c64652932d8e17ccf7e54c0c76c1b38a86841732 |
|
10-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Call EVP_CIPHER_CTX_free instead of EVP_CIPHER_CTX_cleanup. The latter doesn't OpenSSL_free memory allocated by EVP_CIPHER_CTX_new. It's worth noting that EVP_CIPHER_CTX_free doesn't check the return value of EVP_CIPHER_CTX_cleanup so we can't throw if cleanup failed, but we were only ever calling this method from a finalizer anyway. bug: 18617384 Change-Id: Ida65e14ffbed41f56a59e2f5fe77289cac0f5947
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
9ca6641ca7fdcb7cc3931fdcd2071297d278f286 |
|
07-Nov-2014 |
Kenny Root <kroot@google.com> |
Track upgrade to OpenSSL 1.0.1j (cherry picked from commit 8ae86f7662a6330f58df6bdf3fd06af8e1dc281f) Bug: 18018599 Change-Id: I2b8c62190a9dd5e5fdc6894334cf1d3edfce0a06
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
8d7e23e117da591a8d48e6bcda9ed6f58ff1a375 |
|
03-Oct-2014 |
Kenny Root <kroot@google.com> |
Add support for TLS_FALLBACK_SCSV Bug: 17750026 Change-Id: I1c2ecbeb914db645f440d58e7f7daa86d880ad6f
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
a20d871a327ac3a0322b1086dce36c420502b11e |
|
22-Jul-2014 |
Kenny Root <kroot@google.com> |
OpenSSLEngineImpl: reduce number of copies needed When the ByteBuffer didn't line up exactly with the backing array, it would allocate a new buffer to write into. Instead, add the ability for OpenSSL to read at an offset in the given array so a copy isn't needed. (cherry picked from commit 7ed0fae1906061766d0042e69ccba20e4a702bbe) Change-Id: I149d3f94e4b5cbdc010df80439ae3300cbdc87a5
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
fdb7d8c53dabac5551e2499d045ba6829bcfc0a0 |
|
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Enable PSK cipher suites when PSKKeyManager is provided. This enables TLS-PSK cipher suites by default iff SSLContext is initialized with a PSKKeyManager. For consistency, X.509 based cipher suites are no longer enabled by default at all times -- they are now only enabled by default iff SSLContext is initialized with a X509KeyManager or a X509TrustManager. When both X.509 and PSK cipher suites need to be enabled, PSK cipher suites are given higher priority in the resulting list of cipher suites. This is based on the assumption that in most cases users of TLS/SSL who enable TLS-PSK would prefer TLS-PSK to be used when the peer supports TLS-PSK. Bug: 15073623 (cherry picked from commit 8f9ac1af0cbdf00e5e47aee32c132522ebc3bd17) Change-Id: Icd7fe066147a6b2fc64d807204cc99f6af821313
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
6e2315fd96c3c4a47450c1a437babacc94bc31a6 |
|
15-Jul-2014 |
Ed Heyl <edheyl@google.com> |
reconcile aosp (e79c25bf33e10da41e489c537823f678e1a1169c) after branching. Please do not merge. Change-Id: I39ab275cd9744ba442fee7db9038107b4603526f
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
978e2e1e44570bdbac7b3538c5e198d8ff645202 |
|
17-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Assert that the padding extension is enabled by default. Change-Id: I1c8aa589e3274bfd3a5fc66c3e948828903c1966
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
b79411aa945a885318a0b26ff4841e99ac6640fd |
|
04-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Adjust the list of supported ECDHE-PSK cipher suites. The SHA-2 based cipher suites cannot be used with SSLv3 but there is no way to express that in OpenSSL's configuration. This CL thus adjusts the list of supported cipher suites accordingly. Bug: 15073623 Change-Id: I427c99f4c1c72690d95e5a3c63763631c41ddae2
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
e66dbe5ad60417a4a9bf5ddf0bc3eb02652e43c8 |
|
10-Jun-2014 |
Justin Morey <jmorey@google.com> |
Add support for a Google Play Services version of the JNI lib Change-Id: Ie0d9f83e366c0b99994eb861ae567d454cbbea5b
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
f24ba0620d88b7d71ddb089b97d29fb1b073718d |
|
09-Jun-2014 |
Kenny Root <kroot@google.com> |
Add ability to wrap platform keys This is mostly useful for unbundled Conscrypt currently when working with KeyChain-based keys, but could be good for use with PKCS11-like keys in other JSSE providers. Bug: 15469749 Change-Id: I56bf2eaf3228bdf42d671437f4fffdafb8b47b12
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
01cce891dd313a0fb9d4694283f2a13fb5c43afe |
|
09-May-2014 |
Alex Klyubin <klyubin@google.com> |
Expose support for TLS-PSK. TLS-PSK (Pre-Shared Key) is a set of TLS/SSL cipher suites that use symmetric (pre-shared) keys for mutual authentication of peers. These cipher suites are in some scenarios more suitable than those based on public key cryptography and X.509. See RFC 4279 (Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)) for more information. OpenSSL currently supports only the following PSK cipher suites: * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 * TLS_PSK_WITH_3DES_EDE_CBC_SHA * TLS_PSK_WITH_AES_128_CBC_SHA * TLS_PSK_WITH_AES_256_CBC_SHA * TLS_PSK_WITH_RC4_128_SHA The last four cipher suites mutually authenticate the peers and secure the connection using a pre-shared symmetric key. These cipher suites do not provide Forward Secrecy -- once the pre-shared key is compromised, all previous communications secured with that key can be decrypted. The first two cipher suites combine the pre-shared symmetric key with an ephemeral key obtained from an ECDH key exchange performed during the TLS/SSL handshake, thus providing Forward Secrecy. Users of TLS-PSK are expected to provide an implementation of PSKKeyManager to SSLContext.init and then enable at least one PSK cipher suite in SSLSocket/SSLEngine. Bug: 15073623 Change-Id: I8e59264455f980f23a5e66099c27b5b4d932b9bb
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
7b27ca77c328e510a165712a497c20b67c68e8a3 |
|
08-May-2014 |
Kenny Root <kroot@google.com> |
Add DH keys Add the initial steps for DH keys to be generated and handled via OpenSSL. Next steps will be hooking it up via other APIs that use DH keys. Change-Id: Ib159e60db73f82b75e0ba375a1d165c51286edac
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
9981428049a93947a70362480fbfaf66821890bf |
|
25-Apr-2014 |
Kenny Root <kroot@google.com> |
SSLEngine: fix some behaviors * We were not checking buffer lengths. * wrap/unwrap should start a handshake. Change-Id: I35fbd8bf5eb699923f4712e7590bce7e7e13e529
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
f878e438660d93f8689b864165230492e7a412d4 |
|
08-Nov-2013 |
Kenny Root <kroot@google.com> |
Add OpenSSLEngineImpl Add support for SSLEngine via OpenSSL APIs. Currently this supports just the basic SSLEngine functionality. It can be improved in efficiency and performance, but it appears not to leak anything and be correct according to our test suites. Change-Id: Iea2dc3922e7c30e26daca38361877bd2f88ae668
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
19fdf1af6bada9ebf4820839780d8713ac3824fa |
|
10-Apr-2014 |
Kenny Root <kroot@google.com> |
Convert calls to BIO_free to BIO_free_all If we have a chain of BIO, we want to free the entire chain. Otherwise, we might accidentally leave references sitting around. This shouldn't matter for our current use-case, but might help in the future. Change-Id: I586937629e1e4f2e80b5feefe2f49a85e8a31d31
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
f8a9b546d57c4731805e73e1e96ff2fb3e77d6e0 |
|
31-Mar-2014 |
Kenny Root <kroot@google.com> |
ALPN: change socket calls to SSL_set_alpn_protos Calling SSL_CTX_set_alpn_protos appears to be detrimental to thread safety since the implementation of it resets the values. It's not idempotent to call it multiple times like SSL_CTX_enable_npn. Bug: https://code.google.com/p/android/issues/detail?id=67940 Change-Id: I09ed9e75d08528300b86201c3e847b26702d4284
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
d2cced8b10f5e4f600a5eb9464eba0da7c8f09de |
|
20-Mar-2014 |
Kenny Root <kroot@google.com> |
Use the new endpointVerificationAlgorithm API Use the new X509ExtendedTrustManager and use the new getEndpointVerificationAlgorithm to check the hostname during the handshake. Bug: 13103812 Change-Id: Id0a74d4ef21a7d7c90357a111f99b09971e535d0
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
652ff53bd48ed61389337a42d8e50cdb7ace0fec |
|
24-Feb-2014 |
Kenny Root <kroot@google.com> |
Fix up concurrent use of APIs Code that is incorrectly using MessageDigest, Signature, or Mac in multiple threads simultaneously could cause a SEGV if OpenSSL is clearing out the MD_CTX at the same time another thread is trying to write to it. Make sure we initialize a new MD_CTX after each run to avoid crashing. The program using the instances concurrently is still wrong and will most likely get inconsistent results. Switch to using a context object instance to make sure we can hold a reference to the object during the native call. Bug: 8787753 Change-Id: I2518613a47cf03c811a29d17040804fc708394dd
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
60f83802801e224b51afac6c27c19e7c3d65ddc3 |
|
04-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
Harden (EC)DSA signatures against weak nonces. Private key information is leaked by (EC)DSA signatures when nonces are produced by a weak RNG. This CL enables a mitigation provided by OpenSSL: mix in private key and message being signed into randomly generated nonce. Provided private key was generated by strong RNG, this should mitigate the weakness. NOTE: This mitigation is not implemented for signatures which use hardware-backed private keys (AndroidKeyStore). Change-Id: I60dbf57bff3cfcdcbbeb18be5d9dfba523cc6bb8
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
7c3263f16bae0f1b2125de2c3c1c683303e768ce |
|
31-Jan-2014 |
Kenny Root <kroot@google.com> |
OpenSSLX509Certificate: only catch BadPaddingException We only need to catch BadPaddingException right now. Let the other non-RuntimeException exceptions pass. Change-Id: I5b6878250d428b1ee953092967b7418003ee9216
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
f33b51ba0b3305f503231efd4122564a6c4bc2b9 |
|
16-Jan-2014 |
Kenny Root <kroot@google.com> |
Track update to OpenSSL 1.0.1f The constants for handshake cutthrough and CBC record splitting were changed during the upgrade to OpenSSL 1.0.1f. This changes NativeCrypto.java to track them. Change-Id: I9e385c323d5557c5d50cffe3ce797dcf89667ad9
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
7dd8d0b433cf8212538aaaf8726f5222abf035dd |
|
09-Dec-2013 |
Matteo Franchin <matteo.franchin@arm.com> |
AArch64: Use long for pointers in Java sources. Fixing some mistakes in the JNI signatures: some pointers were passed via jint rather than jlong. Change-Id: I6120cc5742c8429a9e0fddda715b5169d820d31a Signed-off-by: Marcus Oakland <marcus.oakland@arm.com>
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
42bd279cf6a91642007955438510fda4cf99c4a0 |
|
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable MD5 cipher suites in SSLSocket and SSLEngine. Although HMAC-MD5 is not yet broken, the foundations are shaky -- see http://tools.ietf.org/html/rfc6151. Scans show that disabling these TLS/SSL cipher suites currently causes handshake issues with 0.4% of the ecosystem. Bug: 11220570 Change-Id: I1970d2ecbdf3c0d26e45d439047b1d3884ade2ec
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
5aa3d43116c0147efc991bf9db7505b51e52b591 |
|
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Actually prefer Forward Secrecy cipher suites. The documentation for the list of TLS/SSL cipher suites used by default states that cipher suites offering Forward Secrecy are preferred. This CL adjusts the list to conform: FS cipher suites that use RC4_128 bulk encryption algorithm were not preferred over non-FS cipher suites that use AES. Bug: 11220570 Change-Id: Ic9019306898600086920874474764186b710c3ef
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
c1cc669cc073979eedb8efa7d28845935990f21e |
|
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable 3DES cipher suites in SSLSocket. The effective key length for 3DES_EDE bulk encryption algorithm is only 112 bits. We're now aiming for 128 and higher. Scans show that removing these cipher suites from the default list causes handshake issues only with 0.15% of the ecosystem. Bug: 11220570 Change-Id: Ie01ebe8134d08a36b276295b804540157963be8f
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
30695d657d7b1d6203461e4ee0ddb333e641ab8a |
|
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable static server key ECDH cipher suites in SSLSocket. These cipher suites use a static key for ECDH on the server side. When client certificates are used, a static key is also used on the client side, leading to the same premaster secret for all connections between a particular client and server. Also, these cipher suites do not provide forward secrecy. Scans show that removing these cipher suites from the default list does not affect connectivity to servers and is thus safe. Bug: 11220570 Change-Id: If34f4a3888ed9972c39d171656a85c61dfa98ea1
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
5add959a0593b7f51c8cdc7af6cf6ea4bc8968a4 |
|
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Enable AES-GCM cipher suites by default in SSLSocket. AES-GCM is preferred to AES-CBC whose MAC-pad-then-encrypt approach has issues (e.g., Lucky 13 attack). Bug: 11220570 Change-Id: Ib007bc89ccf08358ed3f093f630350fa859e7c35
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
336e8eb9510cdad7c7a5f73ead3529d558cb0d08 |
|
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Enable support for TLSv1.2 cipher suites in SSLSocket. This adds support for AES-GCM and AES-CBC with MACs based on SHA256 and SHA384. Bug: 11220570 Change-Id: I56e7e25c5cd65a4c7662da6d4bbe5720f427e677
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
1f63d2c22326b989105366d2907a83b848dcd29e |
|
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Enable TLSv1.1 and TLSv1.2 by default for SSLSocket. TLSv1.1 and TLSv1.2 offer built-in protection against BEAST attack and support for GCM cipher suites. This change causes TLS/SSL handshake failures with a small fraction of servers, load balancers and TLS/SSL accelerators with broken TLS/SSL implementations. Scans demonstrate that the number is around 0.6%. Breaking connectivity (using platform default settings) to a tiny minority of the ecosystem is acceptable because this inconvenience is outweighed by the added safety for the overwheling majority of the ecosystem. App developers affected by this issue should consider asking such servers to be fixed or explicitly disabling TLSv1.1 and TLSv1.2 in their apps. Bug: 11220570 Change-Id: Ice9e8ce550401ba5e3385fd369c40f01c06ac7fd
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
2d089e18deae231149737cad6ce00f1e137a7199 |
|
21-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Stop depending on CipherSuite in OpenSSL-backed sockets. This is in preparation for removing Harmony-backed TLS/SSL implementations. Change-Id: Ic108e16d086fb99b69f0a4e4faeb816dc50a7643
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
f80cadc42c3b42f8f40a1bc5d51b94a48f8dc1c0 |
|
08-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Deprioritize HMAC-MD5 in default TLS/SSL cipher suites. Although HMAC-MD5 is not yet broken, the foundations are now much more shaky that those of HMAC-SHA. See http://tools.ietf.org/html/rfc6151. This CL also adds a comment about the key rules governing the preference order of cipher suites used by default. Bug: 11220570 Change-Id: I2a2fe4d427650081637efc14fd7c427a33cbea7e
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
df17f02d4d534830a82442a441328b6d9654f7ab |
|
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Prefer Forward Secrecy TLS/SSL cipher suites by default. This modifies the list of TLS/SSL cipher suites used by default to prefer those offering Forward Secrecy (FS) -- ECDHE and DHE. Bug: 11220570 Change-Id: I20f635d11e937d64de4f4e2fea34e1c5ea7a67ac
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
2a8db490ab83165520a6b4f0bf07a4e6e1add86d |
|
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Deprioritize RC4-based TLS/SSL cipher suites. Now that BEAST and Lucky13 mitigations are enabled, it is prudent to prefer AES CBC cipher suites over RC4 ones (see http://www.isg.rhul.ac.uk/tls/). Bug: 11220570 Change-Id: I52b9724700fd8eaeebbadcfa518a96823a1410b8
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
f087968310bb5233b76ad42841eb07e3c327f40f |
|
05-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
BEAST attack mitigation for OpenSSL-backed SSLSockets. This enables 1/n-1 record splitting for SSLSocket instances backed by OpenSSL. OpenSSL change: https://android-review.googlesource.com/#/c/69253/ Bug: 11514124 Change-Id: I3fef273edd417c51c5723d290656d2e03331d68a
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
68f4753f0faaaf7f8528faabcaa73fa37f157916 |
|
23-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Do not use short-keyed TLS/SSL cipher suites by default. This removes TLS/SSL cipher suites with bulk cipher secret keys shorter than 80 bits from the list of cipher suites used by default: * export-strength cipher suites, and * cipher suites using DES (but not 3DES) as their bulk cipher. Bug: 11220570 Change-Id: I04e30f6d634801b36018fecc8f2b257fc6b7adfc
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
9b39c872e57b147373ee69a2803dd8f5ef41da2d |
|
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Revert "Restore NativeCrypto#encodeCertificates for now" This reverts commit 07ff5de463a219d97b5ea7abfaa42bf3ae55fb57 and commit 42567acf03ad437efd20e70790ae0f708dda15bc. Change-Id: I05712ea94f0b11cc5963af58fb5081e65c79c3f0
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
75f87ef038b1e2bc6f44261c96a3035610ca1056 |
|
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Fix build Missed this during the git reset -p Change-Id: I6c089d2fb5192d43934d55949b261b05cb8d67da
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
dbbabeb40aee9326ca8b3a909b06d12c9c10c7f3 |
|
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Restore NativeCrypto#encodeCertificates for now Some other classes are using this. Restore this until they can be removed. Change-Id: Ibf188b7c4915865e20cc4ca51c73f26314df7828
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
0e9746b7b132058651155b33f219c7789997985b |
|
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Conscrypt: use certificate references in SSL code Instead of marshalling and unmarshalling to ASN.1 DER, just use references to OpenSSL X509 objects everywhere applicable. Change-Id: I1a28ae9232091ee199a9d4c7cd3c7bbd1efa1ca4
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
eaeedc318b5fba9995fc64d15341017ec182fe4c |
|
29-Aug-2013 |
Kenny Root <kroot@google.com> |
Move conscrypt out libjavacore and split tests To make the situation with testing a little better and enable building core libraries totally independent of conscrypt, move the native registration to a JNI_OnLoad scheme. Also, since we want to separate the testing, make conscrypt build its own tests library. Change-Id: I9f2831839059c1c012ec7bdeab2f90b4e2f44bfd
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
6fcf0cbeec79d1f2491d8d0774fdb314fc419ba3 |
|
25-Jun-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: Add ALPN support This adds the ability to use Application-Layer Protocol Negotiation (ALPN) as both a client and a server. ALPN is essentially like Next Protocol Negotiation (NPN) but negotiation is done in the clear. This allows the use of other protocols on the same port (e.g., SPDY instead of HTTP on port 80). Although previously clients using NPN were able to use cut-through, the new ALPN API does not provide for a way for a client to enable that during a callback. So the only difference is that NPN clients can enable SSL False Start while ALPN clients cannot currently. Change-Id: I42ff70f3711e9cccaf754d189f76eeaa9db5f981
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
209c986cfe42dbaa5497c6e68d1b5db96b28db78 |
|
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: Fix a lot of random doc bugs Remove lots of empty javadoc tags that were unused or invalid. Remove some unused imports. Mark a few input streams as intentionally unclosed. Change-Id: I04d8642abd2b0f2e9be02e227658a1b9bd192d24
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
2a4faf6763b502c98d13bf79d1c9fba223b698c7 |
|
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: inline call to peekInt Remove dependency on libcore by inlining a copy of Memory#peekInt Change-Id: Ided7a6bf111ca507df985c45f4c2cf43bca0e471
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
1fd2d19849ac52f63b7bf2010cde24c44ad7ba3f |
|
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: remove unused import Change-Id: I61339e0250ce949c633545d509a4991cc97e2c7a
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
35beb3047b2b8ffc019f8218989a0255cc5e3818 |
|
06-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: replace Harmony routines with OpenSSL Change-Id: I954932e45877cca073b71f33b4ccd4eacae8f510
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
1ecc0481f90d32b89b3b051cad70efe07468acd0 |
|
03-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: move key conversion to Java Key type conversion in native code is from the legacy period before the OpenSSLKey class existed. Use that to hold PKEY reference instead of converting it in native code. Change-Id: I84e9a6e1f2e0f95d2f44c18fa9f65cd15e039d63
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
3ff2b34d00ea89eec5b895d866fddf05942fd2a7 |
|
03-May-2013 |
Kenny Root <kroot@google.com> |
Move encoding method out of NativeCrypto Move the encoding method for X.509 out of NativeCrypto to the class that uses it. Change-Id: I57198101553f309c04b5e757716d1d807eb99a90
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
923e3c5a80a6daefc14d4d0242ac46f23ac41b6a |
|
01-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: build native library standalone Change-Id: I678f5c1b985d72ab1d41ae22dfcae35814c44e85
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
860d2707ce126ef8f66e3eac7ceeab6d24218cd8 |
|
24-Apr-2013 |
Kenny Root <kroot@google.com> |
Move JSSE to new package To help with shipping the JSSE with apps that want to bundle it, move it to a new package so that the tangles in other parts of the library can be untangled. Change-Id: I810b6861388635301e28aee5b9b47b8e6b35b430
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|