01e9682cab6a554e5e83bb98db7d81691e0a2ca7 |
|
07-Jul-2016 |
Chad Brubaker <cbrubaker@google.com> |
Avoid NPE on certificates that cannot be read Skip certificates in a DirectoryCertificateSource that cannot be read to due IOExceptions or CertificateExceptions, this prevents a NPE but connections will still fail due to the certificate being unusable and no valid trust-anchor existing. This also logs the error since this really shouldn't happen. Bug: 29997695 Change-Id: I9f7327efc302a259fb951f1f61f7fc4d647821fa
/frameworks/base/core/java/android/security/net/config/DirectoryCertificateSource.java
|
bf9a82a6433701aa2f02761f3a7c425ffef4fa09 |
|
25-Mar-2016 |
Chad Brubaker <cbrubaker@google.com> |
Add handleTrustStorageUpdate This pruns all the stored trusted issuers so that changes to the system or user CA store are detected. Currently this is only exposed as a TestApi, but it can be hooked up to the trusted storage change event in a future commit. Bug: 27526668 Change-Id: Ic426254babab9a3177c968bc05b45e95eaac1fdd
/frameworks/base/core/java/android/security/net/config/DirectoryCertificateSource.java
|
aa6c3c3e252252b80c3900bd4c1ff27d37265c6d |
|
18-Dec-2015 |
Chad Brubaker <cbrubaker@google.com> |
Support TrustedCertificateStore.findAllIssuers Change-Id: I176ec42c9907e50ee218e4fb352b530ca797be46
/frameworks/base/core/java/android/security/net/config/DirectoryCertificateSource.java
|
8d92314e5f3e071ab35f1010e06df02f1b8cc63b |
|
10-Dec-2015 |
Chad Brubaker <cbrubaker@google.com> |
Merge "Expose findByIssuerAndSignature" am: b27d820920 am: f1870eee34 * commit 'f1870eee348179ccfc796956fd366d77f77ab850': Expose findByIssuerAndSignature
|
7845e44c0cff3ec6a9ea0e5059fa1f7019ef0eb7 |
|
01-Dec-2015 |
Chad Brubaker <cbrubaker@google.com> |
Don't use IntegralToString Fix master build Change-Id: I084ada7ccf54ab1708306ad2a412d8a09f78dec4
/frameworks/base/core/java/android/security/net/config/DirectoryCertificateSource.java
|
fa9beebb83abe38fa04c14dc628bc5c1b4b068cd |
|
25-Nov-2015 |
Chad Brubaker <cbrubaker@google.com> |
Expose findByIssuerAndSignature This will be used to create a custom conscrypt TrustedCertificateStore to avoid loading all of the trusted certificates into memory in a keystore. Change-Id: Iaf54b691393ecadae6c7ff56b8adc6a2a2923d29
/frameworks/base/core/java/android/security/net/config/DirectoryCertificateSource.java
|
d3af9620817220d737fdb532c1ae1032bdd65e11 |
|
16-Nov-2015 |
Chad Brubaker <cbrubaker@google.com> |
Expose findTrustAnchorBySubjectAndPublicKey This allows for faster lookups of TrustAnchors when checking pin overrides without needing to iterate over all certificates. Currently only the system and user trusted certificate store are optimized to avoid reading the entire source before doing the trust anchor lookup, improvements to the resource source will come in a later commit. This also refactors System/UserCertificateSource to avoid code duplication. Change-Id: Ice00c5e047140f3d102306937556b761faaf0d0e
/frameworks/base/core/java/android/security/net/config/DirectoryCertificateSource.java
|