• Home
  • History
  • Annotate
  • only in /libcore/luni/src/main/java/javax/security/auth/x500/
History log of /libcore/luni/src/main/java/javax/security/auth/x500/
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
86acc043d3334651ee26c65467d78d6cefedd397 12-Sep-2012 Kenny Root <kroot@google.com> Add consistent reasons for NullPointerException

Semi-automated replacement of empty and non-conforming
NullPointerException reason messages.

Change-Id: Iedeb4b21949e973c4042ce5982dda315f2e785e1
500Principal.java
1b3c5388d0fffde4392007eb1b0be011a5dfae82 12-May-2011 Brian Carlstrom <bdc@google.com> Make CertInstaller installed CA certs trusted by applications via default TrustManager (2 of 6)

frameworks/base

Adding IKeyChainService APIs for CertInstaller and Settings use
keystore/java/android/security/IKeyChainService.aidl

libcore

Improve exceptions to include more information
luni/src/main/java/javax/security/auth/x500/X500Principal.java

Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods.
Added support for adding user CAs in a separate directory for system.
Added support for removing system CAs by placing a copy in a sytem directory
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java

Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java

Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash
to make sure the implementing algorithms doe not change since
TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL
changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to
1.0.0)

luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java

Extensive test of new TrustedCertificateStore behavior
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java

TestKeyStore improvements
- Refactored TestKeyStore to provide simpler createCA method (and
internal createCertificate)
- Cleaned up to remove use of BouncyCastle specific X509Principal
in the TestKeyStore API when the public X500Principal would do.
- Cleaned up TestKeyStore support methods to not throw Exception
to remove need for static blocks for catch clauses in tests.

support/src/test/java/libcore/java/security/TestKeyStore.java
luni/src/test/java/libcore/java/security/KeyStoreTest.java
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java

Added private PKIXParameters contructor for use by
IndexedPKIXParameters to avoid wart of having to lookup and pass
a TrustAnchor to satisfy the super-class sanity check.

luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java
luni/src/main/java/java/security/cert/PKIXParameters.java

packages/apps/CertInstaller

Change CertInstaller to call IKeyChainService.installCertificate
for CA certs to pass them to the KeyChainServiceTest which will
make them available to all apps through the
TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask.

src/com/android/certinstaller/CertInstaller.java

Added installCaCertsToKeyChain and hasCaCerts accessor for use by
CertInstaller. Use hasUserCertificate() internally. Cleanup coding
style.

src/com/android/certinstaller/CredentialHelper.java

packages/apps/KeyChain

Added MANAGE_ACCOUNTS so that IKeyChainService.reset
implementation can remove KeyChain accounts.

AndroidManifest.xml

Implement new IKeyChainService methods:
- Added IKeyChainService.installCaCertificate to install certs
provided by CertInstaller using the TrustedCertificateStore.
- Added IKeyChainService.reset to allow Settings to remove the
KeyChain accounts so that any app granted access to keystore
credentials are revoked when the keystore is reset.

src/com/android/keychain/KeyChainService.java

packages/apps/Settings

Changed com.android.credentials.RESET credential reset action to
also call IKeyChainService.reset to remove any installed user CAs
and remove KeyChain accounts to have AccountManager revoke
credential granted to private keys removed during the RESET.

src/com/android/settings/CredentialStorage.java

Added toast text value for failure case

res/values/strings.xml

system/core

Have init create world readable /data/misc/keychain to allow apps
to access user added CA certificates installed by the CertInstaller.

rootdir/init.rc

Change-Id: Ief57672eea38b3eece23b14c94dedb9ea4713744
500Principal.java
78e3320540c8bdcbefba5ae1222ee18f6679ab33 13-Jan-2011 Elliott Hughes <enh@google.com> Most callers of toLowerCase/toUpperCase should pass Locale.US to avoid problems in Turkey.

Some callers should be replaced with equalsIgnoreCase instead.

The one exception is StreamTokenizer, where the RI uses the default
locale, which is arguably the right thing to do. No-one cares because
that's legacy API, but I've added a test anyway.

I've left HttpCookie and GeneralName for my co-conspirators because the
appropriate resolutions aren't as obvious there...

Bug: 3325637
Change-Id: Ia37a1caaa91b11763ae43e61e445adb45c30f793
500Principal.java
018b67accb28954d35f3cd697be3428e9b45b7d8 28-May-2010 Jesse Wilson <jessewilson@google.com> Further small fixes to increase API compatibility with RI v6.

Highlights:
code was moved from SSLContextImpl to its superclass.
took X500Principal code from Harmony

Tested with Harmony's tests.api.javax.security.auth.x500.X500PrincipalTest.

Change-Id: I89b46d4b47e692a5461916cca972e05de95f3280
500Principal.java
2313047d797e4daece04da8e8ed406d26b589f82 22-May-2010 Elliott Hughes <enh@google.com> Remove more localized exception messages.

Change-Id: I88eba4180e66d328c23a266f133b96d53cf62d40
500Principal.java
f33eae7e84eb6d3b0f4e86b59605bb3de73009f3 13-May-2010 Elliott Hughes <enh@google.com> Remove all trailing whitespace from the dalvik team-maintained parts of libcore.

Gentlemen, you may now set your editors to "strip trailing whitespace"...

Change-Id: I85b2f6c80e5fbef1af6cab11789790b078c11b1b
500Principal.java
fd6bb3510c2f94d636f3572dcf5f7f4dcd1a2726 13-May-2010 Elliott Hughes <enh@google.com> Remove //$NON-NLS-\d$ cruft.

Mostly done by perl(1), with manual cleanup of the few misspelled instances.
This makes our trailing whitespace slightly worse, but I'll fix all that with
a follow-on change.

Change-Id: I0b4ca98819be6f9519c4ba980d759bd1ee1a0303
500Principal.java
cec4dd4b1d33f78997603d0f89c0d0e56e64dbcd 26-Apr-2010 Peter Hallam <peterhal@google.com> merge more modules into luni
500Principal.java
ackage.html