| c64652932d8e17ccf7e54c0c76c1b38a86841732 |
|
10-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Call EVP_CIPHER_CTX_free instead of EVP_CIPHER_CTX_cleanup.
The latter doesn't OpenSSL_free memory allocated by EVP_CIPHER_CTX_new.
It's worth noting that EVP_CIPHER_CTX_free doesn't check the return
value of EVP_CIPHER_CTX_cleanup so we can't throw if cleanup failed, but
we were only ever calling this method from a finalizer anyway.
bug: 18617384
Change-Id: Ida65e14ffbed41f56a59e2f5fe77289cac0f5947
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 9ca6641ca7fdcb7cc3931fdcd2071297d278f286 |
|
07-Nov-2014 |
Kenny Root <kroot@google.com> |
Track upgrade to OpenSSL 1.0.1j
(cherry picked from commit 8ae86f7662a6330f58df6bdf3fd06af8e1dc281f)
Bug: 18018599
Change-Id: I2b8c62190a9dd5e5fdc6894334cf1d3edfce0a06
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 8d7e23e117da591a8d48e6bcda9ed6f58ff1a375 |
|
03-Oct-2014 |
Kenny Root <kroot@google.com> |
Add support for TLS_FALLBACK_SCSV
Bug: 17750026
Change-Id: I1c2ecbeb914db645f440d58e7f7daa86d880ad6f
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| a20d871a327ac3a0322b1086dce36c420502b11e |
|
22-Jul-2014 |
Kenny Root <kroot@google.com> |
OpenSSLEngineImpl: reduce number of copies needed
When the ByteBuffer didn't line up exactly with the backing array, it
would allocate a new buffer to write into. Instead, add the ability for
OpenSSL to read at an offset in the given array so a copy isn't needed.
(cherry picked from commit 7ed0fae1906061766d0042e69ccba20e4a702bbe)
Change-Id: I149d3f94e4b5cbdc010df80439ae3300cbdc87a5
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| fdb7d8c53dabac5551e2499d045ba6829bcfc0a0 |
|
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Enable PSK cipher suites when PSKKeyManager is provided.
This enables TLS-PSK cipher suites by default iff SSLContext is
initialized with a PSKKeyManager. For consistency, X.509 based
cipher suites are no longer enabled by default at all times -- they
are now only enabled by default iff SSLContext is initialized with a
X509KeyManager or a X509TrustManager.
When both X.509 and PSK cipher suites need to be enabled, PSK cipher
suites are given higher priority in the resulting list of cipher
suites. This is based on the assumption that in most cases users of
TLS/SSL who enable TLS-PSK would prefer TLS-PSK to be used when the
peer supports TLS-PSK.
Bug: 15073623
(cherry picked from commit 8f9ac1af0cbdf00e5e47aee32c132522ebc3bd17)
Change-Id: Icd7fe066147a6b2fc64d807204cc99f6af821313
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 6e2315fd96c3c4a47450c1a437babacc94bc31a6 |
|
15-Jul-2014 |
Ed Heyl <edheyl@google.com> |
reconcile aosp (e79c25bf33e10da41e489c537823f678e1a1169c) after branching. Please do not merge.
Change-Id: I39ab275cd9744ba442fee7db9038107b4603526f
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 978e2e1e44570bdbac7b3538c5e198d8ff645202 |
|
17-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Assert that the padding extension is enabled by default.
Change-Id: I1c8aa589e3274bfd3a5fc66c3e948828903c1966
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| b79411aa945a885318a0b26ff4841e99ac6640fd |
|
04-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Adjust the list of supported ECDHE-PSK cipher suites.
The SHA-2 based cipher suites cannot be used with SSLv3 but there is
no way to express that in OpenSSL's configuration. This CL thus
adjusts the list of supported cipher suites accordingly.
Bug: 15073623
Change-Id: I427c99f4c1c72690d95e5a3c63763631c41ddae2
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| e66dbe5ad60417a4a9bf5ddf0bc3eb02652e43c8 |
|
10-Jun-2014 |
Justin Morey <jmorey@google.com> |
Add support for a Google Play Services version of the JNI lib
Change-Id: Ie0d9f83e366c0b99994eb861ae567d454cbbea5b
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| f24ba0620d88b7d71ddb089b97d29fb1b073718d |
|
09-Jun-2014 |
Kenny Root <kroot@google.com> |
Add ability to wrap platform keys
This is mostly useful for unbundled Conscrypt currently when working
with KeyChain-based keys, but could be good for use with PKCS11-like
keys in other JSSE providers.
Bug: 15469749
Change-Id: I56bf2eaf3228bdf42d671437f4fffdafb8b47b12
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 01cce891dd313a0fb9d4694283f2a13fb5c43afe |
|
09-May-2014 |
Alex Klyubin <klyubin@google.com> |
Expose support for TLS-PSK.
TLS-PSK (Pre-Shared Key) is a set of TLS/SSL cipher suites that use
symmetric (pre-shared) keys for mutual authentication of peers. These
cipher suites are in some scenarios more suitable than those based on
public key cryptography and X.509. See RFC 4279 (Pre-Shared Key
Ciphersuites for Transport Layer Security (TLS)) for more information.
OpenSSL currently supports only the following PSK cipher suites:
* TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
* TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
* TLS_PSK_WITH_3DES_EDE_CBC_SHA
* TLS_PSK_WITH_AES_128_CBC_SHA
* TLS_PSK_WITH_AES_256_CBC_SHA
* TLS_PSK_WITH_RC4_128_SHA
The last four cipher suites mutually authenticate the peers and
secure the connection using a pre-shared symmetric key. These cipher
suites do not provide Forward Secrecy -- once the pre-shared key is
compromised, all previous communications secured with that key can be
decrypted. The first two cipher suites combine the pre-shared
symmetric key with an ephemeral key obtained from an ECDH key
exchange performed during the TLS/SSL handshake, thus providing
Forward Secrecy.
Users of TLS-PSK are expected to provide an implementation of
PSKKeyManager to SSLContext.init and then enable at least one PSK
cipher suite in SSLSocket/SSLEngine.
Bug: 15073623
Change-Id: I8e59264455f980f23a5e66099c27b5b4d932b9bb
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 7b27ca77c328e510a165712a497c20b67c68e8a3 |
|
08-May-2014 |
Kenny Root <kroot@google.com> |
Add DH keys
Add the initial steps for DH keys to be generated and handled via
OpenSSL. Next steps will be hooking it up via other APIs that use DH
keys.
Change-Id: Ib159e60db73f82b75e0ba375a1d165c51286edac
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 9981428049a93947a70362480fbfaf66821890bf |
|
25-Apr-2014 |
Kenny Root <kroot@google.com> |
SSLEngine: fix some behaviors
* We were not checking buffer lengths.
* wrap/unwrap should start a handshake.
Change-Id: I35fbd8bf5eb699923f4712e7590bce7e7e13e529
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| f878e438660d93f8689b864165230492e7a412d4 |
|
08-Nov-2013 |
Kenny Root <kroot@google.com> |
Add OpenSSLEngineImpl
Add support for SSLEngine via OpenSSL APIs. Currently this supports just
the basic SSLEngine functionality. It can be improved in efficiency and
performance, but it appears not to leak anything and be correct
according to our test suites.
Change-Id: Iea2dc3922e7c30e26daca38361877bd2f88ae668
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 19fdf1af6bada9ebf4820839780d8713ac3824fa |
|
10-Apr-2014 |
Kenny Root <kroot@google.com> |
Convert calls to BIO_free to BIO_free_all
If we have a chain of BIO, we want to free the entire chain. Otherwise,
we might accidentally leave references sitting around. This shouldn't
matter for our current use-case, but might help in the future.
Change-Id: I586937629e1e4f2e80b5feefe2f49a85e8a31d31
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| f8a9b546d57c4731805e73e1e96ff2fb3e77d6e0 |
|
31-Mar-2014 |
Kenny Root <kroot@google.com> |
ALPN: change socket calls to SSL_set_alpn_protos
Calling SSL_CTX_set_alpn_protos appears to be detrimental to thread
safety since the implementation of it resets the values. It's not
idempotent to call it multiple times like SSL_CTX_enable_npn.
Bug: https://code.google.com/p/android/issues/detail?id=67940
Change-Id: I09ed9e75d08528300b86201c3e847b26702d4284
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| d2cced8b10f5e4f600a5eb9464eba0da7c8f09de |
|
20-Mar-2014 |
Kenny Root <kroot@google.com> |
Use the new endpointVerificationAlgorithm API
Use the new X509ExtendedTrustManager and use the new
getEndpointVerificationAlgorithm to check the hostname during the
handshake.
Bug: 13103812
Change-Id: Id0a74d4ef21a7d7c90357a111f99b09971e535d0
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 652ff53bd48ed61389337a42d8e50cdb7ace0fec |
|
24-Feb-2014 |
Kenny Root <kroot@google.com> |
Fix up concurrent use of APIs
Code that is incorrectly using MessageDigest, Signature, or Mac in
multiple threads simultaneously could cause a SEGV if OpenSSL is
clearing out the MD_CTX at the same time another thread is trying to
write to it. Make sure we initialize a new MD_CTX after each run to
avoid crashing. The program using the instances concurrently is still
wrong and will most likely get inconsistent results.
Switch to using a context object instance to make sure we can hold a
reference to the object during the native call.
Bug: 8787753
Change-Id: I2518613a47cf03c811a29d17040804fc708394dd
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 60f83802801e224b51afac6c27c19e7c3d65ddc3 |
|
04-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
Harden (EC)DSA signatures against weak nonces.
Private key information is leaked by (EC)DSA signatures when nonces
are produced by a weak RNG. This CL enables a mitigation provided by
OpenSSL: mix in private key and message being signed into randomly
generated nonce. Provided private key was generated by strong RNG,
this should mitigate the weakness.
NOTE: This mitigation is not implemented for signatures which use
hardware-backed private keys (AndroidKeyStore).
Change-Id: I60dbf57bff3cfcdcbbeb18be5d9dfba523cc6bb8
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 7c3263f16bae0f1b2125de2c3c1c683303e768ce |
|
31-Jan-2014 |
Kenny Root <kroot@google.com> |
OpenSSLX509Certificate: only catch BadPaddingException
We only need to catch BadPaddingException right now. Let the other
non-RuntimeException exceptions pass.
Change-Id: I5b6878250d428b1ee953092967b7418003ee9216
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| f33b51ba0b3305f503231efd4122564a6c4bc2b9 |
|
16-Jan-2014 |
Kenny Root <kroot@google.com> |
Track update to OpenSSL 1.0.1f
The constants for handshake cutthrough and CBC record splitting were changed
during the upgrade to OpenSSL 1.0.1f. This changes NativeCrypto.java to track them.
Change-Id: I9e385c323d5557c5d50cffe3ce797dcf89667ad9
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 7dd8d0b433cf8212538aaaf8726f5222abf035dd |
|
09-Dec-2013 |
Matteo Franchin <matteo.franchin@arm.com> |
AArch64: Use long for pointers in Java sources.
Fixing some mistakes in the JNI signatures: some pointers were passed
via jint rather than jlong.
Change-Id: I6120cc5742c8429a9e0fddda715b5169d820d31a
Signed-off-by: Marcus Oakland <marcus.oakland@arm.com>
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 42bd279cf6a91642007955438510fda4cf99c4a0 |
|
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable MD5 cipher suites in SSLSocket and SSLEngine.
Although HMAC-MD5 is not yet broken, the foundations are shaky --
see http://tools.ietf.org/html/rfc6151.
Scans show that disabling these TLS/SSL cipher suites currently
causes handshake issues with 0.4% of the ecosystem.
Bug: 11220570
Change-Id: I1970d2ecbdf3c0d26e45d439047b1d3884ade2ec
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 5aa3d43116c0147efc991bf9db7505b51e52b591 |
|
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Actually prefer Forward Secrecy cipher suites.
The documentation for the list of TLS/SSL cipher suites used by
default states that cipher suites offering Forward Secrecy are
preferred. This CL adjusts the list to conform: FS cipher suites
that use RC4_128 bulk encryption algorithm were not preferred
over non-FS cipher suites that use AES.
Bug: 11220570
Change-Id: Ic9019306898600086920874474764186b710c3ef
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| c1cc669cc073979eedb8efa7d28845935990f21e |
|
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable 3DES cipher suites in SSLSocket.
The effective key length for 3DES_EDE bulk encryption algorithm
is only 112 bits. We're now aiming for 128 and higher.
Scans show that removing these cipher suites from the default list
causes handshake issues only with 0.15% of the ecosystem.
Bug: 11220570
Change-Id: Ie01ebe8134d08a36b276295b804540157963be8f
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 30695d657d7b1d6203461e4ee0ddb333e641ab8a |
|
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable static server key ECDH cipher suites in SSLSocket.
These cipher suites use a static key for ECDH on the server side.
When client certificates are used, a static key is also used on the
client side, leading to the same premaster secret for all connections
between a particular client and server. Also, these cipher suites do
not provide forward secrecy.
Scans show that removing these cipher suites from the default list
does not affect connectivity to servers and is thus safe.
Bug: 11220570
Change-Id: If34f4a3888ed9972c39d171656a85c61dfa98ea1
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 5add959a0593b7f51c8cdc7af6cf6ea4bc8968a4 |
|
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Enable AES-GCM cipher suites by default in SSLSocket.
AES-GCM is preferred to AES-CBC whose MAC-pad-then-encrypt approach
has issues (e.g., Lucky 13 attack).
Bug: 11220570
Change-Id: Ib007bc89ccf08358ed3f093f630350fa859e7c35
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 336e8eb9510cdad7c7a5f73ead3529d558cb0d08 |
|
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Enable support for TLSv1.2 cipher suites in SSLSocket.
This adds support for AES-GCM and AES-CBC with MACs based on SHA256
and SHA384.
Bug: 11220570
Change-Id: I56e7e25c5cd65a4c7662da6d4bbe5720f427e677
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 1f63d2c22326b989105366d2907a83b848dcd29e |
|
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Enable TLSv1.1 and TLSv1.2 by default for SSLSocket.
TLSv1.1 and TLSv1.2 offer built-in protection against BEAST attack
and support for GCM cipher suites.
This change causes TLS/SSL handshake failures with a small fraction
of servers, load balancers and TLS/SSL accelerators with broken
TLS/SSL implementations.
Scans demonstrate that the number is around 0.6%. Breaking
connectivity (using platform default settings) to a tiny minority of
the ecosystem is acceptable because this inconvenience is outweighed
by the added safety for the overwheling majority of the ecosystem.
App developers affected by this issue should consider asking such
servers to be fixed or explicitly disabling TLSv1.1 and TLSv1.2 in
their apps.
Bug: 11220570
Change-Id: Ice9e8ce550401ba5e3385fd369c40f01c06ac7fd
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 2d089e18deae231149737cad6ce00f1e137a7199 |
|
21-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Stop depending on CipherSuite in OpenSSL-backed sockets.
This is in preparation for removing Harmony-backed TLS/SSL
implementations.
Change-Id: Ic108e16d086fb99b69f0a4e4faeb816dc50a7643
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| f80cadc42c3b42f8f40a1bc5d51b94a48f8dc1c0 |
|
08-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Deprioritize HMAC-MD5 in default TLS/SSL cipher suites.
Although HMAC-MD5 is not yet broken, the foundations are now much
more shaky that those of HMAC-SHA.
See http://tools.ietf.org/html/rfc6151.
This CL also adds a comment about the key rules governing the
preference order of cipher suites used by default.
Bug: 11220570
Change-Id: I2a2fe4d427650081637efc14fd7c427a33cbea7e
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| df17f02d4d534830a82442a441328b6d9654f7ab |
|
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Prefer Forward Secrecy TLS/SSL cipher suites by default.
This modifies the list of TLS/SSL cipher suites used by default to
prefer those offering Forward Secrecy (FS) -- ECDHE and DHE.
Bug: 11220570
Change-Id: I20f635d11e937d64de4f4e2fea34e1c5ea7a67ac
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 2a8db490ab83165520a6b4f0bf07a4e6e1add86d |
|
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Deprioritize RC4-based TLS/SSL cipher suites.
Now that BEAST and Lucky13 mitigations are enabled, it is prudent to
prefer AES CBC cipher suites over RC4 ones
(see http://www.isg.rhul.ac.uk/tls/).
Bug: 11220570
Change-Id: I52b9724700fd8eaeebbadcfa518a96823a1410b8
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| f087968310bb5233b76ad42841eb07e3c327f40f |
|
05-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
BEAST attack mitigation for OpenSSL-backed SSLSockets.
This enables 1/n-1 record splitting for SSLSocket instances backed by
OpenSSL.
OpenSSL change: https://android-review.googlesource.com/#/c/69253/
Bug: 11514124
Change-Id: I3fef273edd417c51c5723d290656d2e03331d68a
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 68f4753f0faaaf7f8528faabcaa73fa37f157916 |
|
23-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Do not use short-keyed TLS/SSL cipher suites by default.
This removes TLS/SSL cipher suites with bulk cipher secret keys
shorter than 80 bits from the list of cipher suites used by default:
* export-strength cipher suites, and
* cipher suites using DES (but not 3DES) as their bulk cipher.
Bug: 11220570
Change-Id: I04e30f6d634801b36018fecc8f2b257fc6b7adfc
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 9b39c872e57b147373ee69a2803dd8f5ef41da2d |
|
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Revert "Restore NativeCrypto#encodeCertificates for now"
This reverts commit 07ff5de463a219d97b5ea7abfaa42bf3ae55fb57 and
commit 42567acf03ad437efd20e70790ae0f708dda15bc.
Change-Id: I05712ea94f0b11cc5963af58fb5081e65c79c3f0
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 75f87ef038b1e2bc6f44261c96a3035610ca1056 |
|
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Fix build
Missed this during the git reset -p
Change-Id: I6c089d2fb5192d43934d55949b261b05cb8d67da
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| dbbabeb40aee9326ca8b3a909b06d12c9c10c7f3 |
|
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Restore NativeCrypto#encodeCertificates for now
Some other classes are using this. Restore this until they can be
removed.
Change-Id: Ibf188b7c4915865e20cc4ca51c73f26314df7828
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 0e9746b7b132058651155b33f219c7789997985b |
|
13-Sep-2013 |
Kenny Root <kroot@google.com> |
Conscrypt: use certificate references in SSL code
Instead of marshalling and unmarshalling to ASN.1 DER, just use
references to OpenSSL X509 objects everywhere applicable.
Change-Id: I1a28ae9232091ee199a9d4c7cd3c7bbd1efa1ca4
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| eaeedc318b5fba9995fc64d15341017ec182fe4c |
|
29-Aug-2013 |
Kenny Root <kroot@google.com> |
Move conscrypt out libjavacore and split tests
To make the situation with testing a little better and enable building
core libraries totally independent of conscrypt, move the native
registration to a JNI_OnLoad scheme. Also, since we want to separate the
testing, make conscrypt build its own tests library.
Change-Id: I9f2831839059c1c012ec7bdeab2f90b4e2f44bfd
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 6fcf0cbeec79d1f2491d8d0774fdb314fc419ba3 |
|
25-Jun-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: Add ALPN support
This adds the ability to use Application-Layer Protocol Negotiation
(ALPN) as both a client and a server. ALPN is essentially like Next
Protocol Negotiation (NPN) but negotiation is done in the clear. This
allows the use of other protocols on the same port (e.g., SPDY instead
of HTTP on port 80).
Although previously clients using NPN were able to use cut-through, the
new ALPN API does not provide for a way for a client to enable that
during a callback. So the only difference is that NPN clients can enable
SSL False Start while ALPN clients cannot currently.
Change-Id: I42ff70f3711e9cccaf754d189f76eeaa9db5f981
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 209c986cfe42dbaa5497c6e68d1b5db96b28db78 |
|
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: Fix a lot of random doc bugs
Remove lots of empty javadoc tags that were unused or invalid.
Remove some unused imports.
Mark a few input streams as intentionally unclosed.
Change-Id: I04d8642abd2b0f2e9be02e227658a1b9bd192d24
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 2a4faf6763b502c98d13bf79d1c9fba223b698c7 |
|
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: inline call to peekInt
Remove dependency on libcore by inlining a copy of Memory#peekInt
Change-Id: Ided7a6bf111ca507df985c45f4c2cf43bca0e471
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 1fd2d19849ac52f63b7bf2010cde24c44ad7ba3f |
|
07-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: remove unused import
Change-Id: I61339e0250ce949c633545d509a4991cc97e2c7a
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 35beb3047b2b8ffc019f8218989a0255cc5e3818 |
|
06-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: replace Harmony routines with OpenSSL
Change-Id: I954932e45877cca073b71f33b4ccd4eacae8f510
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 1ecc0481f90d32b89b3b051cad70efe07468acd0 |
|
03-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: move key conversion to Java
Key type conversion in native code is from the legacy period before the
OpenSSLKey class existed. Use that to hold PKEY reference instead of
converting it in native code.
Change-Id: I84e9a6e1f2e0f95d2f44c18fa9f65cd15e039d63
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 3ff2b34d00ea89eec5b895d866fddf05942fd2a7 |
|
03-May-2013 |
Kenny Root <kroot@google.com> |
Move encoding method out of NativeCrypto
Move the encoding method for X.509 out of NativeCrypto to the class that
uses it.
Change-Id: I57198101553f309c04b5e757716d1d807eb99a90
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 923e3c5a80a6daefc14d4d0242ac46f23ac41b6a |
|
01-May-2013 |
Kenny Root <kroot@google.com> |
NativeCrypto: build native library standalone
Change-Id: I678f5c1b985d72ab1d41ae22dfcae35814c44e85
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|
| 860d2707ce126ef8f66e3eac7ceeab6d24218cd8 |
|
24-Apr-2013 |
Kenny Root <kroot@google.com> |
Move JSSE to new package
To help with shipping the JSSE with apps that want to bundle it, move
it to a new package so that the tangles in other parts of the library
can be untangled.
Change-Id: I810b6861388635301e28aee5b9b47b8e6b35b430
/external/conscrypt/src/main/java/org/conscrypt/NativeCrypto.java
|