| 4314dcb6f5eb0484f17d9096e45e8ae9c3bb1f72 |
21-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Time out TLS/SSL sessions after 8 hours by default.
Prior to this change TLS/SSL sessions did not time out.
(cherry picked from commit e5992c842c07c472f7ea3efbcc7f133fcc022592)
Bug: 18369043
Bug: 18370076
Change-Id: I596423b9c56bfc5f337a17aba02fbb9a9f2ded36
ain/java/org/conscrypt/AbstractSessionContext.java
ain/java/org/conscrypt/ClientSessionContext.java
ain/java/org/conscrypt/OpenSSLSessionImpl.java
ain/java/org/conscrypt/ServerSessionContext.java
|
| 4497fdc7e8a775eccb882b42a9314de09ee6c67f |
06-Jan-2015 |
Narayan Kamath <narayan@google.com> |
Treat SSL_ERROR_ZERO_RETURN correctly.
According to ssl_lib.c, this is returned whenever the socket
is being closed (s->shutdown && SSL_RECEIVED_SHUTDOWN &&
s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY).
(cherry picked from commit f6c8f8b4891a91178e45b90f34f9d8c97737044a)
Bug: 18758595
Change-Id: Ied7b3e18f11786351d42a770f4cad11ddae29ff3
ain/native/org_conscrypt_NativeCrypto.cpp
|
| a3444addb656ce69501a7ae389c5327dc48e224a |
07-Jan-2015 |
Kenny Root <kroot@google.com> |
OpenSSLEngineImpl: return bytes consumed for unwrap
During a handshake, unwrap should return the number of bytes consumed by
the SSL implementation in addition to changing the source buffer
position so that the client can alter its state based on either.
(cherry picked from commit 8e68a40dea765a9769de454f51c877ad80d670bb)
Bug: 18921387
Bug: https://code.google.com/p/android/issues/detail?id=93740
Change-Id: Idf5a3b24c8ad053ef2970bfb66d142a7c2685c02
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| cc638d868d2e560285e31630b94fc22c538379a4 |
10-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Merge "Call EVP_CIPHER_CTX_free instead of EVP_CIPHER_CTX_cleanup." into lmp-mr1-dev
|
| c64652932d8e17ccf7e54c0c76c1b38a86841732 |
10-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Call EVP_CIPHER_CTX_free instead of EVP_CIPHER_CTX_cleanup.
The latter doesn't OpenSSL_free memory allocated by EVP_CIPHER_CTX_new.
It's worth noting that EVP_CIPHER_CTX_free doesn't check the return
value of EVP_CIPHER_CTX_cleanup so we can't throw if cleanup failed, but
we were only ever calling this method from a finalizer anyway.
bug: 18617384
Change-Id: Ida65e14ffbed41f56a59e2f5fe77289cac0f5947
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLCipherContext.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| f1c5b6d8141af1548cf3db4d4514e14c4e841074 |
09-Dec-2014 |
Kenny Root <kroot@google.com> |
NativeCrypto: empty data content for PKCS7 container
The EncapsulatedContentInfo must be present in the output, but OpenSSL
will fill in a zero-length OID if you don't call PKCS7_set_content on the
outer PKCS7 container. So we construct an empty PKCS7 data container and
set it as the content. This fixes the invalid PKCS7 output.
(cherry picked from commit 525df9b12c1eb77db9f1b2b8fa5d41f779b9afa6)
Bug: 18664989
Change-Id: I6f4cf785dd02ee40f1951d098fa987aa25d2421a
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 058faf1e3a8978cca7c9898ccd692fa5b738a180 |
08-Dec-2014 |
Kenny Root <kroot@google.com> |
NativeCrypto: throw BadPaddingException if EVP_CipherFinal_ex fails
Since nothing was being pushed onto the stack, no exception was thrown
in throwExceptionIfNecessary with the constant time fix present in
1.0.1j. The fix is to throw our own error if nothing was thrown.
(cherry picked from commit e74933ecfb7dc7d91ebe6620a91d86fdc735ed58)
Bug: 18621207
Change-Id: I25e653c493e162c5fda46f320117c013a2661aa4
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 53497d005a470123806d23a5d36e86cee88eafbd |
08-Dec-2014 |
Kenny Root <kroot@google.com> |
OpenSSLCipherRSA: add new reason to exception mapping
1.0.1j introduced a new error reason for RSA padding checks that wasn't
mapped resulting in a RuntimeException. Add this to the list of reasons
so we throw the correct BadPaddingException.
(cherry picked from commit 70e75e74134d8a2cbd1569565fac7d34df5fe7da)
Bug: 18665649
Change-Id: I96ce13f6dee10ca89e74c558ecb338f9dbd907ba
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 5fc043d366bc711d1315802e504bcb253b783085 |
01-Dec-2014 |
Kenny Root <kroot@google.com> |
Clear SSL state safely
Since SSL_clear can fail, we should clear the OpenSSL ERR stack if it
does fail. However, to aid in spotting bugs, only clear the stack if the
SSL_clear itself fails.
(cherry picked from commit 86dd832ac26112890b3e815a144ff062ae9b3559)
Bug: 18570895
Change-Id: I053d2e2792e64923c1e128b4fcae23b2e660a992
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 6a1b7a85dcdeb19305ad5153579bd11c1eb0bfad |
01-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Return BUFFER_UNDERFLOW if no source bytes were consumed.
... either during the handshake or after. With this change, we're
backward compatible with older versions of android. Note that newer
versions of apache-http rely on this behaviour.
bug: 18554122
Change-Id: I574c263e8df4a5f2396ac860608fe85cdbcdbb49
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| 131640979c0ba3f18581cee9bf5c925ec8a7372b |
01-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Fix OpenSSLSocketImpl.getPort when SNI is used.
We were using a non-null hostname as a hint that the socket was
constructed with an explicit host and port. This is no longer true
because the hostname can be non-null when SNI is used (i.e setHostname
is called with a non-null hostname).
bug: 18428603
Change-Id: I1dba81f7853e6871989e114dc77f3956621c77fa
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| 4b8721e2c2711ced7c0569b95e42da6ffb54141c |
17-Nov-2014 |
Kenny Root <kroot@google.com> |
Preserve errors to get the correct exception
During the switch to BoringSSL, agl noticed the error state wasn't being
preserved correctly. Integrate part of the BoringSSL change to preserve
error states.
(cherry picked from commit 2ba24c83d9136bccf60f8638130335066a189b95)
Bug: 18388980
Change-Id: I9a6fea4f3bf457808a337604290c6bfd1b9ea84e
ain/native/org_conscrypt_NativeCrypto.cpp
|
| dac92c69d3a147ea57bc7bd28c96b6365c1988e2 |
14-Nov-2014 |
Kenny Root <kroot@google.com> |
Squashed commit of changes from lmp-ub-dev
Contains the following changes:
commit e31d982cdb0f8e6ef05d1e412576888015e1da17
Merge: eaebc54 b73be72
Author: Neil Fuller <nfuller@google.com>
Date: Wed Oct 22 10:34:23 2014 +0000
am b73be72e: am 3e21a289: (-s ours) TLS_FALLBACK_SCSV CTS fix for klp-modular-dev
* commit 'b73be72ed97da8f36450d95d52f485cc6f451c61':
TLS_FALLBACK_SCSV CTS fix for klp-modular-dev
commit eaebc544f3a10c53d7d2f908514122caba569e14
Merge: 223b5da cd50afa
Author: Kenny Root <kroot@google.com>
Date: Tue Oct 14 17:30:19 2014 +0000
Merge "Fix SSLEngine to support session resumption." into lmp-ub-dev
commit 223b5da5d70e47b1a497e86474493925b568f6d7
Merge: 8737796 cb7a360
Author: Neil Fuller <nfuller@google.com>
Date: Thu Oct 9 14:52:00 2014 +0000
am cb7a3605: am ea961ada: Apply conscrypt changes from merge commit
* commit 'cb7a36050f34d3c16be00d532411820761eeb276':
Apply conscrypt changes from merge commit
commit cd50afad1567b1311e6e979e94a7167b7bf69c94
Author: Doug Steedman <dougsteed@google.com>
Date: Mon Oct 6 13:16:15 2014 -0700
Fix SSLEngine to support session resumption.
Bug: 17877118
Change-Id: I388b59cde58fdc506ecac9f536e4bbd9161df6ad
commit 8737796a646eaec94df32827752a71aee74bd46f
Merge: 9564a5f 8d7e23e
Author: Kenny Root <kroot@google.com>
Date: Mon Oct 6 22:34:20 2014 +0000
am 8d7e23e1: Add support for TLS_FALLBACK_SCSV
* commit '8d7e23e117da591a8d48e6bcda9ed6f58ff1a375':
Add support for TLS_FALLBACK_SCSV
commit 9564a5fb9ed2eecf6299788db35213cb08397212
Merge: 4f58feb 7640613
Author: Kenny Root <kroot@google.com>
Date: Fri Sep 12 17:27:23 2014 +0000
am 76406135: am 6dcb23fe: am f427ec90: Fix the ENGINE_finish/ENGINE_free mixup
* commit '76406135cf3a3b88afc979fe8e847b9c3d8b93c1':
Fix the ENGINE_finish/ENGINE_free mixup
commit 4f58feb0ea49dc089a95efba196032ef3c960a39
Merge: ddac5c6 984b7ec
Author: Kenny Root <kroot@google.com>
Date: Wed Sep 10 07:07:16 2014 +0000
am 984b7ec6: Fix the ENGINE_finish/ENGINE_free mixup
* commit '984b7ec6f5aab314117949a48e448ff4f6b65f16':
Fix the ENGINE_finish/ENGINE_free mixup
commit ddac5c6d7e413b0d68b388fbdf70dbeb3eeae865
Merge: 5a8ca5b 36ba60b
Author: Kenny Root <kroot@google.com>
Date: Thu Sep 4 22:41:38 2014 +0000
Merge "Reset lmp-ub-dev to lmp-dev-plus-aosp" into lmp-ub-dev
commit 36ba60b039f1f30ab1ea8f0e2a4da8ae4e3906e5
Author: Kenny Root <kroot@google.com>
Date: Wed Aug 27 12:07:07 2014 -0700
Reset lmp-ub-dev to lmp-dev-plus-aosp
Bug: 17059757
Change-Id: I581963360da47b574e1e2e20c2851485c36fa62c
commit 6a4f2ef9e4ea3ebb321d45ca39b30d634ea3b4ad
Merge: 9b187af f67d784
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 26 04:17:38 2014 +0000
am f67d784a: Add pre-Honeycomb literal IP matching
* commit 'f67d784abe5cef700240be02c68cecd899cd8e6d':
Add pre-Honeycomb literal IP matching
commit 9b187af33dcd97915a0371d64fe1ee4aba20d0ba
Merge: 714ebea 966ae8a
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 26 04:17:37 2014 +0000
am 966ae8a6: Read property to enable SNI
* commit '966ae8a6e12f3235b1cb041e687bda11b41fe4eb':
Read property to enable SNI
commit 714ebeabcb5e35c6df6a5c21f549cdb6130368c4
Merge: 7724204 54a1ba4
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 26 04:06:54 2014 +0000
Merge "resolved conflicts for merge of 342097db to lmp-dev-plus-aosp" into lmp-dev-plus-aosp
commit 54a1ba421d23bb6d988688c2662715e509172447
Merge: a20d871 342097d
Author: Kenny Root <kroot@google.com>
Date: Mon Aug 25 21:03:51 2014 -0700
resolved conflicts for merge of 342097db to lmp-dev-plus-aosp
Change-Id: I853c6b0d3725dafbdc84c4d6d6d1b90529bd949d
commit 7724204abf4431d35787c44c4a22cda5489d4e37
Merge: 20f60ac afb3403
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 26 00:09:27 2014 +0000
am afb34034: Implement write socket timeouts for unbundled apps
* commit 'afb340348bfc54dbc46964e159fe803f9c93a4dd':
Implement write socket timeouts for unbundled apps
commit f67d784abe5cef700240be02c68cecd899cd8e6d
Author: Kenny Root <kroot@google.com>
Date: Wed Aug 20 14:14:26 2014 -0700
Add pre-Honeycomb literal IP matching
This will allow us to run this code on Gingerbread devices and others
that don't have the InetAddress#isNumeric API.
Bug: 16658420
Bug: 17059757
Change-Id: I597d539979d58eeaa2677d6f99e911313a550cc1
commit 966ae8a6e12f3235b1cb041e687bda11b41fe4eb
Author: Kenny Root <kroot@google.com>
Date: Mon Aug 18 10:12:20 2014 -0700
Read property to enable SNI
Read the system property "jsse.enableSNIExtension" on whether to enable
Server Name Indication (SNI) extension. For unbundled builds, this will
be enabled by default. For platform builds, this will be disabled by
default.
Bug: 16658420
Bug: 17059757
Change-Id: I774f5406bf3fe601a42c4ef5e708b31800147eb9
commit 342097db97a9b2736531033b2c4b4d8ce4998c67
Author: Kenny Root <kroot@google.com>
Date: Wed Aug 20 12:14:52 2014 -0700
Validate hostname is usable for SNI
According to RFC 6066 section 3, the hostname listed in the Server Name
Indication (SNI) field is a fully qualified domain name and IP
addresses are not permitted.
Bug: 16658420
Bug: 17059757
Change-Id: I804e46b6e66599b2770f0f4f0534467987e51208
commit afb340348bfc54dbc46964e159fe803f9c93a4dd
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 19 16:33:07 2014 -0700
Implement write socket timeouts for unbundled apps
Change-Id: I4fd604f057ba4288d4f31bf6b3b93307376023d5
commit 20f60acea153dfdf0c8f75a53d7bd9edb4c7614c
Author: Kenny Root <kroot@google.com>
Date: Mon Aug 25 11:52:05 2014 -0700
Tracking change from AOSP
Change-Id: I889af3f7c1de9ef34d9328339e1b421651055ad4
commit 68056b7c9db8a9fb384bbadfc5287730f996896d
Merge: 8239dfd cc2ef2e
Author: Kenny Root <kroot@google.com>
Date: Mon Aug 25 18:03:27 2014 +0000
am cc2ef2e2: Rename hostname fields and methods to reflect usage
* commit 'cc2ef2e2e9ee64f2e0ac2abc7fdf636e2f81fa5e':
Rename hostname fields and methods to reflect usage
commit 8239dfdcc40a69255d7b2feced960d574ea36321
Merge: e9cf759 076138f
Author: Kenny Root <kroot@google.com>
Date: Thu Aug 21 16:36:24 2014 +0000
am 076138ff: Use consistent naming for SSLSocket arguments
* commit '076138ff29d805ec5a32d6ad96a18ef08c7f1b11':
Use consistent naming for SSLSocket arguments
commit cc2ef2e2e9ee64f2e0ac2abc7fdf636e2f81fa5e
Author: Kenny Root <kroot@google.com>
Date: Wed Aug 20 11:26:33 2014 -0700
Rename hostname fields and methods to reflect usage
The hostname that was supplied when the socket was created is stored as
the "peerHostname" This is the only one that should be used for Server
Name Indication (SNI) purposes.
The "peerHostname" or the resolved IP address may be used for
certificate validation, so keep the use of "getHostname()" for
cerificate validation.
Bug: 16658420
Bug: 17059757
Change-Id: Ifd87dead44fb2f00bbfd5eac7e69fb3fc98e94b4
commit 076138ff29d805ec5a32d6ad96a18ef08c7f1b11
Author: Kenny Root <kroot@google.com>
Date: Wed Aug 20 11:24:41 2014 -0700
Use consistent naming for SSLSocket arguments
This changes all the 'host' to be 'hostname' and anything that takes an
'InetAddress' will have the name of 'address' to avoid confusing it with
a hostname.
Bug: 16658420
Bug: 17059757
Change-Id: Iac0628d2d156023dbb80c2e636af6bfe63f46650
commit e9cf759ac89fb053c01f1db19931beb14a823618
Merge: ababdd1 7ed0fae
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 19 19:32:43 2014 +0000
am 7ed0fae1: OpenSSLEngineImpl: reduce number of copies needed
* commit '7ed0fae1906061766d0042e69ccba20e4a702bbe':
OpenSSLEngineImpl: reduce number of copies needed
commit 7ed0fae1906061766d0042e69ccba20e4a702bbe
Author: Kenny Root <kroot@google.com>
Date: Tue Jul 22 13:03:09 2014 -0700
OpenSSLEngineImpl: reduce number of copies needed
When the ByteBuffer didn't line up exactly with the backing array, it
would allocate a new buffer to write into. Instead, add the ability for
OpenSSL to read at an offset in the given array so a copy isn't needed.
Change-Id: I149d3f94e4b5cbdc010df80439ae3300cbdc87a5
commit ababdd1ae1272eac174e3a449a413ab35afbc435
Merge: 66c31e0 4b050b6
Author: Kenny Root <kroot@google.com>
Date: Fri Aug 15 16:23:14 2014 +0000
am 4b050b6f: OpenSSLSocketImpl: Move state checks inside mutex
* commit '4b050b6fb06fbb804557eecc72cc4ff0e0277525':
OpenSSLSocketImpl: Move state checks inside mutex
commit 66c31e0b613ceefc167a2e1fb226a14c78f84537
Merge: f4b895a 0931d51
Author: Kenny Root <kroot@google.com>
Date: Thu Aug 14 20:46:43 2014 +0000
am 0931d51c: OpenSSLSocketImpl: Move state checks inside mutex
* commit '0931d51c58b2dc2f612298f99fbf0fa6ed4c3706':
OpenSSLSocketImpl: Move state checks inside mutex
commit 0931d51c58b2dc2f612298f99fbf0fa6ed4c3706
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 5 15:45:32 2014 -0700
OpenSSLSocketImpl: Move state checks inside mutex
Checking the state of the connection is unreliable if SSL_read and
SSL_write are happening in another thread. Move the state checks inside
our application mutex so we don't run into another thread mutating the
state at the same time.
Bug: 15606096
Change-Id: I5ecdeb1551a13098d1b66c5e4009607c9951fa38
commit f4b895ae9c424b5c2d49c744131606adccbc49d7
Merge: a35c400 a260ee6
Author: Kenny Root <kroot@google.com>
Date: Wed Aug 13 15:35:28 2014 +0000
am a260ee6d: Revert "Revert "Automatic management of OpenSSL error stack""
* commit 'a260ee6d0caea43f8010f158a4a35fb712935ae3':
Revert "Revert "Automatic management of OpenSSL error stack""
commit a35c40017c8690f821351d6460dfeaa2738b884c
Merge: 0edc483 30550a8
Author: Kenny Root <kroot@google.com>
Date: Wed Aug 13 15:35:27 2014 +0000
am 30550a8b: Fix debugging with unbundled conscrypt
* commit '30550a8b64bbcd6ca537680a17b8726932a29937':
Fix debugging with unbundled conscrypt
commit a260ee6d0caea43f8010f158a4a35fb712935ae3
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 12 15:38:10 2014 -0700
Revert "Revert "Automatic management of OpenSSL error stack""
The "else" statement in OpenSslError::reset wasn't properly resetting
the error state which made a second call into sslRead jump into
sslSelect when it should have just returned immediately.
Change-Id: I22e8025c0497a04e78daa07cef78191a6ca1a70c
commit 30550a8b64bbcd6ca537680a17b8726932a29937
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 12 15:13:33 2014 -0700
Fix debugging with unbundled conscrypt
When JNI_TRACE was enabled, there were missing defines for the debugging
code since no platform code is included.
Also clang complains about more of the debugging statement formats, so
we have to move some things around to get it to be happy.
Change-Id: I1a6695c2ef2639cc01cfc3d3a8603f010c659844
commit 0edc4833091846d6cb45961fc9458df842fbbad9
Merge: 107a8fb 2411b8b
Author: Kenny Root <kroot@android.com>
Date: Tue Aug 12 21:46:12 2014 +0000
am 2411b8bd: Merge "Revert "Automatic management of OpenSSL error stack""
* commit '2411b8bdcde72c956f4150e9a5909b7501f50bad':
Revert "Automatic management of OpenSSL error stack"
commit 2411b8bdcde72c956f4150e9a5909b7501f50bad
Merge: 3262a8c b514d72
Author: Kenny Root <kroot@android.com>
Date: Tue Aug 12 21:39:32 2014 +0000
Merge "Revert "Automatic management of OpenSSL error stack""
commit b514d72b93c3996d97e38eca6db1ad684965fd9b
Author: Kenny Root <kroot@android.com>
Date: Tue Aug 12 21:39:17 2014 +0000
Revert "Automatic management of OpenSSL error stack"
This reverts commit 35666e4cb0fcd063a21d17eebbb571b4e4e822b8.
Change-Id: I926d159c4c4b99250caef750732976c1e601e9ef
commit 107a8fba8be5be57933f2638b76ac1243b578b9e
Merge: 1de007f 3262a8c
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 12 15:50:14 2014 +0000
am 3262a8c2: Merge "Automatic management of OpenSSL error stack"
* commit '3262a8c2741b95103149bcdefe2409c24bfddee9':
Automatic management of OpenSSL error stack
commit 1de007f9f01be8f07a56235dd924c897088a03cb
Merge: 94890ae d1bbcd0
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 12 15:50:14 2014 +0000
am d1bbcd0e: Relax checks for key vs cert for wrapped keys
* commit 'd1bbcd0ec973e1b8465c204c13b4925fd86e6484':
Relax checks for key vs cert for wrapped keys
commit 3262a8c2741b95103149bcdefe2409c24bfddee9
Merge: d1bbcd0 35666e4
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 12 15:31:02 2014 +0000
Merge "Automatic management of OpenSSL error stack"
commit d1bbcd0ec973e1b8465c204c13b4925fd86e6484
Author: Kenny Root <kroot@google.com>
Date: Mon Aug 11 14:56:58 2014 -0700
Relax checks for key vs cert for wrapped keys
If a key is a wrapped platform key, we must relax the check. The reason
is that we may not have the public values we need to pass the
EVP_PKEY_cmp checks that this does.
Change-Id: I7ab2be51b0968a9cf771edea01d33fe2367c8185
commit 35666e4cb0fcd063a21d17eebbb571b4e4e822b8
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 5 11:05:00 2014 -0700
Automatic management of OpenSSL error stack
This removes some complexity in remembering to free the OpenSSL error
stack. If you forget, the error will stick around until you make another
call.
Change-Id: I245a525dcc93077b2bf9909a14a0ef469a2daca4
commit 94890aec5735cde2ea5170fb76cd1b847ea66af8
Merge: 8360485 977f087
Author: Kenny Root <kroot@google.com>
Date: Tue Aug 5 16:44:42 2014 +0000
am 977f0877: Fix some JNI_TRACE lines
* commit '977f08774c628b4640d5454cde050259856965f8':
Fix some JNI_TRACE lines
commit 977f08774c628b4640d5454cde050259856965f8
Author: Kenny Root <kroot@google.com>
Date: Mon Aug 4 12:15:04 2014 -0700
Fix some JNI_TRACE lines
During debugging these would be enabled, but they were copy-pasta'd to
with the wrong args.
Change-Id: I23f39ff4807e3fa71f3220912aec3c99db6b9454
commit 83604854c5160304cafefc9bd40a72c5ee8506eb
Merge: 7db3524 1ffe43e
Author: Zoltan Szatmary-Ban <szatmz@google.com>
Date: Thu Jul 31 13:28:57 2014 +0000
am 1ffe43e8: Merge "Add possibility to get deleted system Certificate Aliases" into lmp-dev
* commit '1ffe43e8277e883c6663c1fb7cfc5e18ba552c40':
Add possibility to get deleted system Certificate Aliases
commit 7db3524880092126962b7f502af76b4c84da7350
Merge: 5767d63 ad0cd83
Author: Prameet Shah <phshah@google.com>
Date: Wed Jul 30 17:04:13 2014 +0000
am ad0cd830: Added CLOSED_INBOUND and CLOSED_OUTBOUND states to OpenSSLEngineImpl#getHandshakeStatus()
* commit 'ad0cd83024f38011043d28d70370a8638b88cd72':
Added CLOSED_INBOUND and CLOSED_OUTBOUND states to OpenSSLEngineImpl#getHandshakeStatus()
commit 5767d63d22e87becab387b3bd6597fe41eb34d7e
Merge: b389e17 26163c2
Author: Prameet Shah <phshah@google.com>
Date: Wed Jul 30 16:31:08 2014 +0000
am 26163c26: Added CLOSED_INBOUND and CLOSED_OUTBOUND states to OpenSSLEngineImpl#getHandshakeStatus()
* commit '26163c268a6d2625384b87e907afad8ef19f9a47':
Added CLOSED_INBOUND and CLOSED_OUTBOUND states to OpenSSLEngineImpl#getHandshakeStatus()
commit 26163c268a6d2625384b87e907afad8ef19f9a47
Author: Prameet Shah <phshah@google.com>
Date: Tue Jul 29 16:45:31 2014 -0700
Added CLOSED_INBOUND and CLOSED_OUTBOUND states to OpenSSLEngineImpl#getHandshakeStatus()
Bug: https://code.google.com/p/android/issues/detail?id=73745
Change-Id: I5bcaf3ee8910ff75e785baed4c4604fee6c5e700
commit b389e1779651f2c58454a5f98acebd3dd7bc0061
Merge: 5f03b4d e427972
Author: Prameet Shah <phshah@google.com>
Date: Thu Jul 24 19:46:28 2014 +0000
am e427972e: OpenSSLEngineImpl: fix unwrap behavior with array
* commit 'e427972eb6141cd67e6d4c9607863a8d990e6be6':
OpenSSLEngineImpl: fix unwrap behavior with array
commit 5f03b4d63c7632581b032879de791dc82f05ffa0
Merge: 3d935ee 41eb5b6
Author: Prameet Shah <phshah@google.com>
Date: Tue Jul 22 19:26:41 2014 +0000
am 41eb5b65: OpenSSLEngineImpl: fix unwrap behavior with array
* commit '41eb5b65e524d01e28da474bd37e4349b12fb494':
OpenSSLEngineImpl: fix unwrap behavior with array
commit 41eb5b65e524d01e28da474bd37e4349b12fb494
Author: Prameet Shah <phshah@google.com>
Date: Tue Jul 22 11:50:18 2014 -0700
OpenSSLEngineImpl: fix unwrap behavior with array
The decrypted bytes should written sequentially into each buffer of
the destination array until it's full before moving to the next
buffer.
Change-Id: I2454249c167deafde6c12134d3c8cd658cd7c21b
commit 3d935eeca25e00b56cfd8d37a657c7b2986889b3
Merge: 0a36f6c affd45a
Author: Alex Klyubin <klyubin@google.com>
Date: Fri Jul 18 00:32:14 2014 +0000
am affd45a4: Merge "Improve the Javadoc of PSKKeyManager." into lmp-dev
* commit 'affd45a413cf844dad797ad4972074efb9de43d8':
Improve the Javadoc of PSKKeyManager.
commit 0a36f6c1f8b2e195c2dd5aea1a386df090c6d470
Merge: 6492180 af4fa68
Author: rich cannings <richc@google.com>
Date: Thu Jul 17 23:47:33 2014 +0000
am af4fa685: Merge "Log CCS exceptions do not merge." into lmp-dev
* commit 'af4fa685f246aaa80c93af62faadbc2fe87dc034':
Log CCS exceptions do not merge.
commit 6492180ce17a3b5ff822cff1783f00e7a4176491
Merge: aac4168 3b7268c
Author: Alex Klyubin <klyubin@google.com>
Date: Thu Jul 17 18:27:39 2014 +0000
am 3b7268cd: Merge "Improve the Javadoc of PSKKeyManager."
* commit '3b7268cde4a4fc59591da8a93691927ebf3add57':
Improve the Javadoc of PSKKeyManager.
commit aac4168d8baef7e12d6fa959c6d6ded9892e9651
Merge: 8573ad0 a749c0d
Author: Kenny Root <kroot@google.com>
Date: Thu Jul 17 17:07:05 2014 +0000
am a749c0d3: Keep enough state to completely reset cipher instances
* commit 'a749c0d351216be38879600ee8ed01c6793aa256':
Keep enough state to completely reset cipher instances
commit 8573ad0ddcf7e2f8b2e5ac84c34b7ffab303155c
Merge: 4ca5b06 70fdb6d
Author: Koushik Dutta <koushd@gmail.com>
Date: Thu Jul 17 17:06:36 2014 +0000
am 70fdb6d2: OpenSSLEngine Impl: Fix bug where SSL Handshake never completes when using NPN.
* commit '70fdb6d2bfa0c313fe389827f0025288f6aeb947':
OpenSSLEngine Impl: Fix bug where SSL Handshake never completes when using NPN.
commit 4ca5b0625e3f5a15ae8adf833ab5a69f9d7d517f
Merge: 119abfb ded66f5
Author: Koushik Dutta <koushd@gmail.com>
Date: Thu Jul 17 17:06:35 2014 +0000
am ded66f5f: Various fixes in OpenSSLEngineImpl.
* commit 'ded66f5f696994ce7620552e16a4e9124e69e052':
Various fixes in OpenSSLEngineImpl.
commit 119abfba1fcd9c9cfbd15d0a4ca9ed2188fdfab0
Merge: 5713cdf cbe1f28
Author: Kenny Root <kroot@google.com>
Date: Thu Jul 17 15:56:57 2014 +0000
am cbe1f28a: Merge "Keep enough state to completely reset cipher instances"
* commit 'cbe1f28adf64396561a3b65bf1452dfa9b6e35ae':
Keep enough state to completely reset cipher instances
commit cbe1f28adf64396561a3b65bf1452dfa9b6e35ae
Merge: e08f238 084e308
Author: Kenny Root <kroot@google.com>
Date: Thu Jul 17 15:48:58 2014 +0000
Merge "Keep enough state to completely reset cipher instances"
commit 3b7268cde4a4fc59591da8a93691927ebf3add57
Merge: cbe1f28 7ac13e0
Author: Alex Klyubin <klyubin@google.com>
Date: Thu Jul 17 18:20:43 2014 +0000
Merge "Improve the Javadoc of PSKKeyManager."
commit 5713cdf71c5c6e5179e8369263c702e9512afdd0
Merge: cf55719 e08f238
Author: Koushik Dutta <koushd@gmail.com>
Date: Wed Jul 16 22:05:17 2014 +0000
am e08f2385: OpenSSLEngine Impl: Fix bug where SSL Handshake never completes when using NPN.
* commit 'e08f238580e8ee471012bef8240c8d3397c7b780':
OpenSSLEngine Impl: Fix bug where SSL Handshake never completes when using NPN.
commit cf557195a9b60d7f51a48500afde38481ddbc91c
Merge: cbbd7d1 986aeb7
Author: Kenny Root <kroot@android.com>
Date: Wed Jul 16 21:41:12 2014 +0000
am 986aeb78: Merge "Various fixes in OpenSSLEngineImpl."
* commit '986aeb78e533540463daf1753e24840f75b25ce6':
Various fixes in OpenSSLEngineImpl.
commit e08f238580e8ee471012bef8240c8d3397c7b780
Author: Koushik Dutta <koushd@gmail.com>
Date: Tue Jul 15 22:40:23 2014 -0700
OpenSSLEngine Impl: Fix bug where SSL Handshake never completes when using NPN.
Change-Id: Idc78204b7077fb367b64e1867c807cd39f596f98
commit 7ac13e03a79d0c99d181b1a28b1b3699ba3d5739
Author: Alex Klyubin <klyubin@google.com>
Date: Wed Jul 16 08:33:02 2014 -0700
Improve the Javadoc of PSKKeyManager.
This clarifies several points and adds sample code.
Bug: 15073623
Change-Id: I6e8aadc52277e238a998d6cee36795dab1151d58
commit 986aeb78e533540463daf1753e24840f75b25ce6
Merge: 8f9ac1a bdfcc18
Author: Kenny Root <kroot@android.com>
Date: Wed Jul 16 21:15:30 2014 +0000
Merge "Various fixes in OpenSSLEngineImpl."
commit bdfcc189efe41a3f812aeb55ea634bace67d159a
Author: Koushik Dutta <koushd@gmail.com>
Date: Sat Jun 28 19:19:21 2014 -0700
Various fixes in OpenSSLEngineImpl.
Fix "Buffers were not large enough" exception by directly using the
destination buffers.
Corrections around bytesProduced and bytesConsumed behavior.
Return BUFFER_OVERFLOW if a zero length destination is provided to
unwrap.
Change-Id: I1f1e9b72cd6968ed4f3c3c0edccbccebc33d6790
commit cbbd7d10e8e484c44a78e5b27e8fecda195f1692
Merge: ec7f8e6 fdb7d8c
Author: Alex Klyubin <klyubin@google.com>
Date: Tue Jul 15 18:49:14 2014 +0000
am fdb7d8c5: Enable PSK cipher suites when PSKKeyManager is provided.
* commit 'fdb7d8c53dabac5551e2499d045ba6829bcfc0a0':
Enable PSK cipher suites when PSKKeyManager is provided.
commit ec7f8e6b27330160f88540f4f2ace7bc2a0720a3
Merge: 5b8ccf1 8f9ac1a
Author: Alex Klyubin <klyubin@google.com>
Date: Tue Jul 15 15:53:46 2014 +0000
am 8f9ac1af: Enable PSK cipher suites when PSKKeyManager is provided.
* commit '8f9ac1af0cbdf00e5e47aee32c132522ebc3bd17':
Enable PSK cipher suites when PSKKeyManager is provided.
commit 5b8ccf1b09df6f35c1709bfc8fd727a291094a5b
Merge: 69a2e46 6e2315f
Author: Ed Heyl <edheyl@google.com>
Date: Tue Jul 15 13:34:25 2014 +0000
am 6e2315fd: reconcile aosp (e79c25bf33e10da41e489c537823f678e1a1169c) after branching. Please do not merge.
* commit '6e2315fd96c3c4a47450c1a437babacc94bc31a6':
reconcile aosp (e79c25bf33e10da41e489c537823f678e1a1169c) after branching. Please do not merge.
commit 084e3086be1d7a6b9280b64c7c8cdb7b41a13bea
Author: Kenny Root <kroot@google.com>
Date: Mon Jul 14 13:25:32 2014 -0700
Keep enough state to completely reset cipher instances
OpenSSL's RC4 mutates the given key. AES/CTR mutates the IV. We must
store these values locally to enable "doFinal" to cause the Cipher
instance to be reset to what it was right after "init".
Note that resetting and encrypting with the same key or IV breaks
semantic security.
Bug: 16298401
Bug: https://code.google.com/p/android/issues/detail?id=73339
Change-Id: Ie7e4dcb6cf6cc33ddad31d6b47066dc1b34e6894
commit 69a2e460cc0a40e1b951e400589b9932609079ec
Merge: 8b7bb32 bca895f
Author: David Benjamin <davidben@chromium.org>
Date: Mon Jul 14 18:17:28 2014 +0000
am bca895f8: Pass output buffer length into EVP_DigestSignFinal.
* commit 'bca895f809dd2cef7a0834f0bfeb2a06e42b277d':
Pass output buffer length into EVP_DigestSignFinal.
commit 8b7bb32af09a01e80442b70dd23e6997a937f103
Merge: a2404c9 e79c25b
Author: Kenny Root <kroot@google.com>
Date: Mon Jul 14 18:17:28 2014 +0000
am e79c25bf: Merge "DHKeyPairGenerator: use provided params"
* commit 'e79c25bf33e10da41e489c537823f678e1a1169c':
DHKeyPairGenerator: use provided params
commit 8f9ac1af0cbdf00e5e47aee32c132522ebc3bd17
Author: Alex Klyubin <klyubin@google.com>
Date: Thu Jun 19 13:37:24 2014 -0700
Enable PSK cipher suites when PSKKeyManager is provided.
This enables TLS-PSK cipher suites by default iff SSLContext is
initialized with a PSKKeyManager. For consistency, X.509 based
cipher suites are no longer enabled by default at all times -- they
are now only enabled by default iff SSLContext is initialized with a
X509KeyManager or a X509TrustManager.
When both X.509 and PSK cipher suites need to be enabled, PSK cipher
suites are given higher priority in the resulting list of cipher
suites. This is based on the assumption that in most cases users of
TLS/SSL who enable TLS-PSK would prefer TLS-PSK to be used when the
peer supports TLS-PSK.
Bug: 15073623
Change-Id: I8e2bc3e7a1ea8a986e468973b6bad19dc6b7bc3c
commit bca895f809dd2cef7a0834f0bfeb2a06e42b277d
Author: David Benjamin <davidben@chromium.org>
Date: Thu Jul 10 18:12:08 2014 -0400
Pass output buffer length into EVP_DigestSignFinal.
EVP_DigestSignFinal expects the input buffer length as *siglen on input. In
addition, if sigret is NULL, it returns the buffer size needed. Use this rather
than making assumptions about the EVP_PKEY used to initialize the EVP_MD_CTX.
commit e79c25bf33e10da41e489c537823f678e1a1169c
Merge: a328492 9b226f9
Author: Kenny Root <kroot@google.com>
Date: Fri Jul 11 16:46:23 2014 +0000
Merge "DHKeyPairGenerator: use provided params"
commit 9b226f90a992a4a2267b7a813e3b869851945c4d
Author: Kenny Root <kroot@google.com>
Date: Thu Jul 10 14:50:48 2014 -0700
DHKeyPairGenerator: use provided params
If the prime is provided in the DHParameterSpec, then use it to generate
the key.
Bug: 16188130
Change-Id: I42de02c71a58d691ef7ba6e2252367105687b758
Bug: 18388980
Change-Id: I853b02a32db113a5af3f6166e7d61fab58c3ff73
ompat/java/org/conscrypt/Platform.java
ain/java/org/conscrypt/AddressUtils.java
ain/java/org/conscrypt/OpenSSLDSAPrivateKey.java
ain/java/org/conscrypt/OpenSSLECPrivateKey.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/java/org/conscrypt/OpenSSLKey.java
ain/java/org/conscrypt/OpenSSLRSAPrivateKey.java
ain/java/org/conscrypt/OpenSSLSessionImpl.java
ain/java/org/conscrypt/OpenSSLSocketFactoryImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/OpenSSLSocketImplWrapper.java
ain/java/org/conscrypt/SSLParametersImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
latform/java/org/conscrypt/Platform.java
est/java/org/conscrypt/AddressUtilsTest.java
|
| a7682713687ac2e209063324597134d48b1955d3 |
07-Nov-2014 |
Kenny Root <kroot@google.com> |
Stop building chain if issuer already in chain
Bug: 17972577
Change-Id: I379de26bdae3de1d0fe867adc1d8b7d5443c8c7a
latform/java/org/conscrypt/TrustedCertificateStore.java
est/java/org/conscrypt/TrustedCertificateStoreTest.java
|
| 9ca6641ca7fdcb7cc3931fdcd2071297d278f286 |
07-Nov-2014 |
Kenny Root <kroot@google.com> |
Track upgrade to OpenSSL 1.0.1j
(cherry picked from commit 8ae86f7662a6330f58df6bdf3fd06af8e1dc281f)
Bug: 18018599
Change-Id: I2b8c62190a9dd5e5fdc6894334cf1d3edfce0a06
ain/java/org/conscrypt/NativeCrypto.java
|
| 8d7e23e117da591a8d48e6bcda9ed6f58ff1a375 |
03-Oct-2014 |
Kenny Root <kroot@google.com> |
Add support for TLS_FALLBACK_SCSV
Bug: 17750026
Change-Id: I1c2ecbeb914db645f440d58e7f7daa86d880ad6f
ain/java/org/conscrypt/NativeCrypto.java
|
| 984b7ec6f5aab314117949a48e448ff4f6b65f16 |
10-Sep-2014 |
Kenny Root <kroot@google.com> |
Fix the ENGINE_finish/ENGINE_free mixup
The tests were calling finish when it meant free. This caused tests to
segmentation fault next time the ENGINE was looked up in the dynamic
engine list.
Bug: 14994037
Change-Id: If7379fee26f7e79fa0b43104ac9d13b4ffb62ba8
est/java/org/conscrypt/NativeCryptoTest.java
|
| 5a8ca5b1ebecbb48cd71e31df01bbe161d237fb2 |
27-Aug-2014 |
Kenny Root <kroot@google.com> |
No need to select NPN protocols when not enabled
Bug: 16957575
Change-Id: I351316a62f9b583b37b54f3e7fbfaa0450439ca4
ain/native/org_conscrypt_NativeCrypto.cpp
|
| a20d871a327ac3a0322b1086dce36c420502b11e |
22-Jul-2014 |
Kenny Root <kroot@google.com> |
OpenSSLEngineImpl: reduce number of copies needed
When the ByteBuffer didn't line up exactly with the backing array, it
would allocate a new buffer to write into. Instead, add the ability for
OpenSSL to read at an offset in the given array so a copy isn't needed.
(cherry picked from commit 7ed0fae1906061766d0042e69ccba20e4a702bbe)
Change-Id: I149d3f94e4b5cbdc010df80439ae3300cbdc87a5
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 4b050b6fb06fbb804557eecc72cc4ff0e0277525 |
06-Aug-2014 |
Kenny Root <kroot@google.com> |
OpenSSLSocketImpl: Move state checks inside mutex
Checking the state of the connection is unreliable if SSL_read and
SSL_write are happening in another thread. Move the state checks inside
our application mutex so we don't run into another thread mutating the
state at the same time.
Bug: 15606096
(cherry picked from commit 0931d51c58b2dc2f612298f99fbf0fa6ed4c3706)
Change-Id: I151ecbc57278374007a56827a65295b4c9476732
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 1ffe43e8277e883c6663c1fb7cfc5e18ba552c40 |
31-Jul-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Merge "Add possibility to get deleted system Certificate Aliases" into lmp-dev
|
| ad0cd83024f38011043d28d70370a8638b88cd72 |
30-Jul-2014 |
Prameet Shah <phshah@google.com> |
Added CLOSED_INBOUND and CLOSED_OUTBOUND states to OpenSSLEngineImpl#getHandshakeStatus()
(cherry picked from 26163c268a6d2625384b87e907afad8ef19f9a47)
Bug: 16352665
Bug: https://code.google.com/p/android/issues/detail?id=73745
Change-Id: I5bcaf3ee8910ff75e785baed4c4604fee6c5e700
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| f11be6844caeab219fe9174e99b24ec60a95266e |
15-Jul-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Add possibility to get deleted system Certificate Aliases
Bug: 16029580
Change-Id: I09850d08b82f1929bae04d846b1f9807d10391ab
latform/java/org/conscrypt/TrustedCertificateStore.java
|
| e427972eb6141cd67e6d4c9607863a8d990e6be6 |
22-Jul-2014 |
Prameet Shah <phshah@google.com> |
OpenSSLEngineImpl: fix unwrap behavior with array
The decrypted bytes should written sequentially into each buffer of
the destination array until it's full before moving to the next
buffer.
(cherry picked from commit 41eb5b65e524d01e28da474bd37e4349b12fb494)
Bug: 16352665
Change-Id: I2454249c167deafde6c12134d3c8cd658cd7c21b
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| affd45a413cf844dad797ad4972074efb9de43d8 |
18-Jul-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "Improve the Javadoc of PSKKeyManager." into lmp-dev
|
| 0d62d5fd40d35048f27879b00ff716a503893735 |
16-Jul-2014 |
Alex Klyubin <klyubin@google.com> |
Improve the Javadoc of PSKKeyManager.
This clarifies several points and adds sample code.
(cherry picked from commit 7ac13e03a79d0c99d181b1a28b1b3699ba3d5739)
Bug: 15073623
Change-Id: I6d8cf195cbc7eb4528760145f62f3e3e7b8507f5
ain/java/org/conscrypt/PSKKeyManager.java
|
| af4fa685f246aaa80c93af62faadbc2fe87dc034 |
17-Jul-2014 |
rich cannings <richc@google.com> |
Merge "Log CCS exceptions do not merge." into lmp-dev
|
| 2e1be9d876e8c5554f91afee914641f323eebd4c |
27-Jun-2014 |
rich cannings <richc@google.com> |
Log CCS exceptions do not merge.
Unlike the previous CL, this uses reflection for android.os.Process and
android.util.EventLog throughout.
(cherry picked from commit 35b1f354ec2b647966a198ffed932d82eb8eeb5b)
Bug: 15452942
Change-Id: I34b9eaedf1f1e450b1f8004887bb0482601d789e
ompat/java/org/conscrypt/Platform.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
latform/java/org/conscrypt/Platform.java
|
| a749c0d351216be38879600ee8ed01c6793aa256 |
14-Jul-2014 |
Kenny Root <kroot@google.com> |
Keep enough state to completely reset cipher instances
OpenSSL's RC4 mutates the given key. AES/CTR mutates the IV. We must
store these values locally to enable "doFinal" to cause the Cipher
instance to be reset to what it was right after "init".
Note that resetting and encrypting with the same key or IV breaks
semantic security.
(cherry picked from commit 084e3086be1d7a6b9280b64c7c8cdb7b41a13bea)
Bug: 16298401
Bug: https://code.google.com/p/android/issues/detail?id=73339
Change-Id: Ie7e4dcb6cf6cc33ddad31d6b47066dc1b34e6894
ain/java/org/conscrypt/OpenSSLCipher.java
|
| 70fdb6d2bfa0c313fe389827f0025288f6aeb947 |
16-Jul-2014 |
Koushik Dutta <koushd@gmail.com> |
OpenSSLEngine Impl: Fix bug where SSL Handshake never completes when using NPN.
(cherry picked from commit e08f238580e8ee471012bef8240c8d3397c7b780)
Bug: 16352665
Change-Id: Idc78204b7077fb367b64e1867c807cd39f596f98
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| ded66f5f696994ce7620552e16a4e9124e69e052 |
29-Jun-2014 |
Koushik Dutta <koushd@gmail.com> |
Various fixes in OpenSSLEngineImpl.
Fix "Buffers were not large enough" exception by directly using the
destination buffers.
Corrections around bytesProduced and bytesConsumed behavior.
Return BUFFER_OVERFLOW if a zero length destination is provided to
unwrap.
(cherry picked from commit bdfcc189efe41a3f812aeb55ea634bace67d159a)
Bug: 16352665
Change-Id: I1f1e9b72cd6968ed4f3c3c0edccbccebc33d6790
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| fdb7d8c53dabac5551e2499d045ba6829bcfc0a0 |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Enable PSK cipher suites when PSKKeyManager is provided.
This enables TLS-PSK cipher suites by default iff SSLContext is
initialized with a PSKKeyManager. For consistency, X.509 based
cipher suites are no longer enabled by default at all times -- they
are now only enabled by default iff SSLContext is initialized with a
X509KeyManager or a X509TrustManager.
When both X.509 and PSK cipher suites need to be enabled, PSK cipher
suites are given higher priority in the resulting list of cipher
suites. This is based on the assumption that in most cases users of
TLS/SSL who enable TLS-PSK would prefer TLS-PSK to be used when the
peer supports TLS-PSK.
Bug: 15073623
(cherry picked from commit 8f9ac1af0cbdf00e5e47aee32c132522ebc3bd17)
Change-Id: Icd7fe066147a6b2fc64d807204cc99f6af821313
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/SSLParametersImpl.java
|
| 6e2315fd96c3c4a47450c1a437babacc94bc31a6 |
15-Jul-2014 |
Ed Heyl <edheyl@google.com> |
reconcile aosp (e79c25bf33e10da41e489c537823f678e1a1169c) after branching. Please do not merge.
Change-Id: I39ab275cd9744ba442fee7db9038107b4603526f
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLDHKeyPairGenerator.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| b860016f415dfc5655dcee45f70e8871a2e3edfe |
17-Jun-2014 |
Brian Carlstrom <bdc@google.com> |
Remove
Change-Id: Iea7c633eb68df576bf72314ff5ce31bc8094d9ce
ompat/java/org/conscrypt/Platform.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/SSLParametersImpl.java
latform/java/org/conscrypt/Platform.java
latform/java/org/conscrypt/TrustManagerImpl.java
|
| 6456f02c68008928011daa0dbbbbebf882fad5c8 |
27-Jun-2014 |
Rich Cannings <richc@google.com> |
Revert "Log OpenSSL CCS errors"
This reverts commit b1599520cdcdda73babffc051590a2dd25cd50be.
Some build targets (e.g. git_dalvik-dev) do not have API-1 Android APIs available, like android.os.Process and android.util.EventLog. Investigating.
Change-Id: Iddce3f445be0502d1afa4f8244a7b8867721613e
ompat/java/org/conscrypt/Platform.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
latform/java/org/conscrypt/Platform.java
|
| b1599520cdcdda73babffc051590a2dd25cd50be |
19-Jun-2014 |
rich cannings <richc@google.com> |
Log OpenSSL CCS errors
Bug: 15452942
Change-Id: I49e7bad6a65c70e113324c02fc23315cff168f5b
ompat/java/org/conscrypt/Platform.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
latform/java/org/conscrypt/Platform.java
|
| 00ee7cc92878cf166076dd724c3b6126907be52c |
21-Jun-2014 |
Kenny Root <kroot@google.com> |
am 8f471e15: am dbc347b9: Merge "Remove direct reference to PROVIDER_NAME"
* commit '8f471e152ca679cab97740e35f8ca316a60e7489':
Remove direct reference to PROVIDER_NAME
|
| dae700aef20bb96e0da616e3ab75189fccce8144 |
20-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am 4f59b745: am d704c478: Merge "Assert that the padding extension is enabled by default."
* commit '4f59b745f5de932d0250ce40f318e9cfdfabc32d':
Assert that the padding extension is enabled by default.
|
| dbe1cdad62b5b4e8abb3a6feeaf1981e49354628 |
20-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am 13f0c44c: am 35f7742c: Make setEnabledProtocols/CipherSuites copy their inputs.
* commit '13f0c44c471c63362d8e89a5658fafb3b43d11fd':
Make setEnabledProtocols/CipherSuites copy their inputs.
|
| dbc347b97b816184844e6a3b85653c174344e83f |
21-Jun-2014 |
Kenny Root <kroot@google.com> |
Merge "Remove direct reference to PROVIDER_NAME"
|
| c59af1c17b96618de24aa2d6bc682bac5ea6cf24 |
21-Jun-2014 |
Kenny Root <kroot@google.com> |
Remove direct reference to PROVIDER_NAME
It's unnecessary and this is the only code that does it like this. It
casuses problems with unbundling since the PROVIDER_NAME can change when
used unbundled.
Bug: 15771893
Change-Id: I1450cf7033b0629e7b79616c3660ec12b8afb8d6
ain/java/org/conscrypt/OpenSSLECDHKeyAgreement.java
|
| d704c4780c84d57c2629135eb9c6c0a203a5f983 |
20-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "Assert that the padding extension is enabled by default."
|
| 35f7742cbada75ba2ba2c57ef7014392eea3839d |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Make setEnabledProtocols/CipherSuites copy their inputs.
SSLSocket, SSLServerSocket, and SSLEngine offer setEnabledProtocols
and setEnabledCipherSuites methods which take an array of protocols
or cipher suites as input. If these methods store references to the
input arrays, then the internal state (lists of enabled protocols and
cipher suites) of SSLSocket, SSLServerSocket, and SSLEngine could be
modified without going through the setter methods of these classes.
Bug: 15753142
Change-Id: Ia5248050d81320ed1da99892278bd60872605f52
ain/java/org/conscrypt/SSLParametersImpl.java
|
| 53baf074896d8c98e96cf1334eb5733eda2f4d37 |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am c961c78c: am f17361e7: Remove unnecessary comments in SSLParametersImpl.
* commit 'c961c78cdab8f9cd4e55e8bc3872b5da43c642fd':
Remove unnecessary comments in SSLParametersImpl.
|
| f17361e797e5538e5c17b2ef6ef0f992bbc493fe |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Remove unnecessary comments in SSLParametersImpl.
This is a follow-up cleanup requested during the code review of
ae2ecac00779167b0381c48da7c612567d1c646f.
Change-Id: I6c8ac2392c5f88ee732f5aa204e20cc1ee7e32d8
ain/java/org/conscrypt/SSLParametersImpl.java
|
| cac0e43cd91a595982ae9c554b2d014bbdf6b1c5 |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am a906b5cc: am b2713e36: Merge "Adjust the list of supported ECDHE-PSK cipher suites."
* commit 'a906b5ccffb1700b4c83e83bdae7a1ac790abdc4':
Adjust the list of supported ECDHE-PSK cipher suites.
|
| 4dc2f0b01f83c02f6c0cd80827e11eb65040d1fa |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am 54e5afb0: am 8a624688: Merge "SSLParametersImpl is the source of enabled cipher suites and protocols."
* commit '54e5afb0b0e66400b4d025a7c00def416ac4b49b':
SSLParametersImpl is the source of enabled cipher suites and protocols.
|
| 978e2e1e44570bdbac7b3538c5e198d8ff645202 |
17-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Assert that the padding extension is enabled by default.
Change-Id: I1c8aa589e3274bfd3a5fc66c3e948828903c1966
ain/java/org/conscrypt/NativeCrypto.java
est/java/org/conscrypt/NativeCryptoTest.java
|
| 8a624688831583f1d29f4a3950a5cdda503f7970 |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "SSLParametersImpl is the source of enabled cipher suites and protocols."
|
| b2713e368abfbe79a242914f825b383b36204576 |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "Adjust the list of supported ECDHE-PSK cipher suites."
|
| b79411aa945a885318a0b26ff4841e99ac6640fd |
04-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Adjust the list of supported ECDHE-PSK cipher suites.
The SHA-2 based cipher suites cannot be used with SSLv3 but there is
no way to express that in OpenSSL's configuration. This CL thus
adjusts the list of supported cipher suites accordingly.
Bug: 15073623
Change-Id: I427c99f4c1c72690d95e5a3c63763631c41ddae2
ain/java/org/conscrypt/NativeCrypto.java
|
| c8fc022f907c87d0315f63fcf64940cd345e3619 |
14-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am ff3c2044: am 69c36470: Use the new version of TLS Channel ID extension.
* commit 'ff3c2044ea49b46517155a22aae24c58927aa5e3':
Use the new version of TLS Channel ID extension.
|
| 69c36470f6223ab60a606fa993860f9369adc329 |
13-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Use the new version of TLS Channel ID extension.
Bug: 14083889
Change-Id: I5fe0a1558184d44eb8a24bd92c0e7517937f3a5c
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 7d48e438168c6c24ef435cc3485f09ab15490fc3 |
14-Jun-2014 |
Justin Morey <jmorey@google.com> |
am dea78c6f: am 90c92a2b: Merge "Add support for a Google Play Services version of the JNI lib"
* commit 'dea78c6f255a914de4cc66d611d25a32bc444384':
Add support for a Google Play Services version of the JNI lib
|
| 4df44be89e14bc13fd4553118593121a473c1c31 |
14-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am b4510b0f: am ea7cf2a1: Make TLS Channel ID tests use ECDHE_RSA key exchange.
* commit 'b4510b0f0596456b444494e2227abd27685f7978':
Make TLS Channel ID tests use ECDHE_RSA key exchange.
|
| ea7cf2a1bacb8293947ad5168bc41bdb39e6a3f0 |
13-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Make TLS Channel ID tests use ECDHE_RSA key exchange.
TLS Channel ID requires ECDHE-based key exchange.
Change-Id: I722135c96a3ce700dcdf1646d2a71654923bb85c
est/java/org/conscrypt/NativeCryptoTest.java
|
| 6bfb0728ac72c66272593d947d3b3415813c19a1 |
11-Jun-2014 |
Ian Rogers <irogers@google.com> |
am 23d99f15: am 1b60d4ff: Fix 64-bit build error.
* commit '23d99f1554d9d14d46459041ba434b0406927849':
Fix 64-bit build error.
|
| 4e313b6ea32412d27793b5cb02e58a7bd110d2f0 |
11-Jun-2014 |
Kenny Root <kroot@google.com> |
am fb07b3ce: am f24ba062: Add ability to wrap platform keys
* commit 'fb07b3ce2a50d1a37729755440ae436675ee2df1':
Add ability to wrap platform keys
|
| 2216398792f68aaf0a486e8038270866e73f0020 |
11-Jun-2014 |
Georgi Nikolov <geonik@google.com> |
am 3a698c26: am 47e40a5c: Move FileClientSessionCache to main directory
* commit '3a698c26c593186cb6b75c51ac7e8c1f8c28befe':
Move FileClientSessionCache to main directory
|
| 1b60d4ff4dc301b46f4ac8a48dc63da0be113a05 |
11-Jun-2014 |
Ian Rogers <irogers@google.com> |
Fix 64-bit build error.
Change-Id: I7ff48af2991fc03811c7874a974b9052934d27ae
ain/native/org_conscrypt_NativeCrypto.cpp
|
| f24ba0620d88b7d71ddb089b97d29fb1b073718d |
09-Jun-2014 |
Kenny Root <kroot@google.com> |
Add ability to wrap platform keys
This is mostly useful for unbundled Conscrypt currently when working
with KeyChain-based keys, but could be good for use with PKCS11-like
keys in other JSSE providers.
Bug: 15469749
Change-Id: I56bf2eaf3228bdf42d671437f4fffdafb8b47b12
ompat/java/org/conscrypt/Platform.java
ain/java/org/conscrypt/CryptoUpcalls.java
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLDSAPrivateKey.java
ain/java/org/conscrypt/OpenSSLECPrivateKey.java
ain/java/org/conscrypt/OpenSSLKey.java
ain/java/org/conscrypt/OpenSSLRSAPrivateCrtKey.java
ain/java/org/conscrypt/OpenSSLRSAPrivateKey.java
ain/native/org_conscrypt_NativeCrypto.cpp
latform/java/org/conscrypt/Platform.java
|
| 47e40a5c56a812ec471f05e9073f86fcceb5563c |
11-Jun-2014 |
Georgi Nikolov <geonik@google.com> |
Move FileClientSessionCache to main directory
Change-Id: I282c701b191d68bc4dcfa390505968f97a5c7d3c
ain/java/org/conscrypt/FileClientSessionCache.java
latform/java/org/conscrypt/FileClientSessionCache.java
|
| 90c92a2b3db6e4589d950b052d6e72d998fdd627 |
13-Jun-2014 |
Justin Morey <jmorey@google.com> |
Merge "Add support for a Google Play Services version of the JNI lib"
|
| e66dbe5ad60417a4a9bf5ddf0bc3eb02652e43c8 |
10-Jun-2014 |
Justin Morey <jmorey@google.com> |
Add support for a Google Play Services version of the JNI lib
Change-Id: Ie0d9f83e366c0b99994eb861ae567d454cbbea5b
ain/java/org/conscrypt/NativeCrypto.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 600f74729a72f1fd2f4248aa5e78342300516252 |
09-Jun-2014 |
Kenny Root <kroot@google.com> |
am c5a998dd: am fee2d0f1: Add more debugging for getting methods
* commit 'c5a998dd356e50772c088467f513fba5ad5a0e6b':
Add more debugging for getting methods
|
| fee2d0f1c55ffcb436ecc23af54bf7863a44ab8f |
04-Jun-2014 |
Kenny Root <kroot@google.com> |
Add more debugging for getting methods
When JNI registration fails, we should log it immediately to help
with debugging. Otherwise, it will tell you that you called a JNI
function with an exception pending.
Change-Id: I7cbba4d6639265a79a9d043d120f1a2bf72a85f7
ain/native/org_conscrypt_NativeCrypto.cpp
|
| c9bc3110e670cc2b43f38b11b11ca473c5da3b5a |
09-Jun-2014 |
Robin Lee <rgl@google.com> |
am 3483e223: am ff12765d: Make default user CA storage location configurable
* commit '3483e223859d476356546894592e065f723f1bb3':
Make default user CA storage location configurable
|
| ff12765d755d060941fdb9c42dfb7508702bde13 |
25-Apr-2014 |
Robin Lee <rgl@google.com> |
Make default user CA storage location configurable
Allows overriding the defaults in misc/keychain/ with different
defaults, for example when the whole process uses another directory
and this needs to be reflected in every new TrustedCertificateStore
that is created.
Change-Id: I22db18178600668053a17517e9b47eef7b9be5ed
latform/java/org/conscrypt/TrustedCertificateStore.java
|
| 844ad93e26ebbcc1cfb2e7093fa560e9d01629f6 |
03-Jun-2014 |
Kenny Root <kroot@google.com> |
am 77c5767b: am f92e61e2: Merge "Move platform-only files out to separate directory"
* commit '77c5767bfd7d557b389814e74b095639e5ad8282':
Move platform-only files out to separate directory
|
| 39deada91bd9b4ebb0a189b07382e0827e5bad68 |
30-May-2014 |
Kenny Root <kroot@google.com> |
Move platform-only files out to separate directory
To aid in building Conscrypt with gradle, move the platform-only files
out to a separate directory.
Change-Id: I8f07959055261f6b9f2a0ac26dea2f6431d9edbe
ain/java/org/conscrypt/CertPinManager.java
ain/java/org/conscrypt/FileClientSessionCache.java
ain/java/org/conscrypt/JSSEProvider.java
ain/java/org/conscrypt/PinEntryException.java
ain/java/org/conscrypt/PinFailureLogger.java
ain/java/org/conscrypt/PinListEntry.java
ain/java/org/conscrypt/PinManagerException.java
ain/java/org/conscrypt/Platform.java
ain/java/org/conscrypt/TrustManagerFactoryImpl.java
ain/java/org/conscrypt/TrustManagerImpl.java
ain/java/org/conscrypt/TrustedCertificateIndex.java
ain/java/org/conscrypt/TrustedCertificateKeyStoreSpi.java
ain/java/org/conscrypt/TrustedCertificateStore.java
latform/java/org/conscrypt/CertPinManager.java
latform/java/org/conscrypt/FileClientSessionCache.java
latform/java/org/conscrypt/JSSEProvider.java
latform/java/org/conscrypt/PinEntryException.java
latform/java/org/conscrypt/PinFailureLogger.java
latform/java/org/conscrypt/PinListEntry.java
latform/java/org/conscrypt/PinManagerException.java
latform/java/org/conscrypt/Platform.java
latform/java/org/conscrypt/TrustManagerFactoryImpl.java
latform/java/org/conscrypt/TrustManagerImpl.java
latform/java/org/conscrypt/TrustedCertificateIndex.java
latform/java/org/conscrypt/TrustedCertificateKeyStoreSpi.java
latform/java/org/conscrypt/TrustedCertificateStore.java
|
| 3b0e8ff1daebc25c7e36348aaeb36d98e43ef61e |
30-May-2014 |
Kenny Root <kroot@google.com> |
am 99de5ce2: am d02e2ac5: am 4ccb72fd: Unbundle conscrypt
* commit '99de5ce29494ddd20bb94116dea16697bd8ab300':
Unbundle conscrypt
|
| 4ccb72fd16c6c8d4b43a556595abee25d58f5cf1 |
30-May-2014 |
Kenny Root <kroot@google.com> |
Unbundle conscrypt
Don't build the host JNI library in an unbundled build since it's only
needed for testing currently.
Change-Id: I6b6003e86d9f6ff2d87431f156f4984f56592791
ain/native/org_conscrypt_NativeCrypto.cpp
|
| ae2ecac00779167b0381c48da7c612567d1c646f |
30-May-2014 |
Alex Klyubin <klyubin@google.com> |
SSLParametersImpl is the source of enabled cipher suites and protocols.
An instance of SSLParametersImpl is associated with SSLContext and is
then cloned into any SSLSocketFactory, SSLServerSocketFactory,
SSLSocket, SSLServerSocket, and SSLEngine. This CL ensures that all
these primitives obtain their list of enabled cipher suites and
protocols from their instance of SSLParametersImpl.
Bug: 15073623
Change-Id: I40bf32e8654b299518ec0e77c3218a0790d9c4fd
ain/java/org/conscrypt/OpenSSLServerSocketFactoryImpl.java
ain/java/org/conscrypt/OpenSSLServerSocketImpl.java
ain/java/org/conscrypt/OpenSSLSocketFactoryImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/SSLParametersImpl.java
|
| 1ab2cc3d62a5d3fef7c91db77f74e02360d3f78e |
29-May-2014 |
Alex Klyubin <klyubin@google.com> |
am 67d77e24: am 0a75f93f: am 01cce891: Expose support for TLS-PSK.
* commit '67d77e240890b66d8640baef8af78ada4de932da':
Expose support for TLS-PSK.
|
| 5be5e6b02bc2c951aac4baaf7afa74cde2c61d85 |
27-May-2014 |
Kenny Root <kroot@google.com> |
am 5d2e14a9: am 3f2228d7: am 3e46e4ee: Unbundle: hacks to let Conscrypt compile standalone
* commit '5d2e14a9a75d938426b11177023597e9f8fff068':
Unbundle: hacks to let Conscrypt compile standalone
|
| 01cce891dd313a0fb9d4694283f2a13fb5c43afe |
09-May-2014 |
Alex Klyubin <klyubin@google.com> |
Expose support for TLS-PSK.
TLS-PSK (Pre-Shared Key) is a set of TLS/SSL cipher suites that use
symmetric (pre-shared) keys for mutual authentication of peers. These
cipher suites are in some scenarios more suitable than those based on
public key cryptography and X.509. See RFC 4279 (Pre-Shared Key
Ciphersuites for Transport Layer Security (TLS)) for more information.
OpenSSL currently supports only the following PSK cipher suites:
* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
* TLS_PSK_WITH_3DES_EDE_CBC_SHA
* TLS_PSK_WITH_AES_128_CBC_SHA
* TLS_PSK_WITH_AES_256_CBC_SHA
* TLS_PSK_WITH_RC4_128_SHA
The last four cipher suites mutually authenticate the peers and
secure the connection using a pre-shared symmetric key. These cipher
suites do not provide Forward Secrecy -- once the pre-shared key is
compromised, all previous communications secured with that key can be
decrypted. The first two cipher suites combine the pre-shared
symmetric key with an ephemeral key obtained from an ECDH key
exchange performed during the TLS/SSL handshake, thus providing
Forward Secrecy.
Users of TLS-PSK are expected to provide an implementation of
PSKKeyManager to SSLContext.init and then enable at least one PSK
cipher suite in SSLSocket/SSLEngine.
Bug: 15073623
Change-Id: I8e59264455f980f23a5e66099c27b5b4d932b9bb
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/PSKKeyManager.java
ain/java/org/conscrypt/SSLParametersImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 3e46e4ee56c8e37158f46941dedd5b436d724baa |
23-May-2014 |
Kenny Root <kroot@google.com> |
Unbundle: hacks to let Conscrypt compile standalone
This is the first pass at getting Conscrypt to compile standalone. It
works fine in apps currently. There are a few TODOs to fix.
Change-Id: I9b43ba12c55e04c8897ccacf38979ca671a55a26
ompat/java/dalvik/system/BlockGuard.java
ompat/java/dalvik/system/CloseGuard.java
ompat/java/org/apache/harmony/security/utils/AlgNameMapper.java
ompat/java/org/apache/harmony/security/utils/AlgNameMapperSource.java
ompat/java/org/conscrypt/Platform.java
ompat/native/JNIHelp.cpp
ompat/native/JNIHelp.h
ompat/native/NetFd.h
ompat/native/ScopedLocalRef.h
ompat/native/ScopedPrimitiveArray.h
ompat/native/ScopedUtfChars.h
ompat/native/UniquePtr.h
ompat/native/log_compat.h
ain/java/org/conscrypt/AbstractSessionContext.java
ain/java/org/conscrypt/OpenSSLECGroupContext.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/java/org/conscrypt/OpenSSLProvider.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/OpenSSLX509CertPath.java
ain/java/org/conscrypt/OpenSSLX509CertificateFactory.java
ain/java/org/conscrypt/Platform.java
ain/java/org/conscrypt/SSLParametersImpl.java
ain/java/org/conscrypt/X509ExtendedTrustManagerWrapper.java
ain/java/org/conscrypt/util/Arrays.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| c4f9d7a56becd0eae97c91fcb9d3877b9fa041e6 |
20-May-2014 |
Kenny Root <kroot@google.com> |
am 51983403: am 5334b797: am f6aeba08: Merge "X509Certificate: add some context to thrown exceptions"
* commit '51983403a6435f11ed7e2e4ca7eb54d1443a0b56':
X509Certificate: add some context to thrown exceptions
|
| f6aeba088782a69ded003e10f93fd335eb27f18d |
20-May-2014 |
Kenny Root <kroot@google.com> |
Merge "X509Certificate: add some context to thrown exceptions"
|
| 51fc97b26dc2cf554bbd460df5efada6ae50a0ed |
19-May-2014 |
Kenny Root <kroot@google.com> |
am cc46d578: am 5934ada9: am 81c66678: NativeCryptoTest: fix shutdown test
* commit 'cc46d5785d0b529019555450c7286d2aba2ee66a':
NativeCryptoTest: fix shutdown test
|
| 81c666781f8e24242e997e2666b656b240c5a145 |
19-May-2014 |
Kenny Root <kroot@google.com> |
NativeCryptoTest: fix shutdown test
These weren't actually testing that the exceptions were thrown before.
Since we actually throw now, make sure we're throwing the expected
exception type.
Change-Id: I57b11492118dd7c04faa57c58de7b023294b179c
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| cb713c076de9b3d458727ecb2ae2658859a893e2 |
19-May-2014 |
Kenny Root <kroot@google.com> |
X509Certificate: add some context to thrown exceptions
Bug: 14648280
Change-Id: I7bbf76e0d383d34fc5e5a49a8d45384e47f43f3a
ain/java/org/conscrypt/OpenSSLX509Certificate.java
|
| 69e2b4cec4d4b5f0365950b2b8c347865ec75ba8 |
16-May-2014 |
Kenny Root <kroot@google.com> |
am 96e9ecfd: am 237304c5: am 38d5f3d7: Merge "OpenSSLMessageDigestJDK: support clone"
* commit '96e9ecfd7821c99a4eba58e2fbeb03e5647a6704':
OpenSSLMessageDigestJDK: support clone
|
| c6c7c07d5c6f3cb2865eb3319bee40b93a81b87b |
16-May-2014 |
Marcus Oakland <marcus.oakland@arm.com> |
am 7ea02b4c: am 7f9e7554: am 3f8d6407: Fix of native crash in the evpUpdate method
* commit '7ea02b4c1c0e95077996dcc5890aa8a2239faceb':
Fix of native crash in the evpUpdate method
|
| 38d5f3d7f924a204311070dc6085310814bd2fd7 |
16-May-2014 |
Kenny Root <kroot@google.com> |
Merge "OpenSSLMessageDigestJDK: support clone"
|
| 3f8d64078d49672f6301661baa59d24f1d2b74c0 |
14-May-2014 |
Marcus Oakland <marcus.oakland@arm.com> |
Fix of native crash in the evpUpdate method
The org.apache.harmony.security.tests.java.security.MessageDigest1Test
CTS test class's testSHAProvider method was causing a SIGSEGV when
"md.update(bytes, 1, -1);" was called, as the evpUpdate method was not
checking for the inLength parameter being negative. This has been
rectified and the test now passes.
Bug: 14821275
Change-Id: I94489a518f7a2d4a6e84e58f91d8eee6f0ceb045
Signed-off-by: Marcus Oakland <marcus.oakland@arm.com>
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 88b56b0666fe3a702da4edc7b5b58266033c5871 |
16-May-2014 |
Kenny Root <kroot@google.com> |
OpenSSLMessageDigestJDK: support clone
Add the ability to clone the MessageDigest state.
Bug: 14821275
Change-Id: Ifa1b48db708448b971afe1e7360876f3fbe47588
ain/java/org/conscrypt/OpenSSLMessageDigestJDK.java
|
| 131280bbd9ee0a02ba3ecc67625d295aee6906b9 |
14-May-2014 |
Kenny Root <kroot@google.com> |
am 0c7c254e: am c6d953a6: am e526e75c: DH keys: derive public key if not available
* commit '0c7c254ed494670417da586965cc1e657dd9017c':
DH keys: derive public key if not available
|
| 2e37b0af18885ef6e4d99afb2e981fc37368bf6b |
14-May-2014 |
Alex Klyubin <klyubin@google.com> |
am 6d2a6945: am 48c45e54: am 767fda1e: Get rid of some warnings.
* commit '6d2a6945ef41b7e97480b4a0a0bccbb653b9ebb4':
Get rid of some warnings.
|
| e526e75cfe12c2908d37b03562ac48a5bbefdf11 |
14-May-2014 |
Kenny Root <kroot@google.com> |
DH keys: derive public key if not available
Also make the params mutex when we're inflating from a serial object
since it will be null otherwise.
Change-Id: I36641725161c0a708ba303500acca368b0511abe
ain/java/org/conscrypt/OpenSSLDHPrivateKey.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 767fda1ec66f2e2bf8a8f5fe17841906338b9471 |
13-May-2014 |
Alex Klyubin <klyubin@google.com> |
Get rid of some warnings.
Change-Id: I87f3ad5374d89e8acfdd78fe5af4b02be483cd3d
ain/java/org/conscrypt/SSLParametersImpl.java
est/java/org/conscrypt/NativeCryptoTest.java
|
| 33c64fa2932beae757f4e91169336fb1c3ed2e1f |
13-May-2014 |
Kenny Root <kroot@google.com> |
SSL: also allow calls to read/write after cutthrough
Also add test to make sure this works.
(cherry picked from commit 68a3f229cd71c1367173ebc31e5363293b9b5dbc)
Bug: 14832989
Change-Id: If0189d2b84178bc074148119f5d8927ed7ce38a0
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 68a3f229cd71c1367173ebc31e5363293b9b5dbc |
13-May-2014 |
Kenny Root <kroot@google.com> |
SSL: also allow calls to read/write after cutthrough
Also add test to make sure this works.
Bug: 14832989
Change-Id: I046111cdcc4086a7104d462696078a767e86b12c
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| e29f79207cbb3f01aaf13d7838adccd6236cf616 |
13-May-2014 |
Kenny Root <kroot@google.com> |
am 65fe8afa: am 7591dffb: am 68b3d5f4: DH keys: fix some errors the tests caught
* commit '65fe8afa8262cc003d6e110c633c6f5d5a6d4488':
DH keys: fix some errors the tests caught
|
| 68b3d5f4f361ff957b4665d1cf8ffc2ac91bac9c |
13-May-2014 |
Kenny Root <kroot@google.com> |
DH keys: fix some errors the tests caught
* Returning "DSA" instead of "DH" for key algorithm
* Not having the key type defined as translatable in OpenSSLKey
Change-Id: I19db78ddb6d8697e758692bc4830fb32c8a0176a
ain/java/org/conscrypt/OpenSSLDHPublicKey.java
ain/java/org/conscrypt/OpenSSLKey.java
|
| c23b59c8559764138ce10dd07a20518b2bd3ff17 |
13-May-2014 |
Kenny Root <kroot@google.com> |
am 785b91cd: am d7337a86: am f9b921df: TrustedCertificateStoreTest: use random dir for tests
* commit '785b91cd45edc1fa5601ab0fb1a3e7aabd5ddd21':
TrustedCertificateStoreTest: use random dir for tests
|
| f9b921df499721bcc2a37fd073485811d0cabe60 |
13-May-2014 |
Kenny Root <kroot@google.com> |
TrustedCertificateStoreTest: use random dir for tests
In order to avoid some problems with the tests, use a random name
instead of trying to use a potentially-conflicting directory name.
Bug: 12469164
Bug: 14818987
Change-Id: I9a144eafff46d84ea794f49babeba11938f665f8
est/java/org/conscrypt/TrustedCertificateStoreTest.java
|
| ef5bb082da5f4c4f397b220cc2c055dc44e36f10 |
13-May-2014 |
Kenny Root <kroot@google.com> |
am d4d3ca98: am 851b8df3: am 62414833: Merge "Turn off verify peer for servers with no client auth"
* commit 'd4d3ca98b2062c2f84b7d00cd4906f1eccaaf473':
Turn off verify peer for servers with no client auth
|
| 507454b86b671b9777d660f4d2e873e507c6e380 |
13-May-2014 |
Kenny Root <kroot@google.com> |
am e00a8caf: am 75619efc: am f43a94ff: Check for renegotiate_pending for tests
* commit 'e00a8cafcc4ae38ef25ce2b1c83f569a24662cce':
Check for renegotiate_pending for tests
|
| 62414833e01a8e2c7d0dd82459be3d12cb7075c0 |
13-May-2014 |
Kenny Root <kroot@google.com> |
Merge "Turn off verify peer for servers with no client auth"
|
| a132fc92896da9372f9a34ab1d6dca52c467d2f6 |
12-May-2014 |
Kenny Root <kroot@google.com> |
Turn off verify peer for servers with no client auth
Since the default is now SSL_VERIFY_PEER, as a server we need to
explicitly set that we don't want a client certificate by setting
SSL_VERIFY_NONE.
Change-Id: I740389cc59ef8cb444a0e504838a1c0591df2bf9
ain/java/org/conscrypt/SSLParametersImpl.java
est/java/org/conscrypt/NativeCryptoTest.java
|
| f43a94ff4594a859ed9beeb98650e0444a26973b |
12-May-2014 |
Kenny Root <kroot@google.com> |
Check for renegotiate_pending for tests
Tests call SSL_renegotiate to force a renegotiation, but was relying on
AppData being unset in this function. Instead we check that both
SSL_is_init_finished is false and SSL_renegotiation_pending is false.
Renegotiation is handled by SSL_write implicitly instead of explicitly
like the wrapper around SSL_do_handshake does.
Change-Id: I7e761afa718503933334cc19fbc696d714eca500
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 1907b58c7dfccffbf472ea7e7876e2b873fc0644 |
09-May-2014 |
Kenny Root <kroot@google.com> |
am bee99382: am d42776d3: am 7b27ca77: Add DH keys
* commit 'bee9938223ad210f03c8d2bb4faeab0e01f78903':
Add DH keys
|
| 7b27ca77c328e510a165712a497c20b67c68e8a3 |
08-May-2014 |
Kenny Root <kroot@google.com> |
Add DH keys
Add the initial steps for DH keys to be generated and handled via
OpenSSL. Next steps will be hooking it up via other APIs that use DH
keys.
Change-Id: Ib159e60db73f82b75e0ba375a1d165c51286edac
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLDHKeyFactory.java
ain/java/org/conscrypt/OpenSSLDHKeyPairGenerator.java
ain/java/org/conscrypt/OpenSSLDHPrivateKey.java
ain/java/org/conscrypt/OpenSSLDHPublicKey.java
ain/java/org/conscrypt/OpenSSLProvider.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 256d06dbd2b03d1657e9d7bc35cbf5d1094adff5 |
08-May-2014 |
Kenny Root <kroot@google.com> |
am cfbd301d: am ef0e3ebb: am a3d4df59: Merge "SSLSocket: restore previous pre-handshake behavior"
* commit 'cfbd301d6332e2cccf4dbdc2bcd01cac1e0aea2b':
SSLSocket: restore previous pre-handshake behavior
|
| a3d4df59d7523818f18ff66eb523ed4fcb29e1fb |
08-May-2014 |
Kenny Root <kroot@google.com> |
Merge "SSLSocket: restore previous pre-handshake behavior"
|
| dd284653f17d5801c8222f1368f1241eb428b7f2 |
07-May-2014 |
Kenny Root <kroot@google.com> |
SSLSocket: restore previous pre-handshake behavior
Before AppData was created in the initial handshake, calling SSL_read or
SSL_write would have a NULL appData field. This caused an exception to
be thrown. Now we have to check to make sure the handshake completed
before we continue on with SSL_read and SSL_write.
Change-Id: I969577cf56f61858450a7981a5196f58a6502968
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 884c5f2bf19215a9f95471e08397f04c32105603 |
07-May-2014 |
Kenny Root <kroot@google.com> |
am cc5bd922: am 21536bb9: am 821bf39c: Merge "Return system trust anchor instead of server"
* commit 'cc5bd9229c8232d99066038c5b9d1ebaccd439a9':
Return system trust anchor instead of server
|
| 821bf39c543de6714315a692be8503102dea20c9 |
06-May-2014 |
Kenny Root <kroot@google.com> |
Merge "Return system trust anchor instead of server"
|
| 39510dd764b6bb09bb89754588be1fa40b74047e |
05-May-2014 |
Kenny Root <kroot@google.com> |
am c2da5812: am e40e468d: am 77708c03: Use specific Charset for encoding
* commit 'c2da581272980aaf344dab603af6421ab55a261c':
Use specific Charset for encoding
|
| 77708c039b98c206f101623e114d1a7fdb89c738 |
05-May-2014 |
Kenny Root <kroot@google.com> |
Use specific Charset for encoding
Without using a specific Charset, it will call System.getProperty to
find the current locale. We only care about getting the bytes for
US-ASCII so explicitly ask for that instead.
Change-Id: I6902b59ccb8a13a8977b828c099ad493e4f17e5c
ain/java/org/conscrypt/OpenSSLX509CertPath.java
ain/java/org/conscrypt/OpenSSLX509CertificateFactory.java
|
| d7695a8578159758c0b2e29f557e3977646582a7 |
05-May-2014 |
Kenny Root <kroot@google.com> |
am 59df33d7: am 7b2e2065: am 365395ed: SSLEngine: handle EOF for our BIOs
* commit '59df33d78da8ee36888f223cdb7eec3b78363536':
SSLEngine: handle EOF for our BIOs
|
| 365395ed979c156eb83585f0ab07ee5991d94b03 |
05-May-2014 |
Kenny Root <kroot@google.com> |
SSLEngine: handle EOF for our BIOs
If we reache EOF (really the end of our current bytes buffered for read)
during writing or reading, don't try to count the -1 returned as part of
the read bytes.
Change-Id: I76d42b00f14b121f1524e7c035efcf2c99627278
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| ff0ed31d47e2828e7b0058b3f1f862c02c66cb0e |
03-May-2014 |
Kenny Root <kroot@google.com> |
am b4f1e9ad: am a320e0c8: am b45c8e9b: Merge "BIO_Stream: check for pending exception"
* commit 'b4f1e9ada6bb74bfe085add43ec404cdb17bbb19':
BIO_Stream: check for pending exception
|
| b45c8e9b993ed4da0edcdd38621c8eda44a0ada0 |
02-May-2014 |
Kenny Root <kroot@google.com> |
Merge "BIO_Stream: check for pending exception"
|
| 64f361d8ce4c961d9339d6933de33a937b542db5 |
02-May-2014 |
Kenny Root <kroot@google.com> |
BIO_Stream: check for pending exception
OpenSSL may make several callbacks in a row, so we need to check whether
a pending exception is in flight before calling into the JVM again.
Bug: 14477174
Change-Id: I104fa0af08a229430e193c7ed7b147d115215cd2
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 2515258c3d77a858721e54d31dd94b534488b62d |
01-May-2014 |
Kenny Root <kroot@google.com> |
am c9cf2c48: am aa63de71: am 2a9ca52c: Call SSL_set_alpn_protos with right native pointer
* commit 'c9cf2c486f1da919ec3c916a428e66cbcbfa9ee3':
Call SSL_set_alpn_protos with right native pointer
|
| 2a9ca52cd6a26a5db6df8148e4a1bcdf3d4d0aac |
01-May-2014 |
Kenny Root <kroot@google.com> |
Call SSL_set_alpn_protos with right native pointer
This change was missed during rebase of the OpenSSLEngine code since
this used to be SSL_CTX_set_alpn_protos.
Bug: 14273022
Change-Id: Ib72b27c8d5a4ddfde4e0c0ee2ab97bfb039c7f56
ain/java/org/conscrypt/SSLParametersImpl.java
|
| c944574facadde99f3efa0d603a96644347bac36 |
28-Apr-2014 |
Elliott Hughes <enh@google.com> |
am a2980a8c: am 5cf1918d: Merge "Finish switching to android.system.Os."
* commit 'a2980a8cd0fcb0f746332be1563fd4c026faeba9':
Finish switching to android.system.Os.
|
| 5cf1918d1aedbc56a87f7cacf604bd2abf5dc8c0 |
28-Apr-2014 |
Elliott Hughes <enh@google.com> |
Merge "Finish switching to android.system.Os."
|
| d985f665de7a6b0a92f36dd7d6e5550b6f98946e |
28-Apr-2014 |
Elliott Hughes <enh@google.com> |
Finish switching to android.system.Os.
Looks like I missed one last time...
Change-Id: Ib009e87493b36fc815166c44ce3c3a532aa5cd82
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| f76b17dd896cac185bfec0b980a68a232f948c6a |
26-Apr-2014 |
Kenny Root <kroot@google.com> |
Merge "SSLEngine: fix some behaviors"
|
| 9981428049a93947a70362480fbfaf66821890bf |
25-Apr-2014 |
Kenny Root <kroot@google.com> |
SSLEngine: fix some behaviors
* We were not checking buffer lengths.
* wrap/unwrap should start a handshake.
Change-Id: I35fbd8bf5eb699923f4712e7590bce7e7e13e529
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| 79487be8daa695366f23069bb9ca5ed1b138e718 |
25-Apr-2014 |
Kenny Root <kroot@google.com> |
SSLEngine: fix some behaviors
* We were not checking buffer lengths.
* wrap/unwrap should start a handshake.
Change-Id: I35fbd8bf5eb699923f4712e7590bce7e7e13e529
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
|
| e82930a2c85594513b93e9223cebdd53f9c4cfdc |
25-Apr-2014 |
Elliott Hughes <enh@google.com> |
am 5d7a097f: am bcad63e3: Track libcore.os\' move towards the light.
* commit '5d7a097f4a433493049699eb8f8f7dee2ae8cdbc':
Track libcore.os' move towards the light.
|
| bcad63e381c5326a526a078ac17b8580874495b0 |
24-Apr-2014 |
Elliott Hughes <enh@google.com> |
Track libcore.os' move towards the light.
Change-Id: Id41fb809eb764ce60f6d3cecf5715a57af432027
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| 9e831e0ac251ffa6532ab8f68473bc7ddbadde5d |
23-Apr-2014 |
Neil Fuller <nfuller@google.com> |
am e883caa3: am 798f9441: Changes to support asynchronous close interruption
* commit 'e883caa342e9b358e77762ef6636ef4ff1c999e7':
Changes to support asynchronous close interruption
|
| 798f9441e02b2f924bacee81af8c7ddc7c32482d |
11-Apr-2014 |
Neil Fuller <nfuller@google.com> |
Changes to support asynchronous close interruption
This change contains fixes to conscrypt from libcore change
I37de3e7d1a005a73821221e6156d10b95c595d7a
Bug: 13927110
Change-Id: Ied42e930e32013f93415625968372d3b997bd539
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 3bbf2e8883b2e2a014560db6a3398c7ce3552b7e |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am 04199935: am de9b5860: Make AppData creation symmetric
* commit '0419993536bea8908f6f0c3e3df789e158c87d0d':
Make AppData creation symmetric
|
| de9b58607d31660ccc2bbc3082a288c005764da0 |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
Make AppData creation symmetric
AppData was being created in SSL_do_handshake, but freed in SSL_free.
Make it symmetric by creating AppData in SSL_new instead.
The SSLEngine may call do_handshake multiple times to complete a
handshake, but this was creating an AppData each time it entered.
Creating in SSL_new avoids the problem of checking whether it was
already created on each entry into SSL_do_handshake calls.
Bug: 14247219
Change-Id: I825486798250998a4d4141201bda68a4dffe13a4
ain/native/org_conscrypt_NativeCrypto.cpp
|
| ef6fd89b22a1f32201c8329e3b20386d25c4469f |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
Add back missing sslSession
Accidentally removed during refactor.
(cherry-picked from 0dd7db8b85dfd8ad5d16d239432b9852450dc78f)
Change-Id: I4295af935b269ec7ea91f1d1d140f32188e15e64
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| 0dd7db8b85dfd8ad5d16d239432b9852450dc78f |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
Add back missing sslSession
Accidentally removed during refactor.
Change-Id: I4295af935b269ec7ea91f1d1d140f32188e15e64
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| f806d9abdf17466aeee8f5f113ea26021a0825ca |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am b184a583: am f878e438: Add OpenSSLEngineImpl
* commit 'b184a5839de572ae78f57642883f0caabb9084f5':
Add OpenSSLEngineImpl
|
| e01d7da3e253f9a2144fc43c698794b3a6aa178a |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am 4daadbef: am 3c072fb0: Refactor OpenSSLSocketImpl
* commit '4daadbef5d458372a84cd1e606172b821e6e599e':
Refactor OpenSSLSocketImpl
|
| 7e003cae1f0888d7520b0b1303bddf083eea9787 |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am 18390f12: am f111f623: Remove SSLEngineImpl
* commit '18390f12a94dd67542ffcb60de5fa98b4ea63c9e':
Remove SSLEngineImpl
|
| f878e438660d93f8689b864165230492e7a412d4 |
08-Nov-2013 |
Kenny Root <kroot@google.com> |
Add OpenSSLEngineImpl
Add support for SSLEngine via OpenSSL APIs. Currently this supports just
the basic SSLEngine functionality. It can be improved in efficiency and
performance, but it appears not to leak anything and be correct
according to our test suites.
Change-Id: Iea2dc3922e7c30e26daca38361877bd2f88ae668
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLBIOSink.java
ain/java/org/conscrypt/OpenSSLBIOSource.java
ain/java/org/conscrypt/OpenSSLContextImpl.java
ain/java/org/conscrypt/OpenSSLEngineImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/SSLParametersImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 3c072fb087eaa1a363fc673c60f5ef65390e356f |
07-Nov-2013 |
Kenny Root <kroot@google.com> |
Refactor OpenSSLSocketImpl
Move functionality that will be shared with OpenSSL's SSLEngine
implementation out of OpenSSLSocketImpl and into the (soon-to-be) shared
SSLParametersImpl.
The functionality should stay the same.
Change-Id: If8faa3ad2c9c73c0a0cd4b9716639b362b2b26a1
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/SSLParametersImpl.java
est/java/org/conscrypt/NativeCryptoTest.java
est/java/org/conscrypt/OpenSSLSocketImplTest.java
est/java/org/conscrypt/SSLParametersImplTest.java
|
| 03804497fead7f3e1cb21bf1125ca9e027159920 |
20-Mar-2014 |
Kenny Root <kroot@google.com> |
Return system trust anchor instead of server
Change-Id: I06eb3e364632d4a5226c3c55cae7b212790987c3
ain/java/org/conscrypt/TrustManagerImpl.java
ain/java/org/conscrypt/TrustedCertificateStore.java
est/java/org/conscrypt/TrustedCertificateStoreTest.java
|
| f111f6235d016ce54ab95a2c634a400efe29f24b |
31-Mar-2014 |
Kenny Root <kroot@google.com> |
Remove SSLEngineImpl
This is replaced by OpenSSL-backed SSLEngineImpl.
Change-Id: I7b51f6fa772e431c6283008535bfec90821d0bef
ain/java/org/conscrypt/AlertException.java
ain/java/org/conscrypt/AlertProtocol.java
ain/java/org/conscrypt/Appendable.java
ain/java/org/conscrypt/CertificateMessage.java
ain/java/org/conscrypt/CertificateRequest.java
ain/java/org/conscrypt/CertificateVerify.java
ain/java/org/conscrypt/CipherSuite.java
ain/java/org/conscrypt/ClientHandshakeImpl.java
ain/java/org/conscrypt/ClientHello.java
ain/java/org/conscrypt/ClientKeyExchange.java
ain/java/org/conscrypt/ConnectionState.java
ain/java/org/conscrypt/ConnectionStateSSLv3.java
ain/java/org/conscrypt/ConnectionStateTLS.java
ain/java/org/conscrypt/ContentType.java
ain/java/org/conscrypt/DHParameters.java
ain/java/org/conscrypt/DataStream.java
ain/java/org/conscrypt/DelegatedTask.java
ain/java/org/conscrypt/DigitalSignature.java
ain/java/org/conscrypt/EndOfBufferException.java
ain/java/org/conscrypt/EndOfSourceException.java
ain/java/org/conscrypt/Finished.java
ain/java/org/conscrypt/Handshake.java
ain/java/org/conscrypt/HandshakeIODataStream.java
ain/java/org/conscrypt/HandshakeProtocol.java
ain/java/org/conscrypt/HelloRequest.java
ain/java/org/conscrypt/Logger.java
ain/java/org/conscrypt/Message.java
ain/java/org/conscrypt/OpenSSLContextImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/PRF.java
ain/java/org/conscrypt/ProtocolVersion.java
ain/java/org/conscrypt/SSLBufferedInput.java
ain/java/org/conscrypt/SSLEngineAppData.java
ain/java/org/conscrypt/SSLEngineDataStream.java
ain/java/org/conscrypt/SSLEngineImpl.java
ain/java/org/conscrypt/SSLInputStream.java
ain/java/org/conscrypt/SSLNullSession.java
ain/java/org/conscrypt/SSLParametersImpl.java
ain/java/org/conscrypt/SSLRecordProtocol.java
ain/java/org/conscrypt/SSLSessionImpl.java
ain/java/org/conscrypt/SSLStreamedInput.java
ain/java/org/conscrypt/SSLv3Constants.java
ain/java/org/conscrypt/ServerHandshakeImpl.java
ain/java/org/conscrypt/ServerHello.java
ain/java/org/conscrypt/ServerHelloDone.java
ain/java/org/conscrypt/ServerKeyExchange.java
est/java/org/conscrypt/CipherSuiteTest.java
|
| 7486ebcb03fe654beebb2a3a9e1188b6202b1122 |
18-Apr-2014 |
Kenny Root <kroot@google.com> |
am 950cca1a: am ad73400e: NativeCryptoTest: use correct digest name
* commit '950cca1ad11b0924a01f97207942a47156aa22d5':
NativeCryptoTest: use correct digest name
|
| ad73400e9d5c7048fcf2980b75ea45e2aac8fb39 |
07-Apr-2014 |
Kenny Root <kroot@google.com> |
NativeCryptoTest: use correct digest name
Change-Id: Ib216b04f302d6bfaf72f8e4aae42de8cccd89384
est/java/org/conscrypt/NativeCryptoTest.java
|
| cf45fa6ab35da2b018e89ea33d5cf8ed0aa39956 |
11-Apr-2014 |
Kenny Root <kroot@google.com> |
am 7f33dd3b: am 19fdf1af: Convert calls to BIO_free to BIO_free_all
* commit '7f33dd3b53f99c3eabd5c9b1adf1966d333f740c':
Convert calls to BIO_free to BIO_free_all
|
| 19fdf1af6bada9ebf4820839780d8713ac3824fa |
10-Apr-2014 |
Kenny Root <kroot@google.com> |
Convert calls to BIO_free to BIO_free_all
If we have a chain of BIO, we want to free the entire chain. Otherwise,
we might accidentally leave references sitting around. This shouldn't
matter for our current use-case, but might help in the future.
Change-Id: I586937629e1e4f2e80b5feefe2f49a85e8a31d31
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLBIOInputStream.java
ain/java/org/conscrypt/OpenSSLX509CRL.java
ain/java/org/conscrypt/OpenSSLX509CRLEntry.java
ain/java/org/conscrypt/OpenSSLX509CertPath.java
ain/java/org/conscrypt/OpenSSLX509Certificate.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 7cf35675f840b7138aefa11941532e1ea94af927 |
02-Apr-2014 |
Kenny Root <kroot@google.com> |
am 207493e1: am f8a9b546: ALPN: change socket calls to SSL_set_alpn_protos
* commit '207493e138c2e12f8c86bb17801412d432c5604e':
ALPN: change socket calls to SSL_set_alpn_protos
|
| f8a9b546d57c4731805e73e1e96ff2fb3e77d6e0 |
31-Mar-2014 |
Kenny Root <kroot@google.com> |
ALPN: change socket calls to SSL_set_alpn_protos
Calling SSL_CTX_set_alpn_protos appears to be detrimental to thread
safety since the implementation of it resets the values. It's not
idempotent to call it multiple times like SSL_CTX_enable_npn.
Bug: https://code.google.com/p/android/issues/detail?id=67940
Change-Id: I09ed9e75d08528300b86201c3e847b26702d4284
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| f06cff37f63b8ab9c3632022d0af2ac77f2305a4 |
01-Apr-2014 |
Kenny Root <kroot@google.com> |
am ae332e1e: am 93cfc3c9: Check read and write from correct BIO
* commit 'ae332e1eb83f889e7a4c0ddfce3a2f06c54e8c82':
Check read and write from correct BIO
|
| 93cfc3c90ab19944ef1ac530dd844dfb64dce8f7 |
01-Apr-2014 |
Kenny Root <kroot@google.com> |
Check read and write from correct BIO
This happened to work before since SSL_set_fd sets both the read and
write BIO to the same value, but using different BIOs for the new
SSLEngine code will change this.
Change-Id: Ieebe31b1cda24325abf3af35c116549d33ac15d5
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 7ed3a73c9e57e1a658e70583dfb371c2e6fb185c |
29-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
am cfcc8bb4: am cc6dd530: Merge "Correctly handle empty arrays in SSLContext.init."
* commit 'cfcc8bb46e676c023fbd9ce1bc14f1d891d1f57d':
Correctly handle empty arrays in SSLContext.init.
|
| cc6dd5308240f5145871797dfe1880638d0201ae |
28-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "Correctly handle empty arrays in SSLContext.init."
|
| 3d56a488fb8ab784d695a100e212fd955de09cbc |
26-Mar-2014 |
Kenny Root <kroot@google.com> |
am b57db033: am acc950a7: Add JNI_TRACE_MD to cut down on noise
* commit 'b57db033700e6d38e050d283b445e87b0e2660c0':
Add JNI_TRACE_MD to cut down on noise
|
| ce58e89f129d28e3b08c8c21acd9a04a3c9d8468 |
26-Mar-2014 |
Kenny Root <kroot@google.com> |
am 88eb6c92: am a0c196d7: Throw SSLHandshakeException for errors during handshake
* commit '88eb6c927cc0b7e0d03ca21d581ad248030bfa9f':
Throw SSLHandshakeException for errors during handshake
|
| acc950a746dc75174d473eef4ec7434c71cd6d39 |
26-Mar-2014 |
Kenny Root <kroot@google.com> |
Add JNI_TRACE_MD to cut down on noise
During start-up of vogar, it does thousands of digests on the input
class files which makes the output really noisy. Since debugging MD
stuff is uncommon, just hide it behind another debug flag.
Change-Id: I972a1b61c6ffe2d4cc345b089f0be10751ea32e4
ain/native/org_conscrypt_NativeCrypto.cpp
|
| a0c196d76f1ed4fddeb94873b9aef47e50059cf2 |
26-Mar-2014 |
Kenny Root <kroot@google.com> |
Throw SSLHandshakeException for errors during handshake
This is a subclass of SSLHandshake, so it's not technically any
different, but more sophisticated clients use this to differentiate
between a failure during handshake and a general SSL failure.
Bug: 13130968
Change-Id: Ifad026c9af6748c1f7cb6a75f8f49aa3e75deea8
ain/native/org_conscrypt_NativeCrypto.cpp
|
| a83e884d3912bded37a7ac3d3e4808e89004f74f |
25-Mar-2014 |
Kenny Root <kroot@google.com> |
am 3744ce5c: am d2cced8b: Use the new endpointVerificationAlgorithm API
* commit '3744ce5cf1339ac017d33b2d801dbd7ba5d60a23':
Use the new endpointVerificationAlgorithm API
|
| b3c6484a539961803e2709c9e3859d241ae00b12 |
24-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Correctly handle empty arrays in SSLContext.init.
The contract of SSLContext.init is that empty arrays of
KeyManager/TrustManager in its parameters are handled differently
from null arrays. This CL adjusts the behavaior to match the
contract. Namely, empty arrays mean that SSLContext is being
initialized without any KeyManagers/TrustManagers rather than with
default ones.
Bug: 13563675
Change-Id: I52adc5e7143d4f050be0b22b3b464c10bb97d102
ain/java/org/conscrypt/SSLParametersImpl.java
|
| d2cced8b10f5e4f600a5eb9464eba0da7c8f09de |
20-Mar-2014 |
Kenny Root <kroot@google.com> |
Use the new endpointVerificationAlgorithm API
Use the new X509ExtendedTrustManager and use the new
getEndpointVerificationAlgorithm to check the hostname during the
handshake.
Bug: 13103812
Change-Id: Id0a74d4ef21a7d7c90357a111f99b09971e535d0
ain/java/org/conscrypt/ClientHandshakeImpl.java
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/SSLEngineImpl.java
ain/java/org/conscrypt/SSLParametersImpl.java
ain/java/org/conscrypt/TrustManagerImpl.java
ain/java/org/conscrypt/X509ExtendedTrustManagerWrapper.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
est/java/org/conscrypt/TrustManagerImplTest.java
|
| e02d3e52b215a6dafe69fd50794d63306fe6d277 |
24-Mar-2014 |
Kenny Root <kroot@google.com> |
am a8d4e027: am eb6d87ee: Merge "Allow verification failures to send SSL alert"
* commit 'a8d4e02750cf20b92e5ff2895d9f8b2d2e974245':
Allow verification failures to send SSL alert
|
| 054b28314fa1a76b20349de9a913f3d232aa3fc9 |
24-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
am a8d4d7cc: am af672dd9: Avoid NullPointerException when no client cert key provided.
* commit 'a8d4d7ccb89c31545f2de9ebda33d6b8a094c038':
Avoid NullPointerException when no client cert key provided.
|
| ca3695ad875eee9958a1adad06210a42b088d0fb |
24-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
am a5b1d42b: am 4a4a74e8: Leave SSLParametersImpl.getDefaultX509TrustManager public.
* commit 'a5b1d42b46375672b22cbbd71c3dc69b7adad2b6':
Leave SSLParametersImpl.getDefaultX509TrustManager public.
|
| e50b99180371ddbd0107f418e463bf8cc58821cb |
24-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
am 4385f916: am 8d63ff13: Support TLS/SSL without X509TrustManager or X509KeyManager.
* commit '4385f9161c46d697a0511f7b8c878604e248aff0':
Support TLS/SSL without X509TrustManager or X509KeyManager.
|
| eb6d87ee2d1939aa81e914dc0d4a3bc625ea10dd |
21-Mar-2014 |
Kenny Root <kroot@google.com> |
Merge "Allow verification failures to send SSL alert"
|
| 02fb0575e69baf7e1bf58508e6a01a202f6d0524 |
21-Mar-2014 |
Kenny Root <kroot@google.com> |
Allow verification failures to send SSL alert
Before we were relying on our pending exception to abort the SSL
handshake, but the SSL alert was not sent to the server. This enables
peer verification in the OpenSSL to send the alerts and cut the
handshake off earlier.
In OpenSSL, the ssl/s3_clnt.c had code that only sent an alert if verify
mode was not SSL_VERIFY_NONE. Since we're handling all the verification
during the callback, we can special case anything we want to do for
anonymous ciphers in the callback.
Change-Id: I6c8fd0d0c6402e29ef3cb5fc5156eef2f4191ff0
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| af672dd97643a721f2b038660c8a9e105a23576a |
21-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Avoid NullPointerException when no client cert key provided.
When the user of a client-mode SSLEngine provides a client
certificate but provides no key, the current implementation blows up
with a NullPointerException.
This CL makes the behavior aligned with RI. It does not blow up, but
rather proceeds without sending a certificate_verify message to the
server. Normally, this then leads to the server terminating the
handshake.
Change-Id: Ib8d3f7e4b4b7fdd9f4ec4acd42513c781a703f96
ain/java/org/conscrypt/ClientHandshakeImpl.java
|
| 4a4a74e84ee407eb49a01cf2325ea34fc92ed1a4 |
21-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Leave SSLParametersImpl.getDefaultX509TrustManager public.
I renamed this method from getDefaultTrustManager to
getDefaultX509TrustManager and erroneously made it private in
8d63ff1384e46407a7618df2b79b2b455795c396. I missed the fact that
it's being used from framework's
android.net.http.CertificateChainValidator.
This CL reverts this method to being public again.
Bug: 13563574
Change-Id: I601c651d631f5a2e4a04d21941186553988e5286
ain/java/org/conscrypt/SSLParametersImpl.java
|
| 8d63ff1384e46407a7618df2b79b2b455795c396 |
19-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Support TLS/SSL without X509TrustManager or X509KeyManager.
This makes TLS/SSL primitives operate as expected when no
X509TrustManager or X509KeyManager is provided. Instead of blowing up
with KeyManagementException or NullPointerException (or similar) when
X509TrustManager or X509KeyManager is not provided, this CL makes
SSLContext.init accept such setup, and makes SSLSocket and SSLEngine
reject certificate chains, select no private keys/aliases, and accept
no certificate issuers.
Bug: 13563574
Change-Id: I8de58377a09025258357dd4da9f6cb1b6f2dab80
ain/java/org/conscrypt/ClientHandshakeImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/SSLParametersImpl.java
ain/java/org/conscrypt/ServerHandshakeImpl.java
|
| c77eae3df4bc7bc9201f4e7bc7893173384e99bf |
10-Mar-2014 |
Kenny Root <kroot@google.com> |
am 6b25ac57: am 2a5460fc: Use non-pointer type on assign
* commit '6b25ac576a457f3c020db83bf3892fd0b19daf49':
Use non-pointer type on assign
|
| 2a5460fc2ab3453b54d3f6b01f6c83dc7502fbdc |
10-Mar-2014 |
Kenny Root <kroot@google.com> |
Use non-pointer type on assign
Change-Id: I6260ddb06cd94e9fe1be3db0d9196c035884ecd6
ain/native/org_conscrypt_NativeCrypto.cpp
|
| facb547317b784d4417273567f851b952f030ef9 |
10-Mar-2014 |
Kenny Root <kroot@google.com> |
am 44ef5d54: am fc7924bc: Return SSL_TLSEXT_ERR_NOACK with no NPN/ALPN
* commit '44ef5d547f778dbd889575cf23a827dacbbceace':
Return SSL_TLSEXT_ERR_NOACK with no NPN/ALPN
|
| fc7924bc78afc46c3c75722a735fe4db65c33304 |
10-Mar-2014 |
Kenny Root <kroot@google.com> |
Return SSL_TLSEXT_ERR_NOACK with no NPN/ALPN
We were returning SSL_TLSEXT_ERR_OK even if we did not select any
NPN/ALPN support.
Bug: https://code.google.com/p/android/issues/detail?id=66562
Change-Id: I79ea821512f03f1391247d3bcfc7ac7d042ecb41
ain/native/org_conscrypt_NativeCrypto.cpp
|
| e65ec179bf7bc1b06d80d2f99587c41a2c799f27 |
28-Feb-2014 |
Kévin PETIT <kevin.petit@arm.com> |
am a64f5de7: am 88758d46: Fix LP64 builds
* commit 'a64f5de77feb9f795a09e5649d2b2fa961634856':
Fix LP64 builds
|
| 88758d462641e4d2e72d26e55c270bfac97f3b08 |
27-Feb-2014 |
Kévin PETIT <kevin.petit@arm.com> |
Fix LP64 builds
The last parameter to EVP_DigestUpdate is a size_t which on LP64
platforms doesn't have the same size as unsigned int. Fix the type
of the update_func function pointer accordingly.
Change-Id: Idd3b544e479e05055bffb0470a4ef370fad984fe
Signed-off-by: Kévin PETIT <kevin.petit@arm.com>
ain/native/org_conscrypt_NativeCrypto.cpp
|
| b699ebedf68caf0eda712fc7cc221375b3f113e8 |
25-Feb-2014 |
Kenny Root <kroot@google.com> |
am fe959f9a: am 652ff53b: Fix up concurrent use of APIs
* commit 'fe959f9a94cd0d09038401b509a637cc3caf152f':
Fix up concurrent use of APIs
|
| 652ff53bd48ed61389337a42d8e50cdb7ace0fec |
24-Feb-2014 |
Kenny Root <kroot@google.com> |
Fix up concurrent use of APIs
Code that is incorrectly using MessageDigest, Signature, or Mac in
multiple threads simultaneously could cause a SEGV if OpenSSL is
clearing out the MD_CTX at the same time another thread is trying to
write to it. Make sure we initialize a new MD_CTX after each run to
avoid crashing. The program using the instances concurrently is still
wrong and will most likely get inconsistent results.
Switch to using a context object instance to make sure we can hold a
reference to the object during the native call.
Bug: 8787753
Change-Id: I2518613a47cf03c811a29d17040804fc708394dd
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLDigestContext.java
ain/java/org/conscrypt/OpenSSLMac.java
ain/java/org/conscrypt/OpenSSLMessageDigestJDK.java
ain/java/org/conscrypt/OpenSSLNativeReference.java
ain/java/org/conscrypt/OpenSSLSignature.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| ddf60515bffc91479a597a4a05dccbc5e8ee5c40 |
24-Feb-2014 |
Kenny Root <kroot@google.com> |
am c0ec2406: am ca852134: Throw ArrayIndexOutOfBoundsException instead of generic
* commit 'c0ec24066db8121613cdd51604e177e266e5d484':
Throw ArrayIndexOutOfBoundsException instead of generic
|
| ca8521342b2b2269fb2cd31b3c81cf3d49c3f6ba |
24-Feb-2014 |
Kenny Root <kroot@google.com> |
Throw ArrayIndexOutOfBoundsException instead of generic
This exception is specifically for arrays which is what we're dealing
with here.
Change-Id: I11be2c75019844701b305240152815d7c610fbef
ain/native/org_conscrypt_NativeCrypto.cpp
|
| b3e4119991593e59f2afa05afcc260e83e09021b |
24-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
am cb0261ca: am 60f83802: Harden (EC)DSA signatures against weak nonces.
* commit 'cb0261ca9d1ff9c2cdf0674468b225b43301d96b':
Harden (EC)DSA signatures against weak nonces.
|
| 9ad923745534bc96eaea24d416db94c0e99b302c |
22-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
am fa28073a: am 7c2b4ae9: Throw instead of segfaulting when NULL EVP_PKEY encountered.
* commit 'fa28073a8f9efd84d1a0b0973f9fd6bcd3f7a6c1':
Throw instead of segfaulting when NULL EVP_PKEY encountered.
|
| 60f83802801e224b51afac6c27c19e7c3d65ddc3 |
04-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
Harden (EC)DSA signatures against weak nonces.
Private key information is leaked by (EC)DSA signatures when nonces
are produced by a weak RNG. This CL enables a mitigation provided by
OpenSSL: mix in private key and message being signed into randomly
generated nonce. Provided private key was generated by strong RNG,
this should mitigate the weakness.
NOTE: This mitigation is not implemented for signatures which use
hardware-backed private keys (AndroidKeyStore).
Change-Id: I60dbf57bff3cfcdcbbeb18be5d9dfba523cc6bb8
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLSignature.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 7c2b4ae9455185974ffe5ec1804c8980fe429635 |
13-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
Throw instead of segfaulting when NULL EVP_PKEY encountered.
Change-Id: Idba6702dd43e541b51c990fc3440a17351e6def9
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 37e39d04f62fd06560d90df7d18d1fb8b58c7b93 |
13-Feb-2014 |
Kenny Root <kroot@google.com> |
am 5dc0a9cc: am ca729b85: Late binding: convert OpenSSLSignature to late binding
* commit '5dc0a9cc0126cd15b1dc5bcd2c13743008cc8dc4':
Late binding: convert OpenSSLSignature to late binding
|
| bbd4ced8ace08bb76e07b9bcdb4d82548c234c0d |
13-Feb-2014 |
Kenny Root <kroot@google.com> |
am 236f5ed1: am 75e5e401: OpenSSLSignature: refactor key checking
* commit '236f5ed179e0423d1d1d53a07fc5de7d8e0469bd':
OpenSSLSignature: refactor key checking
|
| ca729b856ba17a8c4840f6cf8089da0010706d7c |
12-Feb-2014 |
Kenny Root <kroot@google.com> |
Late binding: convert OpenSSLSignature to late binding
You must be a child of SignatureSpi to do late binding correctly.
Also remove useless test.
Change-Id: I4190ec919ad0eca9f344a2d7ac4c03216dccab55
ain/java/org/conscrypt/OpenSSLSignature.java
ain/java/org/conscrypt/OpenSSLSignatureRawRSA.java
est/java/org/conscrypt/OpenSSLSignatureTest.java
|
| 75e5e401dfb1f6dd7bf2a72c5d9b477f7eb5a089 |
12-Feb-2014 |
Kenny Root <kroot@google.com> |
OpenSSLSignature: refactor key checking
Use OpenSSLKey to do the conversions from different key types.
Change-Id: Ie89730bba983cb5f2917fed7194e8b08562f6e16
ain/java/org/conscrypt/OpenSSLKey.java
ain/java/org/conscrypt/OpenSSLSignature.java
|
| 5f2c0a1de9dd3f8c36527b52e68be3431614dc96 |
05-Feb-2014 |
Kenny Root <kroot@google.com> |
am 1d24ccb8: am ba1ea0ca: OpenSSLECPrivateKey: no encoding for ENGINE-backed keys
* commit '1d24ccb86c6005d474d82477006265772d75f436':
OpenSSLECPrivateKey: no encoding for ENGINE-backed keys
|
| b54edb798b1340b16b04111a09ff3e67c3b8868b |
05-Feb-2014 |
Kenny Root <kroot@google.com> |
am f694798c: am 3bcae05d: Add extra debug statement in NativeCrypto
* commit 'f694798cfd850d4158ee454ab10dc3fdc0ca5454':
Add extra debug statement in NativeCrypto
|
| ba1ea0caa5d6059e73b67068819e5948cfa1bc95 |
05-Feb-2014 |
Kenny Root <kroot@google.com> |
OpenSSLECPrivateKey: no encoding for ENGINE-backed keys
ENGINE-backed keys can't be encoded, so check their status before trying
to return anything in getEncoded or getFormat.
Bug: 12877721
Change-Id: I44d07b5edb530664fea07d9c61dc58745eb0a996
ain/java/org/conscrypt/OpenSSLECPrivateKey.java
|
| 3bcae05d3e7d33e19f0e506ce6310570e44f63d5 |
05-Feb-2014 |
Kenny Root <kroot@google.com> |
Add extra debug statement in NativeCrypto
Need to track the output of X509_get_pubkey
Change-Id: I2196edbe935c32eabce840556958af67abfc1980
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 0be15ce39db043efd2e789a4a8607097e3a26793 |
03-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
am 84bf4ed5: am 485134ff: Merge "Offer PKCS#7 padding for AES and DES."
* commit '84bf4ed538349715d946848420c5e8769cd24f7e':
Offer PKCS#7 padding for AES and DES.
|
| 485134fffed88b04848333407a84ede0af55bf2a |
03-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "Offer PKCS#7 padding for AES and DES."
|
| d1e20389eb31b16ce68f463c07f6c5c0d149b474 |
01-Feb-2014 |
Kenny Root <kroot@google.com> |
am e9793e4b: am 5b1934c7: NativeCrypto: Handle 0-byte bignum arrays
* commit 'e9793e4b7a0c9898dd0242710419fcf7437b0e54':
NativeCrypto: Handle 0-byte bignum arrays
|
| 5b1934c717914323ddb0395f549ae11075a587da |
01-Feb-2014 |
Kenny Root <kroot@google.com> |
NativeCrypto: Handle 0-byte bignum arrays
Some DSA tests were calling with bignum arrays that had the high bit set
indicating a negative number.
Also an empty array was being passed as another part of the test. This
was working, but it was reading one byte past the end of the buffer.
Change-Id: Ibd5a0dce61703ea569fd483f8acf66fd149703f8
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 6d8b35dbb5d8e0787d4963dc7bf905350fcb71b6 |
31-Jan-2014 |
Kenny Root <kroot@google.com> |
am 95369a99: am 7c3263f1: OpenSSLX509Certificate: only catch BadPaddingException
* commit '95369a993991b7a1a7bd8060e988d3acacdb4c43':
OpenSSLX509Certificate: only catch BadPaddingException
|
| 41e3baba3664cb9fb9ea5b6ea90692f9100a5fc7 |
31-Jan-2014 |
Kenny Root <kroot@google.com> |
am eb28ae34: am 1744cf2b: BIGNUM convert to Java BigInteger
* commit 'eb28ae341b88c26c8392b9646e47c14796022c75':
BIGNUM convert to Java BigInteger
|
| 0d1f9b857696946e23046956f8f3484acd9de84b |
22-Jan-2014 |
Alex Klyubin <klyubin@google.com> |
Offer PKCS#7 padding for AES and DES.
This offers PKCS#7 padding for all Cipher transformations which
currently support PKCS#5 padding.
PKCS#5 padding is a special case of PKCS#7 padding. PKCS#5 padding
is defined specifically for 64 bit long blocks. However, lots of code
assumes that PKCS#5 for other block sizes works exactly like PKCS#7,
and thus uses PKCS#5 padding where PKCS#7 should actually be used
(e.g., with AES). The current implementation of PKCS#5 padding works
exactly like PKCS#7 padding. For backward-compatibility reasons, this
will remain unchanged by this CL and the same padding implementation
will simply be used regardless of whether PKCS#5 of PKCS#7 one is
requested.
As an added benefit, this change speeds up by an order of magnitude
AES encryption and decryption when PKCS#7 padding is requested on
Android. This is because prior to this change AES with PKCS#7 padding
was by default backed by Bouncy Castle, and with this change it is
backed by the much faster OpenSSL implementation.
Change-Id: I0ca8a952c67bc7aff172e22bd730378d41438067
ain/java/org/conscrypt/OpenSSLProvider.java
|
| 7c3263f16bae0f1b2125de2c3c1c683303e768ce |
31-Jan-2014 |
Kenny Root <kroot@google.com> |
OpenSSLX509Certificate: only catch BadPaddingException
We only need to catch BadPaddingException right now. Let the other
non-RuntimeException exceptions pass.
Change-Id: I5b6878250d428b1ee953092967b7418003ee9216
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLX509Certificate.java
|
| 1744cf2b54cc7183ff83a3a2eab3a92a8d95ff55 |
30-Jan-2014 |
Kenny Root <kroot@google.com> |
BIGNUM convert to Java BigInteger
Java BigInteger is in two's complement, so it needs conversion for
negative numbers. We were mishandling it before and the previous change
just hacked around it. Actually convert to two's complement instead.
Change-Id: I6bfe9577f0936678476193b55433b7d7dbc04400
ain/java/org/conscrypt/OpenSSLX509Certificate.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| c26d21e256fa66799ed3cc353ac8dc4e0720e86e |
29-Jan-2014 |
Kenny Root <kroot@google.com> |
am d01c5c89: am cea9ec15: X509Certificate: SignatureException for verify
* commit 'd01c5c89c8e75e712bd4b4fd72254488c9aa9f5b':
X509Certificate: SignatureException for verify
|
| 92ef2498b1a902b218bd586994254214300bb345 |
29-Jan-2014 |
Kenny Root <kroot@google.com> |
am f2d9d889: am 0a97d659: OpenSSLX509Certificate: negative serial numbers
* commit 'f2d9d8893a866f0ead1a13794648cd23ef0654a0':
OpenSSLX509Certificate: negative serial numbers
|
| cea9ec153ef5bf27e3eee74d7c503bce02084bc2 |
28-Jan-2014 |
Kenny Root <kroot@google.com> |
X509Certificate: SignatureException for verify
Any verification error can throw random things like BadPaddingException.
Swallow it and catch Exception for all these cases and rethrow as a
SignatureException to avoid acting as any kind of oracle.
Change-Id: I6b515148f86529fbe0895c9fdb0954306724ae54
ain/java/org/conscrypt/OpenSSLX509Certificate.java
|
| 0a97d659b889de0207e7b33423c5f345203c7f38 |
28-Jan-2014 |
Kenny Root <kroot@google.com> |
OpenSSLX509Certificate: negative serial numbers
The constructor BigInteger(byte[]) expects two's complement encoding,
but that's not what OpenSSL bn2bin returns.
Bug: 12761797
Change-Id: I6c71f6fb88c2b1df7c372bf697728dac26571634
ain/java/org/conscrypt/OpenSSLX509Certificate.java
|
| 340bf2a5e3492cdffe979703df290fe5836c145c |
28-Jan-2014 |
Kenny Root <kroot@google.com> |
am 2d64ae49: am caff440a: TrustedCertificateStoreTest: add message to assert
* commit '2d64ae495307d602a03c413df0e65469d328fed6':
TrustedCertificateStoreTest: add message to assert
|
| caff440a68516301f64d27e5edfcd18deb49c2af |
28-Jan-2014 |
Kenny Root <kroot@google.com> |
TrustedCertificateStoreTest: add message to assert
Add the target filename to the assert so that a testing issue can be
debugged. Currently a file is failing to delete during a CTS run, but
can't be reproduced during a targeted test run of just the
TrustedCertificateStoreTest.
Change-Id: I217d6b92868880ab4456500b290b5c6ac9c45c2c
est/java/org/conscrypt/TrustedCertificateStoreTest.java
|
| 1cbe84706d62d4382a3f2b4b9d96aa54d920e850 |
16-Jan-2014 |
Kenny Root <kroot@google.com> |
am 9b25917c: am f33b51ba: Track update to OpenSSL 1.0.1f
* commit '9b25917cef5ae761acc9a5b613debaad94df8a4d':
Track update to OpenSSL 1.0.1f
|
| f33b51ba0b3305f503231efd4122564a6c4bc2b9 |
16-Jan-2014 |
Kenny Root <kroot@google.com> |
Track update to OpenSSL 1.0.1f
The constants for handshake cutthrough and CBC record splitting were changed
during the upgrade to OpenSSL 1.0.1f. This changes NativeCrypto.java to track them.
Change-Id: I9e385c323d5557c5d50cffe3ce797dcf89667ad9
ain/java/org/conscrypt/NativeCrypto.java
|
| a6292fbdc5e08882e521f6540d3ae94c7a344b31 |
13-Jan-2014 |
Alex Klyubin <klyubin@google.com> |
am db527c8e: am 64a1e90e: Fix breakage in CipherSuiteTest due to TLSv1.2 cipher suites.
* commit 'db527c8e2e45dbb88585ecfd0539b348ba2a2d60':
Fix breakage in CipherSuiteTest due to TLSv1.2 cipher suites.
|
| 64a1e90e8337da9bb36370e1b2b4e654d4ddc3fb |
13-Jan-2014 |
Alex Klyubin <klyubin@google.com> |
Fix breakage in CipherSuiteTest due to TLSv1.2 cipher suites.
The test was accidentally broken when support for TLSv1.2 cipher
suites was added. The CipherSuite class is only used by the SSLEngine
implementation which does not support TLSv1.2 cipher suites (or
TLSv1.2 for that matter).
Bug: 11220570
Change-Id: I8f5571ea76279161d25a6525a71cf49bfe7e6079
est/java/org/conscrypt/CipherSuiteTest.java
|
| ac4bf3e5ba88bc66f84d0b67ef73ef05fae599f7 |
11-Jan-2014 |
Kenny Root <kroot@google.com> |
am e11472c9: am 19b7c5fe: Lazily read CertPin data
* commit 'e11472c92c40fccc93968d4eb82e7182904faa11':
Lazily read CertPin data
|
| 19b7c5fe8ca707ada03098e751910c730908d658 |
10-Jan-2014 |
Kenny Root <kroot@google.com> |
Lazily read CertPin data
This delays reading the CertPin data until it is needed. This also
avoids touching the disk until necessary since CertPinManager may be
loaded by any number of actions such as instantiating an
SSLSocketFactory as in this chain of dependencies:
SSLSocketFactory -> HttpsURLConnection -> OpenSSLSocketFactoryImpl ->
SSLParametersImpl -> TrustManagerImpl -> CertPingManager
Bug: https://code.google.com/p/android/issues/detail?id=64654
Change-Id: I11e1b44c7a7e001b33bc591efefe35653829a472
ain/java/org/conscrypt/CertPinManager.java
|
| 5a6d13ef7e28e9991f1db2acb67a93d502abfb38 |
07-Jan-2014 |
Matteo Franchin <matteo.franchin@arm.com> |
am 38e3c739: am 7dd8d0b4: AArch64: Use long for pointers in Java sources.
* commit '38e3c7395f82cf5b1e02314493153e5d67fccb61':
AArch64: Use long for pointers in Java sources.
|
| 7dd8d0b433cf8212538aaaf8726f5222abf035dd |
09-Dec-2013 |
Matteo Franchin <matteo.franchin@arm.com> |
AArch64: Use long for pointers in Java sources.
Fixing some mistakes in the JNI signatures: some pointers were passed
via jint rather than jlong.
Change-Id: I6120cc5742c8429a9e0fddda715b5169d820d31a
Signed-off-by: Marcus Oakland <marcus.oakland@arm.com>
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| b9f9c75efb22a3088ccfb25e7dc7bed5e7963506 |
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
am 9902bbf8: am 42bd279c: Disable MD5 cipher suites in SSLSocket and SSLEngine.
* commit '9902bbf8157073c24e3d68707ea4fad7f6d3ff15':
Disable MD5 cipher suites in SSLSocket and SSLEngine.
|
| 42bd279cf6a91642007955438510fda4cf99c4a0 |
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable MD5 cipher suites in SSLSocket and SSLEngine.
Although HMAC-MD5 is not yet broken, the foundations are shaky --
see http://tools.ietf.org/html/rfc6151.
Scans show that disabling these TLS/SSL cipher suites currently
causes handshake issues with 0.4% of the ecosystem.
Bug: 11220570
Change-Id: I1970d2ecbdf3c0d26e45d439047b1d3884ade2ec
ain/java/org/conscrypt/NativeCrypto.java
|
| 76a0abffa78fdcf00ee5cc0d88aa77ce09f204cb |
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
am 7b3664a9: am 5aa3d431: Actually prefer Forward Secrecy cipher suites.
* commit '7b3664a9bce48a0424404103e8a18fa168b64792':
Actually prefer Forward Secrecy cipher suites.
|
| 5aa3d43116c0147efc991bf9db7505b51e52b591 |
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Actually prefer Forward Secrecy cipher suites.
The documentation for the list of TLS/SSL cipher suites used by
default states that cipher suites offering Forward Secrecy are
preferred. This CL adjusts the list to conform: FS cipher suites
that use RC4_128 bulk encryption algorithm were not preferred
over non-FS cipher suites that use AES.
Bug: 11220570
Change-Id: Ic9019306898600086920874474764186b710c3ef
ain/java/org/conscrypt/NativeCrypto.java
|
| 38cc38a5affe1eb0901f8581e01821b2b7e2ebd6 |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
am 5d678cfa: am c1cc669c: Disable 3DES cipher suites in SSLSocket.
* commit '5d678cfa5e53e53e467fd3e791aa8bd75f35c5b3':
Disable 3DES cipher suites in SSLSocket.
|
| c1cc669cc073979eedb8efa7d28845935990f21e |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable 3DES cipher suites in SSLSocket.
The effective key length for 3DES_EDE bulk encryption algorithm
is only 112 bits. We're now aiming for 128 and higher.
Scans show that removing these cipher suites from the default list
causes handshake issues only with 0.15% of the ecosystem.
Bug: 11220570
Change-Id: Ie01ebe8134d08a36b276295b804540157963be8f
ain/java/org/conscrypt/NativeCrypto.java
|
| 2e290371fb21f9fe864b2c1a54aadaa6569733c3 |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
am c9fb67df: am 30695d65: Disable static server key ECDH cipher suites in SSLSocket.
* commit 'c9fb67dfcf8a8b081dd06956d793a61c9cf7f0a7':
Disable static server key ECDH cipher suites in SSLSocket.
|
| 917d75a91acd088efcad6287cfbe3f62e9d3f741 |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
am 3046a54a: am 5add959a: Enable AES-GCM cipher suites by default in SSLSocket.
* commit '3046a54a33d961231e7075c8edacfeeffae68cfe':
Enable AES-GCM cipher suites by default in SSLSocket.
|
| 30695d657d7b1d6203461e4ee0ddb333e641ab8a |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable static server key ECDH cipher suites in SSLSocket.
These cipher suites use a static key for ECDH on the server side.
When client certificates are used, a static key is also used on the
client side, leading to the same premaster secret for all connections
between a particular client and server. Also, these cipher suites do
not provide forward secrecy.
Scans show that removing these cipher suites from the default list
does not affect connectivity to servers and is thus safe.
Bug: 11220570
Change-Id: If34f4a3888ed9972c39d171656a85c61dfa98ea1
ain/java/org/conscrypt/NativeCrypto.java
|
| 5add959a0593b7f51c8cdc7af6cf6ea4bc8968a4 |
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Enable AES-GCM cipher suites by default in SSLSocket.
AES-GCM is preferred to AES-CBC whose MAC-pad-then-encrypt approach
has issues (e.g., Lucky 13 attack).
Bug: 11220570
Change-Id: Ib007bc89ccf08358ed3f093f630350fa859e7c35
ain/java/org/conscrypt/NativeCrypto.java
|
| 02102fc3594c7d04730a6411437ed8648481c098 |
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
am 7620c56a: am 336e8eb9: Enable support for TLSv1.2 cipher suites in SSLSocket.
* commit '7620c56adbea0a3e937938858611e96833583d2e':
Enable support for TLSv1.2 cipher suites in SSLSocket.
|
| 336e8eb9510cdad7c7a5f73ead3529d558cb0d08 |
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Enable support for TLSv1.2 cipher suites in SSLSocket.
This adds support for AES-GCM and AES-CBC with MACs based on SHA256
and SHA384.
Bug: 11220570
Change-Id: I56e7e25c5cd65a4c7662da6d4bbe5720f427e677
ain/java/org/conscrypt/NativeCrypto.java
|
| 20c30e1141456b93c40dbffe22e98b8fe2e9d1f4 |
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
am 73c6ff33: am 1f63d2c2: Enable TLSv1.1 and TLSv1.2 by default for SSLSocket.
* commit '73c6ff338c9143ae845d1d66d7df14b45694a032':
Enable TLSv1.1 and TLSv1.2 by default for SSLSocket.
|
| 1f63d2c22326b989105366d2907a83b848dcd29e |
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Enable TLSv1.1 and TLSv1.2 by default for SSLSocket.
TLSv1.1 and TLSv1.2 offer built-in protection against BEAST attack
and support for GCM cipher suites.
This change causes TLS/SSL handshake failures with a small fraction
of servers, load balancers and TLS/SSL accelerators with broken
TLS/SSL implementations.
Scans demonstrate that the number is around 0.6%. Breaking
connectivity (using platform default settings) to a tiny minority of
the ecosystem is acceptable because this inconvenience is outweighed
by the added safety for the overwheling majority of the ecosystem.
App developers affected by this issue should consider asking such
servers to be fixed or explicitly disabling TLSv1.1 and TLSv1.2 in
their apps.
Bug: 11220570
Change-Id: Ice9e8ce550401ba5e3385fd369c40f01c06ac7fd
ain/java/org/conscrypt/NativeCrypto.java
|
| 0cc9b5547c60d4fcf2c0a1a646ec3e021fec9aa6 |
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
am 659809f3: am e1da091a: Remove HarmonyJSSE SSLContext, SSLSocket and SSLServerSocket.
* commit '659809f36301b93832a0326129a163db8ff67d41':
Remove HarmonyJSSE SSLContext, SSLSocket and SSLServerSocket.
|
| e1da091a76cd045429f866c0fe9c86f35eb73c0c |
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Remove HarmonyJSSE SSLContext, SSLSocket and SSLServerSocket.
HarmonyJSSE SSLEngine implementation is still in use and thus cannot be
removed.
Change-Id: I3c939e9275ba8f1d00342d1f83c6fdaf110f2317
ain/java/org/conscrypt/ClientHandshakeImpl.java
ain/java/org/conscrypt/HandshakeProtocol.java
ain/java/org/conscrypt/JSSEProvider.java
ain/java/org/conscrypt/SSLContextImpl.java
ain/java/org/conscrypt/SSLServerSocketFactoryImpl.java
ain/java/org/conscrypt/SSLServerSocketImpl.java
ain/java/org/conscrypt/SSLSocketFactoryImpl.java
ain/java/org/conscrypt/SSLSocketImpl.java
ain/java/org/conscrypt/SSLSocketInputStream.java
ain/java/org/conscrypt/SSLSocketOutputStream.java
ain/java/org/conscrypt/SSLSocketWrapper.java
ain/java/org/conscrypt/ServerHandshakeImpl.java
|
| 19592fec3da00703ae6a752ff9a037ff304c3b79 |
09-Dec-2013 |
Kenny Root <kroot@google.com> |
am e9a0deb7: am bf957a05: Merge "Make some methods public for CTS"
* commit 'e9a0deb7b271e0d2f57c037d710c71c211bbe10b':
Make some methods public for CTS
|
| 91bafacc456a276f8017dec680b931a768edc1af |
07-Dec-2013 |
Kenny Root <kroot@google.com> |
am 72ab7771: am caceea78: Add const modifier to evp_md
* commit '72ab7771d9a819746d8b2061670daa726a75d2e8':
Add const modifier to evp_md
|
| bf957a05a116169b520689092e75cc90bbd716cb |
07-Dec-2013 |
Kenny Root <kroot@google.com> |
Merge "Make some methods public for CTS"
|
| 16c041fa20ef70221f487631f07eaf53d39ae51c |
06-Dec-2013 |
Kenny Root <kroot@google.com> |
Make some methods public for CTS
Some methods are called from CTS. The ClassLoaders are different, so we
need to make these public so we don't get any IllegalAccessError during
CTS tests.
Change-Id: I5ac7931694fb1eceb86ae306fca07fb314643fa9
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/OpenSSLX509Certificate.java
|
| caceea78cf2f9b65bf7adc7f26ac6fd163a7f709 |
06-Dec-2013 |
Kenny Root <kroot@google.com> |
Add const modifier to evp_md
Dogmatic adherence to types.
Change-Id: Iab635a9963de086f7f4d1cc5678c1a7bcef5b0c4
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 02db5a1855177c2a14cbec80901b8f7c14580033 |
05-Dec-2013 |
The Android Open Source Project <initial-contribution@android.com> |
Merge commit '88ea2eec63ee5209842a5940b6f11c44a0bc2345' into HEAD
|
| 4fc12b58f5d2f61e84c2c4d8aa1dc99084ee9dd6 |
27-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 082089a7: am ba5b30af: Merge "Stop depending on SSLContextImpl in OpenSSLContextImpl."
* commit '082089a7cc57a1a531a877af94c81829e046be60':
Stop depending on SSLContextImpl in OpenSSLContextImpl.
|
| e87efffeb12f5c2a08d9c7c73538aa850a3def2f |
27-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 16a5cd2f: am f7f723e8: Merge "Stop depending on CipherSuite in OpenSSL-backed sockets."
* commit '16a5cd2f17b504aced123b98c75e0ebb1d33815e':
Stop depending on CipherSuite in OpenSSL-backed sockets.
|
| 082089a7cc57a1a531a877af94c81829e046be60 |
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am ba5b30af: Merge "Stop depending on SSLContextImpl in OpenSSLContextImpl."
* commit 'ba5b30afd83e2e23b5735bbc9179779a9ef9eac3':
Stop depending on SSLContextImpl in OpenSSLContextImpl.
|
| 16a5cd2f17b504aced123b98c75e0ebb1d33815e |
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am f7f723e8: Merge "Stop depending on CipherSuite in OpenSSL-backed sockets."
* commit 'f7f723e868397a1801aa769abd78eb7d36b1662b':
Stop depending on CipherSuite in OpenSSL-backed sockets.
|
| ba5b30afd83e2e23b5735bbc9179779a9ef9eac3 |
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Stop depending on SSLContextImpl in OpenSSLContextImpl."
|
| f7f723e868397a1801aa769abd78eb7d36b1662b |
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Stop depending on CipherSuite in OpenSSL-backed sockets."
|
| 680ce427fbccaab1dc477b1f2501adba9695e4dd |
25-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Stop depending on SSLContextImpl in OpenSSLContextImpl.
SSLContextImpl is the HarmonyJSSE provider's SSLContext SPI.
OpenSSLContextImpl is the AndroidOpenSSL provider's SSLContext SPI.
This CL adjusts the class hierarchy to match.
This is achieved by:
1. copying all of the functionality from SSLContextImpl into
OpenSSLContextImpl, and
2. removing from SSLContextImpl the functionality used only by the
default instance of AndroidOpenSSL provider's SSLContext.
Change-Id: I9e380be04e6a9a1660c3e6c0738ca026c171f4bd
ain/java/org/conscrypt/OpenSSLContextImpl.java
ain/java/org/conscrypt/SSLContextImpl.java
|
| 8b452d0572be96e1e06a026b6f06e601b1d1e616 |
25-Nov-2013 |
Kenny Root <kroot@google.com> |
am 48cf0cde: am d322c550: Merge "OpenSSLKey: tolerate null encoding during conversion"
* commit '48cf0cdeecb26b8a7d87a00b700eb93efcc97d84':
OpenSSLKey: tolerate null encoding during conversion
|
| 2d089e18deae231149737cad6ce00f1e137a7199 |
21-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Stop depending on CipherSuite in OpenSSL-backed sockets.
This is in preparation for removing Harmony-backed TLS/SSL
implementations.
Change-Id: Ic108e16d086fb99b69f0a4e4faeb816dc50a7643
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLServerSocketImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
est/java/org/conscrypt/OpenSSLSocketImplTest.java
|
| 48cf0cdeecb26b8a7d87a00b700eb93efcc97d84 |
25-Nov-2013 |
Kenny Root <kroot@google.com> |
am d322c550: Merge "OpenSSLKey: tolerate null encoding during conversion"
* commit 'd322c550e5ca7f276a9e6b106310ef37c3cca5e3':
OpenSSLKey: tolerate null encoding during conversion
|
| 16b0f66ee1d012cc50ab0e4c19ca77e901df6d81 |
25-Nov-2013 |
Kenny Root <kroot@google.com> |
OpenSSLKey: tolerate null encoding during conversion
Since we could have a situation where we have an opaque key backed by
some hardware device that we don't know how to handle, just throw an
InvalidKeyException instead of NullPointerException.
Change-Id: I33588d1654b6b33f11640b2d65e7213c864e6e1a
ain/java/org/conscrypt/OpenSSLKey.java
|
| 1e6c788728c218e763f6fc42f8369ac0d502f469 |
23-Nov-2013 |
The Android Open Source Project <initial-contribution@android.com> |
Merge commit '7773cf2515d2ae179a5cdd46f41909356cb8c7a6' into HEAD
|
| 9d14dc0c1321665b031b263df6f7e02d28cdf797 |
22-Nov-2013 |
Kenny Root <kroot@google.com> |
am f9865b40: am 7ef609bb: am 0ec06644: OpenSSLCipher: check for null params
* commit 'f9865b40ab63f7aeb40a06d2463fedf89432f906':
OpenSSLCipher: check for null params
|
| f9865b40ab63f7aeb40a06d2463fedf89432f906 |
22-Nov-2013 |
Kenny Root <kroot@google.com> |
am 7ef609bb: am 0ec06644: OpenSSLCipher: check for null params
* commit '7ef609bbf2a06dcfeb92cdff208d9a9929742d82':
OpenSSLCipher: check for null params
|
| 0ec06644b9846b4a80d62fd1adf46299cdbd6518 |
22-Nov-2013 |
Kenny Root <kroot@google.com> |
OpenSSLCipher: check for null params
The documentation says init with null should be handled.
Bug: https://code.google.com/p/android/issues/detail?id=62640
Change-Id: If640a1f62e6002191d552047ccbe5eba5badacc1
ain/java/org/conscrypt/OpenSSLCipher.java
|
| 3da71ee93ef80f05b0e9a5dde81ce7fb93eeafd7 |
22-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 4745618d: am 9b1fed16: am efb9c8d7: Proper check for PrivateKey algorithm.
* commit '4745618dc5dd13567fd1195fa03833d8c44e332d':
Proper check for PrivateKey algorithm.
|
| 4745618dc5dd13567fd1195fa03833d8c44e332d |
22-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 9b1fed16: am efb9c8d7: Proper check for PrivateKey algorithm.
* commit '9b1fed16b4ef03097ea21038f13f52593631603c':
Proper check for PrivateKey algorithm.
|
| efb9c8d7970bce0dbb449b9e1d7c573bf516421d |
21-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Proper check for PrivateKey algorithm.
The correct way to check for the type of a PrivateKey is to inspect
the result of its getAlgorithm, rather than to check that the key is
instance of [RSA/DSA/EC]PrivateKey. For example, opaque RSA private
keys are instances of PrivateKey but not instances of RSAPrivateKey.
See Java PKCS#11 Reference Guide section 3.2 "Token Keys".
Change-Id: I2502b264fa87ccad747cd6fe41da3a18c5d01864
ain/java/org/conscrypt/OpenSSLServerSocketImpl.java
|
| 5752ec3009c99d25178ec240bd368aa995045cd3 |
21-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 9e88ca82: am 942a51ee: am 51fa64b0: Merge "Define TLS/SSL default cipher suites list in one place."
* commit '9e88ca82175cff9c1504746d45525a91a8846922':
Define TLS/SSL default cipher suites list in one place.
|
| 9e88ca82175cff9c1504746d45525a91a8846922 |
21-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 942a51ee: am 51fa64b0: Merge "Define TLS/SSL default cipher suites list in one place."
* commit '942a51eedce6918e019a7b0faf2527d2ddaa28c4':
Define TLS/SSL default cipher suites list in one place.
|
| c2838fb65bb2821d72a28d6d74c23f3d8790b592 |
18-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 88ea2eec: SSLEngine: Verify server RSA params signature
* commit '88ea2eec63ee5209842a5940b6f11c44a0bc2345':
SSLEngine: Verify server RSA params signature
|
| 51fa64b0629693b92ab9375bc3a07dfc9e18cee9 |
18-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Define TLS/SSL default cipher suites list in one place."
|
| 88ea2eec63ee5209842a5940b6f11c44a0bc2345 |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
SSLEngine: Verify server RSA params signature
The client did not verify the signature of server's RSA params in
ServerKeyExchange.
Bug: 11631299
Change-Id: Id5389129a4c503fd2e504980337fdd351a25d280
ain/java/org/conscrypt/ClientHandshakeImpl.java
|
| b08b959cc4eeff6d753f4f789050d26003bd4f69 |
13-Nov-2013 |
Kenny Root <kroot@google.com> |
am e0485686: SSLEngine: verify DHE signature
* commit 'e0485686dfbf228239aa7ba170d0bd7a2a46a3ec':
SSLEngine: verify DHE signature
|
| e0485686dfbf228239aa7ba170d0bd7a2a46a3ec |
13-Nov-2013 |
Kenny Root <kroot@google.com> |
SSLEngine: verify DHE signature
The DHE signature wasn't being verified against the server's
certificate. Refactor some code to allow the same code to be used for
both the server and client to create and check the DHE parameters
signature.
Bug: 11631299
Change-Id: I73456c18a57a0f31d856d64d0bfdf4e029db6df9
ain/java/org/conscrypt/ClientHandshakeImpl.java
ain/java/org/conscrypt/DigitalSignature.java
ain/java/org/conscrypt/ServerHandshakeImpl.java
ain/java/org/conscrypt/ServerKeyExchange.java
|
| 2b06a551c734bd99c5ca311a35504dfa6d610c8c |
09-Nov-2013 |
Kenny Root <kroot@google.com> |
am f0dc0232: am 3c86fc85: am 3b0eb023: SSLEngineImpl: fix DHE with client certs
* commit 'f0dc0232c9cb8a861eee231e397afdc646a0e69d':
SSLEngineImpl: fix DHE with client certs
|
| f0dc0232c9cb8a861eee231e397afdc646a0e69d |
09-Nov-2013 |
Kenny Root <kroot@google.com> |
am 3c86fc85: am 3b0eb023: SSLEngineImpl: fix DHE with client certs
* commit '3c86fc850174e4759ab3517cd407a44fee2d41ce':
SSLEngineImpl: fix DHE with client certs
|
| 3b0eb0236a3750eb175cc0f1211a855c0eb31bda |
09-Nov-2013 |
Kenny Root <kroot@google.com> |
SSLEngineImpl: fix DHE with client certs
If DHE-based key exchanges were selected and there was no matching
client certificate selected from X509ExtendedKeyManager, the array would
be zero-length and crash.
If the client and server certificates did not have DH public keys, the
client key exchange would never be created and the server would get a
change cipher spec unexpectedly.
Change-Id: Ie23b43f4de65e650658c0fb2931e4c1396c136bf
ain/java/org/conscrypt/ClientHandshakeImpl.java
|
| 66cf73b9cdb45b3e4c202b8b02c0441092f55dbb |
09-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Define TLS/SSL default cipher suites list in one place.
The list used to be defined in two places: NativeCrypto (used by
SSLSocket/SSLServerSocket) and CipherSuite (used by SSLEngine).
This CL makes the CipherSuite class generate its list from the
NativeCrypto one, to avoid having to keep the two lists in sync
manually.
Bug: 11220570
Change-Id: I218986fe2bd9e0cf81a2c61b30bc78633a139a79
ain/java/org/conscrypt/CipherSuite.java
|
| e14ad8c9cde4f8fc4a9fbd464ff8d2868df95284 |
09-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 591ae425: am 9edbbdbc: am 826db8fb: Merge "Deprioritize HMAC-MD5 in default TLS/SSL cipher suites."
* commit '591ae425602b3e442bd8874b26d79f7d7043ef26':
Deprioritize HMAC-MD5 in default TLS/SSL cipher suites.
|
| 591ae425602b3e442bd8874b26d79f7d7043ef26 |
09-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 9edbbdbc: am 826db8fb: Merge "Deprioritize HMAC-MD5 in default TLS/SSL cipher suites."
* commit '9edbbdbc012cf873e6ad01b2b33459a0ac397d4a':
Deprioritize HMAC-MD5 in default TLS/SSL cipher suites.
|
| 826db8fbe3836a0c32293e33e326fd9f813f911e |
09-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Deprioritize HMAC-MD5 in default TLS/SSL cipher suites."
|
| cf2e198c003099d09f15986724723488510d4c25 |
08-Nov-2013 |
Kenny Root <kroot@google.com> |
am a2febddd: am 0a5522a3: am df320378: OpenSSLSocketImpl: remove unused fdObject
* commit 'a2febddd10a7d0c19a864e1fae2d8e1d810bd27e':
OpenSSLSocketImpl: remove unused fdObject
|
| a2febddd10a7d0c19a864e1fae2d8e1d810bd27e |
08-Nov-2013 |
Kenny Root <kroot@google.com> |
am 0a5522a3: am df320378: OpenSSLSocketImpl: remove unused fdObject
* commit '0a5522a3e57ef942516c3a2e1bcc5c19b13cfb83':
OpenSSLSocketImpl: remove unused fdObject
|
| df32037861e5de1155d4b4070a8ddf649490f363 |
08-Nov-2013 |
Kenny Root <kroot@google.com> |
OpenSSLSocketImpl: remove unused fdObject
Looks like the use of this was removed in commit
90ed0ad55227df7a127054b25a43dbb6f6265a4b.
Change-Id: I65a3d7ac4129a2f1543b424cf72c754fc994cc21
ain/native/org_conscrypt_NativeCrypto.cpp
|
| f80cadc42c3b42f8f40a1bc5d51b94a48f8dc1c0 |
08-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Deprioritize HMAC-MD5 in default TLS/SSL cipher suites.
Although HMAC-MD5 is not yet broken, the foundations are now much
more shaky that those of HMAC-SHA.
See http://tools.ietf.org/html/rfc6151.
This CL also adds a comment about the key rules governing the
preference order of cipher suites used by default.
Bug: 11220570
Change-Id: I2a2fe4d427650081637efc14fd7c427a33cbea7e
ain/java/org/conscrypt/CipherSuite.java
ain/java/org/conscrypt/NativeCrypto.java
|
| fd0f239258b86da11654f4559e25fbb91ca85f72 |
08-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 3285db17: am 884d20c0: am dd29ea10: Merge "Prefer Forward Secrecy TLS/SSL cipher suites by default."
* commit '3285db1793bb72accc06ec7f8eb9e0269a1ea71c':
Prefer Forward Secrecy TLS/SSL cipher suites by default.
|
| 25df5bd501ce12c9ea9fa48275503be7468170a7 |
08-Nov-2013 |
Kenny Root <kroot@google.com> |
am 559cde56: am 76e543b7: am 57ef6334: Use SNI hostname for session caching
* commit '559cde56cdc0e8349a66b0cbb08650dd77252a8b':
Use SNI hostname for session caching
|
| 3285db1793bb72accc06ec7f8eb9e0269a1ea71c |
08-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 884d20c0: am dd29ea10: Merge "Prefer Forward Secrecy TLS/SSL cipher suites by default."
* commit '884d20c0199af806e492f6600ebcfca596d0d98c':
Prefer Forward Secrecy TLS/SSL cipher suites by default.
|
| dd29ea10861241c2b192668e153be9f9638dd2e7 |
08-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Prefer Forward Secrecy TLS/SSL cipher suites by default."
|
| 88efdfaab24e1c58836a5e0ce8986c8e1aa14572 |
08-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 0f5d45c0: am 03968160: am d48408a2: Merge "Deprioritize RC4-based TLS/SSL cipher suites."
* commit '0f5d45c0a83f5a0925ea426692a85673a41a3505':
Deprioritize RC4-based TLS/SSL cipher suites.
|
| 1727c267791c40c6352f578924beb3157635ea24 |
08-Nov-2013 |
Kenny Root <kroot@google.com> |
am b5e256a0: am f9d6bdb4: am f06338c0: Random cleanups of old code style
* commit 'b5e256a0a259404b3fa335d94819b04f7a0c80aa':
Random cleanups of old code style
|
| 559cde56cdc0e8349a66b0cbb08650dd77252a8b |
07-Nov-2013 |
Kenny Root <kroot@google.com> |
am 76e543b7: am 57ef6334: Use SNI hostname for session caching
* commit '76e543b7ff3d013f784c807ea683de604c38416e':
Use SNI hostname for session caching
|
| df17f02d4d534830a82442a441328b6d9654f7ab |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Prefer Forward Secrecy TLS/SSL cipher suites by default.
This modifies the list of TLS/SSL cipher suites used by default to
prefer those offering Forward Secrecy (FS) -- ECDHE and DHE.
Bug: 11220570
Change-Id: I20f635d11e937d64de4f4e2fea34e1c5ea7a67ac
ain/java/org/conscrypt/CipherSuite.java
ain/java/org/conscrypt/NativeCrypto.java
|
| 0f5d45c0a83f5a0925ea426692a85673a41a3505 |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 03968160: am d48408a2: Merge "Deprioritize RC4-based TLS/SSL cipher suites."
* commit '03968160cb3b21732bc2d9f64a70c2b0ec5f68dc':
Deprioritize RC4-based TLS/SSL cipher suites.
|
| 57ef6334828dfb4f7f6834ddddf5a0ac61f1a4d0 |
07-Nov-2013 |
Kenny Root <kroot@google.com> |
Use SNI hostname for session caching
The session caching wasn't paying attention to the requested SNI
hostname when finding cached sessions. This checks the requested SNI
hostname in an attempt to get the correct hostname from the cache.
Change-Id: If3dbc64f11377a615389de9774c4061d1c92b997
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| d48408a2677d98ba77a3670ea070c325ec25b0fb |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Deprioritize RC4-based TLS/SSL cipher suites."
|
| 2a8db490ab83165520a6b4f0bf07a4e6e1add86d |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Deprioritize RC4-based TLS/SSL cipher suites.
Now that BEAST and Lucky13 mitigations are enabled, it is prudent to
prefer AES CBC cipher suites over RC4 ones
(see http://www.isg.rhul.ac.uk/tls/).
Bug: 11220570
Change-Id: I52b9724700fd8eaeebbadcfa518a96823a1410b8
ain/java/org/conscrypt/CipherSuite.java
ain/java/org/conscrypt/NativeCrypto.java
|
| b5e256a0a259404b3fa335d94819b04f7a0c80aa |
07-Nov-2013 |
Kenny Root <kroot@google.com> |
am f9d6bdb4: am f06338c0: Random cleanups of old code style
* commit 'f9d6bdb47f926e3ba061071efe665d2b15c2721b':
Random cleanups of old code style
|
| f06338c01394610174fe2b3532beac56d61d9e26 |
07-Nov-2013 |
Kenny Root <kroot@google.com> |
Random cleanups of old code style
Add @Override annotation, remove unused imports, and remove unnecessary
casts. Also make sure annotations are on a line by themselves.
Change-Id: I294b43353d7b1e77fd1c9d031af7b7062f024eee
ain/java/org/conscrypt/AbstractSessionContext.java
ain/java/org/conscrypt/ByteArray.java
ain/java/org/conscrypt/ClientHandshakeImpl.java
ain/java/org/conscrypt/ClientSessionContext.java
ain/java/org/conscrypt/DelegatedTask.java
ain/java/org/conscrypt/FileClientSessionCache.java
ain/java/org/conscrypt/HandshakeIODataStream.java
ain/java/org/conscrypt/KeyManagerImpl.java
ain/java/org/conscrypt/Logger.java
ain/java/org/conscrypt/OpenSSLECPublicKey.java
ain/java/org/conscrypt/OpenSSLKey.java
ain/java/org/conscrypt/OpenSSLMessageDigestJDK.java
ain/java/org/conscrypt/OpenSSLRSAPrivateKey.java
ain/java/org/conscrypt/OpenSSLServerSocketFactoryImpl.java
ain/java/org/conscrypt/OpenSSLSessionImpl.java
ain/java/org/conscrypt/OpenSSLSocketFactoryImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/SSLEngineAppData.java
ain/java/org/conscrypt/SSLEngineDataStream.java
ain/java/org/conscrypt/SSLSessionImpl.java
ain/java/org/conscrypt/SSLSocketInputStream.java
ain/java/org/conscrypt/SSLSocketOutputStream.java
ain/java/org/conscrypt/ServerHandshakeImpl.java
ain/java/org/conscrypt/ServerSessionContext.java
ain/java/org/conscrypt/TrustManagerImpl.java
ain/java/org/conscrypt/TrustedCertificateIndex.java
ain/java/org/conscrypt/TrustedCertificateKeyStoreSpi.java
ain/java/org/conscrypt/TrustedCertificateStore.java
|
| 61545822b10a687e6e3ab49ec61f50114713973d |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am a1473768: am 5bf0c28f: am 35066b9c: Merge "BEAST attack mitigation for OpenSSL-backed SSLSockets."
* commit 'a1473768b785c4d74390ca4197a1d7bea8ad9a76':
BEAST attack mitigation for OpenSSL-backed SSLSockets.
|
| a1473768b785c4d74390ca4197a1d7bea8ad9a76 |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 5bf0c28f: am 35066b9c: Merge "BEAST attack mitigation for OpenSSL-backed SSLSockets."
* commit '5bf0c28f9d220fca566cb5f208d3a4ff71e23694':
BEAST attack mitigation for OpenSSL-backed SSLSockets.
|
| 35066b9c9e50ecbb21859d1aaaa3610d54c13eb3 |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "BEAST attack mitigation for OpenSSL-backed SSLSockets."
|
| f59f4930a1430ac311d495822d355aa751e316cb |
07-Nov-2013 |
Kenny Root <kroot@google.com> |
am f9a0ffa7: am 0ca2bdeb: am 58752ab2: SSLEngine: use 1/n-1 record splitting for servers
* commit 'f9a0ffa7d91ab57053acb9b6b6477f395276ef04':
SSLEngine: use 1/n-1 record splitting for servers
|
| f9a0ffa7d91ab57053acb9b6b6477f395276ef04 |
07-Nov-2013 |
Kenny Root <kroot@google.com> |
am 0ca2bdeb: am 58752ab2: SSLEngine: use 1/n-1 record splitting for servers
* commit '0ca2bdeb47e841ede88235d296f3bb6e92277857':
SSLEngine: use 1/n-1 record splitting for servers
|
| 58752ab225a5db15814b170327c8f675a14fc183 |
06-Nov-2013 |
Kenny Root <kroot@google.com> |
SSLEngine: use 1/n-1 record splitting for servers
Bug: 11463939
Change-Id: I90aba24f06a53b8d4c9192dbb60a2e8e261dac0b
ain/java/org/conscrypt/SSLRecordProtocol.java
|
| f087968310bb5233b76ad42841eb07e3c327f40f |
05-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
BEAST attack mitigation for OpenSSL-backed SSLSockets.
This enables 1/n-1 record splitting for SSLSocket instances backed by
OpenSSL.
OpenSSL change: https://android-review.googlesource.com/#/c/69253/
Bug: 11514124
Change-Id: I3fef273edd417c51c5723d290656d2e03331d68a
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
est/java/org/conscrypt/NativeCryptoTest.java
|
| cc06cc8892646aa1555baa01df4eccacc6206a49 |
05-Nov-2013 |
Kenny Root <kroot@google.com> |
am 98e6b5a0: am 8381043b: am bf05b4e6: SSLEngine: record splitting for BEAST mitigation
* commit '98e6b5a08d1c453d7550d953861f19386bd1edac':
SSLEngine: record splitting for BEAST mitigation
|
| 98e6b5a08d1c453d7550d953861f19386bd1edac |
05-Nov-2013 |
Kenny Root <kroot@google.com> |
am 8381043b: am bf05b4e6: SSLEngine: record splitting for BEAST mitigation
* commit '8381043be0883fc1a854809bf2e6558a12efa6c8':
SSLEngine: record splitting for BEAST mitigation
|
| 4f8d0807fa19cd9b465c077e4148845e5082d729 |
05-Nov-2013 |
William Luh <williamluh@google.com> |
Remove unnecessary throws CertificateException from isUserAddedCertificate.
Change-Id: If825391c86f7b03fbea42dd6da7700c752d156d7
ain/java/org/conscrypt/TrustManagerImpl.java
|
| f9a88b93f5e48238d00b1674e3f3fc95378a6128 |
04-Nov-2013 |
William Luh <williamluh@google.com> |
Merge "Support user-installed CA certs for cert pinning."
|
| bf05b4e6c7bab087928e3c57044d47810919cedb |
04-Nov-2013 |
Kenny Root <kroot@google.com> |
SSLEngine: record splitting for BEAST mitigation
Split the initial encrypted packet sent into 1 byte and n-1 bytes to
mitigate BEAST attacks.
Bug: 11463939
Change-Id: Id81920fb2ede4172ae3565303d215b776091afc8
ain/java/org/conscrypt/CipherSuite.java
ain/java/org/conscrypt/SSLRecordProtocol.java
|
| 6b156aa909f28f44433b0176f1445c01ca09d560 |
01-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am ff1530eb: am ce715652: am 73fe3363: Merge "Switch to new StandardNames assert about cipher suites."
* commit 'ff1530eb37544ac68bea2499db54368138bf4df3':
Switch to new StandardNames assert about cipher suites.
|
| ff1530eb37544ac68bea2499db54368138bf4df3 |
01-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am ce715652: am 73fe3363: Merge "Switch to new StandardNames assert about cipher suites."
* commit 'ce7156525b40ab17e9da8ac40822870aa5fa3435':
Switch to new StandardNames assert about cipher suites.
|
| 73fe336350ae730578780dfb8f0b3ac3a4c98986 |
01-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Switch to new StandardNames assert about cipher suites."
|
| 76e525e840e571abc1203dee84c09a2587afc360 |
01-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 3a383e21: am 2f8329b2: am f15cd9d9: Adjust the default list of ciphers suites of SSLEngine.
* commit '3a383e215a551a2f9b53539a582876b8b0601e7d':
Adjust the default list of ciphers suites of SSLEngine.
|
| 3a383e215a551a2f9b53539a582876b8b0601e7d |
01-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 2f8329b2: am f15cd9d9: Adjust the default list of ciphers suites of SSLEngine.
* commit '2f8329b253038ab418156ba8d800b7f47e1537f8':
Adjust the default list of ciphers suites of SSLEngine.
|
| f15cd9d9e1f108dda70bdd4a0a6e1019ed78a71b |
31-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Adjust the default list of ciphers suites of SSLEngine.
SSLEngine should use the same cipher suites by default as SSLSocket
whose list was recently cleaned up. One complication is that the
current SSLEngine implementation does not support EC.
This CL removes cipher suites with bulk encryption cipher key length
shorter than 80 bits and adds 256-bit versions of AES cipher suites.
Bug: 11220570
Change-Id: I81fb34d8067a8565c0ae11883bb5c1ee65ed6875
ain/java/org/conscrypt/CipherSuite.java
|
| cde7b5c6045bffd62976916af987c7ddb93d5130 |
31-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Switch to new StandardNames assert about cipher suites.
Bug: 11220570
Change-Id: I8b43196b24f02e10010223aa6738a9ce0df24333
est/java/org/conscrypt/CipherSuiteTest.java
|
| 9be0a37b7d5075e879159f25dc1d5c007e9cbc18 |
16-Oct-2013 |
William Luh <williamluh@google.com> |
Support user-installed CA certs for cert pinning.
Additionally expose new isUserAddedCertificate() so clients can set policy
for user-installed CA certs.
Bug: 11257762
Change-Id: If45cd452ab76f393660b34594dcae464af0c0696
ain/java/org/conscrypt/PinListEntry.java
ain/java/org/conscrypt/TrustManagerImpl.java
est/java/org/conscrypt/TrustManagerImplTest.java
|
| cf6feb0f24f2937bd98ab1eab3b562f29b2d917c |
28-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
am a12f674e: am eef31b0c: am 68f4753f: Do not use short-keyed TLS/SSL cipher suites by default.
* commit 'a12f674e7d9eb2527da0b7ac2727d48732d56c3b':
Do not use short-keyed TLS/SSL cipher suites by default.
|
| a12f674e7d9eb2527da0b7ac2727d48732d56c3b |
28-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
am eef31b0c: am 68f4753f: Do not use short-keyed TLS/SSL cipher suites by default.
* commit 'eef31b0c700aa5291c98ae34b21eb6ec5ae9a6c8':
Do not use short-keyed TLS/SSL cipher suites by default.
|
| 68f4753f0faaaf7f8528faabcaa73fa37f157916 |
23-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Do not use short-keyed TLS/SSL cipher suites by default.
This removes TLS/SSL cipher suites with bulk cipher secret keys
shorter than 80 bits from the list of cipher suites used by default:
* export-strength cipher suites, and
* cipher suites using DES (but not 3DES) as their bulk cipher.
Bug: 11220570
Change-Id: I04e30f6d634801b36018fecc8f2b257fc6b7adfc
ain/java/org/conscrypt/NativeCrypto.java
|
| ecc1e8655face3777522fc5e999fcded1ecf854d |
24-Oct-2013 |
Narayan Kamath <narayan@google.com> |
am 0899ab71: am 7cefd12c: am 24617974: Fix thread safety issue in SSLEngine.
* commit '0899ab710e92cdf36f315f1f83e9de28f502b43d':
Fix thread safety issue in SSLEngine.
|
| 0899ab710e92cdf36f315f1f83e9de28f502b43d |
24-Oct-2013 |
Narayan Kamath <narayan@google.com> |
am 7cefd12c: am 24617974: Fix thread safety issue in SSLEngine.
* commit '7cefd12c34b513a6dc3e08404fb5fb98b8f21f73':
Fix thread safety issue in SSLEngine.
|
| 24617974aa74875b25adf308c6c5d6423879bfe9 |
23-Oct-2013 |
Narayan Kamath <narayan@google.com> |
Fix thread safety issue in SSLEngine.
Use a 6 byte array instead of a 3 byte arrays.
The first 3 bytes are used by encrypt and the second
three bytes are used by decrypt.
We could write each of the bytes individually and
avoid the need for an array but that's 3 JNI calls instead
of 1.
TESTED : libcore.javax.net.*
bug: 11334293
Change-Id: I8c5d4b37e3f5d65938a6647e60ac69defe77e386
ain/java/org/conscrypt/ConnectionStateSSLv3.java
|
| 21b023d0ae70db62f744953d732154eb55578648 |
22-Oct-2013 |
Kenny Root <kroot@google.com> |
am 08154ef2: am 0dfd16cd: am 07152313: Invert pinning API name
* commit '08154ef2086bca352eadcc6bc21ccd93136297bc':
Invert pinning API name
|
| 08154ef2086bca352eadcc6bc21ccd93136297bc |
22-Oct-2013 |
Kenny Root <kroot@google.com> |
am 0dfd16cd: am 07152313: Invert pinning API name
* commit '0dfd16cdfe1869c0f782d032430a51e659861ace':
Invert pinning API name
|
| 071523134e16d74430eb184d1e0b85e821306214 |
22-Oct-2013 |
Kenny Root <kroot@google.com> |
Invert pinning API name
The pinning API used a negative name for the API which made it difficult
to reason about logically. Change them to positive names so the returned
booleans don't need to be inverted in my head.
Change-Id: Iad89d9cec33b3ef27e80a3344a5b23dec023d636
ain/java/org/conscrypt/CertPinManager.java
ain/java/org/conscrypt/PinListEntry.java
ain/java/org/conscrypt/TrustManagerImpl.java
est/java/org/conscrypt/CertPinManagerTest.java
est/java/org/conscrypt/TrustManagerImplTest.java
|
| 49336618a762eff280621cf7474021e06e8521fa |
28-Aug-2013 |
Alex Klyubin <klyubin@google.com> |
Self-seed OpenSSL-backed SecureRandom from /dev/urandom.
OpenSSL-backed SecureRandom instances do not currently self-seed.
These instances are backed by OpenSSL's default RAND engine (SSLeay)
which initilizes itself only once per process from /dev/urandom. As a
result, these SecureRandom instances do not pull any new entropy from
the Linux RNG when used.
This CL makes OpenSSL-backed SecureRandom instances pull new entropy
from /dev/urandom into OpenSSL's RAND engine during the self-seeding
of the SecureRandom instances.
This is similar to how new entropy is pulled into OpenSSL's RAND
engine from /dev/urandom by OpenSSLSocketImpl.
benchmark us linear runtime
Before Change 21.3 ============================
After Change 537.8 ==============================
Change-Id: I1d7467eac99b3627b64fbdb3e98be644581171bb
ain/java/org/conscrypt/OpenSSLRandom.java
|
| 31db24562b8890615e81f7457a1ce7d469b4ff4c |
22-Oct-2013 |
Narayan Kamath <narayan@google.com> |
am a5bc3127: am 8db22531: Tidy up locking in OpenSSLSocketImpl.
* commit 'a5bc312790a040ca81ee9acd126319ed8846e4a9':
Tidy up locking in OpenSSLSocketImpl.
|
| 8db22531f59b33539647ab95bb76354212d3866a |
18-Oct-2013 |
Narayan Kamath <narayan@google.com> |
Tidy up locking in OpenSSLSocketImpl.
We guard all state with a single lock "stateLock", which
replaces usages of "this" and "handshakeLock". We do not
perform any blocking operations while holding this lock.
In particular, startHandshake is no longer synchronized.
We use a single integer to keep track of handshake state
instead of a pair of booleans.
Also fix a bug in getSession, the previous implementation
wouldn't work in cut-through mode.
This fixes a deadlock in SSLSocketTest_interrupt.
Change-Id: I9aef991e0579d4094e287dde8e521d09d6468c51
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| 5a5a8c20c9952466597bb4b1fb2c913d8de1047f |
18-Oct-2013 |
Kenny Root <kroot@google.com> |
am 4953f057: am 11ac10be: Free EVP_CIPHER_CTX objects
* commit '4953f0575e4beea3b303501bf2451b9071de3d71':
Free EVP_CIPHER_CTX objects
|
| 11ac10be41fa98c695c984ad30f10321db9da44c |
18-Oct-2013 |
Kenny Root <kroot@google.com> |
Free EVP_CIPHER_CTX objects
Calling EVP_CIPHER_CTX_cleanup doesn't actually free the object. We need
to call EVP_CIPHER_CTX_free instead.
Change-Id: I716f4feaee446d47bd78852b18cff3bbe43fb1b1
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 7773cf2515d2ae179a5cdd46f41909356cb8c7a6 |
04-Oct-2013 |
Anwar Ghuloum <anwarg@google.com> |
am b590aa9f: am e75878c7: Fix mac build
* commit 'b590aa9f4377b810c62bc51e7d3651fd86c89854':
Fix mac build
|
| e75878c72b717696d7e4f6cc1052f1cdaca3bda8 |
24-May-2013 |
Anwar Ghuloum <anwarg@google.com> |
Fix mac build
move #pragma gcc outside of functions for apple's ancient gcc
(cherry picked from commit 37f25af685a795b2f2bfa9abb8bb5109c422c52c)
Change-Id: I3ea7fa22805980cfd5059e75c21e2e943604fb8a
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 70485bddb6248f7bfbb6f2a3c7c06a136cc9b44c |
05-Sep-2013 |
William Luh <williamluh@google.com> |
Add prefix to cert pin failure logging.
(cherry-picked from commit 9d7ed68cc1f20892f491540790b03ece56735a12)
Bug: 10912373
Change-Id: Iec3113c4eda73d271c921343d2dd3c1135de58c4
ain/java/org/conscrypt/PinFailureLogger.java
|
| 0a47f2ba654ef74f98a4aa263ac091979e88d6f5 |
30-Sep-2013 |
Kenny Root <kroot@google.com> |
Remove unsupported Cipher modes
OpenSSL silently ignores the padding modes when specified for stream
ciphers, but apparently Java does not.
Change-Id: Icd92122d63b3b8e99d704e8193414dda5057146d
ain/java/org/conscrypt/OpenSSLCipher.java
ain/java/org/conscrypt/OpenSSLProvider.java
|
| e38d2da368f59b485680ec03b3800880b83b1398 |
27-Sep-2013 |
Kenny Root <kroot@google.com> |
Conscrypt: correct key selection with no sigAlg
The KeyManagerImpl was changed to support the "EC_EC" and "EC_RSA" key
types in the StandardNames document. The intention of those aliases are
to require a certain signature type. If it is missing, it should accept
any signature type as before. However, it was erroneously requiring the
same signature type as the key type if it was missing. This causes RSA
client certificates signed by an EC key, for instance, to fail.
Bug: 10966884
Change-Id: I298bf65ac4c607ae13e24b44fb1b52ec341f9fcf
ain/java/org/conscrypt/KeyManagerImpl.java
|
| d2db2c558ef6afc14d59f4a6b547598ff3973597 |
26-Sep-2013 |
Kenny Root <kroot@google.com> |
Conscrypt: add SHA-224 with tests
SHA-224 has made a comeback in the latest StandardNames documentation.
This change adds tests for SHA-224 and also Conscrypt providers for
things we have code paths to support.
Change-Id: I8c200082ff76ee4ae38b6efaa16e6741b33b7f5b
ain/java/org/conscrypt/OpenSSLMac.java
ain/java/org/conscrypt/OpenSSLMessageDigestJDK.java
ain/java/org/conscrypt/OpenSSLProvider.java
ain/java/org/conscrypt/OpenSSLSignature.java
|
| c41697ab2043f5b0e0f86b6731519eb72e3569e5 |
26-Sep-2013 |
Kenny Root <kroot@google.com> |
Do not throw exception on Mac#reset
OpenSSLMac was not checking whether it was initialized before
dereferencing its macKey field. This caused callers to Mac#reset()
before Mac#init() to get a NullPointerException.
Bug: https://code.google.com/p/android/issues/detail?id=58179
Change-Id: I8523983fec578079a66a04d585c1ddbe7732575e
ain/java/org/conscrypt/OpenSSLMac.java
|
| 9b39c872e57b147373ee69a2803dd8f5ef41da2d |
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Revert "Restore NativeCrypto#encodeCertificates for now"
This reverts commit 07ff5de463a219d97b5ea7abfaa42bf3ae55fb57 and
commit 42567acf03ad437efd20e70790ae0f708dda15bc.
Change-Id: I05712ea94f0b11cc5963af58fb5081e65c79c3f0
ain/java/org/conscrypt/NativeCrypto.java
|
| 75f87ef038b1e2bc6f44261c96a3035610ca1056 |
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Fix build
Missed this during the git reset -p
Change-Id: I6c089d2fb5192d43934d55949b261b05cb8d67da
ain/java/org/conscrypt/NativeCrypto.java
|
| dbbabeb40aee9326ca8b3a909b06d12c9c10c7f3 |
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Restore NativeCrypto#encodeCertificates for now
Some other classes are using this. Restore this until they can be
removed.
Change-Id: Ibf188b7c4915865e20cc4ca51c73f26314df7828
ain/java/org/conscrypt/NativeCrypto.java
|
| 0e9746b7b132058651155b33f219c7789997985b |
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Conscrypt: use certificate references in SSL code
Instead of marshalling and unmarshalling to ASN.1 DER, just use
references to OpenSSL X509 objects everywhere applicable.
Change-Id: I1a28ae9232091ee199a9d4c7cd3c7bbd1efa1ca4
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/OpenSSLX509Certificate.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 1d5c92f74e14a4dd194cb6ad90a686e584da18ca |
12-Sep-2013 |
Kenny Root <kroot@google.com> |
Add specific exception for wrong final block length
EVP_DecryptFinal_ex can have an error on the wrong block length at the
end of a decrypted block, so throw IllegalBlockSizeException when that
happens instead of a RuntimeException.
Bug: 10610957
Bug: https://code.google.com/p/android/issues/detail?id=58396
Change-Id: I70ea040c3b52fc30591963270850871a8cc581d3
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 3f61f6e835a8c0d609bd5e524b302d972d0e8aff |
12-Sep-2013 |
Kenny Root <kroot@google.com> |
Merge "Conscrypt: remove dependence on stlport"
|
| 74f1a2a530135e47baf65bfce86d9a518f53911c |
12-Sep-2013 |
Kenny Root <kroot@google.com> |
Conscrypt: remove dependence on stlport
This helps with unbundling of Conscrypt by not forcing the app to
include a static version of stlport in their program.
Change-Id: I5bd17213059b8ae4d8d86921d82b43465253a62f
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 33bad173bc21cc7c057ef9e8f6e7df16ce1caa50 |
10-Sep-2013 |
Ruben Brunk <rubenbrunk@google.com> |
Remove dependency on JNIHelp header side effects.
(cherrypick of cc5305a004afc334842a4afadca9530c2ea0c8ff.)
Bug: 10680559
Change-Id: I49ad58dea61a0e558bebfbd76019e7e0730cab52
ain/native/org_conscrypt_NativeCrypto.cpp
|
| c58a18688cd17654a3f1c15f604d69c5ef78da22 |
11-Sep-2013 |
Kenny Root <kroot@google.com> |
Properly refcount X509 instances
We were leaking X509 references from stacks before so we could get away
with reusing references that should have been freed. Since we're properly
tracking references now, we need to up the reference of things we're
using.
(cherry picked from commit 499f7cd642cc32f89f793fe356afbebeba8bf9c1)
Bug: 10610037
Change-Id: I4a4beda9b635881c51194410a6da8274c3c1d429
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 3974cacc0af4d6c5e19bf290ea4cdbdc2887fe56 |
10-Sep-2013 |
Kenny Root <kroot@google.com> |
Return IvParameters in OpenSSLCipher#getParameters
The getParameters() call was unimplemented in the OpenSSLCipher as an
oversight. Add it so code relying on it will continue to work.
Additionally add tests for getIV() and getParameters() to make sure they
work correctly.
(cherry picked from commit 8d59a14a150738b8b3a2a8c31d1a48b8ae0a3d0c)
Bug: 10423926
Change-Id: I6bc7fc540509242dff9e5411f66f82be54691cb4
ain/java/org/conscrypt/OpenSSLCipher.java
|
| 69c9293abd67eee175870a81f9ee24d7bd6acb50 |
10-Sep-2013 |
Brian Carlstrom <bdc@google.com> |
Some cleanup while investigating test_SSLSocket_interrupt
Bug: 10681815
Change-Id: If9a76f4c55b578c6f135befebcc443ab9aef3073
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| 8f367eb2a6725f13d4b88419450d58f989a29fa8 |
24-Jul-2013 |
Kenny Root <kroot@google.com> |
Delay SSLSocketImpl instantiation until needed
Class preloading will create an instance of objects if they are in
static fields, so put the ones we don't want instantiated into a holder
class that is not preloaded.
(cherry picked from commit da5b7116b58795b169961cbd63c2b21bac741d9a)
Bug: 9984058
Change-Id: If8cb4280cbee79cd4d479fbf6a5297c8e5569b6c
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/SSLEngineImpl.java
ain/java/org/conscrypt/SSLSessionImpl.java
ain/java/org/conscrypt/SSLSocketImpl.java
|
| 8c51e39b2d31431be1c05a2f145a2cdf829d7978 |
10-Sep-2013 |
Kenny Root <kroot@google.com> |
Use sk_FOO_pop_free instead of sk_FOO_free
The proper way to free a stack of owned "FOO" items is to use
sk_FOO_pop_free since that will iterate through all the FOO instances
in the stack and free them. Calling sk_FOO_free just frees the stack and
not the items.
(cherry picked from commit 64299318644c0c6b86992d414e68d0af236b52c5)
Bug: 10610037
Bug: http://code.google.com/p/android/issues/detail?id=59536
Change-Id: I8af603b10219acb476666e77cc776b6936a19f8d
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 04c6d65c07b503caa425767b97e3a359c0f1ae35 |
07-Sep-2013 |
Kenny Root <kroot@google.com> |
Register Conscrypt as the AlgNameMapper source
Conscrypt was moved out of libcore, so the call directly to NativeCrypto
was removed as well. To break the dependency, introduce an interface
that Conscrypt registers as to answer algorithm name to OID mapping
queries and vice versa.
(cherry picked from commit b6963ac272834ec5f791ecdc773d17cb156e23f0)
Bug: 10310296
ain/java/org/conscrypt/OpenSSLMapper.java
ain/java/org/conscrypt/OpenSSLProvider.java
ain/java/org/conscrypt/Platform.java
|
| 97d151b258d226b3afc1b3588171b283ec3f8046 |
06-Sep-2013 |
Kenny Root <kroot@google.com> |
Make sure ChannelID key is initialized
This test used the test ChannelID key, but it didn't make sure it was
initialized first. This made it appear sometimes depending on the order
the tests were executed.
(cherry picked from commit debfff83084b79b65c092cfe72ebea9d9a9548d6)
Bug: 10210673
Change-Id: I5212e265611208ecb641a7d6b403985df603cb03
est/java/org/conscrypt/NativeCryptoTest.java
|
| 8b5a6218cc7f794af8ebb0004c5c6c72fb553578 |
07-Sep-2013 |
Kenny Root <kroot@google.com> |
Merge "Register Conscrypt as the AlgNameMapper source"
|
| feabaf41a3c62c6eee7759e9649d266f7c8f345c |
06-Sep-2013 |
Kenny Root <kroot@google.com> |
Register Conscrypt as the AlgNameMapper source
Conscrypt was moved out of libcore, so the call directly to NativeCrypto
was removed as well. To break the dependency, introduce an interface
that Conscrypt registers as to answer algorithm name to OID mapping
queries and vice versa.
(cherry picked from commit 6fcfb5a75dfb595ccbcf0a7a576ee7515fe2da32)
Bug: 10310296
Change-Id: Ia9c802f1102df7209749a90d0ed3ed2831480b04
ain/java/org/conscrypt/OpenSSLMapper.java
ain/java/org/conscrypt/OpenSSLProvider.java
|
| 2deabb82b74f6547a203d449006476d7c3a8ef79 |
06-Sep-2013 |
Brian Carlstrom <bdc@google.com> |
Merge "Call SSL_use_certificate before SSL_use_PrivateKey"
|
| eaeedc318b5fba9995fc64d15341017ec182fe4c |
29-Aug-2013 |
Kenny Root <kroot@google.com> |
Move conscrypt out libjavacore and split tests
To make the situation with testing a little better and enable building
core libraries totally independent of conscrypt, move the native
registration to a JNI_OnLoad scheme. Also, since we want to separate the
testing, make conscrypt build its own tests library.
Change-Id: I9f2831839059c1c012ec7bdeab2f90b4e2f44bfd
ain/java/org/conscrypt/NativeCrypto.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 8fa35332bfd0c9fe19d2b75622b56b25f62f7b2a |
17-Jul-2013 |
Brian Carlstrom <bdc@google.com> |
Call SSL_use_certificate before SSL_use_PrivateKey
Bug: https://code.google.com/p/android/issues/detail?id=54433
Change-Id: Icf39b98802e2c6128e79c44eaf2cabc7b4805cc5
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| fb822aec371f01db8c7d0d824901dd8487dd543c |
20-Aug-2013 |
Elliott Hughes <enh@google.com> |
Fix BIO_OutputStream::write to return the correct length.
This was leaving bad OpenSSL error states lying around for later
innocent calls to trip over.
Also clean up some of the other error reporting/handling.
Bug: 9822466
Bug: 10344304
Change-Id: I9e6d6fd9a6c5e466336217b47f45c211aff5555d
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 1e8948a5167623569a988457ae9b0888c1d0754a |
13-Aug-2013 |
Elliott Hughes <enh@google.com> |
Move libcore to C++11.
Change-Id: I1942be8f7cef51265d53272f36a217e88bfede94
ain/native/org_conscrypt_NativeCrypto.cpp
|
| a95efb43025a1a7f55c2c09cacce6591f6f727fa |
02-Aug-2013 |
Elliott Hughes <enh@google.com> |
If libcore wants ASCII casing, it needs to ask for it like everyone else.
http://elliotth.blogspot.com/2012/01/beware-convenience-methods.html
Bug: https://code.google.com/p/android/issues/detail?id=58359
Change-Id: I597b2ac940f17b5b2bc176e390dc4b63fe0a4e72
ain/java/org/conscrypt/OpenSSLCipherRSA.java
|
| ab3c653541a6fa0eaa38ba56a485afb6c5122cbb |
31-Jul-2013 |
Elliott Hughes <enh@google.com> |
Fix libcore's NativeCode.mk so we actually compile with -Werror.
Change-Id: Ib665ea7c6f54e43851bc04f0265e65218407c70f
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 8496bdb133ddc1c96663aae242670a34c9ca6511 |
26-Jun-2013 |
Kenny Root <kroot@google.com> |
am 4c88ce8d: Merge "NativeCrypto: Add ALPN support"
* commit '4c88ce8dd817d164777adcdffca30b693e5d6eed':
NativeCrypto: Add ALPN support
|
| 6fcf0cbeec79d1f2491d8d0774fdb314fc419ba3 |
25-Jun-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: Add ALPN support
This adds the ability to use Application-Layer Protocol Negotiation
(ALPN) as both a client and a server. ALPN is essentially like Next
Protocol Negotiation (NPN) but negotiation is done in the clear. This
allows the use of other protocols on the same port (e.g., SPDY instead
of HTTP on port 80).
Although previously clients using NPN were able to use cut-through, the
new ALPN API does not provide for a way for a client to enable that
during a callback. So the only difference is that NPN clients can enable
SSL False Start while ALPN clients cannot currently.
Change-Id: I42ff70f3711e9cccaf754d189f76eeaa9db5f981
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 6518d25ceafaff6e7eab3826df387cf4673a8527 |
06-Jun-2013 |
Kenny Root <kroot@google.com> |
am aa1e1d6d: Merge "NativeCrypto: handle X.509 serial number 0"
* commit 'aa1e1d6d989c7a659659f4fd20387cf67f11f64a':
NativeCrypto: handle X.509 serial number 0
|
| 38f3d465ca25edad129ffdf71c61daf20a555920 |
06-Jun-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: handle X.509 serial number 0
There is no need to try to convert numbers that are of zero length
because they'll be zero anyway. Returning NULL in this instance caused a
crash in X.509 code since it immediately tried to pass it to BigInteger
which through a NullPointerException.
Bug: 9297758
Change-Id: I719ca7b8f086937ee25094bfe981987def855744
ain/native/org_conscrypt_NativeCrypto.cpp
|
| ccbd7bb6d9f1c886d4346c5bc306479a8e62d326 |
05-Jun-2013 |
Kenny Root <kroot@google.com> |
am 940f8573: Merge "NativeCrypto: free error state on client_cb"
* commit '940f85738c2f1326317458f11f8d6b9880adfe42':
NativeCrypto: free error state on client_cb
|
| db88d0510b89bab4c3ca13a62ae0e737cab48d58 |
05-Jun-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: free error state on client_cb
On a call to SSL_get_certificate() there appears to be one path that
will set an error code (SSL_aANON) and returns NULL. This client_cb
wasn't expecting NULL to be an error.
To avoid the error from lingering and showing up in later tests, clear
it so the later tests have more accurate errors.
Bug: 9198763
Change-Id: I229c06fce042436a8545812c1d48c1210408d57e
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 6ebe32d6494802ea0104f54e6281c723e7803adf |
30-May-2013 |
Kenny Root <kroot@google.com> |
am 40630ebf: Merge "NativeCrypto: check that npnProtocols != NULL"
* commit '40630ebf13e02c9ce1121584c84b3c2e4251a822':
NativeCrypto: check that npnProtocols != NULL
|
| 30a30f136f48563478b75f0288d7854c91d9aa29 |
30-May-2013 |
Kenny Root <kroot@google.com> |
am c741f147: Merge "NativeCrypto: change debug format string to "%.*s""
* commit 'c741f1470f61f0d436d159edfc673d270b89857e':
NativeCrypto: change debug format string to "%.*s"
|
| f59f49f5ccb4b5053a5badc19256ea698db34573 |
29-May-2013 |
Kenny Root <kroot@google.com> |
Merge "NativeCrypto: check that npnProtocols != NULL"
|
| fbbcca5d07c2287fba22f31003e7a26c78fe02ba |
29-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: check that npnProtocols != NULL
There appears to be a path where an application can not specify which
NPN protocols it supports but can request that it is negotiated. Match
the advertise method by checking that we have NPN methods set before
using them in a call back to OpenSSL.
Bug: 9186885
Change-Id: I1f35d45709f264d6e2f0c7fef316cb6d93db4ed1
ain/native/org_conscrypt_NativeCrypto.cpp
|
| a084cc798e7d3c7aef917938db3b861c6beecff1 |
29-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: change debug format string to "%.*s"
This ensures the string stops at the right place instead of running off
the end of the buffer. This still doesn't help much for binary data.
Change-Id: Ia56b07a586d8f55ebb0d4237f6d598b307f065fe
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 1ec538a2e23b58048531276c07ba497e9db3a171 |
29-May-2013 |
Kenny Root <kroot@google.com> |
am 9fe691c8: Merge "NativeCrypto: add debug option for SSL streams"
* commit '9fe691c826e252e18eab41a1b1890e4d056d7715':
NativeCrypto: add debug option for SSL streams
|
| bcdb80d2bc818d5c6ec93aae44f70a77136c13c4 |
28-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: add debug option for SSL streams
Print out the key in format suitable for Wireshark decrypting. To use
this, see the comments next to the newly-defined flags.
Wireshark 1.6 that comes with Ubuntu seems to be broken. Wireshark 1.8
works.
Change-Id: Ifd6d75f03f76068085cec0620b465793c2d60587
ain/native/org_conscrypt_NativeCrypto.cpp
|
| f629a6acf59ceae3b7a23923488a89c7bc49ef83 |
08-May-2013 |
Kenny Root <kroot@google.com> |
am 99e1ae90: Merge "NativeCrypto: Fix a lot of random doc bugs"
* commit '99e1ae90e2bbdaca696da6d6052de90cf74824dc':
NativeCrypto: Fix a lot of random doc bugs
|
| 223dc6a0a5d7e84478af935d0ab210995ff922e7 |
08-May-2013 |
Kenny Root <kroot@google.com> |
am 4ffab68b: Merge "NativeCrypto: use strings instead of loading class"
* commit '4ffab68b792acd6c5374414858f9a845b0796ca1':
NativeCrypto: use strings instead of loading class
|
| fd4e8d2a48b7b3dc0a352bd32d7a831aef544431 |
08-May-2013 |
Kenny Root <kroot@google.com> |
am 30abb655: Merge "NativeCrypto: make our own X.509 key class"
* commit '30abb655066afb5eeaebb874efd7cb10ae4013ff':
NativeCrypto: make our own X.509 key class
|
| 44507c4550ca63a7a16a36c6458d6fead4ab8ca7 |
08-May-2013 |
Kenny Root <kroot@google.com> |
am dafcbf80: Merge changes Ided7a6bf,I61339e02
* commit 'dafcbf80f82fbd9ecb48bd7f04b894a28afe6104':
NativeCrypto: inline call to peekInt
NativeCrypto: remove unused import
|
| adf0d8d251eadb958b5e93cfe2600510f9c69f27 |
07-May-2013 |
Kenny Root <kroot@google.com> |
Merge "NativeCrypto: Fix a lot of random doc bugs"
|
| 9deee29ff4eee5dad5fe5ebba251ca4fed6c55a2 |
07-May-2013 |
Kenny Root <kroot@google.com> |
Merge "NativeCrypto: use strings instead of loading class"
|
| cea45ed2858f0b1e712b062e5598fc7eb4d97cde |
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: use strings instead of loading class
Using the Foo.class.getName() forces the class to be loaded when it's
not necessarily ever used. Using a String for the class's name
instead allows the class to be loaded lazily.
All the classes used to appear in preloaded-classes when it wasn't
ever really used in practice.
Change-Id: I9f2acf60bed25f5c9b162c62023aef42e7859cf4
ain/java/org/conscrypt/OpenSSLProvider.java
|
| 7c1e7f9af6cc08bbd33e4b87d2087dfc1e967fae |
07-May-2013 |
Kenny Root <kroot@google.com> |
Merge "NativeCrypto: make our own X.509 key class"
|
| 209c986cfe42dbaa5497c6e68d1b5db96b28db78 |
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: Fix a lot of random doc bugs
Remove lots of empty javadoc tags that were unused or invalid.
Remove some unused imports.
Mark a few input streams as intentionally unclosed.
Change-Id: I04d8642abd2b0f2e9be02e227658a1b9bd192d24
ain/java/org/conscrypt/AbstractSessionContext.java
ain/java/org/conscrypt/AlertProtocol.java
ain/java/org/conscrypt/CertificateMessage.java
ain/java/org/conscrypt/CertificateRequest.java
ain/java/org/conscrypt/CertificateVerify.java
ain/java/org/conscrypt/ChainStrengthAnalyzer.java
ain/java/org/conscrypt/CipherSuite.java
ain/java/org/conscrypt/ClientHandshakeImpl.java
ain/java/org/conscrypt/ClientHello.java
ain/java/org/conscrypt/ClientKeyExchange.java
ain/java/org/conscrypt/ConnectionStateSSLv3.java
ain/java/org/conscrypt/ConnectionStateTLS.java
ain/java/org/conscrypt/DigitalSignature.java
ain/java/org/conscrypt/Finished.java
ain/java/org/conscrypt/HandshakeProtocol.java
ain/java/org/conscrypt/KeyManagerFactoryImpl.java
ain/java/org/conscrypt/KeyManagerImpl.java
ain/java/org/conscrypt/Message.java
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLECPrivateKey.java
ain/java/org/conscrypt/OpenSSLProvider.java
ain/java/org/conscrypt/OpenSSLServerSocketImpl.java
ain/java/org/conscrypt/OpenSSLSessionImpl.java
ain/java/org/conscrypt/OpenSSLSignatureRawRSA.java
ain/java/org/conscrypt/OpenSSLX509Certificate.java
|
| 7d97b2cee4acabea6c8cb795d25fb1fb564f016c |
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: make our own X.509 key class
Make a key class that just holds the encoded key bytes along with the
algorithm identifier. Eclipse IDE made the entire class.
Change-Id: I40b198e0f01121d77bfd26b3420068700ab69614
ain/java/org/conscrypt/OpenSSLX509Certificate.java
ain/java/org/conscrypt/X509PublicKey.java
|
| cf4744d7323692412abed65a33f0848fa052bdf8 |
07-May-2013 |
Kenny Root <kroot@google.com> |
am ab4ab99b: Merge "NativeCrypto: remove dep on Android host verifier"
* commit 'ab4ab99b79b10a157ab313e57dc2d243ebb5cdcf':
NativeCrypto: remove dep on Android host verifier
|
| 7796b9e39068295e4f4d32fd5735b246c7f9dd36 |
07-May-2013 |
Kenny Root <kroot@google.com> |
am 7b65c5f0: Merge "NativeCrypto: pull in copy of EmptyArray"
* commit '7b65c5f03d4a74846f9376158cd9b90529de11c1':
NativeCrypto: pull in copy of EmptyArray
|
| 2a4faf6763b502c98d13bf79d1c9fba223b698c7 |
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: inline call to peekInt
Remove dependency on libcore by inlining a copy of Memory#peekInt
Change-Id: Ided7a6bf111ca507df985c45f4c2cf43bca0e471
ain/java/org/conscrypt/NativeCrypto.java
|
| 1fd2d19849ac52f63b7bf2010cde24c44ad7ba3f |
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: remove unused import
Change-Id: I61339e0250ce949c633545d509a4991cc97e2c7a
ain/java/org/conscrypt/NativeCrypto.java
|
| ad89c529747103ad9ae77fab095f37afee620ae4 |
07-May-2013 |
Kenny Root <kroot@google.com> |
Merge "NativeCrypto: remove dep on Android host verifier"
|
| 459e8af6a0be60d5fce8f9128003e5d7a695a8b8 |
06-May-2013 |
Kenny Root <kroot@google.com> |
am 3e7a5a21: Merge "NativeCrypto: replace Harmony routines with OpenSSL"
* commit '3e7a5a2188accd38f4bee36449ced7d36b717aa9':
NativeCrypto: replace Harmony routines with OpenSSL
|
| c875a50c6c5152f31de58d726c69b93835203511 |
06-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: pull in copy of EmptyArray
Pull in our own copy of EmptyArray so we don't depend on libcore's
version.
Change-Id: I9d90ac4f196a66a022241ed974a7dc78cb9babda
ain/java/org/conscrypt/ClientHello.java
ain/java/org/conscrypt/ClientKeyExchange.java
ain/java/org/conscrypt/DigitalSignature.java
ain/java/org/conscrypt/KeyManagerFactoryImpl.java
ain/java/org/conscrypt/Logger.java
ain/java/org/conscrypt/OpenSSLCipher.java
ain/java/org/conscrypt/OpenSSLCipherRSA.java
ain/java/org/conscrypt/SSLServerSocketFactoryImpl.java
ain/java/org/conscrypt/SSLSessionImpl.java
ain/java/org/conscrypt/SSLSocketFactoryImpl.java
ain/java/org/conscrypt/util/EmptyArray.java
|
| 827161cf786028a5d97e875f077d026c4a3b4d48 |
06-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: remove dep on Android host verifier
DefaultHostnameVerifier on Android actually does something, but it
doesn't do anything on other JVMs. Copy out the method we need instead
of relying on the implementation in Android's libcore.
Change-Id: Ic623c366cbba957597021786045094de3cba82d7
ain/java/org/conscrypt/CertPinManager.java
|
| 35beb3047b2b8ffc019f8218989a0255cc5e3818 |
06-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: replace Harmony routines with OpenSSL
Change-Id: I954932e45877cca073b71f33b4ccd4eacae8f510
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/TrustedCertificateStore.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 6b555386ead9b63fe231be0a788a6e1ec30c0123 |
03-May-2013 |
Kenny Root <kroot@google.com> |
am aed4814b: Merge "NativeCrypto: exit early when ssl_session is null"
* commit 'aed4814bb1d769e87bec04682489cc10b891518f':
NativeCrypto: exit early when ssl_session is null
|
| d98a8e4b145b17d2b9824d948e348fe9b2c58f33 |
03-May-2013 |
Kenny Root <kroot@google.com> |
am 6821dc7b: Merge "NativeCrypto: move key conversion to Java"
* commit '6821dc7ba87af1efe30b162614b4760ddaffcced':
NativeCrypto: move key conversion to Java
|
| c370c97c49c778eaf299070b3e2a75d2d7aba405 |
03-May-2013 |
Kenny Root <kroot@google.com> |
am 603a9f11: Merge "Move encoding method out of NativeCrypto"
* commit '603a9f111bab4635b6ddfd5c6a6ac8d44bb66d02':
Move encoding method out of NativeCrypto
|
| a2b8878f8089af75de8e1c4dda654e29b0e72eff |
03-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: exit early when ssl_session is null
to_SSL_SESSION already throws NPE, so we should exit early. Otherwise
we'll throw another NPE needlessly.
Change-Id: I664340485e0b6335dc1ff7cca5343205894bc2fc
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 1ecc0481f90d32b89b3b051cad70efe07468acd0 |
03-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: move key conversion to Java
Key type conversion in native code is from the legacy period before the
OpenSSLKey class existed. Use that to hold PKEY reference instead of
converting it in native code.
Change-Id: I84e9a6e1f2e0f95d2f44c18fa9f65cd15e039d63
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLKey.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/native/org_conscrypt_NativeCrypto.cpp
est/java/org/conscrypt/NativeCryptoTest.java
|
| 3ff2b34d00ea89eec5b895d866fddf05942fd2a7 |
03-May-2013 |
Kenny Root <kroot@google.com> |
Move encoding method out of NativeCrypto
Move the encoding method for X.509 out of NativeCrypto to the class that
uses it.
Change-Id: I57198101553f309c04b5e757716d1d807eb99a90
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
|
| 5c0aaa4d9bc3fee91564033355e05129fb8da091 |
03-May-2013 |
Kenny Root <kroot@google.com> |
am 9eda20c2: Merge "NativeCrypto: build native library standalone"
* commit '9eda20c27c0599c6c055c7887f41dd5a04c55935':
NativeCrypto: build native library standalone
|
| 923e3c5a80a6daefc14d4d0242ac46f23ac41b6a |
01-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: build native library standalone
Change-Id: I678f5c1b985d72ab1d41ae22dfcae35814c44e85
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLProvider.java
ain/native/org_conscrypt_NativeCrypto.cpp
|
| 77ed0f81d560b1aea7e25c09c41c342a6f076f06 |
30-Apr-2013 |
Kenny Root <kroot@google.com> |
am 0800e47a: Merge "Move JSSE to new package"
* commit '0800e47a2e19f185b7a62f1d26a74748db0cc047':
Move JSSE to new package
|
| 860d2707ce126ef8f66e3eac7ceeab6d24218cd8 |
24-Apr-2013 |
Kenny Root <kroot@google.com> |
Move JSSE to new package
To help with shipping the JSSE with apps that want to bundle it, move
it to a new package so that the tangles in other parts of the library
can be untangled.
Change-Id: I810b6861388635301e28aee5b9b47b8e6b35b430
ain/java/org/conscrypt/AbstractSessionContext.java
ain/java/org/conscrypt/AlertException.java
ain/java/org/conscrypt/AlertProtocol.java
ain/java/org/conscrypt/Appendable.java
ain/java/org/conscrypt/ByteArray.java
ain/java/org/conscrypt/CertPinManager.java
ain/java/org/conscrypt/CertificateMessage.java
ain/java/org/conscrypt/CertificateRequest.java
ain/java/org/conscrypt/CertificateVerify.java
ain/java/org/conscrypt/ChainStrengthAnalyzer.java
ain/java/org/conscrypt/CipherSuite.java
ain/java/org/conscrypt/ClientHandshakeImpl.java
ain/java/org/conscrypt/ClientHello.java
ain/java/org/conscrypt/ClientKeyExchange.java
ain/java/org/conscrypt/ClientSessionContext.java
ain/java/org/conscrypt/ConnectionState.java
ain/java/org/conscrypt/ConnectionStateSSLv3.java
ain/java/org/conscrypt/ConnectionStateTLS.java
ain/java/org/conscrypt/ContentType.java
ain/java/org/conscrypt/DHParameters.java
ain/java/org/conscrypt/DataStream.java
ain/java/org/conscrypt/DefaultSSLContextImpl.java
ain/java/org/conscrypt/DelegatedTask.java
ain/java/org/conscrypt/DigitalSignature.java
ain/java/org/conscrypt/EndOfBufferException.java
ain/java/org/conscrypt/EndOfSourceException.java
ain/java/org/conscrypt/FileClientSessionCache.java
ain/java/org/conscrypt/Finished.java
ain/java/org/conscrypt/Handshake.java
ain/java/org/conscrypt/HandshakeIODataStream.java
ain/java/org/conscrypt/HandshakeProtocol.java
ain/java/org/conscrypt/HelloRequest.java
ain/java/org/conscrypt/JSSEProvider.java
ain/java/org/conscrypt/KeyManagerFactoryImpl.java
ain/java/org/conscrypt/KeyManagerImpl.java
ain/java/org/conscrypt/Logger.java
ain/java/org/conscrypt/Message.java
ain/java/org/conscrypt/NativeCrypto.java
ain/java/org/conscrypt/OpenSSLBIOInputStream.java
ain/java/org/conscrypt/OpenSSLCipher.java
ain/java/org/conscrypt/OpenSSLCipherContext.java
ain/java/org/conscrypt/OpenSSLCipherRSA.java
ain/java/org/conscrypt/OpenSSLContextImpl.java
ain/java/org/conscrypt/OpenSSLDSAKeyFactory.java
ain/java/org/conscrypt/OpenSSLDSAKeyPairGenerator.java
ain/java/org/conscrypt/OpenSSLDSAParams.java
ain/java/org/conscrypt/OpenSSLDSAPrivateKey.java
ain/java/org/conscrypt/OpenSSLDSAPublicKey.java
ain/java/org/conscrypt/OpenSSLDigestContext.java
ain/java/org/conscrypt/OpenSSLECDHKeyAgreement.java
ain/java/org/conscrypt/OpenSSLECGroupContext.java
ain/java/org/conscrypt/OpenSSLECKeyFactory.java
ain/java/org/conscrypt/OpenSSLECKeyPairGenerator.java
ain/java/org/conscrypt/OpenSSLECPointContext.java
ain/java/org/conscrypt/OpenSSLECPrivateKey.java
ain/java/org/conscrypt/OpenSSLECPublicKey.java
ain/java/org/conscrypt/OpenSSLEngine.java
ain/java/org/conscrypt/OpenSSLKey.java
ain/java/org/conscrypt/OpenSSLKeyHolder.java
ain/java/org/conscrypt/OpenSSLMac.java
ain/java/org/conscrypt/OpenSSLMessageDigestJDK.java
ain/java/org/conscrypt/OpenSSLProvider.java
ain/java/org/conscrypt/OpenSSLRSAKeyFactory.java
ain/java/org/conscrypt/OpenSSLRSAKeyPairGenerator.java
ain/java/org/conscrypt/OpenSSLRSAPrivateCrtKey.java
ain/java/org/conscrypt/OpenSSLRSAPrivateKey.java
ain/java/org/conscrypt/OpenSSLRSAPublicKey.java
ain/java/org/conscrypt/OpenSSLRandom.java
ain/java/org/conscrypt/OpenSSLSecretKey.java
ain/java/org/conscrypt/OpenSSLServerSocketFactoryImpl.java
ain/java/org/conscrypt/OpenSSLServerSocketImpl.java
ain/java/org/conscrypt/OpenSSLSessionImpl.java
ain/java/org/conscrypt/OpenSSLSignature.java
ain/java/org/conscrypt/OpenSSLSignatureRawRSA.java
ain/java/org/conscrypt/OpenSSLSocketFactoryImpl.java
ain/java/org/conscrypt/OpenSSLSocketImpl.java
ain/java/org/conscrypt/OpenSSLSocketImplWrapper.java
ain/java/org/conscrypt/OpenSSLX509CRL.java
ain/java/org/conscrypt/OpenSSLX509CRLEntry.java
ain/java/org/conscrypt/OpenSSLX509CertPath.java
ain/java/org/conscrypt/OpenSSLX509Certificate.java
ain/java/org/conscrypt/OpenSSLX509CertificateFactory.java
ain/java/org/conscrypt/PRF.java
ain/java/org/conscrypt/PinEntryException.java
ain/java/org/conscrypt/PinFailureLogger.java
ain/java/org/conscrypt/PinListEntry.java
ain/java/org/conscrypt/PinManagerException.java
ain/java/org/conscrypt/ProtocolVersion.java
ain/java/org/conscrypt/SSLBufferedInput.java
ain/java/org/conscrypt/SSLClientSessionCache.java
ain/java/org/conscrypt/SSLContextImpl.java
ain/java/org/conscrypt/SSLEngineAppData.java
ain/java/org/conscrypt/SSLEngineDataStream.java
ain/java/org/conscrypt/SSLEngineImpl.java
ain/java/org/conscrypt/SSLInputStream.java
ain/java/org/conscrypt/SSLParametersImpl.java
ain/java/org/conscrypt/SSLRecordProtocol.java
ain/java/org/conscrypt/SSLServerSessionCache.java
ain/java/org/conscrypt/SSLServerSocketFactoryImpl.java
ain/java/org/conscrypt/SSLServerSocketImpl.java
ain/java/org/conscrypt/SSLSessionImpl.java
ain/java/org/conscrypt/SSLSocketFactoryImpl.java
ain/java/org/conscrypt/SSLSocketImpl.java
ain/java/org/conscrypt/SSLSocketInputStream.java
ain/java/org/conscrypt/SSLSocketOutputStream.java
ain/java/org/conscrypt/SSLSocketWrapper.java
ain/java/org/conscrypt/SSLStreamedInput.java
ain/java/org/conscrypt/SSLv3Constants.java
ain/java/org/conscrypt/ServerHandshakeImpl.java
ain/java/org/conscrypt/ServerHello.java
ain/java/org/conscrypt/ServerHelloDone.java
ain/java/org/conscrypt/ServerKeyExchange.java
ain/java/org/conscrypt/ServerSessionContext.java
ain/java/org/conscrypt/TrustManagerFactoryImpl.java
ain/java/org/conscrypt/TrustManagerImpl.java
ain/java/org/conscrypt/TrustedCertificateIndex.java
ain/java/org/conscrypt/TrustedCertificateKeyStoreSpi.java
ain/java/org/conscrypt/TrustedCertificateStore.java
ain/native/org_conscrypt_NativeCrypto.cpp
ain/native/sub.mk
est/java/org/conscrypt/CertPinManagerTest.java
est/java/org/conscrypt/ChainStrengthAnalyzerTest.java
est/java/org/conscrypt/CipherSuiteTest.java
est/java/org/conscrypt/ClientSessionContextTest.java
est/java/org/conscrypt/FileClientSessionCacheTest.java
est/java/org/conscrypt/MacTest.java
est/java/org/conscrypt/NativeCryptoTest.java
est/java/org/conscrypt/OpenSSLSignatureTest.java
est/java/org/conscrypt/SignatureTest.java
est/java/org/conscrypt/TrustManagerImplTest.java
est/java/org/conscrypt/TrustedCertificateStoreTest.java
|
| 93f87011689b32b7a7d9743f487af9db0aed628a |
26-Apr-2010 |
Peter Hallam <peterhal@google.com> |
merge more modules into luni
ain/java/javax/crypto/BadPaddingException.java
ain/java/javax/crypto/Cipher.java
ain/java/javax/crypto/CipherInputStream.java
ain/java/javax/crypto/CipherOutputStream.java
ain/java/javax/crypto/CipherSpi.java
ain/java/javax/crypto/EncryptedPrivateKeyInfo.java
ain/java/javax/crypto/ExemptionMechanism.java
ain/java/javax/crypto/ExemptionMechanismException.java
ain/java/javax/crypto/ExemptionMechanismSpi.java
ain/java/javax/crypto/IllegalBlockSizeException.java
ain/java/javax/crypto/KeyAgreement.java
ain/java/javax/crypto/KeyAgreementSpi.java
ain/java/javax/crypto/KeyGenerator.java
ain/java/javax/crypto/KeyGeneratorSpi.java
ain/java/javax/crypto/Mac.java
ain/java/javax/crypto/MacSpi.java
ain/java/javax/crypto/NoSuchPaddingException.java
ain/java/javax/crypto/NullCipher.java
ain/java/javax/crypto/SealedObject.java
ain/java/javax/crypto/SecretKey.java
ain/java/javax/crypto/SecretKeyFactory.java
ain/java/javax/crypto/SecretKeyFactorySpi.java
ain/java/javax/crypto/ShortBufferException.java
ain/java/javax/crypto/interfaces/DHKey.java
ain/java/javax/crypto/interfaces/DHPrivateKey.java
ain/java/javax/crypto/interfaces/DHPublicKey.java
ain/java/javax/crypto/interfaces/PBEKey.java
ain/java/javax/crypto/interfaces/package.html
ain/java/javax/crypto/package.html
ain/java/javax/crypto/spec/DESKeySpec.java
ain/java/javax/crypto/spec/DESedeKeySpec.java
ain/java/javax/crypto/spec/DHGenParameterSpec.java
ain/java/javax/crypto/spec/DHParameterSpec.java
ain/java/javax/crypto/spec/DHPrivateKeySpec.java
ain/java/javax/crypto/spec/DHPublicKeySpec.java
ain/java/javax/crypto/spec/IvParameterSpec.java
ain/java/javax/crypto/spec/OAEPParameterSpec.java
ain/java/javax/crypto/spec/PBEKeySpec.java
ain/java/javax/crypto/spec/PBEParameterSpec.java
ain/java/javax/crypto/spec/PSource.java
ain/java/javax/crypto/spec/RC2ParameterSpec.java
ain/java/javax/crypto/spec/RC5ParameterSpec.java
ain/java/javax/crypto/spec/SecretKeySpec.java
ain/java/javax/crypto/spec/package.html
ain/java/org/apache/harmony/crypto/internal/NullCipherSpi.java
ain/java/org/apache/harmony/crypto/internal/nls/Messages.java
ain/java/org/apache/harmony/crypto/internal/nls/messages.properties
est/java/org/apache/harmony/crypto/tests/javax/crypto/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/EncryptedPrivateKeyInfoTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NullCipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SealedObjectTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactorySpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactoryTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBETest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBEThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSATest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSAThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherSymmetricKeyThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherWrapThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/TestThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPrivateKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPublicKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/PBEKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESedeKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHGenParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPrivateKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPublicKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/IvParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/OAEPParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PSourceTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC2ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC5ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/SecretKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/support/EncryptedPrivateKeyInfoData.java
est/java/org/apache/harmony/crypto/tests/support/MyCipher.java
est/java/org/apache/harmony/crypto/tests/support/MyExemptionMechanismSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyKeyAgreementSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyKeyGeneratorSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyMacSpi.java
est/java/org/apache/harmony/crypto/tests/support/MySecretKeyFactorySpi.java
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.2.ser
est/java/tests/crypto/AllTests.java
est/resources/hyts_des-ede3-cbc.test1.ciphertext
est/resources/hyts_des-ede3-cbc.test1.iv
est/resources/hyts_des-ede3-cbc.test1.key
est/resources/hyts_des-ede3-cbc.test1.plaintext
est/resources/hyts_des-ede3-cbc.test2.ciphertext
est/resources/hyts_des-ede3-cbc.test2.iv
est/resources/hyts_des-ede3-cbc.test2.key
est/resources/hyts_des-ede3-cbc.test2.plaintext
est/resources/hyts_des-ede3-cbc.test3.ciphertext
est/resources/hyts_des-ede3-cbc.test3.iv
est/resources/hyts_des-ede3-cbc.test3.key
est/resources/hyts_des-ede3-cbc.test3.plaintext
|
| 4edacab8cfb30da6e7b606eae08bd6d7e3904d1d |
06-Apr-2010 |
Elliott Hughes <enh@google.com> |
resolved conflicts for merge of dd53c703 to dalvik-dev
Change-Id: Ia95af76e2995ce7fb0778b020baf2882a8b0a3dd
|
| a425a3bb867bd356eb0d5de44c8f3dddd46a11be |
05-Apr-2010 |
Elliott Hughes <enh@google.com> |
Froyo InputStream.available documentation improvement.
This method causes a lot of confusion, and we can do a lot better. (Ideally,
the API would either not exist or be something like "public boolean ready()".)
I've removed poor-quality documentation overrides too, so the full
documentation is visible in most places. (InflaterInputStream is an obvious
exception.)
Also, to a lesser extent, improve the InputStream.skip documentation.
Change-Id: I6d6cd788e6a32ad4a2613d1e381610f1ad8575fe
ain/java/javax/crypto/CipherInputStream.java
|
| 159af3a9a8b4c63b1670c471ab9873eb038528b2 |
22-Mar-2010 |
Elliott Hughes <enh@google.com> |
Remove all remaining "@since Android" tags.
I've fixed a few typos, and removed a few of the more egregiously nonsensical
or incorrect comments that were nearby.
Change-Id: I35851baebd532f949cc269f4738a26eeb9b6e697
ain/java/javax/crypto/interfaces/package.html
ain/java/javax/crypto/package.html
ain/java/javax/crypto/spec/package.html
|
| 50adf48afb3f3c0299fc8f703ab757c15fe3b34b |
19-Feb-2010 |
Elliott Hughes <enh@google.com> |
Resync a load of tests with upstream, make our build faster.
I started off with a mission to remove uses of dalvik.annotation.* (stuff
like @TestTargetNew and other useless junk that just makes it harder to
stay in sync with upstream). I wrote a script to go through tests showing
me the diff between what we have and what upstream has, thinking that in
cases where upstream has also added tests, I may as well pull them in at
the same time...
...but I didn't realize how close we were to having dx fill its 1.5GiB heap.
After trying various alternatives, I decided to bite the bullet and break
core-tests up into one .jar per module. This adds parallelism back into this,
the slowest part of our build. (I can do even better, but I'll do that in a
separate patch, preferably after we've merged recent changes from master.)
Only a couple of dependencies were problematic: the worthless TestSuiteFactory
which already contained a comment suggesting we get rid of it, and the fact
that some tests -- most notably the concurrent ones -- also contained main
methods that started the JUnit tty-based TestRunner.
(In the long run, we want to be running the harmony tests directly from a
pristine "svn co" of upstream, using DalvikRunner. But this will be a big
help in the meantime, and starts the work of getting our current copy of
the tests into a state where we can start to extract any meaningful
changes/additions we've made.)
est/java/org/apache/harmony/crypto/tests/javax/crypto/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESedeKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHGenParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPrivateKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPublicKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/IvParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/OAEPParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PSourceTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC2ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC5ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/SecretKeySpecTest.java
est/java/tests/crypto/AllTests.java
|
| db6a72139499d9144426628e735132754e783403 |
04-Feb-2010 |
Elliott Hughes <enh@google.com> |
Remove obviously bogus @KnownFailure annotations.
We've already agreed @KnownFailure Must Die (to be replaced by expectations for
DalvikRunner), but some are -- I think -- obviously in need of investigation.
This patch removes @KnownFailure for all cases where the reason looks bogus.
I've left the @KnownFailure annotations in cases where I it looks "reasonable"
in that we simply haven't implemented the functionality (pack200, say), and
a few other cases. Those should probably be done in a separate patch that adds
expectations at the same time.
But these ones, I think, all need investigating. (There's a scary number of
Arabic-related bugs in here, given that we're supposed to be shipping Arabic
in froyo.)
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
|
| 13e542075b186cadb10b333b8b45a719e2c6e6f3 |
24-Oct-2009 |
Jesse Wilson <jessewilson@google.com> |
A new hygenic way for tests to clean up before or after execution.
This replaces PrefsTester and is more general purpose.
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/EncryptedPrivateKeyInfoTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesWrapTest.java
|
| a7f69429a81ddc0a10b6295e710b5b96a7964eb7 |
01-Sep-2009 |
Jesse Wilson <jessewilson@google.com> |
Update crypto package to Harmony r802921. Only Javadoc changes.
commit d5d4307b5b9f37e6f66ab1273be1acd2a29177de
Merge: 2c2287b 1c60d7c
Author: Jesse Wilson <jessewilson@google.com>
Date: Mon Aug 31 15:36:46 2009 -0700
Merge branch 'crypto_802921' into crypto_dalvik
Conflicts:
libcore/crypto/.classpath
libcore/crypto/build.xml
libcore/crypto/src/main/java/javax/crypto/BadPaddingException.java
libcore/crypto/src/main/java/javax/crypto/Cipher.java
libcore/crypto/src/main/java/javax/crypto/CipherInputStream.java
libcore/crypto/src/main/java/javax/crypto/CipherOutputStream.java
libcore/crypto/src/main/java/javax/crypto/CipherSpi.java
libcore/crypto/src/main/java/javax/crypto/EncryptedPrivateKeyInfo.java
libcore/crypto/src/main/java/javax/crypto/ExemptionMechanism.java
libcore/crypto/src/main/java/javax/crypto/ExemptionMechanismException.java
libcore/crypto/src/main/java/javax/crypto/ExemptionMechanismSpi.java
libcore/crypto/src/main/java/javax/crypto/IllegalBlockSizeException.java
libcore/crypto/src/main/java/javax/crypto/KeyAgreement.java
libcore/crypto/src/main/java/javax/crypto/KeyAgreementSpi.java
libcore/crypto/src/main/java/javax/crypto/KeyGenerator.java
libcore/crypto/src/main/java/javax/crypto/KeyGeneratorSpi.java
libcore/crypto/src/main/java/javax/crypto/Mac.java
libcore/crypto/src/main/java/javax/crypto/MacSpi.java
libcore/crypto/src/main/java/javax/crypto/NoSuchPaddingException.java
libcore/crypto/src/main/java/javax/crypto/NullCipher.java
libcore/crypto/src/main/java/javax/crypto/SealedObject.java
libcore/crypto/src/main/java/javax/crypto/SecretKey.java
libcore/crypto/src/main/java/javax/crypto/SecretKeyFactory.java
libcore/crypto/src/main/java/javax/crypto/SecretKeyFactorySpi.java
libcore/crypto/src/main/java/javax/crypto/ShortBufferException.java
libcore/crypto/src/main/java/javax/crypto/interfaces/DHKey.java
libcore/crypto/src/main/java/javax/crypto/interfaces/DHPrivateKey.java
libcore/crypto/src/main/java/javax/crypto/interfaces/DHPublicKey.java
libcore/crypto/src/main/java/javax/crypto/interfaces/PBEKey.java
libcore/crypto/src/main/java/javax/crypto/spec/DESKeySpec.java
libcore/crypto/src/main/java/javax/crypto/spec/DESedeKeySpec.java
libcore/crypto/src/main/java/javax/crypto/spec/DHGenParameterSpec.java
libcore/crypto/src/main/java/javax/crypto/spec/DHParameterSpec.java
libcore/crypto/src/main/java/javax/crypto/spec/DHPrivateKeySpec.java
libcore/crypto/src/main/java/javax/crypto/spec/DHPublicKeySpec.java
libcore/crypto/src/main/java/javax/crypto/spec/IvParameterSpec.java
libcore/crypto/src/main/java/javax/crypto/spec/OAEPParameterSpec.java
libcore/crypto/src/main/java/javax/crypto/spec/PBEKeySpec.java
libcore/crypto/src/main/java/javax/crypto/spec/PBEParameterSpec.java
libcore/crypto/src/main/java/javax/crypto/spec/PSource.java
libcore/crypto/src/main/java/javax/crypto/spec/RC2ParameterSpec.java
libcore/crypto/src/main/java/javax/crypto/spec/RC5ParameterSpec.java
libcore/crypto/src/main/java/javax/crypto/spec/SecretKeySpec.java
commit 2c2287b521cc5f558d9929e14e31ec92da6285b1
Author: Jesse Wilson <jessewilson@google.com>
Date: Mon Aug 31 14:56:45 2009 -0700
crypto_dalvik
commit 1c60d7c222c55ae49add8345a192c54357bb4a1f
Author: Jesse Wilson <jessewilson@google.com>
Date: Mon Aug 31 14:56:34 2009 -0700
crypto_802921
commit 50cf7f5d97de2f65ee0769aafec7b5a3551cb5d0
Author: Jesse Wilson <jessewilson@google.com>
Date: Mon Aug 31 14:56:27 2009 -0700
crypto_527399
ain/java/javax/crypto/BadPaddingException.java
ain/java/javax/crypto/Cipher.java
ain/java/javax/crypto/CipherInputStream.java
ain/java/javax/crypto/CipherOutputStream.java
ain/java/javax/crypto/CipherSpi.java
ain/java/javax/crypto/EncryptedPrivateKeyInfo.java
ain/java/javax/crypto/ExemptionMechanism.java
ain/java/javax/crypto/ExemptionMechanismException.java
ain/java/javax/crypto/ExemptionMechanismSpi.java
ain/java/javax/crypto/IllegalBlockSizeException.java
ain/java/javax/crypto/KeyAgreement.java
ain/java/javax/crypto/KeyAgreementSpi.java
ain/java/javax/crypto/KeyGenerator.java
ain/java/javax/crypto/KeyGeneratorSpi.java
ain/java/javax/crypto/Mac.java
ain/java/javax/crypto/MacSpi.java
ain/java/javax/crypto/NoSuchPaddingException.java
ain/java/javax/crypto/NullCipher.java
ain/java/javax/crypto/SealedObject.java
ain/java/javax/crypto/SecretKey.java
ain/java/javax/crypto/SecretKeyFactory.java
ain/java/javax/crypto/SecretKeyFactorySpi.java
ain/java/javax/crypto/ShortBufferException.java
ain/java/javax/crypto/interfaces/DHKey.java
ain/java/javax/crypto/interfaces/DHPrivateKey.java
ain/java/javax/crypto/interfaces/DHPublicKey.java
ain/java/javax/crypto/interfaces/PBEKey.java
ain/java/javax/crypto/spec/DESKeySpec.java
ain/java/javax/crypto/spec/DESedeKeySpec.java
ain/java/javax/crypto/spec/DHGenParameterSpec.java
ain/java/javax/crypto/spec/DHParameterSpec.java
ain/java/javax/crypto/spec/DHPrivateKeySpec.java
ain/java/javax/crypto/spec/DHPublicKeySpec.java
ain/java/javax/crypto/spec/IvParameterSpec.java
ain/java/javax/crypto/spec/OAEPParameterSpec.java
ain/java/javax/crypto/spec/PBEKeySpec.java
ain/java/javax/crypto/spec/PBEParameterSpec.java
ain/java/javax/crypto/spec/PSource.java
ain/java/javax/crypto/spec/RC2ParameterSpec.java
ain/java/javax/crypto/spec/RC5ParameterSpec.java
ain/java/javax/crypto/spec/SecretKeySpec.java
|
| 3fdb06a169a1e1105a204c91bbf726001ac3fe17 |
25-Jul-2009 |
Jesse Wilson <jessewilson@google.com> |
Integrate luni module (but not tests) to Harmony r772995.
Notable changes
- Stripped "@since Android 1.0" from many files. Most files
are now 100% the same in Dalvik and Harmony.
- AbstractStringBuilder.reverse() supports surrogates
- AbstractStringBuilder shares less to waste less memory
- Bitset optimized
- BufferedInputStream changed to support unsynchronized close()
- BufferedOutputStream does flushInternal
- BufferedReader supports EBCDIC NEL
- Collections.synchronizedList().indexOf() does a copy for more concurrency
- Classes in nio module changed: DatagramChannelImpl, SocketChannelImpl
and ServerSocketChannelImpl (these depend on internal APIs changed in
this update)
- DataInputStream/DataOutputStream now use a small buffer to limit the
number of times the underlying stream is accessed
- Date now has a minutes offset, more efficient toString()
- ExposedByteArrayInputStream: new internal class
- DeleteOnExit moved to top-level class
- FileDescriptor.isValid() now non-native
- Float, Double lessThan optimized (fix for compare(-0.0F, 0.0F) still pending)
- FileURLConnection now guesses content types from streams
- HashMap iterator changes
- Hashtable iterator changes
- INetworkSystem
- removes bind2(), createMulticastSocket, sendStream(),
- renames createSocket to createStreamSocket
- JarURLConnection rewritten
- LinkedHashMap: new iterator
- Locale, Currency, TimeZone: now use ICU in Harmony, plain Java in Dalvik
- ObjectInputStream: Accessor objects in Harmony, direct native in Dalvik
- ProxyClassFile - many changes
- String - optimized ascii for toLowerCase, toUpperCase, compare
- Timer - rewritten
- TreeMap - rewritten
- URLClassLoader - new
- URLConnection - new guessContentTypeFromStream(), uses org.apache.harmony.awt.www.content
to lookup content type handlers
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismTest.java
|
| 097041c465bd28129da7cce364bb01ada65c5104 |
28-Mar-2009 |
Jorg Pleumann <unknown@example.com> |
AI 143385: am: CL 143235 am: CL 143073 Bringing the Crypto tests down to zero failures.
Original author: jorgp
Merged from: //branches/cupcake/...
Original author: android-build
Merged from: //branches/donutburger/...
Automated import of CL 143385
est/java/org/apache/harmony/crypto/tests/javax/crypto/EncryptedPrivateKeyInfoTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPrivateKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPublicKeyTest.java
|
| 75883dccd11893c17b4c63de1ef8a7688ada6913 |
19-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake_rel/...@140373
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBETest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSATest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherWrapThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryFunctionalTest.java
|
| 08ecc8c0f00f1a7f2258c569187e36606ed73045 |
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
ain/java/javax/crypto/BadPaddingException.java
ain/java/javax/crypto/Cipher.java
ain/java/javax/crypto/CipherInputStream.java
ain/java/javax/crypto/CipherOutputStream.java
ain/java/javax/crypto/CipherSpi.java
ain/java/javax/crypto/EncryptedPrivateKeyInfo.java
ain/java/javax/crypto/ExemptionMechanism.java
ain/java/javax/crypto/ExemptionMechanismException.java
ain/java/javax/crypto/ExemptionMechanismSpi.java
ain/java/javax/crypto/IllegalBlockSizeException.java
ain/java/javax/crypto/KeyAgreement.java
ain/java/javax/crypto/KeyAgreementSpi.java
ain/java/javax/crypto/KeyGenerator.java
ain/java/javax/crypto/KeyGeneratorSpi.java
ain/java/javax/crypto/Mac.java
ain/java/javax/crypto/MacSpi.java
ain/java/javax/crypto/NoSuchPaddingException.java
ain/java/javax/crypto/NullCipher.java
ain/java/javax/crypto/SealedObject.java
ain/java/javax/crypto/SecretKey.java
ain/java/javax/crypto/SecretKeyFactory.java
ain/java/javax/crypto/SecretKeyFactorySpi.java
ain/java/javax/crypto/ShortBufferException.java
ain/java/javax/crypto/interfaces/DHKey.java
ain/java/javax/crypto/interfaces/DHPrivateKey.java
ain/java/javax/crypto/interfaces/DHPublicKey.java
ain/java/javax/crypto/interfaces/PBEKey.java
ain/java/javax/crypto/interfaces/package.html
ain/java/javax/crypto/package.html
ain/java/javax/crypto/spec/DESKeySpec.java
ain/java/javax/crypto/spec/DESedeKeySpec.java
ain/java/javax/crypto/spec/DHGenParameterSpec.java
ain/java/javax/crypto/spec/DHParameterSpec.java
ain/java/javax/crypto/spec/DHPrivateKeySpec.java
ain/java/javax/crypto/spec/DHPublicKeySpec.java
ain/java/javax/crypto/spec/IvParameterSpec.java
ain/java/javax/crypto/spec/OAEPParameterSpec.java
ain/java/javax/crypto/spec/PBEKeySpec.java
ain/java/javax/crypto/spec/PBEParameterSpec.java
ain/java/javax/crypto/spec/PSource.java
ain/java/javax/crypto/spec/RC2ParameterSpec.java
ain/java/javax/crypto/spec/RC5ParameterSpec.java
ain/java/javax/crypto/spec/SecretKeySpec.java
ain/java/javax/crypto/spec/package.html
ain/java/org/apache/harmony/crypto/internal/NullCipherSpi.java
ain/java/org/apache/harmony/crypto/internal/nls/Messages.java
ain/java/org/apache/harmony/crypto/internal/nls/messages.properties
est/java/org/apache/harmony/crypto/tests/javax/crypto/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/EncryptedPrivateKeyInfoTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NullCipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SealedObjectTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactorySpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactoryTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBETest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBEThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSATest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSAThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherSymmetricKeyThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherWrapThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/TestThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPrivateKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPublicKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/PBEKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESedeKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHGenParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPrivateKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPublicKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/IvParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/OAEPParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PSourceTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC2ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC5ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/SecretKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/support/EncryptedPrivateKeyInfoData.java
est/java/org/apache/harmony/crypto/tests/support/MyCipher.java
est/java/org/apache/harmony/crypto/tests/support/MyExemptionMechanismSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyKeyAgreementSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyKeyGeneratorSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyMacSpi.java
est/java/org/apache/harmony/crypto/tests/support/MySecretKeyFactorySpi.java
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.2.ser
est/java/tests/crypto/AllTests.java
est/resources/hyts_des-ede3-cbc.test1.ciphertext
est/resources/hyts_des-ede3-cbc.test1.iv
est/resources/hyts_des-ede3-cbc.test1.key
est/resources/hyts_des-ede3-cbc.test1.plaintext
est/resources/hyts_des-ede3-cbc.test2.ciphertext
est/resources/hyts_des-ede3-cbc.test2.iv
est/resources/hyts_des-ede3-cbc.test2.key
est/resources/hyts_des-ede3-cbc.test2.plaintext
est/resources/hyts_des-ede3-cbc.test3.ciphertext
est/resources/hyts_des-ede3-cbc.test3.iv
est/resources/hyts_des-ede3-cbc.test3.key
est/resources/hyts_des-ede3-cbc.test3.plaintext
|
| 6cc83374fc9ec9e8ef2aa33b33798f14939018cf |
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
ain/java/javax/crypto/BadPaddingException.java
ain/java/javax/crypto/Cipher.java
ain/java/javax/crypto/CipherInputStream.java
ain/java/javax/crypto/CipherOutputStream.java
ain/java/javax/crypto/CipherSpi.java
ain/java/javax/crypto/EncryptedPrivateKeyInfo.java
ain/java/javax/crypto/ExemptionMechanism.java
ain/java/javax/crypto/ExemptionMechanismException.java
ain/java/javax/crypto/ExemptionMechanismSpi.java
ain/java/javax/crypto/IllegalBlockSizeException.java
ain/java/javax/crypto/KeyAgreement.java
ain/java/javax/crypto/KeyAgreementSpi.java
ain/java/javax/crypto/KeyGenerator.java
ain/java/javax/crypto/KeyGeneratorSpi.java
ain/java/javax/crypto/Mac.java
ain/java/javax/crypto/MacSpi.java
ain/java/javax/crypto/NoSuchPaddingException.java
ain/java/javax/crypto/NullCipher.java
ain/java/javax/crypto/SealedObject.java
ain/java/javax/crypto/SecretKey.java
ain/java/javax/crypto/SecretKeyFactory.java
ain/java/javax/crypto/SecretKeyFactorySpi.java
ain/java/javax/crypto/ShortBufferException.java
ain/java/javax/crypto/interfaces/DHKey.java
ain/java/javax/crypto/interfaces/DHPrivateKey.java
ain/java/javax/crypto/interfaces/DHPublicKey.java
ain/java/javax/crypto/interfaces/PBEKey.java
ain/java/javax/crypto/interfaces/package.html
ain/java/javax/crypto/package.html
ain/java/javax/crypto/spec/DESKeySpec.java
ain/java/javax/crypto/spec/DESedeKeySpec.java
ain/java/javax/crypto/spec/DHGenParameterSpec.java
ain/java/javax/crypto/spec/DHParameterSpec.java
ain/java/javax/crypto/spec/DHPrivateKeySpec.java
ain/java/javax/crypto/spec/DHPublicKeySpec.java
ain/java/javax/crypto/spec/IvParameterSpec.java
ain/java/javax/crypto/spec/OAEPParameterSpec.java
ain/java/javax/crypto/spec/PBEKeySpec.java
ain/java/javax/crypto/spec/PBEParameterSpec.java
ain/java/javax/crypto/spec/PSource.java
ain/java/javax/crypto/spec/RC2ParameterSpec.java
ain/java/javax/crypto/spec/RC5ParameterSpec.java
ain/java/javax/crypto/spec/SecretKeySpec.java
ain/java/javax/crypto/spec/package.html
ain/java/org/apache/harmony/crypto/internal/NullCipherSpi.java
ain/java/org/apache/harmony/crypto/internal/nls/Messages.java
ain/java/org/apache/harmony/crypto/internal/nls/messages.properties
est/java/org/apache/harmony/crypto/tests/javax/crypto/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/EncryptedPrivateKeyInfoTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NullCipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SealedObjectTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactorySpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactoryTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBETest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBEThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSATest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSAThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherSymmetricKeyThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherWrapThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/TestThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPrivateKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPublicKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/PBEKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESedeKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHGenParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPrivateKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPublicKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/IvParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/OAEPParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PSourceTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC2ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC5ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/SecretKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/support/EncryptedPrivateKeyInfoData.java
est/java/org/apache/harmony/crypto/tests/support/MyCipher.java
est/java/org/apache/harmony/crypto/tests/support/MyExemptionMechanismSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyKeyAgreementSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyKeyGeneratorSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyMacSpi.java
est/java/org/apache/harmony/crypto/tests/support/MySecretKeyFactorySpi.java
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.2.ser
est/java/tests/crypto/AllTests.java
est/resources/hyts_des-ede3-cbc.test1.ciphertext
est/resources/hyts_des-ede3-cbc.test1.iv
est/resources/hyts_des-ede3-cbc.test1.key
est/resources/hyts_des-ede3-cbc.test1.plaintext
est/resources/hyts_des-ede3-cbc.test2.ciphertext
est/resources/hyts_des-ede3-cbc.test2.iv
est/resources/hyts_des-ede3-cbc.test2.key
est/resources/hyts_des-ede3-cbc.test2.plaintext
est/resources/hyts_des-ede3-cbc.test3.ciphertext
est/resources/hyts_des-ede3-cbc.test3.iv
est/resources/hyts_des-ede3-cbc.test3.key
est/resources/hyts_des-ede3-cbc.test3.plaintext
|
| 61d595900d867ccd7a82cce1bc7b2ff9316b2e3c |
11-Feb-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake/...@130745
est/java/org/apache/harmony/crypto/tests/javax/crypto/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactorySpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBETest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSATest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPrivateKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPublicKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/PBEKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/SecretKeySpecTest.java
|
| 2d621adf3352f60ce821a4eb095cb2b2a99cdd3b |
10-Jan-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake/...@125939
est/java/org/apache/harmony/crypto/tests/javax/crypto/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/EncryptedPrivateKeyInfoTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NullCipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SealedObjectTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactorySpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactoryTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherAesWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDESedeWrapTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherDesTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBETest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherPBEThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSATest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherRSAThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherSymmetricKeyThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/CipherWrapThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyAgreementThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/KeyGeneratorThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/MacThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryFunctionalTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/SecretKeyFactoryThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/func/TestThread.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPrivateKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPublicKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/PBEKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESedeKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHGenParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPrivateKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPublicKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/IvParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/OAEPParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PSourceTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC2ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC5ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/SecretKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/support/MyExemptionMechanismSpi.java
est/java/resources/hyts_des-ede3-cbc.test1.ciphertext
est/java/resources/hyts_des-ede3-cbc.test1.iv
est/java/resources/hyts_des-ede3-cbc.test1.key
est/java/resources/hyts_des-ede3-cbc.test1.plaintext
est/java/resources/hyts_des-ede3-cbc.test2.ciphertext
est/java/resources/hyts_des-ede3-cbc.test2.iv
est/java/resources/hyts_des-ede3-cbc.test2.key
est/java/resources/hyts_des-ede3-cbc.test2.plaintext
est/java/resources/hyts_des-ede3-cbc.test3.ciphertext
est/java/resources/hyts_des-ede3-cbc.test3.iv
est/java/resources/hyts_des-ede3-cbc.test3.key
est/java/resources/hyts_des-ede3-cbc.test3.plaintext
est/java/tests/crypto/AllTests.java
est/resources/hyts_des-ede3-cbc.test1.ciphertext
est/resources/hyts_des-ede3-cbc.test1.iv
est/resources/hyts_des-ede3-cbc.test1.key
est/resources/hyts_des-ede3-cbc.test1.plaintext
est/resources/hyts_des-ede3-cbc.test2.ciphertext
est/resources/hyts_des-ede3-cbc.test2.iv
est/resources/hyts_des-ede3-cbc.test2.key
est/resources/hyts_des-ede3-cbc.test2.plaintext
est/resources/hyts_des-ede3-cbc.test3.ciphertext
est/resources/hyts_des-ede3-cbc.test3.iv
est/resources/hyts_des-ede3-cbc.test3.key
est/resources/hyts_des-ede3-cbc.test3.plaintext
|
| 63f526701ff89af82d1e601b415c58d945e3e06e |
18-Dec-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Code drop from //branches/cupcake/...@124589
ain/java/javax/crypto/BadPaddingException.java
ain/java/javax/crypto/Cipher.java
ain/java/javax/crypto/CipherInputStream.java
ain/java/javax/crypto/CipherOutputStream.java
ain/java/javax/crypto/CipherSpi.java
ain/java/javax/crypto/EncryptedPrivateKeyInfo.java
ain/java/javax/crypto/ExemptionMechanism.java
ain/java/javax/crypto/ExemptionMechanismException.java
ain/java/javax/crypto/ExemptionMechanismSpi.java
ain/java/javax/crypto/HmacSpi.java
ain/java/javax/crypto/IllegalBlockSizeException.java
ain/java/javax/crypto/KeyAgreement.java
ain/java/javax/crypto/KeyAgreementSpi.java
ain/java/javax/crypto/KeyGenerator.java
ain/java/javax/crypto/KeyGeneratorSpi.java
ain/java/javax/crypto/Mac.java
ain/java/javax/crypto/MacSpi.java
ain/java/javax/crypto/NoSuchPaddingException.java
ain/java/javax/crypto/NullCipher.java
ain/java/javax/crypto/SealedObject.java
ain/java/javax/crypto/SecretKey.java
ain/java/javax/crypto/SecretKeyFactory.java
ain/java/javax/crypto/SecretKeyFactorySpi.java
ain/java/javax/crypto/ShortBufferException.java
ain/java/javax/crypto/interfaces/DHKey.java
ain/java/javax/crypto/interfaces/DHPrivateKey.java
ain/java/javax/crypto/interfaces/DHPublicKey.java
ain/java/javax/crypto/interfaces/PBEKey.java
ain/java/javax/crypto/interfaces/package.html
ain/java/javax/crypto/package.html
ain/java/javax/crypto/spec/DESKeySpec.java
ain/java/javax/crypto/spec/DESedeKeySpec.java
ain/java/javax/crypto/spec/DHGenParameterSpec.java
ain/java/javax/crypto/spec/DHParameterSpec.java
ain/java/javax/crypto/spec/DHPrivateKeySpec.java
ain/java/javax/crypto/spec/DHPublicKeySpec.java
ain/java/javax/crypto/spec/IvParameterSpec.java
ain/java/javax/crypto/spec/OAEPParameterSpec.java
ain/java/javax/crypto/spec/PBEKeySpec.java
ain/java/javax/crypto/spec/PBEParameterSpec.java
ain/java/javax/crypto/spec/PSource.java
ain/java/javax/crypto/spec/RC2ParameterSpec.java
ain/java/javax/crypto/spec/RC5ParameterSpec.java
ain/java/javax/crypto/spec/SecretKeySpec.java
ain/java/javax/crypto/spec/package.html
ain/java/org/apache/harmony/crypto/internal/nls/Messages.java
ain/native/javax_crypto_HmacSpi.cpp
ain/native/sub.mk
est/java/org/apache/harmony/crypto/tests/javax/crypto/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherInputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStream1Test.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherOutputStreamTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/EncryptedPrivateKeyInfoTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ExemptionMechanismTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacSpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/NullCipherTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SealedObjectTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactorySpiTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactoryTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPrivateKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/DHPublicKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/interfaces/PBEKeyTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/AllTests.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DESedeKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHGenParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPrivateKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/DHPublicKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/IvParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/OAEPParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PBEParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/PSourceTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC2ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/RC5ParameterSpecTest.java
est/java/org/apache/harmony/crypto/tests/javax/crypto/spec/SecretKeySpecTest.java
est/java/org/apache/harmony/crypto/tests/support/EncryptedPrivateKeyInfoData.java
est/java/org/apache/harmony/crypto/tests/support/MyCipher.java
est/java/org/apache/harmony/crypto/tests/support/MyExemptionMechanismSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyKeyAgreementSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyKeyGeneratorSpi.java
est/java/org/apache/harmony/crypto/tests/support/MyMacSpi.java
est/java/org/apache/harmony/crypto/tests/support/MySecretKeyFactorySpi.java
est/java/resources/hyts_des-ede3-cbc.test1.ciphertext
est/java/resources/hyts_des-ede3-cbc.test1.iv
est/java/resources/hyts_des-ede3-cbc.test1.key
est/java/resources/hyts_des-ede3-cbc.test1.plaintext
est/java/resources/hyts_des-ede3-cbc.test2.ciphertext
est/java/resources/hyts_des-ede3-cbc.test2.iv
est/java/resources/hyts_des-ede3-cbc.test2.key
est/java/resources/hyts_des-ede3-cbc.test2.plaintext
est/java/resources/hyts_des-ede3-cbc.test3.ciphertext
est/java/resources/hyts_des-ede3-cbc.test3.iv
est/java/resources/hyts_des-ede3-cbc.test3.key
est/java/resources/hyts_des-ede3-cbc.test3.plaintext
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/BadPaddingExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ExemptionMechanismExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/IllegalBlockSizeExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/NoSuchPaddingExceptionTest.golden.2.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.0.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.1.ser
est/java/serialization/org/apache/harmony/crypto/tests/javax/crypto/serialization/ShortBufferExceptionTest.golden.2.ser
est/java/tests/crypto/AllTests.java
|
| 10da3cb6ea5e4376864aabb33c1438c363fa7491 |
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
ain/java/javax/crypto/BadPaddingException.java
ain/java/javax/crypto/Cipher.java
ain/java/javax/crypto/CipherInputStream.java
ain/java/javax/crypto/CipherOutputStream.java
ain/java/javax/crypto/CipherSpi.java
ain/java/javax/crypto/EncryptedPrivateKeyInfo.java
ain/java/javax/crypto/ExemptionMechanism.java
ain/java/javax/crypto/ExemptionMechanismException.java
ain/java/javax/crypto/ExemptionMechanismSpi.java
ain/java/javax/crypto/HmacSpi.java
ain/java/javax/crypto/IllegalBlockSizeException.java
ain/java/javax/crypto/KeyAgreement.java
ain/java/javax/crypto/KeyAgreementSpi.java
ain/java/javax/crypto/KeyGenerator.java
ain/java/javax/crypto/KeyGeneratorSpi.java
ain/java/javax/crypto/Mac.java
ain/java/javax/crypto/MacSpi.java
ain/java/javax/crypto/NoSuchPaddingException.java
ain/java/javax/crypto/NullCipher.java
ain/java/javax/crypto/SealedObject.java
ain/java/javax/crypto/SecretKey.java
ain/java/javax/crypto/SecretKeyFactory.java
ain/java/javax/crypto/SecretKeyFactorySpi.java
ain/java/javax/crypto/ShortBufferException.java
ain/java/javax/crypto/interfaces/DHKey.java
ain/java/javax/crypto/interfaces/DHPrivateKey.java
ain/java/javax/crypto/interfaces/DHPublicKey.java
ain/java/javax/crypto/interfaces/PBEKey.java
ain/java/javax/crypto/interfaces/package.html
ain/java/javax/crypto/package.html
ain/java/javax/crypto/spec/DESKeySpec.java
ain/java/javax/crypto/spec/DESedeKeySpec.java
ain/java/javax/crypto/spec/DHGenParameterSpec.java
ain/java/javax/crypto/spec/DHParameterSpec.java
ain/java/javax/crypto/spec/DHPrivateKeySpec.java
ain/java/javax/crypto/spec/DHPublicKeySpec.java
ain/java/javax/crypto/spec/IvParameterSpec.java
ain/java/javax/crypto/spec/OAEPParameterSpec.java
ain/java/javax/crypto/spec/PBEKeySpec.java
ain/java/javax/crypto/spec/PBEParameterSpec.java
ain/java/javax/crypto/spec/PSource.java
ain/java/javax/crypto/spec/RC2ParameterSpec.java
ain/java/javax/crypto/spec/RC5ParameterSpec.java
ain/java/javax/crypto/spec/SecretKeySpec.java
ain/java/javax/crypto/spec/package.html
ain/java/org/apache/harmony/crypto/internal/NullCipherSpi.java
ain/java/org/apache/harmony/crypto/internal/nls/Messages.java
ain/java/org/apache/harmony/crypto/internal/nls/messages.properties
ain/native/javax_crypto_HmacSpi.cpp
ain/native/sub.mk
|