Cross Reference: /frameworks/base/core/java/android/security/net/config/SystemCertificateSource.java

History log of /frameworks/base/core/java/android/security/net/config/SystemCertificateSource.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
319f9fe1024c3b9c941e6e4701f2d4ac651cb3da	14-Jun-2016	Chad Brubaker <cbrubaker@google.com>	Use NoPreloadHolder for certificate sources The static instances of SystemCertificateSource and UserCertificateSource depend on the current user, avoid triggering their static initializer when preloaded. Bug: 29258379 Change-Id: I5088366ae67145b8bc928d6c04118529c82a7fc3 /frameworks/base/core/java/android/security/net/config/SystemCertificateSource.java
d3af9620817220d737fdb532c1ae1032bdd65e11	16-Nov-2015	Chad Brubaker <cbrubaker@google.com>	Expose findTrustAnchorBySubjectAndPublicKey This allows for faster lookups of TrustAnchors when checking pin overrides without needing to iterate over all certificates. Currently only the system and user trusted certificate store are optimized to avoid reading the entire source before doing the trust anchor lookup, improvements to the resource source will come in a later commit. This also refactors System/UserCertificateSource to avoid code duplication. Change-Id: Ice00c5e047140f3d102306937556b761faaf0d0e /frameworks/base/core/java/android/security/net/config/SystemCertificateSource.java
80a73f5939364a07d8e83d3a90de6dc789e1b334	05-Nov-2015	Chad Brubaker <cbrubaker@google.com>	Use a builder for NetworkSecurityConfig The builder supports all the standard builder set* methods as well as setting a parent builder to use when values are not set (recursively). This allows us to have a level of inheretence in configurations without complicating the lookup and trust checking logic by doing inheretence when building the configs. Change-Id: I054af83451e52761227479eadf9cb9803437505f /frameworks/base/core/java/android/security/net/config/SystemCertificateSource.java
6bc1e3966c4890ee3d47b5e527b800f2700ed627	24-Oct-2015	Chad Brubaker <cbrubaker@google.com>	Add initial network security config implementation Initial implementation of a unified application wide static network security configuration. This currently encompases: * Trust decisions such as what trust anchors to use as well as static certificate pinning. * Policy on what to do with cleartext traffic. In order to prevent issues due to interplay of various components in an application and their potentially different security requirements configuration can be specified at a per-domain granularity in addition to application wide defaults. This change contains the internal data structures and trust management code, hooking these up in application startup will come in a future commit. Change-Id: I53ce5ba510a4221d58839e61713262a8f4c6699c /frameworks/base/core/java/android/security/net/config/SystemCertificateSource.java