959e25c3aeb8122eb736be64e6aed48f1cf0706f |
|
20-May-2015 |
Kenny Root <kroot@google.com> |
SSL: select the right key type for kx During the switch to BoringSSL this function was rewritten and it requested DH public key with RSA signature for a lot of things. (cherry picked from commit d8606d56b6367d55174527c2206e51b474caf0d2) Bug: 20641394 Change-Id: Id3880b01ed1810c5d7af9996c48ce45fdf4850f8
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
f79c90d56464e254ce8645f886ec0ca47573ced1 |
|
24-Apr-2015 |
Adam Langley <agl@google.com> |
external/conscrypt: add NativeConstants. NativeConstants.java is generated by a C program and thus the values will automatically be kept in sync with the contents of the OpenSSL headers. Bug: 20521989 Change-Id: Ib5a97bf6ace05988e3eef4a9c8e02d0f707d46ad
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
7dab2fdf7cffde2f1b3b9e552c3a3f7c49953f13 |
|
09-Feb-2015 |
Alex Klyubin <klyubin@google.com> |
Enable any opaque private keys to be used with TLS/SSL stack. Prior to this CL, opaque private keys -- those that do not expose/export their key material -- were not supported by Conscrypt's SSLSocket, SSLServerSocket and SSLEngine implementations if the keys were backed by other providers. This CL fixes this issue. Conscrypt's TLS/SSL stack now works with arbitrary opaque private keys provided that: * for EC private key: an installed implementation of NONEwithECDSA Signature accepts the key for signing; and * for RSA private key: an installed implementation of NONEwithRSA Signature accepts the key for signing and an installed implementation of RSA/ECB/PKCS1Padding Cipher accepts the key for decryption. This normally requires that the JCA Provider which produced the PrivateKey instance expose the above Cipher transformation and Signature algorithms. HOW THIS WORKS The underlying OpenSSL TLS/SSL stack uses the provided private keys only to decrypt and sign. For opaque private keys these requests are delegated (same as before, via CryptoUpcalls) to corresponding Cipher (RSA/ECB/PKCS1Padding) and Signature (NONEwithRSA or NONEwithECDSA) implementations. Even when signing and decryption is outsourced, OpenSSL still needs the modulus (for RSA) and order (for EC), supposedly to estimate output size of signing or decryption operations. This information is not available via the PrivateKey interface. However, an opaque private key may still implement the RSAKey or ECKey interface which provides access to modulus or order but does not provide access to key material. Moreover, in all use cases of private keys with Conscrypt's TLS/SSL stack the modulus or order can be obtained and provided to OpenSSL. In the case of private keys used for client or server authentication, the public key of the certificate is used as the source of the information. In the case of TLS Channel ID, the order is currently fixed and known (only NIST P-256 is supported). Bug: 19284418 Change-Id: I8fea2492f9cf48cfc29c3e7d2ee99a68e84e82ec
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
668c1863ff8e20d130f91c5aba123354b229edf6 |
|
11-Mar-2015 |
Kenny Root <kroot@google.com> |
SSLParametersImpl: make some methods public To help with testing, make some of the methods public so we can call them from tests in a different ClassLoader. Bug: 19657440 Change-Id: Ib5cb0629ffb52ac57ff24d9d5c4df1509897bd05
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
c4da67c549b0b711728b2bd1e55401ac21e032ce |
|
22-Dec-2014 |
Kenny Root <kroot@google.com> |
SSLParametersImpl: remove redundant SNI check method This was the result of a bad merge resurrecting the method that had been moved to AddressUtils. Change-Id: I91dcd1bf21e3184bbdef93341d1c34fb0358b768
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
37e58bbef60b18389074d8ef8a8c470e47f3d7ee |
|
25-Nov-2014 |
Kenny Root <kroot@google.com> |
Convert EVP_PKEY to new style To avoid conflicts in the language spec and how Conscrypt does native calls, we need to wrap all native references in a Java object reference. Calling NativeCrypto's static native methods with a raw pointer doesn't guarantee that the calling object won't be finalized during the method running. This pass fixes EVP_PKEY references, but more passes are needed. Bug: 16656908 Change-Id: I5925da40cb37cd328b3a126404944f771732a43e
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
b221fc936a19284974ba3fa9404bb7a2579f67b9 |
|
20-Nov-2014 |
Kenny Root <kroot@google.com> |
Always default to true for jsse.enableSNIExtension Since both unbundled and platform agree now, we don't need the call in Platform.java to check. We should always default to true. Change-Id: I8fc3257871075b3c4ff128060972b6029ab2f640
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
e53baea9221be7f9828d0f338ede284e22f55722 |
|
13-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Remove support for DSS TLS/SSL cipher suites. This is in preparation for migration from OpenSSL to BoringSSL. BoringSSL does not support DSS. DSS cipher suites are used by a vanishingly tiny fraction of the Android ecosystem. In all cases, the server's SSL certificate is self-signed (rather than CA issued), making it easy to switch to a new self-signed certificate which is based on RSA or ECDSA. Bug: 17409664 Change-Id: I91067ca9df764edd2b7820e5dec995f24f3910a1
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
b9bfe69f1c205ab67a03e10a01e2cc90871a0879 |
|
18-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Fix null elements in X509KeyManager.chooseClientAlias keyTypes. This fixes an issue where client certificate types requested by the server from the client, but not known by the client, manifest themselves as null elements in X509KeyManager.chooseClientAlias keyTypes argument. The root cause was that for each element in the CertificateRequest.certificate_types array an element was output into the keyTypes array. For unknown values of certificate_type, a null was output. This CL fixes the issue by ignoring unknown values in certificate_types array. Bug: 18414726 Change-Id: I8565e19a610c0ecfb7cab1b7707c335e0eeb8d89
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
dee4e55cf84abc70ffa01cd6941576267b48b824 |
|
31-Oct-2014 |
Kenny Root <kroot@google.com> |
Remove SSLv3 from default protocols list for TLS SSLv3 has some systemic problems demonstrated by the POODLE attack. Disable it by default when "TLS" is requested since the documentation in Java Standard Names allows us to not support SSL when TLS is requested. Bug: 17136008 Change-Id: Icad1639c7e33b6e495f452a5289b0d20b819d679
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
0b4bf3b34c15be6a7b3e02b4b4855049af183580 |
|
31-Oct-2014 |
Alex Klyubin <klyubin@google.com> |
Support duck-typed PSKKeyManager instances in SSLContext.init. On some platforms there are multiple classes defining the PSKKeyManager interface. At the moment, SSLContext.init does not handle this situation. This CL makes SSLContext.init treat KeyManager instances which expose all the methods of PSKKeyManager interface as implementing this interface. This duck-typing is achieved via Reflection. Change-Id: I8a3146a9cabb3f951c95ca6d86d72589e0344fc1
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
966ae8a6e12f3235b1cb041e687bda11b41fe4eb |
|
18-Aug-2014 |
Kenny Root <kroot@google.com> |
Read property to enable SNI Read the system property "jsse.enableSNIExtension" on whether to enable Server Name Indication (SNI) extension. For unbundled builds, this will be enabled by default. For platform builds, this will be disabled by default. Bug: 16658420 Bug: 17059757 Change-Id: I774f5406bf3fe601a42c4ef5e708b31800147eb9
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
342097db97a9b2736531033b2c4b4d8ce4998c67 |
|
20-Aug-2014 |
Kenny Root <kroot@google.com> |
Validate hostname is usable for SNI According to RFC 6066 section 3, the hostname listed in the Server Name Indication (SNI) field is a fully qualified domain name and IP addresses are not permitted. Bug: 16658420 Bug: 17059757 Change-Id: I804e46b6e66599b2770f0f4f0534467987e51208
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
cc2ef2e2e9ee64f2e0ac2abc7fdf636e2f81fa5e |
|
20-Aug-2014 |
Kenny Root <kroot@google.com> |
Rename hostname fields and methods to reflect usage The hostname that was supplied when the socket was created is stored as the "peerHostname" This is the only one that should be used for Server Name Indication (SNI) purposes. The "peerHostname" or the resolved IP address may be used for certificate validation, so keep the use of "getHostname()" for cerificate validation. Bug: 16658420 Bug: 17059757 Change-Id: Ifd87dead44fb2f00bbfd5eac7e69fb3fc98e94b4
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
d1bbcd0ec973e1b8465c204c13b4925fd86e6484 |
|
11-Aug-2014 |
Kenny Root <kroot@google.com> |
Relax checks for key vs cert for wrapped keys If a key is a wrapped platform key, we must relax the check. The reason is that we may not have the public values we need to pass the EVP_PKEY_cmp checks that this does. Change-Id: I7ab2be51b0968a9cf771edea01d33fe2367c8185
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
8f9ac1af0cbdf00e5e47aee32c132522ebc3bd17 |
|
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Enable PSK cipher suites when PSKKeyManager is provided. This enables TLS-PSK cipher suites by default iff SSLContext is initialized with a PSKKeyManager. For consistency, X.509 based cipher suites are no longer enabled by default at all times -- they are now only enabled by default iff SSLContext is initialized with a X509KeyManager or a X509TrustManager. When both X.509 and PSK cipher suites need to be enabled, PSK cipher suites are given higher priority in the resulting list of cipher suites. This is based on the assumption that in most cases users of TLS/SSL who enable TLS-PSK would prefer TLS-PSK to be used when the peer supports TLS-PSK. Bug: 15073623 Change-Id: I8e2bc3e7a1ea8a986e468973b6bad19dc6b7bc3c
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
a3284927fe74b688cfd8a57fdf7cdbf8eaa0123a |
|
17-Jun-2014 |
Brian Carlstrom <bdc@google.com> |
Remove (cherry picked from commit b860016f415dfc5655dcee45f70e8871a2e3edfe) Change-Id: I4302ea4e0200ac80a0b9f3b953d58270b65b3d0c
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
35f7742cbada75ba2ba2c57ef7014392eea3839d |
|
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Make setEnabledProtocols/CipherSuites copy their inputs. SSLSocket, SSLServerSocket, and SSLEngine offer setEnabledProtocols and setEnabledCipherSuites methods which take an array of protocols or cipher suites as input. If these methods store references to the input arrays, then the internal state (lists of enabled protocols and cipher suites) of SSLSocket, SSLServerSocket, and SSLEngine could be modified without going through the setter methods of these classes. Bug: 15753142 Change-Id: Ia5248050d81320ed1da99892278bd60872605f52
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
f17361e797e5538e5c17b2ef6ef0f992bbc493fe |
|
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Remove unnecessary comments in SSLParametersImpl. This is a follow-up cleanup requested during the code review of ae2ecac00779167b0381c48da7c612567d1c646f. Change-Id: I6c8ac2392c5f88ee732f5aa204e20cc1ee7e32d8
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
ae2ecac00779167b0381c48da7c612567d1c646f |
|
30-May-2014 |
Alex Klyubin <klyubin@google.com> |
SSLParametersImpl is the source of enabled cipher suites and protocols. An instance of SSLParametersImpl is associated with SSLContext and is then cloned into any SSLSocketFactory, SSLServerSocketFactory, SSLSocket, SSLServerSocket, and SSLEngine. This CL ensures that all these primitives obtain their list of enabled cipher suites and protocols from their instance of SSLParametersImpl. Bug: 15073623 Change-Id: I40bf32e8654b299518ec0e77c3218a0790d9c4fd
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
01cce891dd313a0fb9d4694283f2a13fb5c43afe |
|
09-May-2014 |
Alex Klyubin <klyubin@google.com> |
Expose support for TLS-PSK. TLS-PSK (Pre-Shared Key) is a set of TLS/SSL cipher suites that use symmetric (pre-shared) keys for mutual authentication of peers. These cipher suites are in some scenarios more suitable than those based on public key cryptography and X.509. See RFC 4279 (Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)) for more information. OpenSSL currently supports only the following PSK cipher suites: * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 * TLS_PSK_WITH_3DES_EDE_CBC_SHA * TLS_PSK_WITH_AES_128_CBC_SHA * TLS_PSK_WITH_AES_256_CBC_SHA * TLS_PSK_WITH_RC4_128_SHA The last four cipher suites mutually authenticate the peers and secure the connection using a pre-shared symmetric key. These cipher suites do not provide Forward Secrecy -- once the pre-shared key is compromised, all previous communications secured with that key can be decrypted. The first two cipher suites combine the pre-shared symmetric key with an ephemeral key obtained from an ECDH key exchange performed during the TLS/SSL handshake, thus providing Forward Secrecy. Users of TLS-PSK are expected to provide an implementation of PSKKeyManager to SSLContext.init and then enable at least one PSK cipher suite in SSLSocket/SSLEngine. Bug: 15073623 Change-Id: I8e59264455f980f23a5e66099c27b5b4d932b9bb
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
3e46e4ee56c8e37158f46941dedd5b436d724baa |
|
23-May-2014 |
Kenny Root <kroot@google.com> |
Unbundle: hacks to let Conscrypt compile standalone This is the first pass at getting Conscrypt to compile standalone. It works fine in apps currently. There are a few TODOs to fix. Change-Id: I9b43ba12c55e04c8897ccacf38979ca671a55a26
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
767fda1ec66f2e2bf8a8f5fe17841906338b9471 |
|
13-May-2014 |
Alex Klyubin <klyubin@google.com> |
Get rid of some warnings. Change-Id: I87f3ad5374d89e8acfdd78fe5af4b02be483cd3d
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
a132fc92896da9372f9a34ab1d6dca52c467d2f6 |
|
12-May-2014 |
Kenny Root <kroot@google.com> |
Turn off verify peer for servers with no client auth Since the default is now SSL_VERIFY_PEER, as a server we need to explicitly set that we don't want a client certificate by setting SSL_VERIFY_NONE. Change-Id: I740389cc59ef8cb444a0e504838a1c0591df2bf9
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
2a9ca52cd6a26a5db6df8148e4a1bcdf3d4d0aac |
|
01-May-2014 |
Kenny Root <kroot@google.com> |
Call SSL_set_alpn_protos with right native pointer This change was missed during rebase of the OpenSSLEngine code since this used to be SSL_CTX_set_alpn_protos. Bug: 14273022 Change-Id: Ib72b27c8d5a4ddfde4e0c0ee2ab97bfb039c7f56
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
f878e438660d93f8689b864165230492e7a412d4 |
|
08-Nov-2013 |
Kenny Root <kroot@google.com> |
Add OpenSSLEngineImpl Add support for SSLEngine via OpenSSL APIs. Currently this supports just the basic SSLEngine functionality. It can be improved in efficiency and performance, but it appears not to leak anything and be correct according to our test suites. Change-Id: Iea2dc3922e7c30e26daca38361877bd2f88ae668
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
3c072fb087eaa1a363fc673c60f5ef65390e356f |
|
07-Nov-2013 |
Kenny Root <kroot@google.com> |
Refactor OpenSSLSocketImpl Move functionality that will be shared with OpenSSL's SSLEngine implementation out of OpenSSLSocketImpl and into the (soon-to-be) shared SSLParametersImpl. The functionality should stay the same. Change-Id: If8faa3ad2c9c73c0a0cd4b9716639b362b2b26a1
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
f111f6235d016ce54ab95a2c634a400efe29f24b |
|
31-Mar-2014 |
Kenny Root <kroot@google.com> |
Remove SSLEngineImpl This is replaced by OpenSSL-backed SSLEngineImpl. Change-Id: I7b51f6fa772e431c6283008535bfec90821d0bef
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
b3c6484a539961803e2709c9e3859d241ae00b12 |
|
24-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Correctly handle empty arrays in SSLContext.init. The contract of SSLContext.init is that empty arrays of KeyManager/TrustManager in its parameters are handled differently from null arrays. This CL adjusts the behavaior to match the contract. Namely, empty arrays mean that SSLContext is being initialized without any KeyManagers/TrustManagers rather than with default ones. Bug: 13563675 Change-Id: I52adc5e7143d4f050be0b22b3b464c10bb97d102
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
d2cced8b10f5e4f600a5eb9464eba0da7c8f09de |
|
20-Mar-2014 |
Kenny Root <kroot@google.com> |
Use the new endpointVerificationAlgorithm API Use the new X509ExtendedTrustManager and use the new getEndpointVerificationAlgorithm to check the hostname during the handshake. Bug: 13103812 Change-Id: Id0a74d4ef21a7d7c90357a111f99b09971e535d0
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
4a4a74e84ee407eb49a01cf2325ea34fc92ed1a4 |
|
21-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Leave SSLParametersImpl.getDefaultX509TrustManager public. I renamed this method from getDefaultTrustManager to getDefaultX509TrustManager and erroneously made it private in 8d63ff1384e46407a7618df2b79b2b455795c396. I missed the fact that it's being used from framework's android.net.http.CertificateChainValidator. This CL reverts this method to being public again. Bug: 13563574 Change-Id: I601c651d631f5a2e4a04d21941186553988e5286
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
8d63ff1384e46407a7618df2b79b2b455795c396 |
|
19-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Support TLS/SSL without X509TrustManager or X509KeyManager. This makes TLS/SSL primitives operate as expected when no X509TrustManager or X509KeyManager is provided. Instead of blowing up with KeyManagementException or NullPointerException (or similar) when X509TrustManager or X509KeyManager is not provided, this CL makes SSLContext.init accept such setup, and makes SSLSocket and SSLEngine reject certificate chains, select no private keys/aliases, and accept no certificate issuers. Bug: 13563574 Change-Id: I8de58377a09025258357dd4da9f6cb1b6f2dab80
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|
860d2707ce126ef8f66e3eac7ceeab6d24218cd8 |
|
24-Apr-2013 |
Kenny Root <kroot@google.com> |
Move JSSE to new package To help with shipping the JSSE with apps that want to bundle it, move it to a new package so that the tangles in other parts of the library can be untangled. Change-Id: I810b6861388635301e28aee5b9b47b8e6b35b430
/external/conscrypt/src/main/java/org/conscrypt/SSLParametersImpl.java
|