/cacerts/fac084d7.0
luni/src/main/files/cacerts/facacbc6.0
luni/src/main/files/cacerts/fde84897.0
luni/src/main/files/cacerts/ff783690.0
Change IntegralToString.intToHexString to take width argument to
allow for leading zero padding. Updated existing callers to
specify 0 padding desired. Add testing of new padding
functionality.
luni/src/main/java/java/lang/Character.java
luni/src/main/java/java/lang/Integer.java
luni/src/main/java/java/lang/IntegralToString.java
luni/src/test/java/libcore/java/lang/IntegralToStringTest.java
Improved to throw Exceptions with proper causes
luni/src/main/java/java/security/KeyStore.java
luni/src/main/java/java/security/Policy.java
luni/src/main/java/java/security/cert/CertificateFactory.java
luni/src/main/java/javax/crypto/Cipher.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java
Indentation fixes
luni/src/main/java/java/security/SecureRandom.java
Fix X509CRLSelector.getIssuerNames to clone result and added test to cover this.
luni/src/main/java/java/security/cert/X509CRLSelector.java
luni/src/test/java/libcore/java/security/cert/X509CRLSelectorTest.java
Fixed bug where we created an X500Principal via a String
representation instead of from its original encoded bytes. This
led to a difficult to track down bug where CA 418595b9.0 where the
NativeCode.X509_NAME_hash of a Harmony (but not BouncyCastle)
X509Certificate would not hash to the expected value because the
encoded form used an ASN.1 PrintableString instead of the
UTF8String form found in the original certificate.
luni/src/main/java/org/apache/harmony/security/x501/Name.java
Add a new RootKeyStoreSpi and register it as the
AndroidCAStore. This new read-only KeyStore implementation that
looks for certificates in $ANDROID_ROOT/etc/security/cacerts/
directory, which is /system/etc/security/cacerts/ on devices. The
files are stored in the directory based on the older md5 based
OpenSSL X509_NAME_hash function (now referred to as
X509_NAME_hash_old in OpenSSL 1.0)
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java
Added OpenSSL compatible X509_NAME_hash and X509_NAME_hash_old
functions for producting an int hash value from an X500Principal.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
Changed TrustManagerFactoryImpl to use AndroidCAStore for its default KeyStore
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerFactoryImpl.java
Changed TrustManagerImpl to be AndroidCAStore aware. If it detects
an AndroidCAStore, it avoids generating the acceptedIssuers array
at constructions, since doing so would force us to parse all
certificates in the store and the value is only typically used by
SSLServerSockets when requesting a client certifcate. Because we
don't load all the trusted CAs into the IndexedPKIXParameters at
startup in the case of AndroidCAStore, we now check for new CAs
when examining the cert chain for unnecessary TrustAnchors and for
a newly discovered issuer at the end of the chain before
validation.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
Updated KeyStoreTest to cope with read only KeyStore. Update
test_cacerts_bks (now renamed test_cacerts) to use the
AndroidCAStore for validating system CA certificate
validity. Register AndroidCAStore as an expected KeyStore type
with StandardNames.
luni/src/test/java/libcore/java/security/KeyStoreTest.java
support/src/test/java/libcore/java/security/StandardNames.java
Added test of X500Principal serialization while investigating Name
encoding issue. However, the actual Name bug was found and
verified by the new test_cacerts test.
luni/src/test/java/libcore/javax/security/auth/x500/X500PrincipalTest.java
vendor/google
Change canonical format for checked in cacerts to have PEM
certificate at the top, as required by Harmony's X.509
CertificateFactory.
tools/cacerts/certimport.py
Change-Id: If0c9de430f13babb07f96a1177897c536f3db08d
|
| 9229d47c1288e25ead3a2dc27fac8a4a2ee932a3 |
|
07-Mar-2011 |
Elliott Hughes <enh@google.com> |
Kill many of the stl_style_names in Java.
Change-Id: I4473a6efc74a49dd3b480a48d4c697fc773e08f8
|
| 937b6c4ef5f8ad57279e2ebed4393a78d1729d8b |
|
28-Jan-2011 |
Brian Carlstrom <bdc@google.com> |
Tolerate leading slash in Cipher transformation
Bug: 3387688
Change-Id: Icd551df2cafd256e49fb92d12d7cb381479d841d
|
| 0d5c7588179fb373da70ce04362be5ce74a98eb4 |
|
24-Jan-2011 |
Brian Carlstrom <bdc@google.com> |
Cipher.init incorrectly implements RFC 3280 key usage validation
Issue: http://code.google.com/p/android/issues/detail?id=12955
Bug: 3381582
Change-Id: Ida63c1356634c8e287ce5b0234418a656dffedf0
|
| 118abc3050371812703e4fabf03f4399d01fb28c |
|
13-Jan-2011 |
Elliott Hughes <enh@google.com> |
Kill most users of StringTokenizer.
I've left a handful that actually make some use of it, in classes we
don't care about anyway (XML preferences and the like).
Change-Id: I754262ee600d8a16046b537a6d6258db849db89b
|
| 6cdb6b7e6939270ccd21790ec95e42197cefc0c3 |
|
19-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
Change Engine.getInstance interfaces to make usage less error prone
Change-Id: I4c58c95ab4216b52aa8af4fbce7a8d7f4860c2b7
|
| 0a480846a9798c763b088a122ab0dcd3dc3a17b6 |
|
19-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
Remove Engine.spi memory leak by clearing after access
Also other minor code cleanup such as:
- made assorted fields final
- fixed lazy initialization without volatile or sync
Bug: 1322442
Change-Id: I34e428dff5f07a7291d635c724111d44f2deff1c
|
| 7365de1056414750d0a7d1fdd26025fd247f0d04 |
|
12-Aug-2010 |
Jesse Wilson <jessewilson@google.com> |
Sorting imports.
Change-Id: I8347bc625480a1c37a1ed9976193ddfedeb00bbc
|
| 0c131a2ca38465b7d1df4eaee63ac73ce4d5986d |
|
21-May-2010 |
Brian Carlstrom <bdc@google.com> |
RI 6 support for javax.net.ssl
Summary:
- RI 6 support for javax.net.ssl
- SSLEngine fixes based on new SSLEngineTest
- fix Cipher.checkMode bug recently introduced in dalvik-dev
Details:
Fix Cipher.checkMode that was preventing most javax.net.ssl tests from working
luni/src/main/java/javax/crypto/Cipher.java
RI 6 has introduced the concept of a "Default" SSLContext. This is
accessed via SSLContext.getDefault() and also
SSLContext.getInstance("Default"). Harmony had its own
DefaultSSLContext but it was not created via an SSLContextSpi. It also
was a single shared instance whereas the new RI6 Default SSLContext
shares internal SSLSessionContext instances between different Default
SSLContexts.
Refactored the old code into an SSLContextImpl subclass that
allows it to be created via SSLContext.getInstance. SSLContextImpl
ensures that we only ever create one set of SSLSessionContext
instances for the Default context.
luni/src/main/java/javax/net/ssl/DefaultSSLContext.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DefaultSSLContextImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLContextImpl.java
Added SSLContext.getDefault and SSLContext.setDefault
luni/src/main/java/javax/net/ssl/SSLContext.java
Replace dependencies of old DefaultSSLContext with use of SSLContext.getDefault
luni/src/main/java/javax/net/ssl/SSLServerSocketFactory.java
luni/src/main/java/javax/net/ssl/SSLSocketFactory.java
Register "SSLContext.Default" as DefaultSSLContextImpl class for SSLContext.getInstance()
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java
Added constant for new "Default" standard name and added it to
SSL_CONTEXT_PROTOCOLS. New tests based on SSL_CONTEXT_PROTOCOLS
made it clear that neither Android or RI support SSLv2 so removed
it from SSL_CONTEXT_PROTOCOLS and SSL_SOCKET_PROTOCOLS. Added
constant for TLS as well which was previously scattered all over
tests. Remove SSLv2Hello from SSL_SOCKET_PROTOCOLS for Android
since with OpenSSL disablign SSLv2 means you can not use
SSLv2Hello either.
support/src/test/java/javax/net/ssl/StandardNames.java
Added tests for SSLContext.getDefault and
SSLContext.setDefault. Changed existing tests to work on all
protocols including new "Default".
luni/src/test/java/javax/net/ssl/SSLContextTest.java
RI 6 has introduced the notion of SSLParameters which encapsulate SSL
the handshake parameters of desired cipher suites, protocols, and
client authentication requirements.
The main new class SSLParameters is basically just a bag of fields
with accessors and a couple simple constructors. The only things
of note are that it clones all String arrays on input and output
and the setters for the two boolean fields ensure that only one is
true at a time.
luni/src/main/java/javax/net/ssl/SSLParameters.java
Added SSLContext.getDefaultSSLParameters and
SSLContext.getSupportedSSLParameters which simply delegate to the
SSLContextSpi.
luni/src/main/java/javax/net/ssl/SSLContext.java
Added abstract SSLContextSpi.engineGetDefaultSSLParameters and
SSLContext.engineGetSupportedSSLParameters.
luni/src/main/java/javax/net/ssl/SSLContextSpi.java
Added engineGetDefaultSSLParameters and
engineGetSupportedSSLParameters implementation. The RI documents
in SSLContextSpi that these are implemented by default by creating
a socket via the SSLContext's SocketFactory and asking for the
enabled/supported cipher suites and protocols respectively, so
that is what is done. The doc mentions throwing
UnsupportedOperationException if there is a problem, so we do that
as well.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLContextImpl.java
Added {SSLEngine,SSLSocket}.{getSSLParameters,setSSLParameters}
which are analogous.
luni/src/main/java/javax/net/ssl/SSLEngine.java
luni/src/main/java/javax/net/ssl/SSLSocket.java
Added SSLParametersTest
luni/src/test/java/javax/net/ssl/SSLParametersTest.java
luni/src/test/java/javax/net/ssl/AllTests.java
Added SSLContext.get{Default,Supported}SSLParameters tests
luni/src/test/java/javax/net/ssl/SSLContextTest.java
Added SSLSocket.{getSSLParameters,setSSLParameters} tests and added
some extra asserts to test_SSLSocketPair_create based on experience
with test_SSLEnginePair_create.
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
Dummy implementation of new SSLContextSpi for test classes.
support/src/test/java/org/apache/harmony/security/tests/support/MySSLContextSpi.java
support/src/test/java/org/apache/harmony/xnet/tests/support/MySSLContextSpi.java
Other minor RI 6 API changes:
RI 6 removed Serializable from HandshakeCompletedEvent and SSLSessionBindingEvent
luni/src/main/java/javax/net/ssl/HandshakeCompletedEvent.java
luni/src/main/java/javax/net/ssl/SSLSessionBindingEvent.java
RI 6 added generic types to the KeyStoreBuilderParameters List
constructor and accessor as well as to
SSLSessionContext.getIds. Fixed tests to compile with generic types.
luni/src/main/java/javax/net/ssl/KeyStoreBuilderParameters.java
luni/src/main/java/javax/net/ssl/SSLSessionContext.java
luni/src/test/java/tests/api/javax/net/ssl/KeyStoreBuilderParametersTest.java
SSLEngine improvements. Since I was changing SSLEngine, I wrote an
SSLEngineTest based on my SSLSocketTest to do some simply sanity
checking. It expose a number of issues. I've fixed the small ones,
marked the rest as known failures.
Renamed some TLS_ cipher suites to SSL_ to match JSSE standard
names. These were all old suites no longer supported by RI or
OpenSSL which is why they were missed in an earlier cleanup of this
type in this class. Also fixed SSLEngine supported cipher suites
list not to include SSL_NULL_WITH_NULL_NULL which is not a valid
suite to negotiate.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java
SSLEngine instances can have null host values, which caused a
NullPointerException in the ClientSessionContext implementation.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientSessionContext.java
SSLEngine tests were failing because SSLParameters was throwing
NullPointerException instead of IllegalArgument exception on null
element values. Fixed null pointer message style while I was here.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java
Fixed SSLEngine instances to default to server mode like RI
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLContextImpl.java
Fixed KEY_TYPES based on SSLEngine implementation. Removed dead
code NativeCrypto.getEnabledProtocols which was recently made
obsolete. Cleaned up null exception messages to follow our convention.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
Added SSLEngineTest which parallels SSLSocketTest in its
coverage. Similarly added TestSSLEnginePair which loosely parallels
TestSSLSocketPair.
luni/src/test/java/javax/net/ssl/SSLEngineTest.java
luni/src/test/java/javax/net/ssl/AllTests.java
support/src/test/java/javax/net/ssl/TestSSLEnginePair.java
SSLEngineTest betters exposed the differences between SSLSocket and
SSLEngine supported cipher suites. StandardNames now has an
CIPHER_SUITES_SSLENGINE definition which denotes what is missing
and what is extra and why in the SSLEngine implementation.
support/src/test/java/javax/net/ssl/StandardNames.java
Created StandardNames.assert{Valid,Supported}{CipherSuites,Protocols}
to factor out some code test code that is also used by new tests.
support/src/test/java/javax/net/ssl/StandardNames.java
luni/src/test/java/javax/net/ssl/SSLSocketFactoryTest.java
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
Remove SSLSocketTest known failure and add new SSLEngineTest known failures
expectations/knownfailures.txt
SSL_OP_NO_TICKET change was recently merged from master which required some fixes.
For the moment, sslServerSocketSupportsSessionTickets always returns false.
support/src/test/java/javax/net/ssl/TestSSLContext.java
Fixed flakey test_SSLSocket_HandshakeCompletedListener which had a
race because the client thread look in the server session context
for an session by id potentially before the server thread had a
chance to store its session. Made noticable because of
SSL_OP_NO_TICKET recently merged from master (before this code
path was host only, not device)
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
Fix checkjni issue where we need to check for pending exception in
OpenSSL callback. Possibly introduced by recent merge of
SSL_OP_NO_TICKET from master.
luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp
Expectation updates
Remove SSLSocketTest known failure and add new SSLEngineTest known failures
expectations/knownfailures.txt
Tag test_SSLSocket_getSupportedCipherSuites_connect as large
expectations/taggedtests.txt
Misc changes:
opening brace on wrong line
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerSessionContext.java
Long line cleanup while debugging
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/HandshakeProtocol.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketFactoryImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketFactoryImpl.java
support/src/test/java/javax/net/ssl/TestKeyStore.java
Removed bogus import
luni/src/test/java/javax/net/ssl/SSLSessionContextTest.java
Comment clarify while debugging
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
Ctor -> Constructor in comment
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLEngineImpl.java
Fixed naming of SocketTest_Test_create to TestSocketPair_Create to match renamed classes
luni/src/test/java/javax/net/ssl/SSLSocketTest.java
Change-Id: I99505e97d6047eeabe4a0b93202075a0b2d486ec
|
| 80a7fbab52b96c9fd47c72f8987d1babe2cd001d |
|
22-May-2010 |
Elliott Hughes <enh@google.com> |
Remove more localized exception messages.
I also accidentally mixed two unrelated changes in here: replacing "".equals
and equals("") with String.isEmpty, and removing some dead code in
org.apache.harmony.luni.util.Util.
Change-Id: I0aaad43290b083085b3095b624caf096de487223
|
| f33eae7e84eb6d3b0f4e86b59605bb3de73009f3 |
|
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove all trailing whitespace from the dalvik team-maintained parts of libcore.
Gentlemen, you may now set your editors to "strip trailing whitespace"...
Change-Id: I85b2f6c80e5fbef1af6cab11789790b078c11b1b
|
| fd6bb3510c2f94d636f3572dcf5f7f4dcd1a2726 |
|
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove //$NON-NLS-\d$ cruft.
Mostly done by perl(1), with manual cleanup of the few misspelled instances.
This makes our trailing whitespace slightly worse, but I'll fix all that with
a follow-on change.
Change-Id: I0b4ca98819be6f9519c4ba980d759bd1ee1a0303
|
| cec4dd4b1d33f78997603d0f89c0d0e56e64dbcd |
|
26-Apr-2010 |
Peter Hallam <peterhal@google.com> |
merge more modules into luni
|