87b15f87f9e01e8e8d8350aa3fc74a08599ad6e8 |
07-Mar-2017 |
Kenny Root <kroot@google.com> |
Remove DHE ciphers from defaults list Since DHE does not allow negotiation of the group used, it is pretty broken. ECDHE at least allows the negotiation of the group which allows its security to be maintained with configuration changes in the client or server. This tracks a change in Conscrypt merged in 906cfad7e08fd339be06441ff42960743f95053c Test: cts-tradefed run cts -m CtsLibcoreOkHttpTestCases -a arm64-v8a Test: cts-tradefed run cts -m CtsLibcoreTestCases -a arm64-v8a Test: make docs Test: visual inspection of docs output in web browser Change-Id: Ic90297bf6b1c82af192a887797238ad250e3d1ce
ibcore/java/security/StandardNames.java
|
5d175dd4d7b128492ef7e3da6a77d80b8fd0aa22 |
02-Mar-2017 |
Tobias Thierer <tobiast@google.com> |
Automated: Canonicalize spelling of Android-changed across libcore This applies the same regexp replacement across libcore that http://r.android.com/345826 had only applied to ojluni. Most of the previous noncanonical spellings were a lowercased "android-" that should be "Android-". This CL was created by running the following command on top of the above CL. No manual changes were made. find . -name \*\.java | xargs sed -i \ -e 's/Android[- ]changed/Android-changed/ig' \ -e 's/Android-changed :/Android-changed:/g' \ -e 's/Android-changed \(BEGIN\|END\)/\1 Android-changed/g' \ -e 's/Android-changed - /Android-changed: /g' \ -e 's/Android[- ]removed/Android-removed/ig' \ -e 's/Android-removed :/Android-removed:/g' \ -e 's/Android-removed \(BEGIN\|END\)/\1 Android-removed/g' \ -e 's/Android-removed - /Android-removed: /g' \ -e 's/Android[- ]added/Android-added/ig' \ -e 's/Android-added :/Android-added:/g' \ -e 's/Android-added \(BEGIN\|END\)/\1 Android-added/g' \ -e 's/Android-added - /Android-added: /g' \ -e 's/----- \(BEGIN\|END\) android\( -----\)\?/\1 Android-changed/g' \ -e 's/\/\* \(BEGIN\|END\) Android-changed \*\//\/\/ \1 Android-changed/g' Bug: 35841464 Test: make droid cts Change-Id: I060c7236b7607763e5d27d60aa395d2507703a95
rg/apache/harmony/security/tests/support/cert/MyCertStoreParameters.java
|
30307ec0c76a51b91701f3b90d764ad6ef679dc3 |
23-Feb-2017 |
Paul Duffin <paulduffin@google.com> |
Fix InetAddress.getByName tests Removes suppression of legacy harmony tests that fail on Android. Changes: 1) Switches libcore InetAddressTest to parameterized Junit4 test framework to make additions of test data easier / clearer. 2) Removes failing harmony test cases. This seemed like the correct approach as the harmony tests expected completely opposite behavior to the libcore tests but while the libcore tests pass the harmony tests have been broken for over 3 years. 3) Adds test cases to libcore InetAddressTest to assert the behavior of addresses removed from the harmony test cases. 4) Removes suppression of harmony test cases. 5) Handles knock-ons in SerializationTester; it assumed that all tests extend TestCase, no longer the case with JUnit 4. Bug: 11689863 Test: with cts and vogar Change-Id: Iea6ba11fda18f058068e4eea1490d98ee7a3eb2d
rg/apache/harmony/testframework/serialization/SerializationTest.java
|
4a7d052f9ff1dede771be29acf8e855959b08a69 |
14-Feb-2017 |
Adam Vartanian <flooey@google.com> |
Conscrypt: Add PBEWithHmacSHAXXXAndAES_XXX cipher aliases. Bug: 29631070 Test: cts run -m CtsLibcoreTestCases -t libcore.java.security.ProviderTest Test: cts run -m CtsLibcoreTestCases -t libcore.javax.crypto.CipherTest Change-Id: I9bd6ed1a17048748cc5006326720dbd6c2012d67
ibcore/java/security/StandardNames.java
|
4ddff9fdecadc83d710e65c80cdb67d301a41523 |
14-Feb-2017 |
Adam Vartanian <flooey@google.com> |
Merge "BouncyCastle: Enable EC AlgorithmParameters."
|
8cce46455d74a8e143476630edf924d1b33d0803 |
13-Feb-2017 |
Kenny Root <kroot@google.com> |
Merge "Reduce number of lint warnings"
|
c4da73d37028b599c4576cf4da6682b31ed1cfbe |
13-Feb-2017 |
Kenny Root <kroot@google.com> |
Merge "Use the new X.509 cert generator API"
|
04ba2ae5ace8d45cbce4139bec5889cf7191d15a |
09-Feb-2017 |
Kenny Root <kroot@google.com> |
Use the new X.509 cert generator API The previous API has been deprecated within Bouncycastle for a while. Switch to the newer one to avoid the deprecation warnings. Test: cts-tradefed run cts -m CtsLibcoreTestCases Change-Id: I24b1340185876f90730d362019f202431c94d4a2
ibcore/java/security/TestKeyStore.java
|
2bdd86ec6cbafe421e5f4c24b6ec0f0fffe27f90 |
09-Feb-2017 |
Kenny Root <kroot@google.com> |
Reduce number of lint warnings When compiled against the SDK, junit.framework is noted as deprecated. Changing this to use JUnit4-style asserts doesn't break any users. Test: cts-tradefed run cts -m CtsLibcoreTestCases Change-Id: Ic480b16db8e0ef13b55e7f3c005c7d9c26da0114
ibcore/java/security/StandardNames.java
ibcore/java/security/TestKeyStore.java
|
385c0d328cd6925efd4d2c985f412166e78ced3c |
08-Feb-2017 |
Adam Vartanian <flooey@google.com> |
Conscrypt: Add key-constrained versions of AES algorithms. Bug: 29631070 Test: run cts -m CtsLibcoreTestCases Change-Id: I7174ec7f6c598d46dce1935385c723b96907d9d1
ibcore/java/security/StandardNames.java
|
61209f38be2e98277eca36a3039da34ee0c32a54 |
10-Feb-2017 |
Adam Vartanian <flooey@google.com> |
BouncyCastle: Enable EC AlgorithmParameters. Bug: 29631070 Test: run cts -m CtsLibcoreTestCases Change-Id: Iff5246f9053a8a1691038f5719145a541ebec5e2
ibcore/java/security/StandardNames.java
|
fe74e44f279e241d07b0b0eeae28bf3bd4cfc622 |
26-Jan-2017 |
Chad Brubaker <cbrubaker@google.com> |
Provide SSL SSLContext algorithm SSL was rexposed in 3f3b9c8292773841760263f410b74ed0ab7aae6b as an alias to TLS. Bug: 34722987 Test: cts-tradefed run cts -m CtsLibcoreTestCases -t libcore.java.security.ProviderTest Change-Id: Icf784ca30ccec2c5546dc9af6e7a06ae8ffefd56
ibcore/java/security/StandardNames.java
|
3f3b9c8292773841760263f410b74ed0ab7aae6b |
17-Jan-2017 |
Chad Brubaker <cbrubaker@google.com> |
Expose SSLContext.SSL as an alias for SSLContext.TLS SSL was removed with SSLv3 however a lot of callers use SSL instead of Default leading to breakage. Test: libcore/run-libcore-tests libcore/luni/src/test/java/libcore/javax/net/ssl/* Bug:32584776 Bug:30977793 Change-Id: I7ce48488a28e2c62bb0c2a76261a11fbd5bb9da7
ibcore/java/security/StandardNames.java
|
aeec00f5c8ce2675107ac096765fb250521b903e |
11-Jan-2017 |
Robert Sloan <varomodt@google.com> |
Update Libcore's Elliptic Curves to the BoringSSL change: https://boringssl-review.googlesource.com/#/c/10923/ Test: CtsLibcoreTestCases Change-Id: Ie13bcce8b1557e55921366643efbf71b7b75314b
ibcore/java/security/StandardNames.java
|
6a5e142b16cf6b921420d371c35d950a13b22db1 |
20-Dec-2016 |
Yi Kong <yikong@google.com> |
Remove StuckServer using backlog and tests relying on it StuckServer uses kernel implementation details that have changed on version > 4.4, and causing tests depending on it to fail. Since we can't find an alternative method to simulate a stuck server without special permission, and the test itself is not reliable in that they don't fail on non-stuck servers, remove them from Libcore tests. Test: CtsLibcoreTestCases Bug: 32551747 Change-Id: I88d837329d65040a9f8550fff790f8703ea773f3
ests/net/StuckServer.java
|
03d2687dfc9b84bb16ea2b5f6a85da539696b30c |
29-Nov-2016 |
Przemyslaw Szczepaniak <pszczepaniak@google.com> |
Update java.util.jar to openJdk8u60 Attributes.java - header change - Use of generics - Updated documentation links - Deprecated: EXTENSION_INSTALLATION, IMPLEMENTATION_VENDOR_ID, IMPLEMENTATION_URL JarEntry.java - header change - Updated javadoc JarFile.java: - Entry enumerator moved to seperate static inner class - Streams implementation - Non-crucial META-INF/* (not *.SF|*.DSA|*.RSA|*.EC|MANIFEST.MF) files are not passed to JarVerifier in .intializeVerifier() call. Otherwise we could signal the end of META-INF parsing (due to changes in JarVerifier). - Refactoring of hasClassPathAttribute, divided into many methods - Android-changed: Commented out isKnownNotToHaveSpecialAttributes() method that doesn't make sense on android JarOutputStream.java - Header change - Replaced a use of "& 0xff" with a cleaner conversion to unsigned int JarVerifier.java - Use of generics - beginEntry explicitly omits META-INF manifest and index signature check (So they can be passed to beginEntry without side-effects) - beginEntry process properly non-crucial META-INF/ entries (not *.SF|*.DSA|*.RSA|*.EC|MANIFEST.MF) and checks their signatures (added a test for that) - Change from "Enhance signed jar verification": .entryNames treats .findMatchingSigners(c) null result as empty array (probably a bug fix). Manifest.java - Use of generics - Replaced a use of "& 0xff" with a cleaner conversion to unsigned int Pack200.java - Copyright update - javadoc formating changes - addPropertyChangeListener & removePropertyChangeListener gained empty default implementation and deprecated SignatureFileVerifier.java: - uncommented isSigningRelated (requried by JarFile) Test: CtsLibcoreTestCases Change-Id: I56c59fac628c97a8b7c6967a43c0e23c8b068120
ests/resources/hyts_metainf.jar
|
a86c73bb4b81906c965a55de48e38dd4e44f49e6 |
18-Oct-2016 |
Kenny Root <kroot@google.com> |
SSLSocketTest: TLS client auth with opaque keys AndroidKeyStore can be used with TLS client auth, but we don't test anything similar with SSLSocketTest. Add a PrivateKey wrapper that allows us to closely simulate the conditions which trigger the special code in Conscrypt to do upcalls to Java to generate signatures with the client private key. Test: cts-tradefed run cts -m CtsLibcoreTestCases -a arm64-v8a Test: cts-tradefed run cts -m CtsLibcoreOkHttpTestCases -a arm64-v8a Bug: 31714503 Change-Id: I559db546ddd31f8efbe73fc70a91689ed6d7d7e5
ibcore/java/security/TestKeyStore.java
|
332b1ef6fed9327bdfd4f3388a5ae62a56fa5bba |
04-Nov-2016 |
Kenny Root <kroot@google.com> |
Merge "Make sure BouncyCastleProvider is initialized"
|
a1d3063e3f0d9b8eb9b049bcaa0808f4ea6fba64 |
31-Oct-2016 |
Kenny Root <kroot@google.com> |
Make sure BouncyCastleProvider is initialized When running these tests against an Android system when we're not built as part of the system image (e.g., we have our own BouncyCastleProvider instance), then we need to make sure our instance of BouncyCastleProvider is initialized properly. The initialization happens in its constructor. In TestKeyStore the included version of BouncyCastleProvider does not need to be inserted as a security provider since it's only used to create X.509 certificates. However, BouncyCastle calls into itself for some things like OID -> key type conversion. This relies on all of its internal data structures being initialized properly. In particular there is a keyInfoConverters field that must be populated to work correctly. If keyInfoConverters is not populated, the generated certificate will have a null PublicKey since it can't figure out what type of key it is. Test: ran outside of CTS Test: cts-tradefed run cts -m CtsLibcoreTestCases -a arm64-v8a Bug: 31119038 Change-Id: I1bcc73a363cb9dac9e9decb9046d386d3394f1d9
ibcore/java/security/TestKeyStore.java
|
76fcaa0e395ed2795e271213b10056264cb79aec |
01-Nov-2016 |
Yi Kong <yikong@google.com> |
Address URLConnectionTest post-commit review comments This change addresses some post-commit review comments for commit 44c55c5b639d6c1eea6eeae8414ef9df95b67bb7: * Moved SocketTimeoutException into a separate test. * Added more infomative comments regarding setDelay. * Reduced method visibility, being public method is unnecessary. Bug: 32363029 Test: URLConnectionTest#test_setReadTimeoutI_SocketTimeoutException Change-Id: Ia13ba801cfa6e06fc7597f4f665fa2d002b688e1
ests/support/Support_TestWebServer.java
|
44c55c5b639d6c1eea6eeae8414ef9df95b67bb7 |
31-Oct-2016 |
Yi Kong <yikong@google.com> |
Fix URLConnectionTest.test_setReadTimeoutI on host test This was failing because the test assumes that read will not complete within 1ms, while it is still possible, especially on host tests. This patch introduces a minimum time delay before the TestWebServer sends data. Bug: 32363029 Test: org.apache.harmony.luni.tests.java.net.URLConnectionTest#test_setReadTimeoutI under host tests Change-Id: Ibb4e2125f99b0544d0f09331b4ab9b0448b14035
ests/support/Support_TestWebServer.java
|
0310e4db77a3eb2f0ff6a98af37f6ebd262014d3 |
27-Oct-2016 |
Sergio Giro <sgiro@google.com> |
sun.security.x509: porting rev/04cda5b7a3c1 Changes to KeyUsageExtension, NetscapeCerTypeExtension and ReasonFlags as to check as to improve checks of array bounds. sun.security.provider.certpath.DistributionPointFetcher has a similar change concerning array bounds, where the opportunity to improve probably was spotted by the fact that it uses ReasonFlags. Since in the classes in sun.security.x509 the logic for toString changed slightly, tests are added that passed both before and after the change, as to check that the outcome is the same. Bug: 29631070 Test: run cts -m CtsLibcoreTestCases Change-Id: I2a2c10c59509063e648f238f82ac71b4f513cd71
ibcore/sun/security/x509/Utils.java
|
c8e523784063ff26f67cc60483e58af42fc59ce0 |
20-Oct-2016 |
Sergio Giro <sgiro@google.com> |
Merge "bouncycastle: add support for PKCS5S2 algorithm parameters"
|
859391ac33730f23dae23e005723c810a91eade4 |
20-Oct-2016 |
Kenny Root <kroot@google.com> |
Merge "Fix some imports in TestUtils.java"
|
62201369e92a97002f65c5bc6298efb159552cfd |
20-Oct-2016 |
Kenny Root <kroot@google.com> |
Fix some imports in TestUtils.java Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=136450318 Test: mmma -j32 libcore Change-Id: I62edce18ddd1ebf46d2488d88376636f566e3f6f
rg/apache/harmony/security/tests/support/cert/TestUtils.java
|
7284903a42754756a36fde17ee0c814c7de8973f |
19-Oct-2016 |
Kenny Root <kroot@google.com> |
TlsWire: add missing secp224r1 value This is used by the RI so add it to the list of known values. Test: mmma -j32 libcore Test: cts-tradefed run cts -m CtsLibcoreTestCases -a arm64-v8a Change-Id: Id4792b5f42e309570d5c27accd0e51c432df5289
ibcore/tlswire/handshake/EllipticCurve.java
|
cfd2637a57c661014a9b7803a014c8d1fa432954 |
18-Oct-2016 |
Kenny Root <kroot@google.com> |
Remove unused import in Support_ClassLoader Test: mmma -j32 libcore Change-Id: I7be19dcf3b42d14328524d7ceecfa9bd48f87dc3
ests/support/Support_ClassLoader.java
|
f3203f2d212279300ebd7f4a43ae323580d77812 |
17-Oct-2016 |
Sergio Giro <sgiro@google.com> |
bouncycastle: add support for PKCS5S2 algorithm parameters Java 8 allows to specify a PBE key using only the password (as opposed to password + salt + iteration count) and generate the encryption key later by specifying the rest of the parameters in an AlgorithmParameters object. Adding these AlgorithmParameters in BouncyCastle together with support in ciphers. Bug: 29631070 Test: run CtsLibcoreTestCases Change-Id: If3f9cf04a12beaf7cade5197ecbf7ea0fcca72fe
ibcore/java/security/StandardNames.java
|
4193cab12a4b47920f932fc716a0c168185def76 |
13-Oct-2016 |
Treehugger Robot <treehugger-gerrit@google.com> |
Merge "Split out Dalvik implementation"
|
80dd0941ddca9aa7c9be1c7dfff9def1083c01ba |
11-Oct-2016 |
Sergio Giro <sgiro@google.com> |
Merge "external/bouncycastle: add algorithms for PbeWithHmacSha mac variants"
|
0c6b3e248be702b7fb17dfe3508860057774316d |
09-Oct-2016 |
Kenny Root <kroot@google.com> |
Split out Dalvik implementation This helps with compiling this on non-Android platforms since you can simply not compile the Dalvik implementation. Test: mmma -j32 libcore && vogar --mode host --classpath out/host/common/obj/JAVA_LIBRARIES/core-tests-support-hostdex_intermediates/classes.jack --classpath out/host/common/obj/JAVA_LIBRARIES/core-tests-hostdex_intermediates/classes.jack libcore/luni/src/test/java/libcore/java/lang/OldClassTest.java Change-Id: I44ae710f36a4ce44d8c3615e371522c6b56c8e1d
ests/support/Support_ClassLoader.java
ests/support/Support_ClassLoaderDalvik.java
|
411d33dfe51ccc10b47ac4b7605663a421fbd781 |
09-Oct-2016 |
Kenny Root <kroot@google.com> |
Use capital L for long literal This is an ErrorProne trigger (LongLiteralLowerCaseSuffix) so fix them since it's not important to the test itself. Test: mmma -j32 libcore && vogar --mode host --classpath out/host/common/obj/JAVA_LIBRARIES/core-tests-support-hostdex_intermediates/classes.jack --classpath out/host/common/obj/JAVA_LIBRARIES/core-tests-hostdex_intermediates/classes.jack libcore/luni/src/test/java/libcore/java/io/OldObjectInputStreamGetFieldTest.java Change-Id: I6af446afc59ea0393c40eb855395b8825e943941
rg/apache/harmony/xnet/tests/support/mySSLSession.java
ests/support/Support_GetPutFields.java
ests/support/Support_GetPutFieldsDefaulted.java
ests/support/Support_GetPutFieldsDeprecated.java
|
3d83a65c642f064a5d326d7ed47fa576b098ba57 |
08-Oct-2016 |
Kenny Root <kroot@google.com> |
Unhitch tlswire from libcore dependency This is using luni/src/main class but this couples support/src/test to the main libcore libraries. Since this is being used to test Conscrypt outside of the Android tree, unhitch this for convenience. Test: make -j32 build-art-host vogar && vogar --mode host --classpath out/host/common/obj/JAVA_LIBRARIES/core-tests-support-hostdex_intermediates/classes.jack --classpath out/host/common/obj/JAVA_LIBRARIES/core-tests-hostdex_intermediates/classes.jack libcore/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java Change-Id: Ib698555a643b0269d61c9cf0fd693dd6632fd0c8
ibcore/tlswire/handshake/ClientHello.java
ibcore/tlswire/handshake/HelloExtension.java
|
61a39247fb8ae7183518607ca98c2296722762e7 |
05-Oct-2016 |
Sergio Giro <sgiro@google.com> |
external/bouncycastle: add algorithms for PbeWithHmacSha mac variants Bug: 29631070 Test: run CtsLibcoreTestCases Change-Id: I5fd344c1de7c687585bc65a582e468501ee9154d
ibcore/java/security/StandardNames.java
|
2439c385217d3351f9f9692731168870778dee10 |
27-Sep-2016 |
Chad Brubaker <cbrubaker@google.com> |
SSLContext no longer provides SSL on Android Bug: 31765123 Test: Run libcore.java.security.ProviderTest.test_Provider_getServices Change-Id: I78acfd4955b8d753d86876e56cb5bcb482f6bbf9
ibcore/java/security/StandardNames.java
|
8f2073552a3aa97ce95f8380f5cab1742d77de91 |
14-Sep-2016 |
Chad Brubaker <cbrubaker@google.com> |
Drop SSLv3 support The specific API version in the deprecation doc comments will be added later, for now listed as TBD. Bug: 30977793 Test: libcore/run-libcore-tests libcore/luni/src/test/java/libcore/javax/net/ssl/* Change-Id: I5ebe22421589415a9e9065715262e6860b251b2b
ibcore/java/security/StandardNames.java
|
8a978725ca74a014e90ccf14d6ea9964691ad1e4 |
12-Sep-2016 |
Chad Brubaker <cbrubaker@google.com> |
Drop RC4 cipher suite support from TLS The specific API version in the deprecation doc comments will be added later, for now listed as TBD. Bug: 30977793 Test: libcore/run-libcore-tests libcore/luni/src/test/java/libcore/javax/net/ssl/* Change-Id: Ic72806ef23066b89722419d5f09fed7fa007a60b
ibcore/java/security/StandardNames.java
|
c97ba7f9b6a7621a55b95a7d5fd00cdffd6f09d5 |
08-Sep-2016 |
Kenny Root <kroot@google.com> |
Add test to make sure TLS elliptic curves list is sensible We accidentally regressed Android's TLS client by taking a change to BoringSSL that limited client support to secp256r1. Note that BoringSSL still sets the default, but add this test to make sure that our usage of BoringSSL API doesn't cause unintended regressions. Test: make -j32 build-art-host vogar && vogar --mode host --classpath out/host/common/obj/JAVA_LIBRARIES/core-tests-support-hostdex_intermediates/classes.jack --classpath out/host/common/obj/JAVA_LIBRARIES/core-tests-hostdex_intermediates/classes.jack libcore/luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java -- test_SSLSocket_ClientHello_supportedCurves Change-Id: I9ec9b46f7f504dc239ae6a0da042458ebfbe9c63
ibcore/java/security/StandardNames.java
ibcore/tlswire/handshake/EllipticCurve.java
ibcore/tlswire/handshake/EllipticCurvesHelloExtension.java
ibcore/tlswire/handshake/HelloExtension.java
|
de6cabdeee1c4e0efbefdb2febb8b71d945b5f07 |
25-May-2016 |
Tobias Thierer <tobiast@google.com> |
Test remaining API surface of ProcessBuilder. - Expand directory() getter/setter test to cover the null value, which is documented as a legal value. - refactored the ancient code that called execAndCheckOutput() to use checkProcessExecution() instead. This also makes it easier to remove streamToStringCallable() and and execAndCheckOutput(ProcessBuilder) in a future CL because only one usage remains, in OldFileTest. - Tests the documented behavior of the environment map throwing when the existance of a null or non-String key or value is queried. Test: cts-tradefed run cts -c libcore.java.lang.ProcessBuilderTest Bug: 27464570 Change-Id: Ic48733a403ab3a67165e2fa022cd42848ca8c1fe
ests/support/Support_Exec.java
|
5558171bce9b70743bed9f6d3543d2eb15d51bb0 |
29-Jun-2016 |
Neil Fuller <nfuller@google.com> |
Remove a race hazard from the execrable Support_TestWebServer Use of this class was resulting in threads being left in a spinning state due to the accept socket being closed but "running" still being true: the exception thrown from Socket.accept() was being swallowed. This is likely because there is a race between the thread actually starting (i.e. run() actually executing) and, in short-lived tests, the server being shutdown: if AcceptThread.close() was called before AcceptThread.run() then when run() actually executed it would loop forever. Some dead code has been removed. Test: Ran the CTS tests Bug: 29820565 Change-Id: I92cc8b150378bb41f49f996422e1a7bc19801b67
ests/support/Support_TestWebServer.java
|
ccd08b2c77aeae787a69b2839d705b0da0b68c63 |
21-Jun-2016 |
Sergio Giro <sgiro@google.com> |
tests/util: Correct sum in SummaryStatistics It's computing the mean incorrectly (equals the last value/N). This is making tests in DigestTest flaky. Bug: 29532930 Change-Id: I4ab8b6009993b3716d5d1ba556e0d645fe1f9d29
ests/util/SummaryStatistics.java
|
a9cf5de9d7aaeff9ae32ad329c0baedb5723839c |
02-May-2016 |
Treehugger Robot <treehugger-gerrit@google.com> |
Merge "SSLEngineTest: test multiple thread use"
|
58af60a00935641f4669afc358593456944644ec |
29-Apr-2016 |
Kenny Root <kroot@google.com> |
SSLEngineTest: test multiple thread use Use SSLEngine with multiple threads to make sure there are no issues. Bug: 28473706 Change-Id: Ica180edff10d03fdf5e31621a901ad5575a762f3
ibcore/javax/net/ssl/TestSSLEnginePair.java
|
df2324f481f45ccc3d6d08c8cec4d762df530c79 |
29-Apr-2016 |
Sergio Giro <sgiro@google.com> |
Merge "PathClassLoaderTest: add test about loading resources with tampered certificates"
|
766efdce90639b4199831272cc1ac3e64bd87a5a |
19-Apr-2016 |
Sergio Giro <sgiro@google.com> |
PathClassLoaderTest: add test about loading resources with tampered certificates Document that classloading with malformed certificates succeed, although the call to getCertificates returns null. hyts_signed_wrong_cert.jar was obtained by taking hyts_signed.jar and changing META-INF/TEST.DSA by deleting the first byte. Bug: 27826114 Change-Id: Ia088d4ef0247a28bebf7ea66977a29afb2ca40ee (cherry picked from commit 1526f8786e25c75db74c059d3aaaba9bb1d25bcd)
ests/resources/hyts_signed_wrong_cert.jar
|
562ab6c870ff433c6d239ad6e6625f3ac63edef3 |
22-Apr-2016 |
Kenny Root <kroot@google.com> |
CpuFeatures: try to get around emulated ABI problems Some devices emulate ABIs but use proxy libraries so that native code is run in a different ABI than the one being emulated. This makes it tricky because the Java part of a test test sees one world and the native code sees something entirely different. There doesn't seem to be anything to be done to corroborate what Conscrypt is seeing in this case, so just ask Conscrypt what it's seeing. Hopefully this doesn't lead to bugs in the future, but no other useful suggestion has come up to help it. Bug: 27908488 Change-Id: I7563b077e8cd9429c3caf2ae7653310172562bae
ibcore/java/security/CpuFeatures.java
|
b38c1d0379aae312f2a3edd5a0581850988afba1 |
14-Apr-2016 |
Kenny Root <kroot@google.com> |
TestKeyStore: use static DH parameters Generating a DH key can take a long time since safe primes need to be found. However, you can use a "known safe" prime which is fine as long as too many people don't try to start using it and make it valuable enough to solve the discrete log problem in this group. This makes tests using the TestKeyStore run in a predictable amount of time which reduces the amount of flaky tests. Bug: 28131777 Change-Id: Ic3548c40e24436e354edd4ff106a6f0852a7cfd6
ibcore/java/security/TestKeyStore.java
|
7abb54e68e213538f8df3357a8abce4a6e49b086 |
05-Apr-2016 |
Sergio Giro <sgiro@google.com> |
TestKeyStore: add the ability to set certificate serial numbers Change URLConnectionTest#testHttpsWithCustomTrustManager to check for specifically set serial numbers. As of 5a85130cc3ee3df65c3b263773e3649277b37317, the serial numbers were being generated randomly, and the test was looking for the value "1", so the test was broken. (cherry picked from commit a23e1a7d40a0a85f8eed3a94d6b5714f98180a4e) Bug: 27987415 Change-Id: I91d2726f362a6aab75edbb6b0d133c00ab774e73
ibcore/java/security/TestKeyStore.java
|
0435fdbd46bdbbec9c97932ebb86bffe8cb981b6 |
30-Mar-2016 |
Kenny Root <kroot@google.com> |
Add OCSP helpers Add helper functions for later tests that test OCSP functionality. Bug: 27812109 Change-Id: If0f9190e30ea386b364fda4eaa3315ad647c461e
ibcore/java/security/TestKeyStore.java
|
313d8df320e37b92f711f547a856daa1b284b2b2 |
21-Mar-2016 |
Kenny Root <kroot@google.com> |
Use canonical name for SHA1withECDSA The Standard Names documentation that "ECDSA" should not be used due to its ambiguity. This tracks the changes to Bouncycastle and Conscrypt. Bug: 27753949 Change-Id: Id84049e6aa1a3ef131ba3ccea38a5a014db7809c
ibcore/java/security/StandardNames.java
|
7e8a826ee53af4b7a448fb339b446d13220145c4 |
18-Mar-2016 |
Kenny Root <kroot@google.com> |
Prefer AES when hardware acceleration is available ChaCha20-Poly1305 is more efficient in software, but many modern CPUs have acceleration for AES which makes AES-GCM the more preferable choice in terms of throughput and battery consumption (i.e., less CPU cycles per byte). Bug: 26945889 Change-Id: I2b5fac1b8f1efec77fd8d847643d71902eb943e3
ibcore/java/security/CpuFeatures.java
ibcore/java/security/StandardNames.java
|
5fbb3ca9083c4799c5eb8b1d0837270898071379 |
04-Mar-2016 |
Alex Klyubin <klyubin@google.com> |
Assert that RC4 TLS/SSL cipher suites are not used by default. RC4 has been deprecated for a while. It's now time to no longer use it by default. Mozilla Firefox and Chrome web browsers have already made the leap. This is a follow-up to 9a7b700a0f4d5bb1967b71e114b935b5b2ac7c12 which asserts that TLS_RSA_WITH_RC4_128_SHA is disabled for the same reasons. Bug: 24898327 Change-Id: Ieedb176e91ead0bb95c9a2a3af04c9547de06221
ibcore/java/security/StandardNames.java
|
9958d3c59c0b774238bf5a2e06758c11fbb702de |
04-Mar-2016 |
Kenny Root <kroot@google.com> |
SSLSocketTest: make endpoint verification tests not depend on DNS Apparently 127.0.0.2 resolves to localhost in some places, so use a serialization trick to write an arbitrary hostname into an InetSocketAddress. This allows us to substitute any valid SNI hostname during testing. Bug: 27271561 Change-Id: If2351c424bc1f1193a42fe93a983948a19ae7ec2
ibcore/javax/net/ssl/TestSSLContext.java
|
9a7b700a0f4d5bb1967b71e114b935b5b2ac7c12 |
24-Feb-2016 |
Alex Klyubin <klyubin@google.com> |
Assert that RC4 TLS/SSL cipher suites are not used by default. RC4 has been deprecated for a while. It's now time to no longer use it by default. Mozilla Firefox and Chrome web browsers have already made the leap. Bug: 24898327 Change-Id: Ief3285f0abee0ddef547b13c50f0487dc1911e8d
ibcore/java/security/StandardNames.java
|
420ea38aecdef0f5895c5e82751ebabe26bc0bd5 |
05-Feb-2016 |
Kenny Root <kroot@google.com> |
Fix AlgorithmParameter tests to have better errors The previous test was catching all the exceptions and printing out the message of the exception which erased all the useful information. Bug: 26413503 Change-Id: Id4c9f6db59d19b67c2f4e098fbe79587fcbabb34
ests/security/AlgorithmParameterAsymmetricHelper.java
ests/security/AlgorithmParameterGeneratorTest.java
ests/security/AlgorithmParameterKeyAgreementHelper.java
ests/security/AlgorithmParameterSignatureHelper.java
ests/security/AlgorithmParameterSymmetricHelper.java
ests/security/AlgorithmParametersTest.java
ests/security/CipherAsymmetricCryptHelper.java
ests/security/CipherHelper.java
ests/security/CipherSymmetricCryptHelper.java
ests/security/KeyAgreementHelper.java
ests/security/KeyFactoryTest.java
ests/security/KeyPairGeneratorTest.java
ests/security/MessageDigestTest.java
ests/security/SignatureHelper.java
ests/security/TestHelper.java
|
c5b7943bbef88dad93725fd8fa83263230156548 |
05-Feb-2016 |
Kenny Root <kroot@google.com> |
Update ChaCha20/Poly1305 TLS cipher suite IDs Some of the tests were failing because the cipher suite IDs were not mapping back correctly to the name that was expected. Bug: 26984184 Change-Id: I021263d6981e6ccb119bcf4f3cb620a235265c86
ibcore/tlswire/handshake/CipherSuite.java
|
3deee53a943c51f308c220f51e01e290b1753102 |
02-Feb-2016 |
Kenny Root <kroot@google.com> |
Merge "Add ChaCha20-Poly1305 as an enabled cipher suite"
|
18071abfad7b0525ae644d430e1df43c83d1aadf |
02-Feb-2016 |
Kenny Root <kroot@google.com> |
Add ChaCha20-Poly1305 as an enabled cipher suite Change-Id: Idb809fe86688b21d25e1c44867659f5f02145543
ibcore/java/security/StandardNames.java
|
01b7734160977458d44d1fb179984fd91672f08d |
01-Feb-2016 |
Kenny Root <kroot@google.com> |
Add tests for SSL handshake session and endpoint verification Partial revert of commit 36214feb86a0963b23f34c8c63584252bd757e19. Change-Id: I731515bd180f1ea36abf4d8c1151a75254ad0c10
ibcore/javax/net/ssl/TestSSLContext.java
ibcore/javax/net/ssl/TestTrustManager.java
|
470d4739ef2a14ef77f11bc6dc5d0f09b9e8f6d0 |
19-Jan-2016 |
Sergio Giro <sgiro@google.com> |
IdentityTest/SignerTest: avoid using IdentityScope.getSystemScope() There is no default system scope anymore. Bug: 26590281 Bug: 26517816 Change-Id: Icd3dd88bdf9c4525888a27652916a7323415453b
rg/apache/harmony/security/tests/support/SystemScope.java
|
81885494e46596c796cdcb5037b91d92915b65a7 |
06-Jan-2016 |
Kenny Root <kroot@google.com> |
Check for RFC 5746 TLS extension RFC 5746 allows you to either include a signaling cipher suite or a TLS extension. However, since TLS API has no way to indicate or check that a certain TLS extension is used, we insert it into the cipher suites we see to check against the enabled cipher suites. Bug: 24602368 Change-Id: I06422b9a90f47bb5ffa10ef614233d856773d336
ibcore/tlswire/handshake/HelloExtension.java
|
793c9ce05eae979a7de9d164f6ec67f4501d022e |
05-Jan-2016 |
Kenny Root <kroot@google.com> |
Revert "Update tests for BoringSSL roll." There is no way to indicate in the Java language that a TLS extension should be used instead of the pseudo-ciphersuite for RFC 5746 operation. Instead we should use the presence of the pseudo-ciphersuite in the enabled list to enable the TLS extension. Therefore we should revert the test expectation and allow the TLS_EMPTY_RENEGOTIATION_INFO_SCSV pseudo-ciphersuite to be in enabled list. This reverts commit 5894fb79880aa4fb8fe42963234c2bba599ce1bb. Bug: 24602368
ibcore/java/security/StandardNames.java
|
0846931f553272a4a3948fe48e79824f772aeffb |
19-Dec-2015 |
Kenny Root <kroot@google.com> |
Merge "Quote paths in X509 cert creation script" am: d710d4da76 am: c857d0e9b9 * commit 'c857d0e9b9536cd46ac008561c3cb07fb7a2bb21': Quote paths in X509 cert creation script
|
aad989be8a7ff7a44a4bc27b6b83723560af6107 |
17-Dec-2015 |
Kenny Root <kroot@google.com> |
Quote paths in X509 cert creation script Add quotes around paths and binary arguments to make sure that spaces aren't interpreted as breaks. Change-Id: I8abc748528a67a4e35b5ec76b8bf74db9a712c21
ests/resources/x509/create.sh
|
9d83fcf221b1b13f6fe0f0e977ace87fe14a00a3 |
09-Dec-2015 |
Narayan Kamath <narayan@google.com> |
Fix URLConnection test cases. - Have Support_TestWebServer send down an explicit timezone so there's no ambiguity in the parse. HttpURLConnection coerces all timezones into GMT. - getFileNameMap always constructs a new FileNameMap if the default is null. This implies that setFileNameMap(null) now sets things back to the default. - getRequestProperty / setRequestProperty on URLConnection subclasses that don't override those methods behave as if they were backed by a map. bug: 26023804 Change-Id: I75abd114f0dcbd8afbfa1786b7d5142e0b071bed
ests/support/Support_TestWebServer.java
|
5fe0dc42747e190d165e5b52b32318826a56fe0c |
08-Dec-2015 |
Kenny Root <kroot@google.com> |
Bump test key sizes to 1024 For maximum compatibility with all targets, bump the minimum key size up to 1024 bits. Also extract all the magic constants so they can be updated later on while conveying which key types they map to. Bug: 25753423 Change-Id: If58a9747d2f636e6ffd3616a4d4fffc2927607be
ibcore/java/security/TestKeyStore.java
|
560a1e7a77290205382d02e003d6882ce202c076 |
08-Dec-2015 |
Kenny Root <kroot@google.com> |
Revert "Bump test key sizes to 1024" This reverts commit 68d97656b8b1802ef5ec47f978b5421412c62bfb. Uploaded wrong patchset. Change-Id: I0765605685de2a0910373a072ce69f6926647675
ibcore/java/security/TestKeyStore.java
|
68d97656b8b1802ef5ec47f978b5421412c62bfb |
08-Dec-2015 |
Kenny Root <kroot@google.com> |
Bump test key sizes to 1024 For maximum compatibility with all targets, bump the minimum key size up to 1024 bits. Also extract all the magic constants so they can be updated later on while conveying which key types they map to. Bug: 25753423 Change-Id: Ie402e29e591fc646560a46ff1eea97f1d201a93c
ibcore/java/security/TestKeyStore.java
|
3f6031f9953558e016189597ef18886e322ebed5 |
26-Nov-2015 |
Neil Fuller <nfuller@google.com> |
Merge "Fix OldJarFileTest: move initialization to setUp()"
|
58b05c8cd9e9e80beb7bfd016a78208ab7ea3539 |
26-Nov-2015 |
Neil Fuller <nfuller@google.com> |
Fix OldJarFileTest: move initialization to setUp() CTS test execution appears to have started deleting the temp dir created at construction time before the test is run in _some_ circumstances. The test was doing work at construction, which is incorrect. Also updated Support_Resources to throw exceptions not log them. Bug: 25752418 Change-Id: I9e8828c327905d7f4fd7995da6217cf9c61af89f
ests/support/resource/Support_Resources.java
|
25cd1880312d87adb33735b943ac9f184eb2ba7a |
21-Nov-2015 |
Alex Klyubin <klyubin@google.com> |
Assert that PSS AlgorithmParameters work as expected. Bug: 25794302 Change-Id: I5aaf2e732299843b34e4c31f91dff5f505ff61ad
ibcore/java/security/StandardNames.java
|
1a462a128d2b1fc2058288e3fe6c4886178019d0 |
25-Sep-2015 |
Nick Kralevich <nnk@google.com> |
am 34489adf: Merge "StrictJarFileTest: Make sure zero length files are handled correctly" * commit '34489adf319727847824a9e625df8fc4e7ad77f4': StrictJarFileTest: Make sure zero length files are handled correctly
|
34489adf319727847824a9e625df8fc4e7ad77f4 |
25-Sep-2015 |
Nick Kralevich <nnk@google.com> |
Merge "StrictJarFileTest: Make sure zero length files are handled correctly"
|
6b53e3b969a3148a2e20ebffb15a2946b6dba9ff |
25-Sep-2015 |
Kenny Root <kroot@google.com> |
am 62ed3187: Merge "Revert "Revert "Update tests for BoringSSL roll.""" * commit '62ed3187950d529b5f7b61a32955d23d7f37a83c': Revert "Revert "Update tests for BoringSSL roll.""
|
76cbd50fe694b58beb25b6f06776b722db31abc2 |
25-Sep-2015 |
Kenny Root <kroot@google.com> |
Revert "Revert "Update tests for BoringSSL roll."" This reverts commit 1681d1ab216f42ec6f29d52d3dbb1760dad84d7f. Underlying issue was fixed. Change-Id: I387f28df03a4b6f79557557fa1483bc2ba45f6bb
ibcore/java/security/StandardNames.java
|
61b3207137527b42bf20e740074942f8636e0bf4 |
25-Sep-2015 |
Kenny Root <kroot@google.com> |
am d0bc90b0: Merge "Revert "Update tests for BoringSSL roll."" * commit 'd0bc90b0887cb31e12b3153c981ba98e45a76676': Revert "Update tests for BoringSSL roll."
|
1681d1ab216f42ec6f29d52d3dbb1760dad84d7f |
25-Sep-2015 |
Kenny Root <kroot@google.com> |
Revert "Update tests for BoringSSL roll." This reverts commit 5894fb79880aa4fb8fe42963234c2bba599ce1bb. The BoringSSL update broke some x86 builds. Change-Id: I5e06700853a881778b99187d256bc87d773d46ab
ibcore/java/security/StandardNames.java
|
e63232906598cd649253f5d0a7a10024bc99dffb |
25-Sep-2015 |
Kenny Root <kroot@google.com> |
am e9910cae: Merge "Update tests for BoringSSL roll." * commit 'e9910cae2a7147d14f0d352de271cbf31ab08f75': Update tests for BoringSSL roll.
|
9f445e82cdf2672e18b44f05d7957dbe7336321a |
24-Sep-2015 |
Nick Kralevich <nnk@google.com> |
StrictJarFileTest: Make sure zero length files are handled correctly Modifying a .jar file and replacing a file with a zero length file should invalidate the JAR signature. Add an explicit test. Bug: 24341122 Change-Id: I872a554dda9af55b8160e3c57467faa382a0f33e
ests/resources/replace_with_zero.jar
|
5894fb79880aa4fb8fe42963234c2bba599ce1bb |
24-Sep-2015 |
Adam Langley <agl@google.com> |
Update tests for BoringSSL roll. The renegotiation SCSV only needs to be sent with SSLv3. Sending it in newer versions isn't needed because an extension does the same job. This change updates the test expectations to match the behaviour of the newer BoringSSL. Change-Id: I213b778d921f6ba4364043bb582d16bd05966b2d
ibcore/java/security/StandardNames.java
|
13b16b2223b83de691f3a027804dae8402c03a4c |
15-Sep-2015 |
Neil Fuller <nfuller@google.com> |
am 8fb8018d: Merge "Fix / unsuppress some URLConnectTests tests" * commit '8fb8018dc9d95848b70f037e139c2f8e2445e0e4': Fix / unsuppress some URLConnectTests tests
|
8fb8018dc9d95848b70f037e139c2f8e2445e0e4 |
15-Sep-2015 |
Neil Fuller <nfuller@google.com> |
Merge "Fix / unsuppress some URLConnectTests tests"
|
d3f4ab6eadc5548c60b76bdc7a2a39e0e3ad2019 |
15-Sep-2015 |
Kenny Root <kroot@google.com> |
am 030ff6e7: Merge "Add more debugging to the DigestTest" * commit '030ff6e7ab1b505cd375607b79c001ef0c630715': Add more debugging to the DigestTest
|
5fe1cd001f38fba460ac0ce5c15b85250e400f25 |
14-Sep-2015 |
Kenny Root <kroot@google.com> |
Add more debugging to the DigestTest This test sometimes fails, but we don't know what the coefficient of variation is on the test results. Add this to the debug output so we can see if there is just some wild swing during testing. Also add a few rounds of warm-up as well. Bug: 24011092 Change-Id: Ic58f106f68eb93976e3f030e2f23e0156fe84be8
ests/util/SummaryStatistics.java
|
26f2557b26ea23326178f029e07a8adbfc27d0bf |
08-Sep-2015 |
Neil Fuller <nfuller@google.com> |
Fix / unsuppress some URLConnectTests tests URLConnectionTest.testConnectTimeouts(): The code was creating a URL like: http://:::<port number>/ because the stuck server returns "::" as the host address for the wildcard binding done. This URL is invalid (as it is missing [] around the IPv6 address string). The test was supposed to check multiple IPs are tried and the overall timeout is the sum of all the sockets tried. Switching StuckServer over to binding to localhost did not work. Since the format of the URL does not appear to be the purpose of this test it is reasonable to change it before the OkHttp update. Instead, the test now replaces the the SocketFactory with one that returns sockets that immediately time out, avoid the need to nerf the server-side entirely. The test does not test multiple IPs because (AFAIK) the tests cannot depend on being able to resolve real server names. This part of the change involved creating a hidden method in SocketFactory. This change adds a new dependency on Mockito so that a partial mock for Socket can be created. URLConnectionTest.testServerShutdownInput(): Unsuppress. It should work now. Bug: 5534202 Bug: 23888521 Change-Id: Iaa57987c59cd6ec1c117f9c90f6ff8ea42d58210
ests/net/DelegatingSSLSocketFactory.java
ests/net/DelegatingSocketFactory.java
ests/util/DelegatingSSLSocketFactory.java
|
600f39214e54c57b24821792fb629cc3488e16e2 |
19-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
am f28ba434: Merge "Add RSA-OAEP and RSA-PSS to StandardNames." into mnc-dev * commit 'f28ba434b8050bf418a6913bb466e0b71dcb8195': Add RSA-OAEP and RSA-PSS to StandardNames.
|
89c6ac92228530d7c8bd3563e6316754190a27ed |
17-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Add RSA-OAEP and RSA-PSS to StandardNames. This fixes libcore.java.security.ProviderTest#test_Provider_getServices which got broken by Android Keystore Provider exposing RSA encryption with RSA-OAEP padding scheme and RSA signatures with RSA-PSS padding scheme. Bug: 21870225 Change-Id: I661a333579a29b5ede2b517e1a020d73122bfffc
ibcore/java/security/StandardNames.java
|
384730cb57f41235f09829355d7ce67132625f7f |
06-Jun-2015 |
Dmitriy Ivanov <dimitry@google.com> |
Fix lookup order when opening directly from APK The order should be as follows: 1. Uncompressed native library dir (if any) 2. Directly from apk (<apk>!/lib/<abi>) 3. vendor/lib:/system/lib Bug: http://b/21647354 Bug: http://b/21667767 Bug: http://b/21726698 Bug: http://b/8076853 Change-Id: I62cd76b7e4ae927d865d7d0ee81ceb91caa54e99
ests/resources/ClassPathURLStreamHandlerTest.jar
|
a5caedeac65e6f1193fb51824af957c9f69c5191 |
10-Jun-2015 |
Sergio Giro <sgiro@google.com> |
libcore/support: change TestKeyStore to avoid using getLocalHost() Use constants instead. InetAddress.getLocalHost() causes trouble when there is incompatibility between netd and bionic (see c/147244). This is part of an effort to start running conscrypt/java.security tests in the buildbot. Change-Id: I97ccf0a09f11c68e1b1ae2c2da99c2269ad0fe90
ibcore/java/security/TestKeyStore.java
|
dfb72da0fbf93c04964db1908e99b10087f07a4c |
04-Jun-2015 |
Kenny Root <kroot@google.com> |
Update offered ciphers Dropped support for non-ephemeral Diffie-Hellman cipher suites, anonymous authentication, some DES cipher suites, and export cipher suites. (cherry picked from commit 90b217a3543f119bb7aa20d7a0e55fd5343e9ce7) Bug: 21522548 Change-Id: Ie2048d303890935969cc7c1ac7bc9d93705c7a90
ibcore/java/security/StandardNames.java
|
90b217a3543f119bb7aa20d7a0e55fd5343e9ce7 |
04-Jun-2015 |
Kenny Root <kroot@google.com> |
Update offered ciphers Dropped support for non-ephemeral Diffie-Hellman cipher suites, anonymous authentication, some DES cipher suites, and export cipher suites. Bug: 21522548 Change-Id: Ie2048d303890935969cc7c1ac7bc9d93705c7a90
ibcore/java/security/StandardNames.java
|
3db17f7fcd2a93cfeead9874696a8901423aba6d |
04-Jun-2015 |
Neil Fuller <nfuller@google.com> |
Merge "Revert "Revert "Modification to the way boot classpath resources are loaded"""
|
2ce899fcb81707dd5447a15c29c2c137697f2f5e |
04-Jun-2015 |
Neil Fuller <nfuller@google.com> |
Revert "Revert "Modification to the way boot classpath resources are loaded"" This reverts commit 0c2e3c7fcb6754a2116c6226fe6480b3f6fa691f. Change-Id: I37abbb83f6091f252c90645b8a088cf361fa6a7a
ests/resources/ClassPathURLStreamHandlerTest.jar
|
b8ec837828cc588fbd701ddc211f2a4293259d8d |
04-Jun-2015 |
Neil Fuller <nfuller@google.com> |
Make StrictJarFile deal with missing manifest entries jar files are allowed to not have manifest files. Change-Id: Id3da8bf0aa5a74ecf1552e027ee9a0176c149928
ests/resources/StrictJarFileTestNoManifest.jar
|
0c2e3c7fcb6754a2116c6226fe6480b3f6fa691f |
03-Jun-2015 |
Neil Fuller <nfuller@google.com> |
Revert "Modification to the way boot classpath resources are loaded" This reverts commit 05a5c2f89e12e27db69f24165a05bdfd0476c73a. Change-Id: I07cc3841df40d20e2c09b0bf282bf213f422effe
ests/resources/ClassPathURLStreamHandlerTest.jar
|
05a5c2f89e12e27db69f24165a05bdfd0476c73a |
19-May-2015 |
Neil Fuller <nfuller@google.com> |
Modification to the way boot classpath resources are loaded VMClassLoader.getResource(), used by the Android boot classloader was more expensive than it needed to be. Context: Checking each classpath entry for a resource involved opening a zip file, checking for the resource and closing it again. Because classloaders are arranged in a hierarchy, and parent classloaders are checked first, this change should have a positive performance impact for every call to ClassLoader.getResource(), getResources() and getResourceAsStream(), regardless of the classloader being used. Details of change: This change builds on an earlier commit for BaseDexClassLoader. See commit 1a796cbc5dfb263511f2f4e5213adbc1d396a813 for the earlier change. Unlike the BaseDexClassLoader change, we did not have the zip file already open so this does impact the amount of reported heap memory being used at rest in the zygote. It may increase the amount of heap memory in use generally for jars that have no resources because all jar files are opened, not just the ones found to have requested resources. The heap memory should consist of the entry metadata. The zip file itself is mapped into non-heap/native memory. Any resources loaded from the boot classloader previously would have caused the JarURLConnection cache to hold the associated zip file open anyway. See https://code.google.com/p/android/issues/detail?id=60071 for context. This change avoids the use of that cache for bootclass path resources. Most other usages of jar: urls should now be within the control of apps, and their can call setUseCache() to prevent caching. Performance: Measured on a Nexus 5. All values in microseconds. Benchmark (not real app): GetBootResource_hit - looks for a resource known to be in the boot classpath in core-libart: java/util/logging/logging.properties GetBootResource_miss - looks for a resource known to be missing. Before: GetBootResource_hit 237 GetBootResource_miss 3034 After: GetBootResource_hit 23.8 GetBootResource_miss 22.5 App (using vogar --mode activity): Before: Hit: 236-446 Miss: 3042-3555 After: Hit: 65-180 Miss: 88-120 Memory usage: The use of StrictJarFile keeps the memory usage down to low levels levels: An initial implementation of this change that used JarFile was showing up as expensive because the heap memory usage is dependent on the number of entries in the jar. ext.jar was taking up 275k due to a large number of resources associated with libphonenumber. By using StrictJarFile, Java heap usage is now < 2k per jar. The JarFile cost would previous have been paid anyway if an app read a resource out of ext.jar (because of the JarURLConnectionImpl cache) so this change should also produce savings there. It does mean that we map all the class path jars into memory natively, but the kernel should be managing that for us and sharing the expense across all apps. Given the runtime may be mapping the files for its own purposes elsewhere the additional cost may even be nil. Bug: https://code.google.com/p/android/issues/detail?id=60071 Bug: 20685844 Change-Id: Ic3dc4a655c46cc67bfe9b9e254036c6651869c92
ests/resources/ClassPathURLStreamHandlerTest.jar
|
8c28234a72ffd3ef4eed7ba3b108291f8db2f739 |
19-May-2015 |
Kenny Root <kroot@google.com> |
Merge "StandardNames: update expectations for RI"
|
e31bd0c48b5aed701ac43ae9d1e0ff44daf77a2c |
18-May-2015 |
Kenny Root <kroot@google.com> |
No need to test "GCM" mode in regular Cipher test Partially revert change from 6e0cdd08e2a671393b8a410690d28140a80d9387. Since the regular cipher test expects to be able to use all padding types with every mode, testing GCM is not appropriate here. It is still tested elsewhere in CipherTest. (cherry picked from commit a174063b24e6f792fc58373439808842e1c0d657) Bug: 21209499 Change-Id: Ie20ddab4112f350cce08114c913a89a659823823
ibcore/java/security/StandardNames.java
|
75cad21abebdf292f7e8ca3ed8cc9f7929d5579b |
18-May-2015 |
Kenny Root <kroot@google.com> |
Track change from GCM -> AES/GCM/NoPadding Update tests to track the change from GCM to AES/GCM/NoPadding (cherry picked from commit 6e0cdd08e2a671393b8a410690d28140a80d9387) Bug: 21209499 Change-Id: Ie8383cd2cd0bcb62a38c4c55cd86aa90ad834b2b
ibcore/java/security/StandardNames.java
|
a174063b24e6f792fc58373439808842e1c0d657 |
18-May-2015 |
Kenny Root <kroot@google.com> |
No need to test "GCM" mode in regular Cipher test Partially revert change from 6e0cdd08e2a671393b8a410690d28140a80d9387. Since the regular cipher test expects to be able to use all padding types with every mode, testing GCM is not appropriate here. It is still tested elsewhere in CipherTest. Bug: 21209499 Change-Id: Ie20ddab4112f350cce08114c913a89a659823823
ibcore/java/security/StandardNames.java
|
4d582b46ba554b77b83c384f1b064104358a9bc4 |
18-May-2015 |
Kenny Root <kroot@google.com> |
StandardNames: update expectations for RI Change-Id: Ia61cce94c7746b064008fa74b5f48ae1ee701539
ibcore/java/security/StandardNames.java
|
6e0cdd08e2a671393b8a410690d28140a80d9387 |
18-May-2015 |
Kenny Root <kroot@google.com> |
Track change from GCM -> AES/GCM/NoPadding Update tests to track the change from GCM to AES/GCM/NoPadding Bug: 21209499 Change-Id: Ie8383cd2cd0bcb62a38c4c55cd86aa90ad834b2b
ibcore/java/security/StandardNames.java
|
ef68d71f665164dc2b6341dfaaea2c41af8153b0 |
15-Apr-2015 |
Alex Klyubin <klyubin@google.com> |
Unbreak SecretKeyFactory-related ProviderTest. The test was broken by AndroidKeyStore Provider adding support for SecretKeyFactory for key algorithms AES, HmacSHA1, HmacSHA224, HmacSHA256, HmacSHA384, and HmacSHA512. Bug: 20250820 Change-Id: Iba2d8f269844e01913fbf82a744e83da8f951af1
ibcore/java/security/StandardNames.java
|
5c95b44fc68ebb8ba9b8f2e5c83f020d603504b5 |
14-Apr-2015 |
Nick Kralevich <nnk@google.com> |
StrictJarFile: unittest for missing files Add a test to verify that we error out when the manifest declares a file which isn't present in the jar. Bug: 1162500 Change-Id: I3c6814c500d218036a5c0515e9f4f93e3f7a63d5
ests/resources/removed.jar
|
7c4f30cf50079df52bc4572688c7c9eed129a4bb |
07-Apr-2015 |
Sergio Giro <sgiro@google.com> |
libcore: change SSLEngineTest to close SSLEngine instances It was leaking resources allocated by SSLEngine's, pipes among others, thus causing subsequent tests to fail with "too many open files" errors. In OpenSSLEngineImpl, the resources are freed in the finalizer, so there's no guarantee that resources as pipes will ever be freed unless the engines are explicitly closed. Change-Id: Ide90808a64278486a19bcdfcba628f623c62afc9
ibcore/javax/net/ssl/TestSSLEnginePair.java
|
b475d1c3d8bf15b063f6e7d2a1138b973da25e91 |
18-Mar-2015 |
Brian Carlstrom <bdc@google.com> |
Fix misspelling of Kerberos Change-Id: I6473665bc00fa45d8a3941657791334e97df7c85
ibcore/java/security/StandardNames.java
|
50840c34598a1e2f14ec0dacc696ffdd79015948 |
23-Jan-2015 |
Alex Klyubin <klyubin@google.com> |
am f0841451: Merge "Add SSLSocket tests which inspect emitted ClientHello fields." * commit 'f0841451c86cc9fa932dbc08271c8dc96da6ca38': Add SSLSocket tests which inspect emitted ClientHello fields.
|
b1fe85cc976c676eb50ff886596c93e04fd71d82 |
02-Dec-2014 |
Alex Klyubin <klyubin@google.com> |
Add SSLSocket tests which inspect emitted ClientHello fields. This CL adds basic tests which capture the ClientHello emitted by SSLSocket and assert that the various fields are as expected. In particular, this CL adds tests for: * client protocol version, * cipher suite list, * compression methods, * server_name extension (SNI). Change-Id: I387c44363ad26f064885f9bfa28572da37871078
ibcore/tlswire/handshake/CipherSuite.java
ibcore/tlswire/handshake/ServerNameHelloExtension.java
ests/util/DelegatingSSLSocketFactory.java
ests/util/ForEachRunner.java
ests/util/Pair.java
|
138152ab385f27a80cf6520f79e39f91a35c04fb |
08-Jan-2015 |
Kenny Root <kroot@google.com> |
am ed755e7c: Merge "SSLEngineTest: position should be same as produced/consumed" * commit 'ed755e7c7aed927e164eb513d6ea92131667cdfa': SSLEngineTest: position should be same as produced/consumed
|
946d9a0b59d1a615278ad52518fa588407dfebd2 |
07-Jan-2015 |
Kenny Root <kroot@google.com> |
SSLEngineTest: position should be same as produced/consumed The position of the buffer should match the number of bytes produced or consumed. Make sure all the tests have this condition on the handshake. Bug: 18921387 Change-Id: I8d248b2ac189d801586510fb5aca2e3bd6701ffe
ibcore/javax/net/ssl/TestSSLEnginePair.java
|
155147bcc7deb957f7313f6b5f8ad9c19c07b75d |
16-Dec-2014 |
Narayan Kamath <narayan@google.com> |
am 8f090052: Merge "Repurpose "HexEncoding" for internal users." * commit '8f090052bdddc1312fe9238eca702c4e8eafff11': Repurpose "HexEncoding" for internal users.
|
11f82d1a94ebe1becb7e7d09dd3343ce117bdd46 |
15-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Repurpose "HexEncoding" for internal users. Frameworks callers either roll their own or use an internal apache class. Given that apache is going away, we need to provide them with an alternative. bug: 18027885 Change-Id: Iec01cba9f3d2027828457c0b450eac0dd08fcaf6
ibcore/tlswire/handshake/ClientHello.java
ibcore/tlswire/handshake/HelloExtension.java
ibcore/tlswire/util/HexEncoding.java
|
2c3cdb9a90e081a4f6d1e31a0c4d5423498720c8 |
05-Dec-2014 |
Narayan Kamath <narayan@google.com> |
am cb43b294: Merge "Get rid of Support_Configuration.SpecialInetTestAddress ..." * commit 'cb43b294c4fc686c38f7bdd7c81c07f66f8eb9ce': Get rid of Support_Configuration.SpecialInetTestAddress ...
|
3ea21b6837215e3a69b6c4f537bda1149af62180 |
04-Dec-2014 |
Narayan Kamath <narayan@google.com> |
Get rid of Support_Configuration.SpecialInetTestAddress ... ... aka. "www.google.com" and lots of other unused support configuration values. Change-Id: I07f07d656e77317a50ac54dda07f493437c15e58
ests/support/Support_Configuration.java
|
d8ce757d85ba665fa61d35e25e03c4de16c0f4c6 |
22-Nov-2014 |
Aaron Whyte <awhyte@google.com> |
Fix URLConnectionTest for devices without full internet access. This removes two bad tests that are covered elsewhere, using mocks. test_getContentEncoding() was hitting http://www.amazon.com, to see if a URLConnection getter was working. That getter is now tested in libcore/luni/src/test/java/libcore/java/net/URLConnectionTest.java, in testClientConfiguredGzipContentEncoding(). test_getLastModified() was hitting http://www.php.net/manual/en/function.explode.php, to see if getHeaderFieldDate was working for Last-Modified. That getter is better tested in test_getHeaderFieldDateLjava_lang_StringJ(), in the same file. Bug:18480776 (cherry picked from commit 939e6a1aceff448445928ad5d815479e84e84383) Change-Id: Ia01fd59809683317271017364179e1843c149e65
ests/support/Support_Configuration.java
|
99f3b68146cafff32ddbc104baee8dbf5ab1c412 |
25-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
am 06609270: Merge "Assert finite default timeout for TLS/SSL sessions." * commit '06609270f635ac19a90bb01c480185b702882cf3': Assert finite default timeout for TLS/SSL sessions.
|
33b16225e22d748ab3a9868b10eaba325636d928 |
25-Nov-2014 |
Aaron Whyte <awhyte@google.com> |
am aa0045f5: am 939e6a1a: Fix URLConnectionTest for devices without full internet access. * commit 'aa0045f52b0c780794dcf85acffc66e188b3681c': Fix URLConnectionTest for devices without full internet access.
|
aa0045f52b0c780794dcf85acffc66e188b3681c |
25-Nov-2014 |
Aaron Whyte <awhyte@google.com> |
am 939e6a1a: Fix URLConnectionTest for devices without full internet access. * commit '939e6a1aceff448445928ad5d815479e84e84383': Fix URLConnectionTest for devices without full internet access.
|
939e6a1aceff448445928ad5d815479e84e84383 |
22-Nov-2014 |
Aaron Whyte <awhyte@google.com> |
Fix URLConnectionTest for devices without full internet access. This removes two bad tests that are covered elsewhere, using mocks. test_getContentEncoding() was hitting http://www.amazon.com, to see if a URLConnection getter was working. That getter is now tested in libcore/luni/src/test/java/libcore/java/net/URLConnectionTest.java, in testClientConfiguredGzipContentEncoding(). test_getLastModified() was hitting http://www.php.net/manual/en/function.explode.php, to see if getHeaderFieldDate was working for Last-Modified. That getter is better tested in test_getHeaderFieldDateLjava_lang_StringJ(), in the same file. Bug:18480776 Change-Id: I21ffc5c9c72eb4379478c11687d197dab176a851
ests/support/Support_Configuration.java
|
4e1404f2017dc7db05b69ecad241f78c5bb1a4ee |
21-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Assert finite default timeout for TLS/SSL sessions. This makes CTS tests expect 8 hours as the default timeout for TLS/SSL sessions. Prior to this change, sessions were expected to not time out by default. Bug: 18370076 Change-Id: I09ae9ee91df2fb4bb2e8cc812127dc9f05a14696
ibcore/javax/net/ssl/TestSSLContext.java
|
e35c306d27355e7121299d99e3744e2af012cc12 |
18-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
am 4b5092ae: Merge "Fix SSLContextTest.test_SSLContext_defaultConfiguration failure" * commit '4b5092ae80e4c3681080090eebd63a82d65eafd9': Fix SSLContextTest.test_SSLContext_defaultConfiguration failure
|
4b5092ae80e4c3681080090eebd63a82d65eafd9 |
18-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "Fix SSLContextTest.test_SSLContext_defaultConfiguration failure"
|
27dfa4189d92215acb28fcd26938aa3820932d09 |
18-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
am 5a32ef57: Merge "Adjust tests for removal of DSS TLS/SSL cipher suites." * commit '5a32ef575b3657168a1a53e7bc8c2cd2481dd3ec': Adjust tests for removal of DSS TLS/SSL cipher suites.
|
782740701db73dd2dc4fef9df8cde270b0e631a4 |
18-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Fix SSLContextTest.test_SSLContext_defaultConfiguration failure This test was failing because it assumed that all SSLContext instances have the same set of TLS protocol versions enabled. The fix refactored SSLDefaultConfigurationAsserts class into SSLConfigurationAsserts class. The main difference is that the new class has wider scope: it can assert that (1) the default configuration of TLS/SSL primitives is as expected -- exactly what the old SSLDefaultConfigurationAsserts class offered, and (2) that TLS/SSL primitives are configured the same as a provided SSLContext. Assertions about the default configuration of primitives other than SSLContext are now implemented by asserting that these primitives are configured exactly like the default SSLContext. Change-Id: I52d6514768c4053054df2cf79e7182d8fd87bfe2
ibcore/java/security/StandardNames.java
ibcore/javax/net/ssl/SSLConfigurationAsserts.java
ibcore/javax/net/ssl/SSLDefaultConfigurationAsserts.java
|
fef7818155899c092e6741de049fb7601dfcaf73 |
13-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Adjust tests for removal of DSS TLS/SSL cipher suites. This is in preparation for migration from OpenSSL to BoringSSL. BoringSSL does not support DSS. Bug: 17409664 Change-Id: I6b2ac5f7c7b9c41416650cdbdce2deed03372f49
ibcore/java/security/StandardNames.java
|
8d4127b6f07ff8b01cef5e29932bd21cf14d9921 |
14-Nov-2014 |
Kenny Root <kroot@google.com> |
am 657afa6c: Merge "JarUtils: stop trying to build chain past candidates length" into lmp-mr1-dev * commit '657afa6cd8da378f30afe7b491e6d9de6c7c23fd': JarUtils: stop trying to build chain past candidates length
|
ef7f5a16547089a7cdba9e48d780720f606ff54a |
13-Nov-2014 |
Kenny Root <kroot@google.com> |
JarUtils: stop trying to build chain past candidates length If the certs in the PKCS#7 bag are in a loop, it will go on forever trying to build a chain. Instead just stop trying to build the chain when our chain exceeds the length of the candidates. Bug: 17972577 Change-Id: If4f92e3eeabe893612a618bab0068a0f8cf75ea9
ests/resources/hyts_certLoop.jar
|
5dddfb59b6d53e46eb88f574cfd87e668d08ceaf |
13-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
am 5dbbe831: Merge "Basic library for parsing TLS/SSL ClientHellos in tests." * commit '5dbbe8317afd79d21bdbe931fe476ccf9a4bf269': Basic library for parsing TLS/SSL ClientHellos in tests.
|
17a09fd9ebdfbeaeb2624a5e2fae34d2f315bad4 |
13-Nov-2014 |
Kenny Root <kroot@google.com> |
am 258e3d15: TestKeyStore: more possibilities for KeyStore creation * commit '258e3d158c9a876307d5111972f7e9f1ad87b076': TestKeyStore: more possibilities for KeyStore creation
|
fb30da617fb979e7ae98c5a22b926aa15c6f2502 |
13-Nov-2014 |
Alex Klyubin <klyubin@google.com> |
Basic library for parsing TLS/SSL ClientHellos in tests. CTS tests in libcore assert certain properties of TLS/SSL and HTTPS stacks, but they do not check whether these are correctly reflected in the underlying TLS/SSL traffic generated by these stacks. This basic TLS wire-protocol library will enable CTS tests to inspect in detail ClientHello messages, such as which protocol is being signalled as the higest supported by the client, which cipher suites are enabled, whether SNI extension is provided and set to the correct value. As an example, in this CL I switched one test in SSLSocketTest to this library. Change-Id: I93251dd873a78ec7f6caa704b71f5fa0ecf2c2f2
ibcore/tlswire/handshake/CipherSuite.java
ibcore/tlswire/handshake/ClientHello.java
ibcore/tlswire/handshake/CompressionMethod.java
ibcore/tlswire/handshake/HandshakeMessage.java
ibcore/tlswire/handshake/HelloExtension.java
ibcore/tlswire/handshake/ServerNameHelloExtension.java
ibcore/tlswire/record/TlsProtocols.java
ibcore/tlswire/record/TlsRecord.java
ibcore/tlswire/util/HexEncoding.java
ibcore/tlswire/util/IoUtils.java
ibcore/tlswire/util/TlsProtocolVersion.java
|
258e3d158c9a876307d5111972f7e9f1ad87b076 |
12-Nov-2014 |
Kenny Root <kroot@google.com> |
TestKeyStore: more possibilities for KeyStore creation Needed for change I379de26bdae3de1d0fe867adc1d8b7d5443c8c7a in external/conscrypt Bug: 17972577 Change-Id: Iaeb36167d953533e23d610bf218488bd79b6430e
ibcore/java/security/TestKeyStore.java
|
ca9037fc1f060c071d6711bbe31c9f9de63a0b89 |
12-Nov-2014 |
Elliott Hughes <enh@google.com> |
Fix OldSocketTest#test_connectLjava_net_SocketAddressI. Use the same address as StuckServer. Bug: 18143878 Change-Id: I3759776ed3a9d46175c4b987fa0c47b27033441d
ests/net/StuckServer.java
ests/support/Support_Configuration.java
|
2d3e650f8ef1aed488f870aa3d1028775e353490 |
05-Nov-2014 |
Kenny Root <kroot@google.com> |
am d4d881ff: Merge "SSLSocket: track update to TLS defaults" * commit 'd4d881ff8989346583de40c49519f83b4b51d160': SSLSocket: track update to TLS defaults
|
31ac5350615c2a1f8c01d354ab07768de999a400 |
04-Nov-2014 |
Kenny Root <kroot@google.com> |
am 140f3a33: Merge "SSLSocket: document current behavior with SSLContext" * commit '140f3a336ff5383b3462a720786143f3dda347bf': SSLSocket: document current behavior with SSLContext
|
8e810dd5a8e7f0ca6b293704b91911900df100a3 |
31-Oct-2014 |
Kenny Root <kroot@google.com> |
SSLSocket: track update to TLS defaults SSLv3 is no longer in the default list. Bug: 17136008 Change-Id: I4092e17f79c29d10d11ffe01d130d0d03cd2215f
ibcore/java/security/StandardNames.java
|
bda96e051a3634b75abec3c989dcf0a8fab009b3 |
30-Oct-2014 |
Kenny Root <kroot@google.com> |
SSLSocket: document current behavior with SSLContext Currently Android does not pay attention to the algorithm choice, so use this test as documentation of that. Bug: 17136008 Change-Id: If8e516be48721bf65a98f22a9cdf02eded8f6375
ibcore/java/security/StandardNames.java
|
3b96a51f6446c8bc7d4ce7c23ad9164a4a4437ba |
03-Oct-2014 |
Kenny Root <kroot@google.com> |
Add support for TLS_FALLBACK_SCSV Bug: 17750026 (cherry picked from commit e6a6e935e98f426c7000b2bf4086f87101f4441c) Change-Id: Ia7f0714157b0dc36579122b27eb921a54f3a6818
ibcore/java/security/StandardNames.java
|
e6a6e935e98f426c7000b2bf4086f87101f4441c |
03-Oct-2014 |
Kenny Root <kroot@google.com> |
Add support for TLS_FALLBACK_SCSV Bug: 17750026 Change-Id: I8dec89ae59a6f745f63120b11b4f6dbe9b21a139
ibcore/java/security/StandardNames.java
|
46a39d63e91717c20acdccc5efc48cd13ff189e5 |
17-Jul-2014 |
Neil Fuller <nfuller@google.com> |
am 9a497b6d: Merge "Fix UnmodifiableEntrySet.toArray() ordering" * commit '9a497b6d3b95d774f28f0203409ce6ebf6cb1241': Fix UnmodifiableEntrySet.toArray() ordering
|
9a497b6d3b95d774f28f0203409ce6ebf6cb1241 |
17-Jul-2014 |
Neil Fuller <nfuller@google.com> |
Merge "Fix UnmodifiableEntrySet.toArray() ordering"
|
c51bba09dff12cfffc9c5a30b83a2b5f9fd745e4 |
15-Jul-2014 |
Alex Klyubin <klyubin@google.com> |
am ea43fa14: Merge "TLS-PSK cipher suites enabled when PSKKeyManager is provided." * commit 'ea43fa1424058748e3ec4ac01d2f6e1898e9a4e3': TLS-PSK cipher suites enabled when PSKKeyManager is provided.
|
b5730a183c0ef94946bb04222f6219f83adef8f5 |
11-Jul-2014 |
Alex Klyubin <klyubin@google.com> |
TLS-PSK cipher suites enabled when PSKKeyManager is provided. This documents and tests that TLS-PSK cipher suites are enabled if a PSKKeyManager is provided to SSLContext during its initialization. Bug: 15073623 Change-Id: I8e2bc3e7a1ea8a986e468973b6bad19dc6b7bc3c
ibcore/java/security/StandardNames.java
|
36214feb86a0963b23f34c8c63584252bd757e19 |
17-Jun-2014 |
Brian Carlstrom <bdc@google.com> |
Remove Change-Id: I143d0b26b116e75892223e74b6c22b6c8db05466
ibcore/javax/net/ssl/TestSSLContext.java
ibcore/javax/net/ssl/TestTrustManager.java
|
8d290a506a4a1cd1f86716719ee10586700468f4 |
17-Jun-2014 |
Brian Carlstrom <bdc@google.com> |
Remove (cherry picked from commit 36214feb86a0963b23f34c8c63584252bd757e19) Change-Id: I96d5109c01e39255b9970f7a515ddd3575a50e56
ibcore/javax/net/ssl/TestSSLContext.java
ibcore/javax/net/ssl/TestTrustManager.java
|
244e90adfe67264364de88df0fd741db0eb12b7f |
23-Jun-2014 |
Neil Fuller <nfuller@google.com> |
Fix UnmodifiableEntrySet.toArray() ordering toArray() was returning entries in reverse order. toArray(T[]) was correct. Thanks to Chris Povirk for discovering. The fix is simple. Change includes additional tests to avoid regressions. Test & support code has been cleaned up a little to improve coverage and make it (slightly) less horrible. Bug: https://code.google.com/p/android/issues/detail?id=72073 Change-Id: I42ff90e0f592482289cd0cd9fdbdaabf0c17ad93
ests/support/Support_MapTest.java
ests/support/Support_UnmodifiableMapTest.java
|
82707939a18795af3311b8661c2e3651a89e205b |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am 33c1c8c3: am e0affcdc: Merge "Assert the updated list of supported ECDHE-PSK cipher suites." * commit '33c1c8c36c62c1238876bddf916bdf92a5654543': Assert the updated list of supported ECDHE-PSK cipher suites.
|
33c1c8c36c62c1238876bddf916bdf92a5654543 |
19-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
am e0affcdc: Merge "Assert the updated list of supported ECDHE-PSK cipher suites." * commit 'e0affcdc8c4513d91352c0fc6f4c5c29b0605d2d': Assert the updated list of supported ECDHE-PSK cipher suites.
|
f14c0fd560a55e464ac56f190896545e1126522d |
04-Jun-2014 |
Alex Klyubin <klyubin@google.com> |
Assert the updated list of supported ECDHE-PSK cipher suites. Bug: 15073623 Change-Id: I427c99f4c1c72690d95e5a3c63763631c41ddae2
ibcore/java/security/StandardNames.java
|
d3555a45afb5c14ed037add41f94336dc0cd233b |
29-May-2014 |
Alex Klyubin <klyubin@google.com> |
am c0a8f479: am 9adf681e: am 4352ab40: Merge "Document and assert support for TLS-PSK cipher suites." * commit 'c0a8f479a47de31427211ea7952b3b92c0c650c2': Document and assert support for TLS-PSK cipher suites.
|
c0a8f479a47de31427211ea7952b3b92c0c650c2 |
29-May-2014 |
Alex Klyubin <klyubin@google.com> |
am 9adf681e: am 4352ab40: Merge "Document and assert support for TLS-PSK cipher suites." * commit '9adf681eb5691afe6f82b67768b3a7fca592251a': Document and assert support for TLS-PSK cipher suites.
|
4352ab40ce104520bfb6588ad8eef386866ff190 |
29-May-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "Document and assert support for TLS-PSK cipher suites."
|
7866ef1b69229c8846eb1bb2584f1dc00b3fb756 |
28-May-2014 |
Alex Klyubin <klyubin@google.com> |
am dacb4741: am c0d465fd: am 6c16a47c: Merge "Simplify assertions about SSLEngine." * commit 'dacb4741098f7976a94b3cc55aedb662ca126f04': Simplify assertions about SSLEngine.
|
dacb4741098f7976a94b3cc55aedb662ca126f04 |
28-May-2014 |
Alex Klyubin <klyubin@google.com> |
am c0d465fd: am 6c16a47c: Merge "Simplify assertions about SSLEngine." * commit 'c0d465fdd5165ecf8162cde686fa858a581eca5d': Simplify assertions about SSLEngine.
|
c9461f39290f815f560f2ec50e9ccde5ff4eb8f7 |
09-May-2014 |
Alex Klyubin <klyubin@google.com> |
Document and assert support for TLS-PSK cipher suites. This CL updates the Javadoc of SSLSocket and SSLEngine to list the now supported TLS-PSK cipher suites. It also adds tests to assert that these cipher suites are actually supported by SSLSocket and SSLEngine. Bug: 15073623 Change-Id: I8e59264455f980f23a5e66099c27b5b4d932b9bb
ibcore/java/security/StandardNames.java
ibcore/javax/net/ssl/TestSSLContext.java
|
2c8bbf4bb24657c4e71de66fd0e66ad6baad4cf5 |
23-May-2014 |
Alex Klyubin <klyubin@google.com> |
Simplify assertions about SSLEngine. Now that the default SSLEngine implementation is backed by the same OpenSSL stack as the default SSLSocket implementation, the sets of supported/enabled cipher suites and protocols should remain the same between SSLEngine and SSLSocket. Change-Id: I1ed88f39b07950e5d8b6e2fc7d6482a034626de3
ibcore/java/security/StandardNames.java
ibcore/javax/net/ssl/SSLDefaultConfigurationAsserts.java
|
8f3ae282cb56de80de35b90408c9d832c8e3c424 |
13-May-2014 |
Kenny Root <kroot@android.com> |
am 4cd96cc5: am 5c6ea6f6: am c7743447: Merge "Enlarge the minimum key size of RSA to enhance the security" * commit '4cd96cc5ac73be05b2397d0b97c4c99bc07012ff': Enlarge the minimum key size of RSA to enhance the security
|
4cd96cc5ac73be05b2397d0b97c4c99bc07012ff |
13-May-2014 |
Kenny Root <kroot@android.com> |
am 5c6ea6f6: am c7743447: Merge "Enlarge the minimum key size of RSA to enhance the security" * commit '5c6ea6f61facd19fdcc2372b710fb8fb23905032': Enlarge the minimum key size of RSA to enhance the security
|
2e68348d984d81c73a41e8db39183c55cff8faf9 |
09-May-2014 |
DanielMo <DanielMo@fih-foxconn.com> |
Enlarge the minimum key size of RSA to enhance the security We have modified OpenSSL source code such that size of RSA key should be at least 512 bits or more to support higher quality key generation as lower key sizes are vulnerable to attack. Thus we need to increase the size to 512 to avoid CTS failures, please refer to it also. https://code.google.com/p/android/issues/detail?id=66394 Change-Id: I95d734033227ed1497a5bc0fd0010f62b12c01c5 Signed-off-by: DanielMo <DanielMo@fih-foxconn.com>
ibcore/java/security/StandardNames.java
|
bdb8ddc00646e5121c91465de1d49263cc69bc4d |
08-May-2014 |
Kenny Root <kroot@google.com> |
am 0d6d3292: am 6005b896: am 4abcf7ad: Merge changes Iaaafcbed,Ifbca5637 * commit '0d6d32920134aa84e55fab59b6bd3a71c7bcb38f': KeyStoreTest: add more key types KeyManagerFactoryTest: add all the possible key types
|
0d6d32920134aa84e55fab59b6bd3a71c7bcb38f |
08-May-2014 |
Kenny Root <kroot@google.com> |
am 6005b896: am 4abcf7ad: Merge changes Iaaafcbed,Ifbca5637 * commit '6005b896b58659f8c2e0693bd9ead32706a05044': KeyStoreTest: add more key types KeyManagerFactoryTest: add all the possible key types
|
888373c54fd5f8fa0b1965238309db8187e3b381 |
08-May-2014 |
Kenny Root <kroot@google.com> |
KeyManagerFactoryTest: add all the possible key types This adds all the possible key types from the Standard Names document to the tests. Change-Id: Ifbca56371261c040c3cb9e0d80447e9cb73cad0f
ibcore/java/security/TestKeyStore.java
|
5c727bda02e78806081a0e874cd6ee4d4ed06d2b |
02-May-2014 |
Paul Duffin <paulduffin@google.com> |
am c3eed594: am f6696d69: am eec4356c: Merge "Improve detection of CloseGuard protected resource leakage" * commit 'c3eed594ffd6b488b5771cd1e6a9a4c44aa0826b': Improve detection of CloseGuard protected resource leakage
|
c3eed594ffd6b488b5771cd1e6a9a4c44aa0826b |
02-May-2014 |
Paul Duffin <paulduffin@google.com> |
am f6696d69: am eec4356c: Merge "Improve detection of CloseGuard protected resource leakage" * commit 'f6696d69727e1089f5608b0c3772ced3c347df7e': Improve detection of CloseGuard protected resource leakage
|
a6f350c645dbb66d68cc2b03afb8f2eeaa88fbba |
28-Feb-2014 |
Paul Duffin <paulduffin@google.com> |
Improve detection of CloseGuard protected resource leakage * Add CloseGuardMonitor to intercept and collate CloseGuard reports and if necessary throw an exception listing the resource leaks. * Add ResourceLeakageDetector to abstract away the CloseGuardMonitor which will not work on RI. * Add AbstractResourceLeakageDetectorTestCase as a base class for tests that need to detect resource leaks, in future this could be handled by modifications to Cts and Vogar test runners. * Remove CloseGuardTester and its sole usage in ProcessBuilderTest. * Remove CloseGuardGuard from within URLConnectionTest * Change ZipFileTest, ProcessBuilderTest, URLConnectionTest to use new mechanism, fix issues that are identified and do some cleanup/remove duplicated code. Bug: https://code.google.com/p/android/issues/detail?id=66383 Change-Id: Id026dbb6bc66091a15f07329e6371cd0d1f32cf5
ibcore/dalvik/system/CloseGuardTester.java
|
33aeb892a68274a5ec67f374f86c7b5cb06d1890 |
01-May-2014 |
Kenny Root <kroot@google.com> |
resolved conflicts for merge of 9687e46b to master Change-Id: Iaeaea9b44423257e8ccbcf631f40720d3035cecd
|
9687e46bcb2299492a55a97e0ddc1eb4db3517f8 |
30-Apr-2014 |
Kenny Root <kroot@google.com> |
am 42db8377: am 15e6f173: am d353b8e2: am ddc91700: am 0a0379d4: am 297a7de2: am 183efbb4: am 4629f94a: am e0350a80: am afd7d947: Merge "JarFile: make test chain 3 long" into jb-dev * commit '42db8377fdd20cdff6cac1994b25382551270a26': JarFile: make test chain 3 long
|
42db8377fdd20cdff6cac1994b25382551270a26 |
30-Apr-2014 |
Kenny Root <kroot@google.com> |
am 15e6f173: am d353b8e2: am ddc91700: am 0a0379d4: am 297a7de2: am 183efbb4: am 4629f94a: am e0350a80: am afd7d947: Merge "JarFile: make test chain 3 long" into jb-dev * commit '15e6f173de11133e1a61090635e350303ac0481a': JarFile: make test chain 3 long
|
15e6f173de11133e1a61090635e350303ac0481a |
30-Apr-2014 |
Kenny Root <kroot@google.com> |
am d353b8e2: am ddc91700: am 0a0379d4: am 297a7de2: am 183efbb4: am 4629f94a: am e0350a80: am afd7d947: Merge "JarFile: make test chain 3 long" into jb-dev * commit 'd353b8e2dbcdbd23e59a4a3e1460c88c33640044': JarFile: make test chain 3 long
|
d353b8e2dbcdbd23e59a4a3e1460c88c33640044 |
30-Apr-2014 |
Kenny Root <kroot@google.com> |
am ddc91700: am 0a0379d4: am 297a7de2: am 183efbb4: am 4629f94a: am e0350a80: am afd7d947: Merge "JarFile: make test chain 3 long" into jb-dev * commit 'ddc91700a5bed8e2b7214d6ca1e317929e378bc7': JarFile: make test chain 3 long
|
ddc91700a5bed8e2b7214d6ca1e317929e378bc7 |
30-Apr-2014 |
Kenny Root <kroot@google.com> |
am 0a0379d4: am 297a7de2: am 183efbb4: am 4629f94a: am e0350a80: am afd7d947: Merge "JarFile: make test chain 3 long" into jb-dev * commit '0a0379d45726c4cac1505167095d763068f900ae': JarFile: make test chain 3 long
|
0a0379d45726c4cac1505167095d763068f900ae |
30-Apr-2014 |
Kenny Root <kroot@google.com> |
am 297a7de2: am 183efbb4: am 4629f94a: am e0350a80: am afd7d947: Merge "JarFile: make test chain 3 long" into jb-dev * commit '297a7de2a15cae179d6713182641bddfdf89f397': JarFile: make test chain 3 long
|
4629f94abefbf6ea11d7cadb5865183e15030d77 |
30-Apr-2014 |
Kenny Root <kroot@google.com> |
am e0350a80: am afd7d947: Merge "JarFile: make test chain 3 long" into jb-dev * commit 'e0350a80cbcce86445c29c043ab5be3b46e28181': JarFile: make test chain 3 long
|
e0350a80cbcce86445c29c043ab5be3b46e28181 |
30-Apr-2014 |
Kenny Root <kroot@google.com> |
am afd7d947: Merge "JarFile: make test chain 3 long" into jb-dev * commit 'afd7d9472e5d850a8e1a6d02abaaa9f94579a77f': JarFile: make test chain 3 long
|
92408ff79b23d6559286e492c7c6cb3fdb6e399f |
29-Apr-2014 |
Kenny Root <kroot@google.com> |
JarFile: make test chain 3 long Change-Id: I761f0a652a8502e28a4f9bb15ac9782d3ad42355
ests/resources/hyts_signed_invalidChain.jar
ests/resources/hyts_signed_validChain.jar
|
7406d4e17dd39f3531e764ec7788b1f8dec99971 |
25-Apr-2014 |
Elliott Hughes <enh@google.com> |
am 3eb545e3: am 85fa4285: Merge "Groundwork towards making the Libcore.os functionality public." * commit '3eb545e382a12565ed8779632015d736d6f5c32c': Groundwork towards making the Libcore.os functionality public.
|
3eb545e382a12565ed8779632015d736d6f5c32c |
25-Apr-2014 |
Elliott Hughes <enh@google.com> |
am 85fa4285: Merge "Groundwork towards making the Libcore.os functionality public." * commit '85fa4285b3679120ee2d3dc5750a1e620de0449d': Groundwork towards making the Libcore.os functionality public.
|
5d930cadc8f62aee5f18e7921296fe66a54f18ab |
24-Apr-2014 |
Elliott Hughes <enh@google.com> |
Groundwork towards making the Libcore.os functionality public. Change-Id: Ie700aa16d91fba53fc5eb2555829cb74d84b12ad
ests/io/MockOs.java
|
a3d40b4064c0f4de77122eff9253da242877c938 |
23-Apr-2014 |
Kenny Root <kroot@google.com> |
JarFile: Add tests for ambiguous chains Some chains using the old code will have incorrect splits between CodeSigner paths. Bug: 13678484 Change-Id: Ia77b7cbcde9394e0d48a6f082bbd1cdfd880d74b
ests/resources/hyts_signed_ambiguousSignerArray.jar
|
5978b69274677753bc3049b4dc89625291a66912 |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am 0779dcac: am 008fbfd0: am a317f758: am ced71a50: am 99a25a47: am 5321ebb7: am 6d949cbf: am 951aa4f4: am 531968cf: am cb11b9ff: Tests for API to check certificate chain signatures * commit '0779dcac1bdc0d6d02ef6e4843a312aa03081f03': Tests for API to check certificate chain signatures
|
0779dcac1bdc0d6d02ef6e4843a312aa03081f03 |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am 008fbfd0: am a317f758: am ced71a50: am 99a25a47: am 5321ebb7: am 6d949cbf: am 951aa4f4: am 531968cf: am cb11b9ff: Tests for API to check certificate chain signatures * commit '008fbfd0ff37cb88047825d56d2116d0f62b69a5': Tests for API to check certificate chain signatures
|
008fbfd0ff37cb88047825d56d2116d0f62b69a5 |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am a317f758: am ced71a50: am 99a25a47: am 5321ebb7: am 6d949cbf: am 951aa4f4: am 531968cf: am cb11b9ff: Tests for API to check certificate chain signatures * commit 'a317f7585cc09844f8746afe49eb55a5b18d9ee7': Tests for API to check certificate chain signatures
|
a317f7585cc09844f8746afe49eb55a5b18d9ee7 |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am ced71a50: am 99a25a47: am 5321ebb7: am 6d949cbf: am 951aa4f4: am 531968cf: am cb11b9ff: Tests for API to check certificate chain signatures * commit 'ced71a503c6cf79b0cee407123d9df94bf988e0b': Tests for API to check certificate chain signatures
|
ced71a503c6cf79b0cee407123d9df94bf988e0b |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am 99a25a47: am 5321ebb7: am 6d949cbf: am 951aa4f4: am 531968cf: am cb11b9ff: Tests for API to check certificate chain signatures * commit '99a25a47254a79c3ebae17270b4989504b720383': Tests for API to check certificate chain signatures
|
99a25a47254a79c3ebae17270b4989504b720383 |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am 5321ebb7: am 6d949cbf: am 951aa4f4: am 531968cf: am cb11b9ff: Tests for API to check certificate chain signatures * commit '5321ebb789eb77b5fc4c6e2e5d2fcaba242d275d': Tests for API to check certificate chain signatures
|
951aa4f4e018b51060fdfb5dccd6cc17c41fed8f |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am 531968cf: am cb11b9ff: Tests for API to check certificate chain signatures * commit '531968cf367586f38167ced0415f89fe330ee75f': Tests for API to check certificate chain signatures
|
531968cf367586f38167ced0415f89fe330ee75f |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
am cb11b9ff: Tests for API to check certificate chain signatures * commit 'cb11b9fff2a1af8bb4fcad18986003a7f59189c6': Tests for API to check certificate chain signatures
|
a368cef707903c2adc7868ba48a95ccdac5f7625 |
22-Apr-2014 |
Kenny Root <kroot@google.com> |
Fix SSLEngineTest for RI The assymmetry between client and server with create sessions seems strange. It seems like a bug in the RI, so make sure Android does the right thing. Change-Id: I7b7ab501bd1963757b7f067c6ace8230a19a3e53
ibcore/javax/net/ssl/TestSSLEnginePair.java
|
cb11b9fff2a1af8bb4fcad18986003a7f59189c6 |
17-Apr-2014 |
Kenny Root <kroot@google.com> |
Tests for API to check certificate chain signatures Bug: 13678484 Change-Id: Ibc14b3e9b1159c7b0b130d01fac933f71a99ad96
ests/resources/hyts_signed_invalidChain.jar
ests/resources/hyts_signed_validChain.jar
|
727df1258e3b8386afea4778626c9ab16ef467d6 |
09-Apr-2014 |
Kenny Root <kroot@google.com> |
Update SSLEngineTest for OpenSSL Our new OpenSSL-based SSLEngine supports all the new stuff and no longer fails tests. Change-Id: I7db8e5134ca36ebd963c7081cd7ba79d91b3e5e2
ibcore/java/security/StandardNames.java
ibcore/javax/net/ssl/TestSSLEnginePair.java
|
3ad1704dc8e4653f4ceaeb5d8315ddb28318a1bb |
02-Apr-2014 |
Kenny Root <kroot@google.com> |
Update SSLEngineTest for RI The RI now supports TLSv1.2 with SSLEngine, so update all the expectations for their tests. It also appears to disable "weak" algorithms when you select TLSv1.2. Change-Id: I564283bb4945d3b71bee0f89c93c6dd6e238b4f8
ibcore/java/security/StandardNames.java
ibcore/javax/net/ssl/RandomPrivateKeyX509ExtendedKeyManager.java
ibcore/javax/net/ssl/TestSSLContext.java
ibcore/javax/net/ssl/TestSSLEnginePair.java
|
19745ce89add193c0e13c18979a3c9fb25bee475 |
18-Feb-2014 |
Narayan Kamath <narayan@google.com> |
DO NOT MERGE Fix another set of file related tests. - Get rid of Support_PlatformFile, use File.createTempFile instead. - Replace numerous uses of "user.dir" / "user.home" etc. with File.createTempFile - Replace calls to Process / chmod with Libcore.os.chmod. The calls wouldn't have worked anyway, since chmod on android doesn't understand the incremental (+w, -x) syntax. (cherry picked from commit 2b7c83942a5e28c53698232182193d5118028e6c) Bug: 13763685 Bug: 13763900 Change-Id: Ic6944568bbee6a548da6dcb4364b882636f2959f
ests/support/Support_PlatformFile.java
|
70bf6bc3ad78ed9a0a7a5767381ad6c25debbd70 |
20-Mar-2014 |
Kenny Root <kroot@google.com> |
Add X509ExtendedTrustManager This adds the X509ExtendedTrustManager class and all its ancillary methods that allow it to be used. This allows the endpointVerificationAlgorithm setting to be enabled on SSLSocket to check that the cerificate given for the endpoint during the handshake matched the expected hostname. Since X509ExtendedTrustManager allows you to pass in an SSLSocket, there is a new call added to SSLSocket called getHandshakeSession which does not force the handshake to take place. Bug: 13103812 Change-Id: I18a18b4f457d1676c8dc9a2a7bf7c3c4646a0425
ibcore/java/security/TestKeyStore.java
ibcore/javax/net/ssl/TestSSLContext.java
ibcore/javax/net/ssl/TestTrustManager.java
|
3c9ab07dd9001226b88f6bd1fca6690a3b7f4e3a |
21-Mar-2014 |
Kenny Root <kroot@google.com> |
StandardNames: only remove DH_* for RI The RI doesn't use DH_RSA and DH_DSA, but we do. Only remove them when the RI is running the tests. Change-Id: Id496a60e64ea51b105b7548e219e9340608f4672
ibcore/java/security/StandardNames.java
|
b335c684de8896be5db5d60dcaf0cb900b7314d9 |
21-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Merge "Support multiple KeyManagers in TestSSLContext and TestKeyStore."
|
a05be72f30c4ec9dc687582c651dc968fb89f444 |
20-Mar-2014 |
Kenny Root <kroot@google.com> |
StandardNames: update RI expectations Change-Id: Ia20902cc63d5e3ef1ac4cfc7a0b651368e845867
ibcore/java/security/StandardNames.java
|
edeec21a9c9e97cad91dffd47d4f2f7185dffe07 |
19-Mar-2014 |
Alex Klyubin <klyubin@google.com> |
Support multiple KeyManagers in TestSSLContext and TestKeyStore. The two classes in some places assumed that only one KeyManager is necessary or that only the first provided KeyManager is important. Change-Id: I88629778911503ac7c233341d44612247d799d22
ibcore/java/security/TestKeyStore.java
ibcore/javax/net/ssl/TestSSLContext.java
|
9c46602b63ac350c081bcb9aaef8260673d2ac73 |
03-Mar-2014 |
Neil Fuller <nfuller@google.com> |
Modify FinalizationTester to use Runtime.gc() System.gc() has changed in Android: it doesn't gc every time any more. Runtime.getRuntime().gc() is more likely to cause a garbage collection. Change-Id: I294c98a3b82ccb8867b6667d35c88fe9441110db Bug: 13097524
ibcore/java/lang/ref/FinalizationTester.java
|
2587ef91ba693d73e97704e8163c050b286e7330 |
14-Feb-2014 |
Neil Fuller <nfuller@google.com> |
Addition of 1.7 methods to URLConnection. URLConnection.getHeaderLong() and URLConnection.getContentLengthLong(). These methods are required by okhttp. Changed JarURLConnectionImpl.getContentLength() to return -1 when the size of an entry cannot be represented as an int. Previously it would have returned a corrupted, possibly negative, value due to a cast. Changed FileURLConnection.getContentLength() to return -1 when the size of the file cannot be represented as an int. Previously it would have returned a corrupted, possibly negative, value due to a cast. Change-Id: Ib43e68a2536c2602b4c7ee0cda68fa1f90045f57
ests/support/Support_TestWebData.java
|
2b7c83942a5e28c53698232182193d5118028e6c |
18-Feb-2014 |
Narayan Kamath <narayan@google.com> |
Fix another set of file related tests. - Get rid of Support_PlatformFile, use File.createTempFile instead. - Replace numerous uses of "user.dir" / "user.home" etc. with File.createTempFile - Replace calls to Process / chmod with Libcore.os.chmod. The calls wouldn't have worked anyway, since chmod on android doesn't understand the incremental (+w, -x) syntax. Change-Id: Ic6944568bbee6a548da6dcb4364b882636f2959f
ests/support/Support_PlatformFile.java
|
a70e9058c24a86f7b003c603a60e27742e899dd8 |
12-Feb-2014 |
Narayan Kamath <narayan@google.com> |
Delete unused test resources. These resources were used only by DalvikExecTest. Change-Id: Icb063fcf96593eeb3c6d9392214b3bc67305af53
ests/resources/cts_dalvikExecTest.jar
ests/resources/cts_dalvikExecTest_classes.dex
|
f0cd15d29ea97346b7c2e870969907cd586b1b30 |
06-Feb-2014 |
An Liu <an1.liu@sta.samsung.com> |
Skip TimaKeyStore in KeyStoreTest TimaKeyStore is Samsung's TrustZone-based KeyStore service provider. It should be skipped for KeyStore test cases since Samsung has it's own test cases.
ibcore/java/security/StandardNames.java
|
9f48b7f4185c06c3f4a1f95bda68a9cbe59b2c61 |
01-Feb-2014 |
Alex Klyubin <klyubin@google.com> |
Assert PKCS#7 padding supported for AES and 3DES. This tests that PKCS#7 padding for all Cipher transformations which currently support PKCS#5 padding. PKCS#5 padding is a special case of PKCS#7 padding. PKCS#5 padding is defined specifically for 64 bit long blocks. However, lots of code assumes that PKCS#5 for other block sizes works exactly like PKCS#7, and thus uses PKCS#5 padding where PKCS#7 should actually be used (e.g., with AES). Thus, we assert the assumption that PKCS#7 padding works exactly like PKCS#5 padding. Change-Id: I0ca8a952c67bc7aff172e22bd730378d41438067
ibcore/java/security/StandardNames.java
|
f2c1e7e3f9935e272a0a07a9637fc36ccd08e7de |
28-Jan-2014 |
Kenny Root <kroot@google.com> |
X509CertificateTest: add test for negative serial Update cert tests to save the private keys and also change the main certificate to a negative serial to exercise more corner cases. Change-Id: Ia59eece8ced0988b140ebf2e932b54298047f32d
ests/resources/x509/cacert.pem
ests/resources/x509/cakey.pem
ests/resources/x509/cert-alt-dirname.der
ests/resources/x509/cert-alt-dns.der
ests/resources/x509/cert-alt-email.der
ests/resources/x509/cert-alt-none.der
ests/resources/x509/cert-alt-other.der
ests/resources/x509/cert-alt-rid.der
ests/resources/x509/cert-alt-uri.der
ests/resources/x509/cert-ca.der
ests/resources/x509/cert-caWithPathLen.der
ests/resources/x509/cert-crl-ca.der
ests/resources/x509/cert-dsa.der
ests/resources/x509/cert-ec.der
ests/resources/x509/cert-extendedKeyUsage.der
ests/resources/x509/cert-ipv6.der
ests/resources/x509/cert-keyUsage-extraLong.der
ests/resources/x509/cert-rsa-dates.txt
ests/resources/x509/cert-rsa-pubkey.der
ests/resources/x509/cert-rsa-serial.txt
ests/resources/x509/cert-rsa-sig.der
ests/resources/x509/cert-rsa-tbs.der
ests/resources/x509/cert-rsa.der
ests/resources/x509/cert-sigopt.der
ests/resources/x509/cert-unsupported.der
ests/resources/x509/cert-userWithPathLen.der
ests/resources/x509/certs-pk7.der
ests/resources/x509/certs-pk7.pem
ests/resources/x509/create.sh
ests/resources/x509/crl-empty.der
ests/resources/x509/crl-rsa-dates.txt
ests/resources/x509/crl-rsa-dsa-dates.txt
ests/resources/x509/crl-rsa-dsa-sigopt.der
ests/resources/x509/crl-rsa-dsa-sigopt.pem
ests/resources/x509/crl-rsa-dsa.der
ests/resources/x509/crl-rsa-sig.der
ests/resources/x509/crl-rsa-tbs.der
ests/resources/x509/crl-rsa.der
ests/resources/x509/crl-unsupported.der
ests/resources/x509/dsapriv.pem
ests/resources/x509/ecpriv.pem
ests/resources/x509/privkey.pem
|
82c642531ba3c9ad29cb3125f7547a226b661b11 |
02-Jan-2014 |
Narayan Kamath <narayan@google.com> |
Delete Support_PortManager & OldDatagramSocketTest Support_PortManager didn't really work, so rewrite all tests that use it. Also, dedup OldDatagramSocketTest with the harmony DatagramSocketTest. Fix various broken test cases and terribly written tests. bug: 11689863 Change-Id: I4efb9e02eb88517273fff50a0dec1d0262feafb2
ests/support/Support_PortManager.java
|
71fa3ffedf35aff964eb2545e9af5fecfb8fe8ce |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable MD5 cipher suites in SSLSocket and SSLEngine. Although HMAC-MD5 is not yet broken, the foundations are shaky -- see http://tools.ietf.org/html/rfc6151. Scans show that disabling these TLS/SSL cipher suites currently causes handshake issues with 0.4% of the ecosystem. Bug: 11220570 Change-Id: I1970d2ecbdf3c0d26e45d439047b1d3884ade2ec
ibcore/java/security/StandardNames.java
|
1169c54ed01bb6146bda80fdc665b4bce9d4b65f |
19-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Actually prefer Forward Secrecy cipher suites. The documentation for the list of TLS/SSL cipher suites used by default states that cipher suites offering Forward Secrecy are preferred. This CL adjusts the list to conform: FS cipher suites that use RC4_128 bulk encryption algorithm were not preferred over non-FS cipher suites that use AES. Bug: 11220570 Change-Id: Ic9019306898600086920874474764186b710c3ef
ibcore/java/security/StandardNames.java
|
69f9b8db2a43d355430af36cc85d5ce945ed0869 |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Assert static key ECDH disallowed in default cipher suites. This is a follow-up to 5b15ad6b3d508a97d1cd23667afaee8c55072718 which removed static key ECDH cipher suites from the default list, but where the list of permitted key exchanges wasn't updated. Bug: 11220570 Change-Id: I319e21bf4475ddb9e6262b41dda99f5e33b1816f
ibcore/java/security/StandardNames.java
|
9a61ef3365ba5e33c65eec42fc80c7e47bc09958 |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable 3DES cipher suites in SSLSocket. The effective key length for 3DES_EDE bulk encryption algorithm is only 112 bits. We're now aiming for 128 and higher. Scans show that removing these cipher suites from the default list causes handshake issues only with 0.15% of the ecosystem. Bug: 11220570 Change-Id: Ie01ebe8134d08a36b276295b804540157963be8f
ibcore/java/security/StandardNames.java
|
5b15ad6b3d508a97d1cd23667afaee8c55072718 |
18-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Disable static server key ECDH cipher suites in SSLSocket. These cipher suites use a static key for ECDH on the server side. When client certificates are used, a static key is also used on the client side, leading to the same premaster secret for all connections between a particular client and server. Also, these cipher suites do not provide forward secrecy. Scans show that removing these cipher suites from the default list does not affect connectivity to servers and is thus safe. Bug: 11220570 Change-Id: If34f4a3888ed9972c39d171656a85c61dfa98ea1
ibcore/java/security/StandardNames.java
|
0f0e96af6a1e9e6ed88e2b310c8650d0021cfd47 |
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Enable AES-GCM cipher suites by default in SSLSocket. AES-GCM is preferred to AES-CBC whose MAC-pad-then-encrypt approach has issues (e.g., Lucky 13 attack). Bug: 11220570 Change-Id: Ib007bc89ccf08358ed3f093f630350fa859e7c35
ibcore/java/security/StandardNames.java
|
9e73d3f497461c5bd788bcfb7882e78c016e5876 |
17-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Enable support for TLSv1.2 cipher suites in SSLSocket. This adds support for AES-GCM and AES-CBC with MACs based on SHA256 and SHA384. Bug: 11220570 Change-Id: I56e7e25c5cd65a4c7662da6d4bbe5720f427e677
ibcore/java/security/StandardNames.java
|
53360555a747056b8e599c3e3fb06532e7e30f61 |
26-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Enable TLSv1.1 and TLSv1.2 by default for SSLSocket. TLSv1.1 and TLSv1.2 offer built-in protection against BEAST attack and support for GCM cipher suites. This change causes TLS/SSL handshake failures with a small fraction of servers, load balancers and TLS/SSL accelerators with broken TLS/SSL implementations. Scans demonstrate that the number is around 0.6%. Breaking connectivity (using platform default settings) to a tiny minority of the ecosystem is acceptable because this inconvenience is outweighed by the added safety for the overwheling majority of the ecosystem. App developers affected by this issue should consider asking such servers to be fixed or explicitly disabling TLSv1.1 and TLSv1.2 in their apps. Bug: 11220570 Change-Id: Ice9e8ce550401ba5e3385fd369c40f01c06ac7fd
ibcore/java/security/StandardNames.java
|
2cca77af136c57106bd9a1652e54a0ee99154d89 |
14-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Remove HarmonyJSSE SSLContext, SSLSocket and SSLServerSocket. Change-Id: I3c939e9275ba8f1d00342d1f83c6fdaf110f2317
ibcore/javax/net/ssl/TestSSLContext.java
|
0e5952d5638069e38218abf9136de8c4d3b60d95 |
13-Dec-2013 |
Kenny Root <kroot@google.com> |
CipherTest: add support for GCM cipher Change-Id: I4b5a5123977a1df152f097e2c7ed86cf7dbcfe9e
ibcore/java/security/StandardNames.java
|
b4675a53abbbb55acad213485636cf6a0d8b5bf6 |
12-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Javadoc the default configuration of SSLEngine. The Javadoc of javax.net.ssl.SSLEngine now lists the protocols and cipher suites supported and enabled by default. Bug: 11220570 Change-Id: I6e365d58bfe2ddf60bae9dc7ccd0a33249e9e125
ibcore/java/security/StandardNames.java
|
50ef556fd74a411bebdf0e33df75d7be1df1ed81 |
10-Dec-2013 |
Alex Klyubin <klyubin@google.com> |
Javadoc the default configuration of SSLSocket. The Javadoc of javax.net.ssl.SSLSocket now lists the protocols and cipher suites supported and enabled by default. Bug: 11220570 Change-Id: I3b6a96a86618370a55abf3307cbaadd1a1587066
ibcore/java/security/StandardNames.java
|
b3cc80ca4d1a00603de72ffc41560646394c9d5e |
15-Nov-2013 |
Narayan Kamath <narayan@google.com> |
am 439113b7: Merge "Import resources, fix JarURLConnectionTest." * commit '439113b7577fa3ed7c974fe158034649551130c4': Import resources, fix JarURLConnectionTest.
|
7c7bb922a47beb06257797857940c44440f4f52d |
15-Nov-2013 |
Narayan Kamath <narayan@google.com> |
am ebf160a0: Merge "Add serialization golden files, fix tests." * commit 'ebf160a0a41f2ea819b5c5c2e33199c098312941': Add serialization golden files, fix tests.
|
114b527135022d733642bcab532e8002f875692d |
15-Nov-2013 |
Narayan Kamath <narayan@google.com> |
am 4cac31eb: Merge "Add untracked harmony tests." * commit '4cac31eba78e0002e19dae81443f664c66d83340': Add untracked harmony tests.
|
439113b7577fa3ed7c974fe158034649551130c4 |
15-Nov-2013 |
Narayan Kamath <narayan@google.com> |
Merge "Import resources, fix JarURLConnectionTest."
|
ebf160a0a41f2ea819b5c5c2e33199c098312941 |
15-Nov-2013 |
Narayan Kamath <narayan@google.com> |
Merge "Add serialization golden files, fix tests."
|
4cac31eba78e0002e19dae81443f664c66d83340 |
15-Nov-2013 |
Narayan Kamath <narayan@google.com> |
Merge "Add untracked harmony tests."
|
f6fb19ad30b1f0e55e9c1efda39fcaf319837bb5 |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
resolved conflicts for merge of 8629cea4 to klp-dev-plus-aosp Change-Id: Ibd80c5f1a8b7b2fb7b4e77c40e5a0499effff6aa
|
8629cea4bb842ac8e13caf1979a5463215be259f |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 5ff3bc94: am 4c7d72a6: am fe1f3d77: am 11708986: am b00f46fc: am 23b3ea3a: am e496d90d: am cef32f3b: Merge "SSLEngine: Test that server params are verified" into jb-dev * commit '5ff3bc94bf2ec5bca48cb0027060df7fe4e48580': SSLEngine: Test that server params are verified
|
5ff3bc94bf2ec5bca48cb0027060df7fe4e48580 |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 4c7d72a6: am fe1f3d77: am 11708986: am b00f46fc: am 23b3ea3a: am e496d90d: am cef32f3b: Merge "SSLEngine: Test that server params are verified" into jb-dev * commit '4c7d72a663712343cbcffc2b45621f38f7e6cdbf': SSLEngine: Test that server params are verified
|
4c7d72a663712343cbcffc2b45621f38f7e6cdbf |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am fe1f3d77: am 11708986: am b00f46fc: am 23b3ea3a: am e496d90d: am cef32f3b: Merge "SSLEngine: Test that server params are verified" into jb-dev * commit 'fe1f3d7795d9a5bdef327bd7796004bff5da7dbf': SSLEngine: Test that server params are verified
|
fe1f3d7795d9a5bdef327bd7796004bff5da7dbf |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am 11708986: am b00f46fc: am 23b3ea3a: am e496d90d: am cef32f3b: Merge "SSLEngine: Test that server params are verified" into jb-dev * commit '11708986502da018afec813a9fd395b94003f160': SSLEngine: Test that server params are verified
|
23b3ea3aa7c462faa0b277f741b4dfa2d84d5278 |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am e496d90d: am cef32f3b: Merge "SSLEngine: Test that server params are verified" into jb-dev * commit 'e496d90d6275365187644c6673911908f880a0b6': SSLEngine: Test that server params are verified
|
e496d90d6275365187644c6673911908f880a0b6 |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
am cef32f3b: Merge "SSLEngine: Test that server params are verified" into jb-dev * commit 'cef32f3bb2da07efc846cf5bcd7970a74a782657': SSLEngine: Test that server params are verified
|
e19fe36340c4df01c0841090f53e4789044c9fe0 |
14-Nov-2013 |
Narayan Kamath <narayan@google.com> |
Import resources, fix JarURLConnectionTest. The test case with the escaped URL still fails. Change-Id: Iae3a58fea800d8b981cb09474d1fa77b7c361e4e
ests/resources/net/lf.jar
|
0669a8cf8b08b2d66a7ff758e5e3dbd456855495 |
14-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
SSLEngine: Test that server params are verified This CL adds tests that check that SSLEngine's handshake fails if the signature of server params in ServerKeyExchange does not verify. Bug: 11631299 Change-Id: I16dfa9c07a4f094adc17aadd6fb3fe9eac88103b
ibcore/javax/net/ssl/ForwardingX509ExtendedKeyManager.java
ibcore/javax/net/ssl/RandomPrivateKeyX509ExtendedKeyManager.java
|
6644b6ac300f69f02100aec4916af18316bf4525 |
13-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Higher-level default configuration asserts for TLS/SSL primitives."
|
9aab36ec35b4591cb9ba9ae0e4586cb642c39587 |
13-Nov-2013 |
Narayan Kamath <narayan@google.com> |
Add serialization golden files, fix tests. - Moves a few golden files from luni/ to harmony-tests/ - Delete dead code in SerializationTester - Fix a bug in SerializationTest (not sure how this ever worked for resources with "." in their name) Change-Id: Ia5b1376f4ada9b9c706a266ae077debeea5b1f29
rg/apache/harmony/testframework/serialization/SerializationTest.java
ests/util/SerializationTester.java
|
cb318c6f4fe5b0e20099fa85f1b95ccb2d24119f |
12-Nov-2013 |
Narayan Kamath <narayan@google.com> |
Add untracked harmony tests. This has been deduped against : libcore/luni/src/test/java/org/apache/harmony/luni/tests libcore/luni/src/test/java/tests/api/ libcore/harmony-tests/src/test/java/tests/api This is a minimal change that builds the entire test suite. Many tests don't pass yet, they will be fixed in follow ups. Notable tests that haven't been moved: - ExcludedProxyTest: Might make requests to (now defunct) external servers. All of this code is tested in okhttp. - URLClassLoaderTest: Has a dependency on jetty, tested in okhttp. Notable test cases that haven't been moved: - URLTest: overlap with okhttp, might make requests to external servers. - ServerSocketTest#test_init: Uses Support_execJava, which we don't support yet. Isn't testing anything useful. - FileTest#testDeleteOnExist: Uses Support_execJava which we don't support yet. This is a useful test and we must ressurect it if at all possible. bug: 11650799 Change-Id: Ib277eb0bad465ea72b090168490a1a633611b3f3
rg/apache/harmony/testframework/CharSinkTester.java
rg/apache/harmony/testframework/CharWrapperTester.java
rg/apache/harmony/testframework/SinkTester.java
rg/apache/harmony/testframework/WrapperTester.java
ests/resources/ServiceLoader/AbstractService.java
ests/resources/ServiceLoader/Service.java
ests/resources/ServiceLoader/ServiceDuplicateIn2File.java
ests/resources/ServiceLoader/ServiceFinalClass.java
ests/resources/ServiceLoader/ServiceForAllCommentTest.java
ests/resources/ServiceLoader/ServiceForEmptyTest.java
ests/resources/ServiceLoader/ServiceForIllegalNameTest.java
ests/resources/ServiceLoader/ServiceForWrongNameTest.java
ests/resources/ServiceLoader/ServiceIn2File.java
ests/resources/ServiceLoader/ServiceIn2FileWithEmptyConfig.java
ests/resources/ServiceLoader/ServiceMoreThanOne.java
ests/resources/ServiceLoader/ServiceWithDuplicateSons.java
ests/resources/ServiceLoader/hyts_services.jar
ests/resources/ServiceLoader/hyts_services2.jar
ests/support/Streams.java
ests/support/Support_TimeZone.java
ests/support/resource/Support_Resources.java
ests/util/SerializationTester.java
|
36490d47a843f981c0755bff02f301dfd316af50 |
09-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Merge "Deprioritize HMAC-MD5 in default TLS/SSL cipher suites."
|
181e96d17e879a1f063530cf1c540c2c5097cb02 |
30-Oct-2013 |
William Luh <williamluh@google.com> |
Add a second intermediate test CA. (cherry picked from commit 1295a430f883ab592fd3bd4a7cf950241ad22fcd) Change-Id: I732e7727c0de572f637d4c436094fec7583baf14
ibcore/java/security/TestKeyStore.java
|
f605c6822da13b32cd3643415a707882b62a3e91 |
06-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Higher-level default configuration asserts for TLS/SSL primitives. This adds SSLDefaultConfigurationAsserts class that offers higher-level checks for each TLS/SSL primitive. The goals are: * check not only the cipher suites and protocols configured but also the configuration of child primitives (e.g, configuration of SSLSockets returned by SSLSocketFactory, or configuration of SSLSocketFactory returned by SSLContext). * hide the upcoming target API level dependent configuration checks from test classes. Bug: 11220570 Change-Id: Iec1476a1b2d132c984413754129adfcb671885fb
ibcore/javax/net/ssl/SSLDefaultConfigurationAsserts.java
|
76900faa07771f1143671a3c8703d542b3ca9c21 |
08-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Deprioritize HMAC-MD5 in default TLS/SSL cipher suites. Although HMAC-MD5 is not yet broken, the foundations are now much more shaky that those of HMAC-SHA. See http://tools.ietf.org/html/rfc6151. Bug: 11220570 Change-Id: I2a2fe4d427650081637efc14fd7c427a33cbea7e
ibcore/java/security/StandardNames.java
|
4892adf2af0d4c842aace8d8f8f8a8189425ac23 |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Prefer Forward Secrecy TLS/SSL cipher suites by default. This modifies the list of TLS/SSL cipher suites used by default to prefer those offering Forward Secrecy (FS) -- ECDHE and DHE. Bug: 11220570 Change-Id: I20f635d11e937d64de4f4e2fea34e1c5ea7a67ac
ibcore/java/security/StandardNames.java
|
3cb3d30b0237493c1fc1947eaee0266c64583221 |
07-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Deprioritize RC4-based TLS/SSL cipher suites. Now that BEAST and Lucky13 mitigations are enabled, it is prudent to prefer AES CBC cipher suites over RC4 ones (see http://www.isg.rhul.ac.uk/tls/). Bug: 11220570 Change-Id: I52b9724700fd8eaeebbadcfa518a96823a1410b8
ibcore/java/security/StandardNames.java
|
f13911b39126ffae49737dadc74332b3a84e0d19 |
04-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Exact asserts for TLS/SSL protocols used by default. Previously, assertions about the list of protocols used by default by TLS/SSL primitives were checking that all of the protocols are supported, but were not checking that the list was exactly as expected. This CL adjusts the assertions to check that all of the expected protocols are listed and that no other protocols are listed. Three assert methods are added, corresponding to the three concentually different lists: client-side (e.g., SSLSocket), server-side (SSLServerSocket), and SSLEngine which currently does not switch lists based on whether it's in client or server mode. Bug: 11220570 Change-Id: Ib6b56c2372d76f94f254481aa01d29d2d03a085f
ibcore/java/security/StandardNames.java
|
632b6f770974fe4811e2e55dcba54f63b556e305 |
01-Nov-2013 |
Alex Klyubin <klyubin@google.com> |
Exact check for cipher suites used by SSLEngine by default. The previous assertion was only checking that all the default cipher suites are supported by SSLEngine. Bug: 11220570 Change-Id: I7c57c11e69fac7a532f890d242ac1ee4d1c64262
ibcore/java/security/StandardNames.java
|
2cd541f61919798b5b050c210f61db450ad8b013 |
30-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Refactor TLS/SSL cipher suite and protocol assertions. This hides expected lists of cipher suites and protocols from the users of assertion methods to: * enable targetSdkVersion-dependent behavior, and * centralize the definition of expected behavior in StandardNames. Bug: 11220570 Change-Id: I8b43196b24f02e10010223aa6738a9ce0df24333
ibcore/java/security/StandardNames.java
|
c1caa0507a6de77b3cf3f6b739596e7fe08e98dc |
23-Oct-2013 |
Alex Klyubin <klyubin@google.com> |
Do not use short-keyed TLS/SSL cipher suites by default. This removes TLS/SSL cipher suites with bulk cipher secret keys shorter than 80 bits from the list of cipher suites used by default. Bug: 11220570 Change-Id: I04e30f6d634801b36018fecc8f2b257fc6b7adfc
ibcore/java/security/StandardNames.java
|
bda6980df389e16edf907e5c516ee21e9e92883e |
10-Oct-2013 |
Kenny Root <kroot@google.com> |
JarUtils: try using the DigestEncryptionAlgorithm The original code tried getting an instance of the DigestAlgorithm by itself as a Signature type. This appears meant to be the DigestEncryptionAlgorithm by itself. Algorithms such as SHA256withECDSA have their own OID. Change-Id: I9384127bb026c8a5d3956095a9880427ead366b4
ests/resources/hyts_signed_sha256digest_sha256withecdsa.jar
|
9d72aaddcedda0eb4519f84805d2212fcc25ebaf |
26-Sep-2013 |
Kenny Root <kroot@google.com> |
Conscrypt: add SHA-224 with tests SHA-224 has made a comeback in the latest StandardNames documentation. This change adds tests for SHA-224 and also Conscrypt providers for things we have code paths to support. Change-Id: I8c200082ff76ee4ae38b6efaa16e6741b33b7f5b
ibcore/java/security/StandardNames.java
|
422092deb4fcc5f3f8d4e9d36cb6294b4049fd43 |
14-Sep-2013 |
Kenny Root <kroot@google.com> |
Remove BC workaround in TestKeyStore At one point in time, BC had a bug where it couldn't work with other EC keys. This has since been fixed, so this workaround is no longer needed. Change-Id: I0fb3f4d207fb5093e3bd1e1256cc3e165ecae8b0
ibcore/java/security/TestKeyStore.java
|
4616c7f802521312349adec76e10f4a5b612223e |
29-Aug-2013 |
Kenny Root <kroot@google.com> |
Move support library to a separate static library frameworks/base/core/tests/coretests uses the libcore/support/* classes for SSL-based tests. Instead of including core-tests itself, we need to split out the support classes to its own library to keep frameworks tests below the dex method limit. (cherry picked from commit b397b19a825d69e9122f1241849db726abae5413) Bug: 10092469 Change-Id: Ib9b1dd60cb778dba79afcbe3001749d82afa99d2
ibcore/java/lang/ref/FinalizationTester.java
|
b397b19a825d69e9122f1241849db726abae5413 |
29-Aug-2013 |
Kenny Root <kroot@google.com> |
Move support library to a separate static library frameworks/base/core/tests/coretests uses the libcore/support/* classes for SSL-based tests. Instead of including core-tests itself, we need to split out the support classes to its own library to keep frameworks tests below the dex method limit. Change-Id: Ic11dbd1c6f897af10c6cfe47efb977018ef2ad9a
ibcore/java/lang/ref/FinalizationTester.java
|
b274574b7e2681f4411852af9857b4540bf75841 |
02-Aug-2013 |
Elliott Hughes <enh@google.com> |
If libcore wants ASCII casing, it needs to ask for it like everyone else. http://elliotth.blogspot.com/2012/01/beware-convenience-methods.html Bug: https://code.google.com/p/android/issues/detail?id=58359 Change-Id: I597b2ac940f17b5b2bc176e390dc4b63fe0a4e72
ibcore/java/security/StandardNames.java
ests/http/MockWebServer.java
|
cd059a55c169e556d1fcfca145caa10173ae2174 |
24-Jul-2013 |
Elliott Hughes <enh@google.com> |
am be240e13: Merge "Remove the isLocaleAvailable hacks." * commit 'be240e1324314cbf1d8edaee7ce561b028e1ed2e': Remove the isLocaleAvailable hacks.
|
dd9b761d3b32bf02de354cb228f83cf7697032ef |
24-Jul-2013 |
Elliott Hughes <enh@google.com> |
Remove the isLocaleAvailable hacks. Change-Id: I17596301630f6c8d98c4415fe358f4fffb47b2d4
ests/support/Support_DecimalFormat.java
ests/support/Support_Locale.java
|
448053c9f0b3294b627cf8f1157ab8664abff3a8 |
02-Jul-2013 |
Kenny Root <kroot@google.com> |
am 35e2b734: Merge "JarFile: finish support for authenticated attributes" * commit '35e2b734149e88874883e48785f8263a8972ec61': JarFile: finish support for authenticated attributes
|
3de7083091497358d003bb889eba909f85b69fad |
01-Jul-2013 |
Kenny Root <kroot@google.com> |
JarFile: finish support for authenticated attributes There was an unfinished code path to use Authenticated Attributes to verify JAR files. This finishes it up and allows PKCS#7 signatures with that field instead of a direct digest on the encapsulated data. The description of Authenticated Attributes can be found in RFC 3852 section 9 referred to as "authAttrs." Bug: 9625223 Change-Id: Ia2c8fc09d39fbb67c1bdcdfe087f185471dcedd4
ests/resources/hyts_signed_authAttrs.jar
|
c286ebcb2be9bd7f2dd1c14b132dbf85ee7ca314 |
07-Jun-2013 |
Elliott Hughes <enh@google.com> |
am b5ba804a: Merge "Fix @deprecated javadoc orthography." * commit 'b5ba804a3b6d00c63a59902b782c11a0af9ed205': Fix @deprecated javadoc orthography.
|
99b4489d0555c6e0e5df941cbfad4cf250c8f0b8 |
07-Jun-2013 |
Elliott Hughes <enh@google.com> |
Fix @deprecated javadoc orthography. Change-Id: I6db6d91e21b8e1aca5b5338534196fd5bdef8a06
ests/http/MockWebServer.java
ests/support/Support_PortManager.java
|
07064a72e165536c708ceffe5b4d59bfffd25d5d |
03-Jun-2013 |
Brian Carlstrom <bdc@google.com> |
am 0897c605: Merge "PBKDF2 tests to exercise new, correct PBE implementation." * commit '0897c6055311bf665365cbb8cae46aadc18d4d45': PBKDF2 tests to exercise new, correct PBE implementation.
|
3f410d3b2d68c77a2a84629b47c29226c235f57d |
29-Apr-2013 |
William Luh <williamluh@google.com> |
PBKDF2 tests to exercise new, correct PBE implementation. Bug: 8312059 Change-Id: I614a43a0022393cb16250f4991a7156b05b0860c
ibcore/java/security/StandardNames.java
|
e9e7f036545d04e441e2aa8bcae4ba1024c86e97 |
24-May-2013 |
Brian Carlstrom <bdc@google.com> |
CipherTest fixes Bug: 9095447 (cherry picked from commit 1eba66d802f4edfaa3ca599f196e282bc110eff9) Change-Id: I6709eebcbede0ba617462bf49dd858f98246555f
ibcore/java/security/StandardNames.java
|
1eba66d802f4edfaa3ca599f196e282bc110eff9 |
24-May-2013 |
Brian Carlstrom <bdc@google.com> |
CipherTest fixes Bug: 9095447 Change-Id: Ieba76865c4da4260949391389611dfd09bc5e326
ibcore/java/security/StandardNames.java
|
32d4f90cbb829fce348ff1767d0c05168a5e3e30 |
19-Apr-2013 |
Kenny Root <kroot@google.com> |
Rename AndroidKeyStoreProvider -> AndroidKeyStore Bug: 8657552 Change-Id: I2659f1b67bb0fc298a187938d560fd57d3ceb214
ibcore/java/security/StandardNames.java
|
0b0c73781fbb1e5a43e6c0b363064010ac43f5bf |
16-Apr-2013 |
Kenny Root <kroot@google.com> |
Rename AndroidKeyStore in tests to match impl The KeyPairGenerator was renamed in frameworks/base, but it is tested during CTS so the StandardNames in libcore needs to be updated to know about this change as well so tests that use StandardNames don't have erroneous returns. Bug: 8626181 Change-Id: I079eb650d2dbe7baa204ff8d110a5389132e32a4
ibcore/java/security/StandardNames.java
|
90d02cbdbac93f6fee46082e25c1c67f75108442 |
03-Jan-2013 |
Chris Palmer <palmer@google.com> |
Check the EE's eKU extension field, if present. BUG=https://code.google.com/p/chromium/issues/detail?id=167607 and https://b.corp.google.com/issue?id=7920492 (cherry picked from commit 0da1515c5fe4e97fc2d4d24a41ebd4c078fec4db) Change-Id: I4309d4a90a9d41390f41c748fa1442ed736e225f
ibcore/java/security/TestKeyStore.java
|
0da1515c5fe4e97fc2d4d24a41ebd4c078fec4db |
03-Jan-2013 |
Chris Palmer <palmer@google.com> |
Check the EE's eKU extension field, if present. BUG=https://code.google.com/p/chromium/issues/detail?id=167607 and https://b.corp.google.com/issue?id=7920492 Change-Id: Ib917c3a4a8ea6a12f685c44056aa44aa414d45e6
ibcore/java/security/TestKeyStore.java
|
691f0a5a1c5b0294fb050f6247be14e74078395b |
21-Mar-2013 |
Brian Carlstrom <bdc@google.com> |
Cleanup openssl test generation scripts to work in any directory Change-Id: I7ac00ef5c7efe6fc243bd2663c31ef8ad8af9445
ests/resources/x509/create.sh
ests/resources/x509/default.cnf
|
8659e5f09d368ac074cabeafe65fb35acb919e49 |
06-Mar-2013 |
Kenny Root <kroot@google.com> |
Add test for empty CRL Change-Id: Ie8b099eec5628e5c577cff23050431d4ed1e2be2
ests/resources/x509/create.sh
ests/resources/x509/crl-empty.der
|
a698d224635ccfe3f141ccf627221271aa53bf69 |
06-Mar-2013 |
Kenny Root <kroot@google.com> |
SigAlgParams and other tests Add tests for getSigAlgParams using RSA-PSS signatures. Change-Id: Ib24b75a873dcc2007c6d511c6d307c92391a3f58
ests/resources/x509/cert-alt-dirname.der
ests/resources/x509/cert-alt-dns.der
ests/resources/x509/cert-alt-email.der
ests/resources/x509/cert-alt-none.der
ests/resources/x509/cert-alt-other.der
ests/resources/x509/cert-alt-rid.der
ests/resources/x509/cert-alt-uri.der
ests/resources/x509/cert-ca.der
ests/resources/x509/cert-caWithPathLen.der
ests/resources/x509/cert-crl-ca.der
ests/resources/x509/cert-dsa.der
ests/resources/x509/cert-ec.der
ests/resources/x509/cert-extendedKeyUsage.der
ests/resources/x509/cert-ipv6.der
ests/resources/x509/cert-keyUsage-extraLong.der
ests/resources/x509/cert-rsa-dates.txt
ests/resources/x509/cert-rsa-pubkey.der
ests/resources/x509/cert-rsa-serial.txt
ests/resources/x509/cert-rsa-sig.der
ests/resources/x509/cert-rsa-tbs.der
ests/resources/x509/cert-rsa.der
ests/resources/x509/cert-sigopt.der
ests/resources/x509/cert-unsupported.der
ests/resources/x509/cert-userWithPathLen.der
ests/resources/x509/certs-pk7.der
ests/resources/x509/certs-pk7.pem
ests/resources/x509/certs.der
ests/resources/x509/certs.pem
ests/resources/x509/create.sh
ests/resources/x509/crl-rsa-dates.txt
ests/resources/x509/crl-rsa-dsa-dates.txt
ests/resources/x509/crl-rsa-dsa-sigopt.der
ests/resources/x509/crl-rsa-dsa-sigopt.pem
ests/resources/x509/crl-rsa-dsa.der
ests/resources/x509/crl-rsa-sig.der
ests/resources/x509/crl-rsa-tbs.der
ests/resources/x509/crl-rsa.der
ests/resources/x509/crl-unsupported.der
|
ac4b39b3f93a28ba0375ac108155b752a79e4f5f |
31-Jan-2013 |
Brian Carlstrom <bdc@google.com> |
Tracking bouncycastle 1.48 upgrade Change-Id: I3c43882dda27b5596c6823f5f0711049803ac985
ibcore/java/security/TestKeyStore.java
|
0d7f656d7d7bdb65531cf97d25060a426d03ae76 |
08-Jan-2013 |
Kenny Root <kroot@google.com> |
X509CertificateTest: test for empty subjectAltNames If the subjectAltNames field is missing, providers should return null Change-Id: If11202d97e0a5a41ca598fb7df3320d6a20474c9
ests/resources/x509/cert-alt-none.der
ests/resources/x509/create.sh
ests/resources/x509/default.cnf
|
309e456e6f3b603b50806a24c56abd9fdb3bd7a9 |
02-Jan-2013 |
Kenny Root <kroot@google.com> |
Add test for X509CertificateFactory#generateCertificates Change-Id: I461881d515201829eae08046574824dbda30d460
ests/resources/x509/certs-pk7.der
ests/resources/x509/certs-pk7.pem
ests/resources/x509/certs.der
ests/resources/x509/certs.pem
ests/resources/x509/create.sh
|
e9eff570af49def101e6b98f48eac98ae2245dbe |
02-Jan-2013 |
Kenny Root <kroot@google.com> |
Add X509CRLTest in libcore tests Change-Id: I551d6ea887e06481a3eaefec980a728a8c4191f7
ests/resources/x509/cert-alt-dirname.der
ests/resources/x509/cert-alt-dns.der
ests/resources/x509/cert-alt-email.der
ests/resources/x509/cert-alt-other.der
ests/resources/x509/cert-alt-rid.der
ests/resources/x509/cert-alt-uri.der
ests/resources/x509/cert-ca.der
ests/resources/x509/cert-caWithPathLen.der
ests/resources/x509/cert-dsa.der
ests/resources/x509/cert-ec.der
ests/resources/x509/cert-extendedKeyUsage.der
ests/resources/x509/cert-ipv6.der
ests/resources/x509/cert-keyUsage-extraLong.der
ests/resources/x509/cert-rsa-dates.txt
ests/resources/x509/cert-rsa-pubkey.der
ests/resources/x509/cert-rsa-serial.txt
ests/resources/x509/cert-rsa-sig.der
ests/resources/x509/cert-rsa-tbs.der
ests/resources/x509/cert-rsa.der
ests/resources/x509/cert-unsupported.der
ests/resources/x509/cert-userWithPathLen.der
ests/resources/x509/create.sh
ests/resources/x509/crl-rsa-dates.txt
ests/resources/x509/crl-rsa-dsa-dates.txt
ests/resources/x509/crl-rsa-dsa.der
ests/resources/x509/crl-rsa-sig.der
ests/resources/x509/crl-rsa-tbs.der
ests/resources/x509/crl-rsa.der
ests/resources/x509/crl-unsupported.der
ests/resources/x509/default.cnf
|
9ca3d0733e7f93c140fdc693ffb0aaaa21de7a19 |
26-Dec-2012 |
Kenny Root <kroot@google.com> |
Add X509CertificateTest in libcore tests Change-Id: I678a8b89d0514c270ce0ee57057cfaadf3b47543
ests/resources/x509/cert-alt-dirname.der
ests/resources/x509/cert-alt-dns.der
ests/resources/x509/cert-alt-email.der
ests/resources/x509/cert-alt-other.der
ests/resources/x509/cert-alt-rid.der
ests/resources/x509/cert-alt-uri.der
ests/resources/x509/cert-ca.der
ests/resources/x509/cert-caWithPathLen.der
ests/resources/x509/cert-dsa.der
ests/resources/x509/cert-ec.der
ests/resources/x509/cert-extendedKeyUsage.der
ests/resources/x509/cert-invalidip.der
ests/resources/x509/cert-ipv6.der
ests/resources/x509/cert-keyUsage-extraLong.der
ests/resources/x509/cert-rsa-dates.txt
ests/resources/x509/cert-rsa-pubkey.der
ests/resources/x509/cert-rsa-serial.txt
ests/resources/x509/cert-rsa-sig.der
ests/resources/x509/cert-rsa-tbs.der
ests/resources/x509/cert-rsa.der
ests/resources/x509/cert-unsupported.der
ests/resources/x509/cert-userWithPathLen.der
ests/resources/x509/create.sh
ests/resources/x509/default.cnf
|
df99092f30a7bdc9f40f2fa0c3546a30d925edc0 |
01-Nov-2012 |
Brian Carlstrom <bdc@google.com> |
resolved conflicts for merge of eef7e935 to jb-mr1-dev-plus-aosp Change-Id: I1af764dffabdfa63bc383b606d0c86451bdf64dd
|
eef7e9357c272a9154f007e8bee2a09eed66d101 |
01-Nov-2012 |
Brian Carlstrom <bdc@google.com> |
Test to verify BC Signature algorithms by OID Bug: 7453821 Change-Id: I69408d0bb4063e34441ed1d7632fd1ccac39965b
ibcore/java/security/StandardNames.java
|
9fb84f4bee364d44b1d0d425109c98e964b23ae4 |
30-Oct-2012 |
Brian Carlstrom <bdc@google.com> |
am adcea0bf: Merge "Prefer PKIX algorithm name for TrustManagerFactory and KeyManagerFactory" * commit 'adcea0bf53b5b932013d8290619f17715b33f139': Prefer PKIX algorithm name for TrustManagerFactory and KeyManagerFactory
|
c934a095e1f863f00bf6f7c0b37fbd05ebeaaff5 |
29-Oct-2012 |
Brian Carlstrom <bdc@google.com> |
Prefer PKIX algorithm name for TrustManagerFactory and KeyManagerFactory Change-Id: I3da5bdf6739c6aee5ec0174e93cd6c06d6dfeeb3
ibcore/java/security/StandardNames.java
|
1b18a42ce11e536a12a21166b5e7790a73285af4 |
17-Oct-2012 |
Elliott Hughes <enh@google.com> |
am d2f41fe2: Merge "Fix ConcurrentCloseTest flakiness." * commit 'd2f41fe210bf0fe958345f84e95e8f037c325005': Fix ConcurrentCloseTest flakiness.
|
0e1afa1091f74a6228c01d8c7a8eebf001efdc57 |
13-Oct-2012 |
Elliott Hughes <enh@google.com> |
Fix ConcurrentCloseTest flakiness. We can't rely on consuming all the listen(2) backlog. For the tests we've seen fail because they sometimes connect rather than time out, switch to an unroutable address. (cherry-pick of babccbf9e429c4c78aca24c205825ceaaf7d3f37.) Bug: 6971145 Change-Id: Ibfa412ff1ad7da7e63842d0162cc67a706e2b27e
ests/net/StuckServer.java
|
babccbf9e429c4c78aca24c205825ceaaf7d3f37 |
13-Oct-2012 |
Elliott Hughes <enh@google.com> |
Fix ConcurrentCloseTest flakiness. We can't rely on consuming all the listen(2) backlog. For the tests we've seen fail because they sometimes connect rather than time out, switch to an unroutable address. Bug: 6971145 Change-Id: I259d31b1a15123bcd78c36849d5ed863d392ac20
ests/net/StuckServer.java
|
9dbe25c174d4f7e5099db1ea278513971e058ff8 |
12-Oct-2012 |
Kenny Root <kroot@google.com> |
am 0bf8e7a3: Merge "Add support for ECDSA signatures on jar files" * commit '0bf8e7a3145bbc6a32f5b88364a923af40434b61': Add support for ECDSA signatures on jar files
|
52c906b82c75e811284a1788e5ca0b4330a55a36 |
10-Oct-2012 |
Kenny Root <kroot@google.com> |
Add support for ECDSA signatures on jar files Change-Id: If928f2244b3a0809255d6619c25268beb84f76d3
ests/resources/hyts_signed_sha512digest_sha512withecdsa.jar
|
72e44404c32a98e7675a6e7cfbf856adb499a434 |
09-Oct-2012 |
Brian Carlstrom <bdc@google.com> |
Change OpenSSLCipherRSA.{engineGetBlockSize,engineGetOutputSize} to return result based on key size Includes cherry-pick of 847f22adbd0e829b84491d7202dcbed5bf67a98c Bug: 7192453 Change-Id: Ib5fa1e313d942d2c1034e8e7831af285ad24d71d
ibcore/java/security/StandardNames.java
|
a56d9c6247415d7cd99d8a3edfd3f97dfbab8a42 |
10-Oct-2012 |
Kenny Root <kroot@google.com> |
am 6508bcc2: Merge "Add stronger digest support to JarVerifier" * commit '6508bcc268f74b04dfcd04b1cafb5f293ad0f690': Add stronger digest support to JarVerifier
|
bff099b1b39940301bc7dd4be52dbe303c5e6fdf |
10-Oct-2012 |
Kenny Root <kroot@google.com> |
Add stronger digest support to JarVerifier Adds support for SHA-256, SHA-384, and SHA-512. Bug: http://code.google.com/p/android/issues/detail?id=38321 Change-Id: I9bf3f9cb2fa53b9f980e6c1cffcba81aa289a762
ibcore/java/security/StandardNames.java
ests/resources/hyts_signed_sha256digest_sha256withrsa.jar
ests/resources/hyts_signed_sha256withrsa.jar
|
e64b5a175e94b477dc3275924f126eba30f7599a |
04-Oct-2012 |
Kenny Root <kroot@google.com> |
am 9560ed5e: am 6ff99058: Merge "OpenSSLCipher: add Ciphers to StandardNames" * commit '9560ed5ed4229f17df8e09d9a40f4c8f30e68b0d': OpenSSLCipher: add Ciphers to StandardNames
|
5818245f0d132dc7fffd81d099ea7adb60be15f1 |
04-Oct-2012 |
Kenny Root <kroot@google.com> |
OpenSSLCipher: add Ciphers to StandardNames Change-Id: Ib990dd170d4c94ceea065748aceeb3bb4a297438
ibcore/java/security/StandardNames.java
|
3db1bf0eedb0095f4e6aa1b24f3769058735024a |
28-Sep-2012 |
Kenny Root <kroot@google.com> |
am 67c7510f: am f776b18f: Merge "Add more CipherTest tests" * commit '67c7510f9ca84347ec029023b3f04832f4453b9f': Add more CipherTest tests
|
847f22adbd0e829b84491d7202dcbed5bf67a98c |
28-Sep-2012 |
Kenny Root <kroot@google.com> |
Add more CipherTest tests Change-Id: I29f55e41335021945029e410d4e51e2c8f564285
ibcore/java/security/StandardNames.java
|
fe8b870db2b374e21c69c2ff0050e6a34e0d8d94 |
05-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
Tracking upgrade to bouncycastle 1.47 Change-Id: Ie1f2ae92638e81ccd7e4ec2459199e6eecdac75f
ibcore/java/security/StandardNames.java
|
f0993272562ebc6e8d77024b985c45fae9f92ed4 |
12-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
am a1359997: am 9f519e17: Merge "Add OpenSSLProvider support for Cipher.RSA/None/PKCS1Padding" * commit 'a1359997a83e4d1aefdb7ae23f73b61420d37964': Add OpenSSLProvider support for Cipher.RSA/None/PKCS1Padding
|
0a156e0126e8015f2791e9a7dd48bbdaeae0c335 |
12-Sep-2012 |
Brian Carlstrom <bdc@google.com> |
Add OpenSSLProvider support for Cipher.RSA/None/PKCS1Padding Summary: - Add OpenSSLProvider support for Cipher.RSA/None/PKCS1Padding Added NativeCrypto.RSA_private_decrypt and NativeCrypto.RSA_public_encrypt - Changed OpenSSLSignatureRawRSA to use new Cipher.RSA/None/PKCS1Padding Removed now obsoleted NativeCrypto APIs for RSA_padding_add_PKCS1_type_1 and RSA_padding_check_PKCS1_type_1 - added wrap/unwrap support OpenSSLCipherRSA Needed for SSLEngine (and fallback SSLSocket implementation) which are now picking up the new Cipher.RSA/None/PKCS1Padding - expanded CipherTest to sanity test all algorithms and PKCS1 padding Change-Id: I03566cc86ffce07d44d5e0094fa82c9c24587c26
ibcore/java/security/StandardNames.java
|
a8ae31b76c5615bf025b29e96dcadf900164efed |
29-Aug-2012 |
Kenny Root <kroot@google.com> |
Add Android KeyStore provider to StandardNames Change-Id: Ic4bbcf5be005a74f5263e40f406f8c741e5d8d5e
ibcore/java/security/StandardNames.java
|
62fc526d80608925cad24c3d6d91657f63a56fcf |
16-Aug-2012 |
Kenny Root <kroot@google.com> |
Add new Android-only algos to StandardNames The ProviderTest fails if we don't add these to StandardNames. Change the name of Signature.RAWRSA to "NONEwithRSA" so it matches the convention in existing algorithms. Change-Id: Id126eca46ee3b9f9d19aee596c1babd489693c7a
ibcore/java/security/StandardNames.java
|
ec9557af2760d73e6e53a2be6b025acb258e9017 |
02-Aug-2012 |
Brian Carlstrom <bdc@google.com> |
Remove SSLContext TLSv1.1 and TLSv1.2 from expected list for RI Change-Id: Ie506337882a878df77073c0c8117dfdc8d33b670
ibcore/java/security/StandardNames.java
|
d3298cd1b4bc69183e96e3cf8fd247e1596b7e07 |
24-Jul-2012 |
Elliott Hughes <enh@google.com> |
Fix URLConnectionTest#test_getAllowUserInteraction. Also improve the documentation, make it possible to run these tests individually outside of CTS with vogar, and remove a few more URLs of external web servers. We should clean up all tests to remove all reliance on external web servers. Bug: http://code.google.com/p/android/issues/detail?id=35400 (cherry-picked from 3827b65b1937acfbf3abbc449f8ba0ffc60f3cf3.) Conflicts: luni/src/test/java/org/apache/harmony/luni/tests/java/net/URLConnectionTest.java Change-Id: I4959fefa130290236533be72cce7c57b9ea1e296
ests/support/Support_Configuration.java
ests/support/resource/Support_Resources.java
|
3827b65b1937acfbf3abbc449f8ba0ffc60f3cf3 |
24-Jul-2012 |
Elliott Hughes <enh@google.com> |
Fix URLConnectionTest#test_getAllowUserInteraction. Also improve the documentation, make it possible to run these tests individually outside of CTS with vogar, and remove a few more URLs of external web servers. We should clean up all tests to remove all reliance on external web servers. Bug: http://code.google.com/p/android/issues/detail?id=35400 Change-Id: I28e78b7375ee554b3afe98e5249676e8bbbbec0e
ests/support/Support_Configuration.java
ests/support/resource/Support_Resources.java
|
903b3f5b6a6e524cb4d88b83ea32e7c355392271 |
19-Jul-2012 |
Elliott Hughes <enh@google.com> |
Start removing Support_PortManager. A bad idea, badly implemented. Bug: 2441548 Change-Id: I34c990f6fd9d746771846f186a7ab3ab59e78a9f
ests/support/Support_TestWebServer.java
|
5b7f91c1e6e208187cef57ab8a5de0a7f35e817f |
22-Mar-2012 |
Brian Carlstrom <bdc@google.com> |
Split OpenSSLRSAPrivateCrtKey from OpenSSLRSAPrivateKey Change-Id: I6a58044162758b3b74db5d17e9044f97dbe53bae
ests/security/KeyFactoryTest.java
|
3e6dd45baa0d7f9b4fa06f4ade76e088b59cc7bf |
16-Mar-2012 |
Brian Carlstrom <bdc@google.com> |
Tracking openssl-1.0.1 Bug: 6168278 Change-Id: I240d2cbc91f616fd486efc5203e2221c9896d90f
ibcore/java/security/StandardNames.java
ibcore/java/security/TestKeyStore.java
|
10078dabb17441ce2721a8e5e10f275c5d0a426a |
13-Dec-2011 |
Jesse Wilson <jessewilson@google.com> |
Kill SerializationTester; obsoleted by SerializableTester. Bug: http://b/5397460 Change-Id: Ic20f4363c8937d5feff0dec89e5de7ccf20f1dac
ests/util/SerializationTester.java
|
1a9cff8f68deffd618c5cba1f22f0fb0e396e067 |
17-Nov-2011 |
Jesse Wilson <jessewilson@google.com> |
Always trigger finalization the same way in our tests. This came up when I was recently writing a ZipFile finalization test and I needed to copy-paste the finalizer recipe. Change-Id: Ia67061b3dba1a7011c93c9a81e2a963876b238a1
ibcore/dalvik/system/CloseGuardTester.java
|
513ac78ca8aaeb61fa06928ca10aeff34a7b4683 |
15-Oct-2011 |
Brian Carlstrom <bdc@google.com> |
Set ANDROID_DATA for DalvikExecTest Also increase timeout to allow for dexopt of BOOTCLASSPATH Bug: 5310023 Change-Id: Icaa81a3bb3cea10c610e6ad671a001f6dbfeda17
ests/support/Support_Exec.java
|
9b4a8ec37805be3eabf3a4b443bbdb692ffa2608 |
30-Sep-2011 |
Elliott Hughes <enh@google.com> |
Fix a couple of isReachable bugs. We shouldn't throw NPE if you call isReachable on a deserialized InetAddress. Fixed by removing the "globals", which also fixes the unreported bug that calling isReachable on the same InetAddress was not thread-safe. Bug: http://code.google.com/p/android/issues/detail?id=20203 Also, the arguments to isReachableByTCP in isReachable(NetworkInterface, int, int) were the wrong way round, which meant we'd always return false (unless you were asking if localhost was reachable). Bug: http://code.google.com/p/android/issues/detail?id=20107 Bug: 2497441 Bug: 3213503 Change-Id: Ic808e774c28be6487e30e6acb8bc06f766f5c71d
ests/util/SerializationTester.java
|
ec4d64d1a6421b89fbc65da9d18aae89814474d7 |
12-Aug-2011 |
Jesse Wilson <jessewilson@google.com> |
Fix ClassLoaderBuilder to work in an APK file. This was breaking several CTS tests. Change-Id: I76a87deeb9a1f7b056adb72447001cf5e23ec0b3
ests/util/ClassLoaderBuilder.java
|
6057b576781336fbf1c2ace82dbb2429f3eddb76 |
09-Jun-2011 |
Jesse Wilson <jessewilson@google.com> |
am 8624c425: Merge "Use the same host name in the SSL cert as in mockwebserver." * commit '8624c4256089f54a58cbdd0ad2cf90af9b8f8973': Use the same host name in the SSL cert as in mockwebserver.
|
547450702efd233213f953ba2213bb38803c34c3 |
09-Jun-2011 |
Jesse Wilson <jessewilson@google.com> |
Use the same host name in the SSL cert as in mockwebserver. MockWebServer had to revert to getLocalHost() since 'getLoopbackAddress() doesn't exist on Java 6 and MockWebServer wants to work on Java 6. Tested on host and device without problem. Change-Id: Ib083ec393d34b2378da579ffc7b6a71d599f9d22
ibcore/java/security/TestKeyStore.java
ibcore/javax/net/ssl/TestSSLContext.java
|
7f708078fcc35e4b301469a0b124806996fe0399 |
08-Jun-2011 |
Jesse Wilson <jessewilson@google.com> |
am fd92a508: Merge "Use external/mockwebserver in libcore" * commit 'fd92a50839c5327c5d32d65315fde5d52c9da03d': Use external/mockwebserver in libcore
|
09336c914b4fc813e493acc82469b9ad89fd8694 |
07-Jun-2011 |
Jesse Wilson <jessewilson@google.com> |
Use external/mockwebserver in libcore Change-Id: I4dac34f88b23484643bce31e5f25ac6eb1fea426
ests/http/MockWebServer.java
|
4b1a89926910ce7f7c2a063240ceadfcbac74e06 |
06-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
am 003f7a4d: Make test initialization lazy * commit '003f7a4d100cd1527d94bac81a4a3c5a8216c6ee': Make test initialization lazy
|
003f7a4d100cd1527d94bac81a4a3c5a8216c6ee |
04-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
Make test initialization lazy Bug: 4311645 Change-Id: I4280d7ddb2a78f0e33564f3b40cfeb5c671e134a
ibcore/java/security/TestKeyStore.java
|
e26b27faf689c17b7894c78caee32432176349ec |
04-Jun-2011 |
Elliott Hughes <enh@google.com> |
Remove more dead "security theater" cruft. There's probably still more stuff lying around that isn't useful, but this was all I had time for on this particular Friday afternoon... Change-Id: I69593f6c9ab5534d581c703cc85a9766ba8e40e5
rg/apache/harmony/security/tests/support/MyBasicPermission.java
rg/apache/harmony/security/tests/support/MyPermission.java
rg/apache/harmony/security/tests/support/MyPermissionCollection.java
|
9b510df35b57946d843ffc34cf23fdcfc84c5220 |
28-May-2011 |
Elliott Hughes <enh@google.com> |
Make ErrnoException a checked exception. Bug: 4486011 Change-Id: I1877ce593d441653f75ab14884aa2d85f52652ad
ests/io/MockOs.java
|
54709bdf6b22d02efed7d2fd967cbd4d11b3942d |
25-May-2011 |
Brian Carlstrom <bdc@google.com> |
am e2fdfbde: Merge "OpenSSLSocketImpl should tolerate X509KeyManager returning null values" * commit 'e2fdfbde569a4cc284590c92bc57dc15dcc29a9c': OpenSSLSocketImpl should tolerate X509KeyManager returning null values
|
aba5e8c281fb9c6be23229246473fa0b433dd997 |
25-May-2011 |
Brian Carlstrom <bdc@google.com> |
OpenSSLSocketImpl should tolerate X509KeyManager returning null values While this started out as the small fix in OpenSSLSocketImpl.setCertificate and the corresponding test test_SSLSocket_clientAuth_bogusAlias, the need to test the behavior of the X509KeyManager returning null on the RI led to test maintenance to get libcore.javax.net.ssl tests working on RI 7 thanks to a test dependency that was added on the new InetAddress.getLoopbackAddress(). Change-Id: I3d8ed1ce453cc3a0b53e23e39c02e6a71413649c
ibcore/java/security/StandardNames.java
|
e5eb80e6adaab18ff7372adcd09f9e1af3a76871 |
19-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Make the HttpResponseCache robust to file I/O errors. If the filesystem fails, cache performance degrades. Ongoing writes should not see any filesystem errors: don't punish the writer who isn't benefitting from the cache. Ongoing reads may see IOExceptions while streaming files. In practice this will only happen if the directory disappears during use, as is the case when a removable partition is removed. Change-Id: Ibf4d51998d9beaba9f8c86c449fd5c97ca869cee http://b/3180373
ests/io/MockOs.java
|
6f778cc173cc60ec184e8ca54a16ad10cf55f2cf |
18-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Cache HTTP responses with a Vary header. This requires a backdoor for the cache to read the request headers at put time. This is implemented by getting the HttpEngine, which will allow us to eventually share the response header parsing. Change-Id: I177467244e5af0a3dda07883cd58d641bf75362f http://b/3180373
ests/io/MockOs.java
|
17da3dfaf359de021b753570e25a033ae8927432 |
17-May-2011 |
Brian Carlstrom <bdc@google.com> |
am 3041d84e: Merge "Make CertInstaller installed CA certs trusted by applications via default TrustManager (2 of 6)" * commit '3041d84e3c0ac7711868bdd7556047a3422e3052': Make CertInstaller installed CA certs trusted by applications via default TrustManager (2 of 6)
|
1b3c5388d0fffde4392007eb1b0be011a5dfae82 |
12-May-2011 |
Brian Carlstrom <bdc@google.com> |
Make CertInstaller installed CA certs trusted by applications via default TrustManager (2 of 6) frameworks/base Adding IKeyChainService APIs for CertInstaller and Settings use keystore/java/android/security/IKeyChainService.aidl libcore Improve exceptions to include more information luni/src/main/java/javax/security/auth/x500/X500Principal.java Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods. Added support for adding user CAs in a separate directory for system. Added support for removing system CAs by placing a copy in a sytem directory luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash to make sure the implementing algorithms doe not change since TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to 1.0.0) luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Extensive test of new TrustedCertificateStore behavior luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java TestKeyStore improvements - Refactored TestKeyStore to provide simpler createCA method (and internal createCertificate) - Cleaned up to remove use of BouncyCastle specific X509Principal in the TestKeyStore API when the public X500Principal would do. - Cleaned up TestKeyStore support methods to not throw Exception to remove need for static blocks for catch clauses in tests. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/java/security/KeyStoreTest.java luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Added private PKIXParameters contructor for use by IndexedPKIXParameters to avoid wart of having to lookup and pass a TrustAnchor to satisfy the super-class sanity check. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java luni/src/main/java/java/security/cert/PKIXParameters.java packages/apps/CertInstaller Change CertInstaller to call IKeyChainService.installCertificate for CA certs to pass them to the KeyChainServiceTest which will make them available to all apps through the TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask. src/com/android/certinstaller/CertInstaller.java Added installCaCertsToKeyChain and hasCaCerts accessor for use by CertInstaller. Use hasUserCertificate() internally. Cleanup coding style. src/com/android/certinstaller/CredentialHelper.java packages/apps/KeyChain Added MANAGE_ACCOUNTS so that IKeyChainService.reset implementation can remove KeyChain accounts. AndroidManifest.xml Implement new IKeyChainService methods: - Added IKeyChainService.installCaCertificate to install certs provided by CertInstaller using the TrustedCertificateStore. - Added IKeyChainService.reset to allow Settings to remove the KeyChain accounts so that any app granted access to keystore credentials are revoked when the keystore is reset. src/com/android/keychain/KeyChainService.java packages/apps/Settings Changed com.android.credentials.RESET credential reset action to also call IKeyChainService.reset to remove any installed user CAs and remove KeyChain accounts to have AccountManager revoke credential granted to private keys removed during the RESET. src/com/android/settings/CredentialStorage.java Added toast text value for failure case res/values/strings.xml system/core Have init create world readable /data/misc/keychain to allow apps to access user added CA certificates installed by the CertInstaller. rootdir/init.rc Change-Id: Ief57672eea38b3eece23b14c94dedb9ea4713744
ibcore/java/security/TestKeyStore.java
|
e342455abc6b650f847d931728223411e58831ce |
17-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Test DiskLruCache with fault injection. This tests what happens when the filesystem fails while reading or writing the cached files. I still need to test what happens when there are failures reading or writing the journal. Change-Id: I48018514ef5b8cc206efc905b1823eb49589c8e8 http://b/3180373
ests/io/MockOs.java
|
757afaa7afe96791a3cc612c9e3c4597a7321c7e |
12-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Provide hit and miss stats on the HTTP response cache. Also capture FDs rather than InputStreams when a cache entry is read. This permits the cache to return as many streams as the caller requires. Also fix bugs where we weren't properly releasing the input streams from the responses. Change-Id: I04807eab648864229f1e8734ad1fbb6a2d6bb51d http://b/3180373
ibcore/net/http/HttpResponseCache.java
|
1724d9cddbf0e0f4e35f5c5d83bc335994f0286e |
11-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Support Eviction in DiskLruCache. Change-Id: I84f536e597efb4c2b8dd519261b327dcd3e9eefa http://b/3180373
ibcore/net/http/HttpResponseCache.java
|
6716a68492cbad8cf71e4941beb1fece7858a3cd |
11-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Merge "Address code review comments to Adopt DiskLruCache change." into dalvik-dev
|
0038bf3674d6fedd4c1e884c7903f2fdcecb9127 |
11-May-2011 |
Elliott Hughes <enh@google.com> |
Merge "Clean up the select(2) implementation." into dalvik-dev
|
f589846f86761ffea3c06ab9d105d3f19328d121 |
11-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Address code review comments to Adopt DiskLruCache change. That change was submitted too early. This is the missing follow-up. Change-Id: I521455a7d249f8841c989561775c91d4368a8966 http://b/3180373
ibcore/net/http/HttpResponseCache.java
|
a7bb29434692e01aed843b88cd042628bab74a23 |
11-May-2011 |
Elliott Hughes <enh@google.com> |
Clean up the select(2) implementation. I wasn't planning on touching this code (since I want to replace it), but the purported "fix" for http://code.google.com/p/android/issues/detail?id=6309 was actually a regression. The supplied test fails on the RI. This patch replaces the bogus test with new tests, and reverts the old "fix". This was found while trying to work out what "true" and "false" return values from OSNetworkSystem.select are supposed to mean. This patch also switches to a more traditional int return value. Bug: 3107501 Change-Id: Iddce55e081d440b7eb3ddcf94db7d0739dc89c70
ests/net/StuckServer.java
|
433e3fac172d0c4449051b0c61c0c63b298a0903 |
11-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Adopt DiskLruCache in HttpResponseCache. http://b/3180373 Change-Id: I55ed45c5d0b8fc72cf50e8912416367ac802dc7a
ibcore/net/http/HttpResponseCache.java
|
a0de05e00f3d51df7461cb2048c50bb30ef9112a |
06-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Don't lose the import for InetAddress. Change-Id: I90fcf6c284f4a3bbe36ef0ed44f85ddf5a424ffb
ests/http/MockWebServer.java
|
c996149b500fc4825156106554457fe2394ae087 |
06-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Fix proxy+HTTPS to handle authentication requests from the proxy. Previously I'd introduced a bug by assuming that CONNECT responses would always be successful. Change-Id: Iaf0caf67f52154f6951a20284c75db0090843b99 http://b/4188137
ests/http/MockWebServer.java
ests/http/SocketPolicy.java
|
73c54e43051d0da126d643049296c264ebb9fd04 |
05-May-2011 |
Elliott Hughes <enh@google.com> |
Merge "A handful of networking test fixes." into dalvik-dev
|
953df613522e12a418cb7cb73248594d6c9f53d4 |
03-May-2011 |
Jesse Wilson <jessewilson@google.com> |
Refactor HttpURLConnection implementation. Break HttpURLConnectionImpl into two parts: the part that implements the Java API (that follows redirects etc.) and the part that speaks HTTP. The HTTP part is called HttpEngine, and it can only be used for a single HTTP request. This makes it easier to set request properties that only apply to a single socket request. Tests for 'Vary', 'Content-Location' and warnings. For simplicity of implementation I've chosen not to support 'Vary' at this time. The 'Content-Location' header doesn't require any work from the cache. Warnings are ugly but allow the caller to identify when the cache results may be problematic. Also breaking HttpResponseCache's dependency on HttpURLConnectionImpl so it can be tested on the RI. Change-Id: Idbabb51251f479c2cdea4e0fceb029bfd07182be http://b/3180373
ibcore/net/http/HttpResponseCache.java
|
7e6cee7a973ebf3cdc32638580d777d9b45088ae |
05-May-2011 |
Elliott Hughes <enh@google.com> |
A handful of networking test fixes. The main thing is that some of the tests were relying on the presence of the removed "java.net.preferIP*" properties. Change-Id: I4cb1e99a13ed10c3ce14dad58579454a22b3416f
ests/support/Support_Configuration.java
|
d02c73b1db5e11d4d0b03da536e4d99a857b0c23 |
30-Apr-2011 |
Jesse Wilson <jessewilson@google.com> |
Merge "Honor max-age and min-fresh request headers." into dalvik-dev
|
d7a21ec11a89594497f35f731b42d98af72e1235 |
30-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
resolved conflicts for merge of 7195b3b9 to dalvik-dev Change-Id: Ie1f2d796466f1799929b010d67585fd551b6f840
|
0c814baa7aff1b0845b2ad36c62dc791700732e1 |
30-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
am 347b2a60: Avoid loading all CA certs into Zygote memory, lazily load instead (2 of 3) * commit '347b2a604114602da9bc4ae040278f74d11c2f51': Avoid loading all CA certs into Zygote memory, lazily load instead (2 of 3)
|
7195b3b965df5c3288435d94e8d13bd256e33890 |
30-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Merge "Fix X509CertImpl.verify(PublicKey, String) to respect provider argument"
|
adb64fbba2b781467e055706c3de0873dfc01166 |
30-Apr-2011 |
Jesse Wilson <jessewilson@google.com> |
Honor max-age and min-fresh request headers. We now honor headers from both the server's response (which we have cached) and the client's request. Change-Id: Ib46e4fc0c5dd5b3e74cff8f45eea2dda51d20b94 http://b/3180373
ests/http/MockWebServer.java
|
91922d920e0020bde20ef5ae21b66cab847dd58b |
30-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Fix X509CertImpl.verify(PublicKey, String) to respect provider argument Mostly a cleanup of CertificateTest, but it found one small bug in X509CertImpl - X509CertImpl.verify with a specific provider should use that provider, not ignore it and use the NativeCrypto fast path - Fix the bad testGetEncoded logic that was expected PEM bytes to equal a DER encodi - Remove libcore and harmony dependencies that were preventing these from running on the RI - Note testSerializationCompatibility is still failing, but is fixed by the unmerged 46c6fad9fad8f3dbbc82516232a225f37d332ca7 Bug: 1635707 Change-Id: Ib86d21d6458cf1438c6ddd715ccb5a4f8a9af9e6
rg/apache/harmony/testframework/serialization/SerializationTest.java
ests/support/resource/Support_Resources.java
|
347b2a604114602da9bc4ae040278f74d11c2f51 |
26-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Avoid loading all CA certs into Zygote memory, lazily load instead (2 of 3) Previously the CA certs stored in the BKS KeyStore at /system/etc/security/cacerts.bks was loaded in the Zygote. As the the number of CAs are started to increase, this is causing more and more memory to be used for rarely used CAs. The new AndroidCAStore KeyStore implementation reads the CAs as needed out of individual PEM certificate files. The files can be efficiently found because they are named based on a hash CA's subject name, similar to OpenSSL. Bug: 1109242 Details: build Removing old cacerts.bks from GRANDFATHERED_ALL_PREBUILT and adding new cacerts directory to core PRODUCT_PACKAGES core/legacy_prebuilts.mk target/product/core.mk libcore cacerts build changes. Move cacerts prebuilt logic to new CaCerts.mk from NativeCode.mk where it didn't make sense. Updated Android.mk's dalvik-host target to install new cacerts files. Android.mk CaCerts.mk NativeCode.mk Remove old cacerts.bks and add remove certimport.sh script used to generate it. Preserved the useful comments from certimport.sh in the new README.cacerts luni/src/main/files/cacerts.bks luni/src/main/files/certimport.sh luni/src/main/files/README.cacerts Recanonicalize cacerts files using updated vendor/google/tools/cacerts/certimport.py (See below discussion of certimport.py changes for details) luni/src/main/files/cacerts/00673b5b.0 luni/src/main/files/cacerts/03e16f6c.0 luni/src/main/files/cacerts/08aef7bb.0 luni/src/main/files/cacerts/0d188d89.0 luni/src/main/files/cacerts/10531352.0 luni/src/main/files/cacerts/111e6273.0 luni/src/main/files/cacerts/1155c94b.0 luni/src/main/files/cacerts/119afc2e.0 luni/src/main/files/cacerts/11a09b38.0 luni/src/main/files/cacerts/12d55845.0 luni/src/main/files/cacerts/17b51fe6.0 luni/src/main/files/cacerts/1920cacb.0 luni/src/main/files/cacerts/1dac3003.0 luni/src/main/files/cacerts/1dbdda5b.0 luni/src/main/files/cacerts/1dcd6f4c.0 luni/src/main/files/cacerts/1df5ec47.0 luni/src/main/files/cacerts/1e8e7201.0 luni/src/main/files/cacerts/1eb37bdf.0 luni/src/main/files/cacerts/219d9499.0 luni/src/main/files/cacerts/23f4c490.0 luni/src/main/files/cacerts/27af790d.0 luni/src/main/files/cacerts/2afc57aa.0 luni/src/main/files/cacerts/2e8714cb.0 luni/src/main/files/cacerts/2fa87019.0 luni/src/main/files/cacerts/2fb1850a.0 luni/src/main/files/cacerts/33815e15.0 luni/src/main/files/cacerts/343eb6cb.0 luni/src/main/files/cacerts/399e7759.0 luni/src/main/files/cacerts/3a3b02ce.0 luni/src/main/files/cacerts/3ad48a91.0 luni/src/main/files/cacerts/3c58f906.0 luni/src/main/files/cacerts/3c860d51.0 luni/src/main/files/cacerts/3d441de8.0 luni/src/main/files/cacerts/3e7271e8.0 luni/src/main/files/cacerts/418595b9.0 luni/src/main/files/cacerts/455f1b52.0 luni/src/main/files/cacerts/46b2fd3b.0 luni/src/main/files/cacerts/48478734.0 luni/src/main/files/cacerts/4d654d1d.0 luni/src/main/files/cacerts/4e18c148.0 luni/src/main/files/cacerts/4fbd6bfa.0 luni/src/main/files/cacerts/5021a0a2.0 luni/src/main/files/cacerts/5046c355.0 luni/src/main/files/cacerts/524d9b43.0 luni/src/main/files/cacerts/56b8a0b6.0 luni/src/main/files/cacerts/57692373.0 luni/src/main/files/cacerts/58a44af1.0 luni/src/main/files/cacerts/594f1775.0 luni/src/main/files/cacerts/5a3f0ff8.0 luni/src/main/files/cacerts/5a5372fc.0 luni/src/main/files/cacerts/5cf9d536.0 luni/src/main/files/cacerts/5e4e69e7.0 luni/src/main/files/cacerts/60afe812.0 luni/src/main/files/cacerts/635ccfd5.0 luni/src/main/files/cacerts/67495436.0 luni/src/main/files/cacerts/69105f4f.0 luni/src/main/files/cacerts/6adf0799.0 luni/src/main/files/cacerts/6e8bf996.0 luni/src/main/files/cacerts/6fcc125d.0 luni/src/main/files/cacerts/72f369af.0 luni/src/main/files/cacerts/72fa7371.0 luni/src/main/files/cacerts/74c26bd0.0 luni/src/main/files/cacerts/75680d2e.0 luni/src/main/files/cacerts/7651b327.0 luni/src/main/files/cacerts/76579174.0 luni/src/main/files/cacerts/7999be0d.0 luni/src/main/files/cacerts/7a481e66.0 luni/src/main/files/cacerts/7a819ef2.0 luni/src/main/files/cacerts/7d3cd826.0 luni/src/main/files/cacerts/7d453d8f.0 luni/src/main/files/cacerts/81b9768f.0 luni/src/main/files/cacerts/8470719d.0 luni/src/main/files/cacerts/84cba82f.0 luni/src/main/files/cacerts/85cde254.0 luni/src/main/files/cacerts/86212b19.0 luni/src/main/files/cacerts/87753b0d.0 luni/src/main/files/cacerts/882de061.0 luni/src/main/files/cacerts/895cad1a.0 luni/src/main/files/cacerts/89c02a45.0 luni/src/main/files/cacerts/8f7b96c4.0 luni/src/main/files/cacerts/9339512a.0 luni/src/main/files/cacerts/9685a493.0 luni/src/main/files/cacerts/9772ca32.0 luni/src/main/files/cacerts/9d6523ce.0 luni/src/main/files/cacerts/9dbefe7b.0 luni/src/main/files/cacerts/9f533518.0 luni/src/main/files/cacerts/a0bc6fbb.0 luni/src/main/files/cacerts/a15b3b6b.0 luni/src/main/files/cacerts/a3896b44.0 luni/src/main/files/cacerts/a7605362.0 luni/src/main/files/cacerts/a7d2cf64.0 luni/src/main/files/cacerts/ab5346f4.0 luni/src/main/files/cacerts/add67345.0 luni/src/main/files/cacerts/b0f3e76e.0 luni/src/main/files/cacerts/bc3f2570.0 luni/src/main/files/cacerts/bcdd5959.0 luni/src/main/files/cacerts/bda4cc84.0 luni/src/main/files/cacerts/bdacca6f.0 luni/src/main/files/cacerts/bf64f35b.0 luni/src/main/files/cacerts/c0cafbd2.0 luni/src/main/files/cacerts/c215bc69.0 luni/src/main/files/cacerts/c33a80d4.0 luni/src/main/files/cacerts/c527e4ab.0 luni/src/main/files/cacerts/c7e2a638.0 luni/src/main/files/cacerts/c8763593.0 luni/src/main/files/cacerts/ccc52f49.0 luni/src/main/files/cacerts/cdaebb72.0 luni/src/main/files/cacerts/cf701eeb.0 luni/src/main/files/cacerts/d16a5865.0 luni/src/main/files/cacerts/d537fba6.0 luni/src/main/files/cacerts/d64f06f3.0 luni/src/main/files/cacerts/d777342d.0 luni/src/main/files/cacerts/d8274e24.0 luni/src/main/files/cacerts/dbc54cab.0 luni/src/main/files/cacerts/ddc328ff.0 luni/src/main/files/cacerts/e48193cf.0 luni/src/main/files/cacerts/e60bf0c0.0 luni/src/main/files/cacerts/e775ed2d.0 luni/src/main/files/cacerts/e7b8d656.0 luni/src/main/files/cacerts/e8651083.0 luni/src/main/files/cacerts/ea169617.0 luni/src/main/files/cacerts/eb375c3e.0 luni/src/main/files/cacerts/ed049835.0 luni/src/main/files/cacerts/ed524cf5.0 luni/src/main/files/cacerts/ee7cd6fb.0 luni/src/main/files/cacerts/f4996e82.0 luni/src/main/files/cacerts/f58a60fe.0 luni/src/main/files/cacerts/f61bff45.0 luni/src/main/files/cacerts/f80cc7f6.0 luni/src/main/files/cacerts/fac084d7.0 luni/src/main/files/cacerts/facacbc6.0 luni/src/main/files/cacerts/fde84897.0 luni/src/main/files/cacerts/ff783690.0 Change IntegralToString.intToHexString to take width argument to allow for leading zero padding. Updated existing callers to specify 0 padding desired. Add testing of new padding functionality. luni/src/main/java/java/lang/Character.java luni/src/main/java/java/lang/Integer.java luni/src/main/java/java/lang/IntegralToString.java luni/src/test/java/libcore/java/lang/IntegralToStringTest.java Improved to throw Exceptions with proper causes luni/src/main/java/java/security/KeyStore.java luni/src/main/java/java/security/Policy.java luni/src/main/java/java/security/cert/CertificateFactory.java luni/src/main/java/javax/crypto/Cipher.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java Indentation fixes luni/src/main/java/java/security/SecureRandom.java Fix X509CRLSelector.getIssuerNames to clone result and added test to cover this. luni/src/main/java/java/security/cert/X509CRLSelector.java luni/src/test/java/libcore/java/security/cert/X509CRLSelectorTest.java Fixed bug where we created an X500Principal via a String representation instead of from its original encoded bytes. This led to a difficult to track down bug where CA 418595b9.0 where the NativeCode.X509_NAME_hash of a Harmony (but not BouncyCastle) X509Certificate would not hash to the expected value because the encoded form used an ASN.1 PrintableString instead of the UTF8String form found in the original certificate. luni/src/main/java/org/apache/harmony/security/x501/Name.java Add a new RootKeyStoreSpi and register it as the AndroidCAStore. This new read-only KeyStore implementation that looks for certificates in $ANDROID_ROOT/etc/security/cacerts/ directory, which is /system/etc/security/cacerts/ on devices. The files are stored in the directory based on the older md5 based OpenSSL X509_NAME_hash function (now referred to as X509_NAME_hash_old in OpenSSL 1.0) luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java Added OpenSSL compatible X509_NAME_hash and X509_NAME_hash_old functions for producting an int hash value from an X500Principal. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java Changed TrustManagerFactoryImpl to use AndroidCAStore for its default KeyStore luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerFactoryImpl.java Changed TrustManagerImpl to be AndroidCAStore aware. If it detects an AndroidCAStore, it avoids generating the acceptedIssuers array at constructions, since doing so would force us to parse all certificates in the store and the value is only typically used by SSLServerSockets when requesting a client certifcate. Because we don't load all the trusted CAs into the IndexedPKIXParameters at startup in the case of AndroidCAStore, we now check for new CAs when examining the cert chain for unnecessary TrustAnchors and for a newly discovered issuer at the end of the chain before validation. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Updated KeyStoreTest to cope with read only KeyStore. Update test_cacerts_bks (now renamed test_cacerts) to use the AndroidCAStore for validating system CA certificate validity. Register AndroidCAStore as an expected KeyStore type with StandardNames. luni/src/test/java/libcore/java/security/KeyStoreTest.java support/src/test/java/libcore/java/security/StandardNames.java Added test of X500Principal serialization while investigating Name encoding issue. However, the actual Name bug was found and verified by the new test_cacerts test. luni/src/test/java/libcore/javax/security/auth/x500/X500PrincipalTest.java vendor/google Change canonical format for checked in cacerts to have PEM certificate at the top, as required by Harmony's X.509 CertificateFactory. tools/cacerts/certimport.py Change-Id: If0c9de430f13babb07f96a1177897c536f3db08d
ibcore/java/security/StandardNames.java
|
0c59055dd24e1659f85d9ff7e2148883f663bd62 |
27-Apr-2011 |
Jesse Wilson <jessewilson@google.com> |
Support conditional gets in HttpURLConnection. This is the first step towards adding an HTTP response cache. There's still much to do; details are listed on the bug. Change-Id: Ie693fe424d1d90e90576fc959595e4d96a31f767 http://b/3180373
ibcore/net/http/HttpResponseCache.java
ests/http/DefaultResponseCache.java
ests/http/MockResponse.java
ests/http/MockWebServer.java
|
46c6fad9fad8f3dbbc82516232a225f37d332ca7 |
15-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
post bouncycastle 1.46 upgrade test cleanup Change-Id: I6e9be66b3f4fd4c09b31e2508236af62fa5214e3
rg/apache/harmony/testframework/serialization/SerializationTest.java
ests/security/AlgorithmParametersTest.java
|
839b99a3725f9af66ca9ea1bac2a3f3c784717c4 |
13-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Updating StandardNames for bouncycastle 1.46 upgrade Change-Id: I26a9ff274fd86c4645e44123f6761621045228b5
ibcore/java/security/StandardNames.java
|
3258b52429c7768ea91bda93c5a15257cdd390e5 |
18-Mar-2011 |
Brian Carlstrom <bdc@google.com> |
libcore key chain support Allow access to default IndexedPKIXParameters, similar to access to default TrustManager. Needed to allow framework to add/remove trusted CAs at runtime. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParametersImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Add test support for looking up a cert by an issuer for use in key chain tests. support/src/test/java/libcore/java/security/TestKeyStore.java Add test support SSLSocketFactory that sets desired client auth on each created socket. For use with MockWebServer for key chain testing. support/src/test/java/libcore/javax/net/ssl/TestSSLContext.java Change-Id: Iecdbd40c67f1673bda25a52b4e229156c805d564
ibcore/java/security/TestKeyStore.java
ibcore/javax/net/ssl/TestSSLContext.java
|
9fa7c4cd4a619236db70aefab8da3abafb065bca |
31-Mar-2011 |
Jesse Wilson <jessewilson@google.com> |
am 866b399e: am 9d28a32d: am bc4c79c6: Don\'t read from the delegate stream after we close it. * commit '866b399e1d5cab4cc8d196f8008ba8ad8376765d': Don't read from the delegate stream after we close it.
|
bc4c79c6a2059003f695f7ad204de36700e8d701 |
31-Mar-2011 |
Jesse Wilson <jessewilson@google.com> |
Don't read from the delegate stream after we close it. Change-Id: Ib724b170f7ec10ea0025c0e2e7978119fd070eb6 http://b/4188137
ests/http/MockWebServer.java
|
f049593e9a5160492a0dafb19e5595dac138505e |
31-Mar-2011 |
Elliott Hughes <enh@google.com> |
Remove a broken API that encouraged people to make the wrong fix to tests. Not having Arabic locale data is not a reason to skip German tests. Change-Id: I5062d2a0343e8e040f5766532433ade37569b0c5
ests/support/Support_DecimalFormat.java
ests/support/Support_Locale.java
|
0c2fd828abec671333b8b88281825fd27a783723 |
30-Mar-2011 |
Jesse Wilson <jessewilson@google.com> |
Fix MockWebServer to use the same hostname as TestKeyStore. Change-Id: I31c9f6e9add87a17737eac4f09949540e5da8cb5
ests/http/MockWebServer.java
|
8ee594cf5c35b5039aaca67e1f4b84c533046305 |
23-Mar-2011 |
Tsu Chiang Chuang <tsu@google.com> |
Fix cts-tf tests by using InetAddress.getLoopbackAddress(). Change-Id: Iced1b64b74e664cbf75006adc2be9cfe1c9ba0e9
ibcore/java/security/TestKeyStore.java
|
61e89ca39547bdb94e271fb38d0da7b36359be16 |
12-Mar-2011 |
Elliott Hughes <enh@google.com> |
Remove dead classes. Change-Id: I467d91e65492cdba08d11ae5420a8b849a682a7a
ests/support/Support_IOTestSecurityManager.java
ests/support/Support_NetworkInterface.java
ests/support/Support_SimpleDateFormat.java
ests/support/Support_TimeZone.java
|
27a5b793cc7ae8a72ba2f767214a828becdc64cd |
10-Mar-2011 |
Elliott Hughes <enh@google.com> |
Rewrite BitSet and add the new valueOf and toLongArray methods. All four overloads of valueOf (byte[], long[], ByteBuffer, LongBuffer) are included. There's still toByteArray and previousClearBit/previousSetBit to add in a later change. This includes all the rewriting of BitSet I planned on, though it may be possible to simplify it still further (in particular, I left get(int, int) pretty much as it was). This implementation is faster than the old one, as well as clearer, and it also has a more sane performance profile; operations that ought to be cheap -- such as isEmpty -- are now cheap, and you now always amortize the cost of any work you cause to be done, where before you might have to do it repeatedly until a structural change. The new code also makes better use of Long's functionality. Bug: 3484927 Change-Id: I180e6ae836437e78a8b6ca0a7a5d522e58f3d911
ests/support/Support_BitSet.java
|
229e34b182b98e1dba15d3dc6341954986ae2b7a |
03-Mar-2011 |
Brian Carlstrom <bdc@google.com> |
Removing use of @tests and @Test.* annotations Change-Id: I89243efdeebe22543c45a2166b634f40c3e78cf8
ests/security/AlgorithmParameterGeneratorTest.java
ests/security/AlgorithmParametersTest.java
ests/security/KeyFactoryTest.java
ests/security/KeyPairGeneratorTest.java
ests/support/Support_CollectionTest.java
ests/support/Support_ListTest.java
ests/support/Support_SetTest.java
ests/support/Support_UnmodifiableCollectionTest.java
ests/support/Support_UnmodifiableMapTest.java
|
8bc378b1cec65bc06766a14a9cc575fec931b418 |
24-Feb-2011 |
Jesse Wilson <jessewilson@google.com> |
Don't generate large DH keys when small ones will do. This dramatically improves the runtime of these tests from a few minutes to a few seconds. Also update known failures to cover the new reasons why these tests are failing. Change-Id: I82b738f3f1fb24a08d334fa960153692a0c9144f http://b/3474446
ibcore/java/security/StandardNames.java
|
3a3511edad46420b4287017ac66fe4783cb804db |
11-Feb-2011 |
Jesse Wilson <jessewilson@google.com> |
Move tests from java.injected into libcore. Change-Id: Ia3fee27c8f8ca38120eea3fc2582d3e1b2504cea
ibcore/javax/net/ssl/FakeSSLSession.java
|
26ce8fbd8fe488cc969b08f64c56525662763dc4 |
08-Feb-2011 |
Jesse Wilson <jessewilson@google.com> |
resolved conflicts for merge of 6186821c to dalvik-dev Change-Id: Ic6f0172767d6feedb188d3a5e7488a67702ef8c4
|
6186821cb13f4ac7ff50950c813394367e021eae |
08-Feb-2011 |
Jesse Wilson <jessewilson@google.com> |
Move libcore.base classes to libcore.util and libcore.io. Change-Id: I2340a9dbad3561fa681a8ab47d4f406e72c913e3
rg/apache/harmony/testframework/serialization/SerializationTest.java
ests/support/resource/Support_Resources.java
|
efb32502d686b06ddf60828d9abe3d4e0577e5dc |
02-Feb-2011 |
Brian Carlstrom <bdc@google.com> |
am 4155a249: Performance improvements to NativeCrypto based MessageDigest API * commit '4155a2498a57fb09e92815f8993a70c216ddc5ec': Performance improvements to NativeCrypto based MessageDigest API
|
6ed93fa8be996378e766d3fd2586b51c6fe656b1 |
02-Feb-2011 |
Jesse Wilson <jessewilson@google.com> |
Don't parse or format IP addresses in cert code. We used to include a full IP address parser and formatter. The formatter handled one interesting case: a 2x length byte[] containing both an IP route and mask. Although our code supported parsing and formatting these, they do not occur in practice. The Java APIs don't support NameConstraints, which is the only part of the spec that uses them. Change-Id: I7a4b22b40a37d6f26ec09fc5188ec1ba43e4d249 http://b/3385492
ibcore/java/security/TestKeyStore.java
|
4155a2498a57fb09e92815f8993a70c216ddc5ec |
02-Feb-2011 |
Brian Carlstrom <bdc@google.com> |
Performance improvements to NativeCrypto based MessageDigest API NativeCrypto API improvements: - Move to using EVP_MD related native methods, some of which are derived from the EVP_MD_CTX versions with similar name. The new EVP_get_digestbyname allows one time lookup of the EVP_MD from the string name, avoiding doing it on every call to EVP_DigestInit. - EVP_MD_CTX_create is now removed, it is just done as part of EVP_DigestInit and EVP_VerifyInit to an extra JNI call. - EVP_DigestFinal now destroys the EVP_MD_CTX to avoid needing to make another call JNI call to EVP_MD_CTX_destroy. EVP_MD_CTX_destroy is kept for cases when EVP_DigestFinal is never called. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java In addition to the improved NativeCrypto API to allow better performance for callers, the implementations use of throwExceptionIfNecessary was made conditional based on the status code from various operations, which had a noticeable impact on performance compared to android.security.MessageDigest luni/src/main/native/NativeCrypto.cpp Updated MessageDigest.getInstance default implementation to use new NativeCrypto API. An EVP_MD instance is looked up at class load time for a specific digest type and then used to call NativeCrypto.EVP_DigestInit as needed, avoiding a lookup of EVP_MD for each new digest. The EVP_MD is also for a one-time lookup the digest output size in bytes, to avoid native calls for engineGetDigestLength. Finally, the creation of the EVP_MD_CTX is now lazy, only created when needed, avoiding unnecessarily create/free in reset cases such as engineDigest. See also external/bouncycastle's OpenSSLDigest implementation which had similar optimizations. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigestJDK.java OpenSSLSignature also used EVP_MD_CTX_create, and its EVP_VerifyInit was changed similar to EVP_DigestInit to internally allocate the EVP_MD_CTX on the call to init. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java Fix test to work with arbitrary provider order luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigest2Test.java Fix CloseGuard warnings luni/src/test/java/tests/security/MessageDigestTest.java Bug: 3392028 Change-Id: Idb266ebc0918ffd5550e0f457784256400cd2ff0
ests/security/MessageDigestTest.java
|
101547d4a82ba21031dc7cb62018720dbd493758 |
01-Feb-2011 |
Jesse Wilson <jessewilson@google.com> |
Refactoring to add a builder for TestKeyStore. Change-Id: I346aea42a27042512f4ed97690f1e0ca1755257c
ibcore/java/security/TestKeyStore.java
|
0ac85ead96f1ba7d35f3acadd154de4ef0a8fd87 |
25-Jan-2011 |
Brian Carlstrom <bdc@google.com> |
Tracking jarjar of org.bouncycastle to com.android.org.bouncycastle Bug: 3086427 Change-Id: I026f80bfa5e963a8e988ecd6f91c9732a4afc70c
ibcore/java/security/TestKeyStore.java
|
0d5c7588179fb373da70ce04362be5ce74a98eb4 |
24-Jan-2011 |
Brian Carlstrom <bdc@google.com> |
Cipher.init incorrectly implements RFC 3280 key usage validation Issue: http://code.google.com/p/android/issues/detail?id=12955 Bug: 3381582 Change-Id: Ida63c1356634c8e287ce5b0234418a656dffedf0
ibcore/java/security/TestKeyStore.java
|
65275e82cd8c877145376dd429a5e31f598e81a2 |
14-Jan-2011 |
Jesse Wilson <jessewilson@google.com> |
Merge "Fix HTTP cookie to do case mapping with Locale.US." into honeycomb
|
f162edaa335461474b020027bb2e85eb3be2c179 |
14-Jan-2011 |
Jesse Wilson <jessewilson@google.com> |
Fix HTTP cookie to do case mapping with Locale.US. While I'm here fix a MockWebServer bug I recently introduced that broke cookie tests that needed to know port numbers before responses were enqueued. Change-Id: Idb2389ac5ed66656248c10aeb68209641acc0a68 http://b/3325637
ests/http/MockWebServer.java
|
8a9624fcddded08aa352e56369c190d35f234e0a |
13-Jan-2011 |
Dan Bornstein <danfuzz@android.com> |
Remove pointless tests. DO NOT MERGE. Change-Id: Ia1bac1abaa44c6341b00005a3142e87073b16bd6
rg/apache/harmony/security/tests/support/acl/AclEntryImpl.java
rg/apache/harmony/security/tests/support/acl/AclEnumerator.java
rg/apache/harmony/security/tests/support/acl/AclImpl.java
rg/apache/harmony/security/tests/support/acl/GroupImpl.java
rg/apache/harmony/security/tests/support/acl/OwnerImpl.java
rg/apache/harmony/security/tests/support/acl/PermissionImpl.java
rg/apache/harmony/security/tests/support/acl/PrincipalImpl.java
|
b7f4d6c3968c372767b2510f38a3d506067aced6 |
13-Jan-2011 |
Jesse Wilson <jessewilson@google.com> |
Move tests from android.core.URLTest to URLConnectionTest. This includes some changes to MockWebServer to make it stop accepting connections as soon as its response queue is empty. Change-Id: I5a6bcdf1c03d0c36b11552ae086d0dece0440f64 http://b/1158780
ests/http/MockWebServer.java
|
a9c6c9013b08934867f71b69a90efce0c1b66918 |
11-Jan-2011 |
Elliott Hughes <enh@google.com> |
Documentation improvements for socket options. Bug: http://code.google.com/p/android/issues/detail?id=13898 Change-Id: I202a5404e7e828f074483a3f6365b4e3a941da7d
ests/support/Support_NetworkInterface.java
|
e942f46f10bb9384a1b186b3d7b74f9704c57090 |
17-Dec-2010 |
Jesse Wilson <jessewilson@google.com> |
Test that HttpURLConnection responds gracefully when the server closes a socket. Change-Id: I5110d58d91e7c6f8f7553ad400f0bd841bcf07b6 http://b/2612240
ests/http/MockResponse.java
ests/http/MockWebServer.java
ests/http/SocketPolicy.java
|
54c8a07db3c2d1670c2867ba864d351cb30fecfa |
17-Dec-2010 |
Brian Carlstrom <bdc@google.com> |
resolved conflicts for merge of 5fc737eb to master Change-Id: Ifc2a4fd44cef525709a3b9dc0a502b1a0690c6fd
|
2915378e253f08e47fe5a9bfd026cd1ca7c6c351 |
16-Dec-2010 |
Brian Carlstrom <bdc@google.com> |
HttpsURLConnection retry should not invoke X509TrustManager and HostnameVerifier more than once Summary: In 2.3, HttpsURLConnection was change to retry TLS connections as SSL connections w/o compression to deal with servers that are TLS intolerant. However, if the handshake proceeded to the point of invoking the X509TrustManager, we should not retry. Similarly, if we should not invoke the HostnameVerifier repeatedly, and need to wait until the SSL handshake has completed. Tested with (includes two new tests for this issue): libcore/luni/src/test/java/libcore/javax/net/ssl/ libcore/luni/src/test/java/libcore/java/net/URLConnectionTest.java libcore/luni/src/test/java/org/apache/harmony/luni/tests/internal/net/www/protocol/https/HttpsURLConnectionTest.java Details: HttpConnection.setupSecureSocket has been broken into two pieces. setupSecureSocket now just does the SSL handshaking. verifySecureSocketHostname now does the verification. The old HttpConnection code was careful never to assign its sslSocket field until verification was complete. A new unverifiedSocket field is added to store the sslSocket before verification is completed by verifySecureSocketHostname. luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpConnection.java HttpsEngine.makeConnection now skips TLS intolerant retry if the reason for the makeSslConnection failure was a CertificateException, since that implies that we failed during certification validation after initial handshaking. We also prevent retrying hostname verification by moving it out of makeSslConnection and only doing it on new SSL connections, tracking the changes to HttpConnection.setupSecureSocket mentioned above. We also now skip the redundant call to setUpTransportIO in makeSslConnection on reused SSLSockets. luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/https/HttpsURLConnectionImpl.java Instead of throwing away the underlying CertificateExceptions, set them as the cause of the SSLExceptions. This is what the RI does in the case of X509TrustManager failures and is now used by HttpsEngine.makeConnection. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java Added new testConnectViaHttpsToUntrustedServer which makes sure that connections are not retried on certificate verification failure. luni/src/test/java/libcore/java/net/URLConnectionTest.java Added new test_SSLSocket_untrustedServer that verifies that an SSLHandshakeException is thown containing a CertificateException is thrown on certificate verification problems. luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java Added second test CA and a new TestKeyStore.getClientCA2 test key store that does not trust the primary test key stores. This is useful for negative testing and is used in the above two new tests. support/src/test/java/libcore/java/security/TestKeyStore.java Issue: http://code.google.com/p/android/issues/detail?id=13178 Bug: 3292412 Change-Id: I37136bb65f04d2bceaf2f32f542d6432c8b76ad4
ibcore/java/security/TestKeyStore.java
|
ffeba5dd766602f6e2be9caa9081744348a53c04 |
01-Dec-2010 |
Brian Carlstrom <bdc@google.com> |
Add support for TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher suite "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" is RFC 5746's renegotiation indication signaling cipher suite value. It is not a real cipher suite. It is just an indication in the default and supported cipher suite lists indicates that the implementation supports secure renegotiation. In the RI, its presence means that the SCSV is sent in the cipher suite list to indicate secure renegotiation support and its absence means to send an empty TLS renegotiation info extension instead. However, OpenSSL doesn't provide an API to give this level of control, instead always sending the SCSV and always including the empty renegotiation info if TLS is used (as opposed to SSL). So we simply allow TLS_EMPTY_RENEGOTIATION_INFO_SCSV to be passed for compatibility as to provide the hint that we support secure renegotiation. Change-Id: I0850bea47568edcfb1f7df99d4e8a747f938406d
ibcore/java/security/StandardNames.java
|
4ae3fd787741bfe1b808f447dcb0785250024119 |
19-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
Elliptic Crypto support for OpenSSLSocketImpl Summary: - Enable Elliptic Crypto support for OpenSSL based SSLSocket instances - More RI compliant usage of key types, client auth types, and server auth types - Steps toward TLS_EMPTY_RENEGOTIATION_INFO_SCSV support, currently test updates Details: Elliptic Curve changes CipherSuite updates for EC - Adding KEY_EXCHANGE_EC* and corresponding CipherSuites Updated isAnonymous, getKeyType (now renamed getServerKeyType) to handle new EC cases. Added new getAuthType for use by checkServerTrusted callers. - Restructured code to handle two SUITES_BY_CODE_* arrays - Remove KEY_EXCHANGE_DH_* definitions which unused because the corresponding CipherSuites were previously disabled. - Changed AES CipherSuites definitions to use "_CBC" to match other definitions. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java openssl EC - NativeCrypto now registers TLS_EC_* cipher suites and has update default list - Improved auth type arguments to checkClientTrusted/checkServerTrusted - NativeCrypto support for emphemeral EC keys luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java luni/src/main/native/NativeCrypto.cpp non-openssl SSL/TLS cleanups - cleanup around code trying to cope with DiffieHellman vs DH since either should work. - changed client to use new CipherSuite.getAuthType shared with NativeCrypto implementation - changed server to use CipherSuite.getKeyType luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/HandshakeProtocol.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/KeyManagerImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java Consolidate CertificateRequestType code into CipherSuite so that its shared between java and openssl implementations. This includes the KEY_TYPE_ string constants, TLS_CT_* byte constants and the 'String keyType(byte)' (now renamed getClientKeyType) code that depends on them. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CertificateRequest.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java Tests Differentiate between supported list of cipher suites openssl-based SSLSocket and SSLEngine based, since the SSLEngine code does not support EC. luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java Added testing for expected default cipher suites. Before we just ensured the values were valid. luni/src/test/java/libcore/javax/net/ssl/SSLSocketFactoryTest.java support/src/test/java/libcore/java/security/StandardNames.java Updated to handle new EC cipher suites codes. Added test for new getClientKeyType. luni/src/test/java/org/apache/harmony/xnet/provider/jsse/CipherSuiteTest.java Better use of "standard names" particularly to correctly deal with the subtle differences between key types, client auth types, and server auth types. TestKeyManager and TestTrustManager now verify the values they are passed are acceptable. support/src/test/java/libcore/java/security/StandardNames.java support/src/test/java/libcore/javax/net/ssl/TestKeyManager.java support/src/test/java/libcore/javax/net/ssl/TestTrustManager.java Changed to timeout after 30 seconds and to log to reveal both client and server issues. support/src/test/java/libcore/javax/net/ssl/TestSSLSocketPair.java Bug: 3058375 Change-Id: I14d1d0285d591c99cc211324f3595a5be682cab1
ibcore/java/security/StandardNames.java
ibcore/javax/net/ssl/TestKeyManager.java
ibcore/javax/net/ssl/TestSSLSocketPair.java
ibcore/javax/net/ssl/TestTrustManager.java
|
086fd0244a54fa5ecf13ea66d49b22b36d7d456e |
30-Nov-2010 |
Jesse Wilson <jessewilson@google.com> |
Fix XML DOM test failures and close guard warnings. Fix KxmlParser to capture the DTD's root element name, system ID and public ID. This is more robust than capturing the same in the pull-to-DOM adapter. Fix close guard warnings in XML tests. Close input streams of resource files. Don't catch exceptions only to call fail(). http://b/3090550 Change-Id: I7cfafde58cc28af79c48386a4d124803c8791328
ests/support/resource/Support_Resources.java
|
1a3dfbe49a3dcd7c855972dadccb9226468359d5 |
29-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
am 6c78b7b9: Toward EC TLS support * commit '6c78b7b94c232063ec559436b48b33751373ecf1': Toward EC TLS support
|
6c78b7b94c232063ec559436b48b33751373ecf1 |
19-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
Toward EC TLS support Summary: - javax.net.ssl tests are now working on the RI - KeyManager can now handle EC_EC and EC_RSA - OpenSSLSocketImpl.startHandshake now works if KeyManager contains EC certificates Details: Add CipherSuite.getKeyType to provide X509KeyManager key type strings, refactored from OpenSSLServerSocketImpl.checkEnabledCipherSuites. getKeyType is now also used in OpenSSLSocketImpl.startHandshake to avoid calling setCertificate for unnecessary key types. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java New CipherSuiteTest to cover new getKeyType as well as existing functionality luni/src/test/java/org/apache/harmony/xnet/provider/jsse/CipherSuiteTest.java Add support to KeyManager implementation for key types of the form EC_EC and EC_RSA. The first part implies the KeyPair algorithm (EC in these new key types) with a potentially different signature algorithm (EC vs RSA in these) luni/src/main/java/org/apache/harmony/xnet/provider/jsse/KeyManagerImpl.java Update NativeCrypto.keyType to support EC_EC and EC_RSA in addition to EC which was added earlier. Change from array of KEY_TYPES to named KEY_TYPE_* constants. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java Overhauled KeyManagerFactoryTest to cover EC, EC_EC, EC_RSA cases luni/src/test/java/libcore/javax/net/ssl/KeyManagerFactoryTest.java support/src/test/java/libcore/java/security/StandardNames.java Changed TestKeyStore.createKeyStore from always using BKS to now use JKS on the RI between BC EC Keys and RI X509 certificates. Because JKS requires a password, we now default "password" on the RI. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/javax/net/ssl/SSLContextTest.java support/src/test/java/libcore/java/security/StandardNames.java TestKeyStore.create now accepts key types like EC_RSA. Changed TestKeyStore.createKeys to allow a PrivateKeyEntry to be specified for signing to enable creation of EC_RSA test certificate. Added getRootCertificate/rootCertificate to allow lookup of PrivateKeyEntry for signing. Changed TestKeyStore.getPrivateKey to take explicit signature algorithm to retrieve EC_EC vs EC_RSA entries. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/java/security/KeyStoreTest.java luni/src/test/java/libcore/javax/net/ssl/KeyManagerFactoryTest.java luni/src/test/java/libcore/java/security/cert/PKIXParametersTest.java luni/src/test/java/libcore/javax/net/ssl/TrustManagerFactoryTest.java luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java support/src/test/java/libcore/java/security/StandardNames.java Added support for EC cipher suites on the RI. Also test with and without new TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher suite which is used to specify the new TLS secure renegotiation. luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java support/src/test/java/libcore/java/security/StandardNames.java New TestKeyManager and additional logging in TestTrustManager. Logging in both is disabled by default using DevNullPrintStream. support/src/test/java/libcore/javax/net/ssl/TestKeyManager.java support/src/test/java/libcore/javax/net/ssl/TestTrustManager.java support/src/test/java/libcore/java/io/DevNullPrintStream.java Bug: 3058375 Change-Id: Ia5e2a00a025858e10d1076b900886994b481e05a
ibcore/java/io/NullPrintStream.java
ibcore/java/security/StandardNames.java
ibcore/java/security/TestKeyStore.java
ibcore/javax/net/ssl/TestKeyManager.java
ibcore/javax/net/ssl/TestTrustManager.java
|
9d615f25f7576314ec6473b143b13d00ce52e805 |
18-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
am 57f2cc03: Test updates for Elliptic Curve * commit '57f2cc03ff2cf5d2f6413c5410680b4908d7301d': Test updates for Elliptic Curve
|
57f2cc03ff2cf5d2f6413c5410680b4908d7301d |
05-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
Test updates for Elliptic Curve Updated with Elliptic Curve (EC) (and SunPKCS11-NSS) names for use by ProviderTest support/src/test/java/libcore/java/security/StandardNames.java Enhance test_KeyStore_cacerts_bks to verify PublicKey can be retreived. Before this the test would pass even though an ECPublicKey could not be accessed. With EC support in external/bouncycastle, this test now passes. luni/src/test/java/libcore/java/security/KeyStoreTest.java New SignatureTest to cover ECDSA, replaces the old one that required a subclass per tested algorithm. luni/src/test/java/libcore/java/security/SignatureTest.java support/src/test/java/tests/security/SignatureTest.java luni/src/test/java/tests/targets/security/SignatureTestMD5withRSA.java luni/src/test/java/tests/targets/security/SignatureTestNONEwithDSA.java luni/src/test/java/tests/targets/security/SignatureTestSHA1withDSA.java luni/src/test/java/tests/targets/security/SignatureTestSHA1withRSA.java luni/src/test/java/tests/targets/security/SignatureTestSHA256withRSA.java luni/src/test/java/tests/targets/security/SignatureTestSHA384withRSA.java luni/src/test/java/tests/targets/security/SignatureTestSHA512withRSA.java luni/src/test/java/tests/targets/security/AllTests.java Improve ProviderTest logging while debugging SunPKCS11-NSS provider issues. Added some exceptions for RI missing classes. luni/src/test/java/libcore/java/security/ProviderTest.java Changed style slightly to match KeyPairGeneratorTest, where +N is used to indicated when multiples of a increments of a certain amount are required for valid key sizes. luni/src/test/java/libcore/javax/crypto/KeyGeneratorTest.java Fix test CloseGuard issues luni/src/test/java/libcore/java/security/KeyStoreTest.java Fix readability luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java Bug: 3058375 Change-Id: I99cd93ad66372e8512d993168550cc1d471d3248
ibcore/java/security/StandardNames.java
ests/security/SignatureTest.java
|
5fc5dde4c719c1dfdac46b67d5d2e4884d07721e |
16-Nov-2010 |
Elliott Hughes <enh@google.com> |
Improve ConcurrentCloseTest. No more flaky use of 10.* addresses. Bug: 3044772 Change-Id: I5ca8dc431b50950efdc818efe73eb9aba76ea67f
ests/net/StuckServer.java
|
de8ebcab83d48d4edc28fced9d0a8382f1ef1436 |
16-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
am 8a720cce: TrustManager should include PrivateKeyEntry CAs, OpenSSLSocketImpl close fix, and debugging improvements * commit '8a720cceee7ce319d647738dfeda3f302879f370': TrustManager should include PrivateKeyEntry CAs, OpenSSLSocketImpl close fix, and debugging improvements
|
8a720cceee7ce319d647738dfeda3f302879f370 |
16-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
TrustManager should include PrivateKeyEntry CAs, OpenSSLSocketImpl close fix, and debugging improvements Revert to older behavior of creating TrustAnchors from both PrivateKeyEntry and TrustedCertificateEntry values from the KeyStore. Added tests to better ensure this slighlt different behavior from PKIXParameters. Also create the acceptedIssuers proactively since the real memory cost is the X509Certificates which are already found in the params. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java luni/src/test/java/libcore/javax/net/ssl/TrustManagerFactoryTest.java luni/src/test/java/libcore/java/security/cert/PKIXParametersTest.java Don't just free native state on issue with startHandshake, close the SSLSocket. While the former addressed a CloseGuard issue, the latter make sure that checkOpen throws SocketExceptions and we don't leak a NullPointerException from NativeCrypto. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java Debugging improvements including minor refinements to recently added NativeCrypto logging, more verbose TestKeyStore.dump output, and a new TestTrustManager proxy class for logging X509TrustManager behavior. luni/src/main/native/NativeCrypto.cpp support/src/test/java/libcore/java/security/TestKeyStore.java support/src/test/java/libcore/javax/net/ssl/TestTrustManager.java Change-Id: I317e1ca34d8e20c77e5cb9c5a5a58cb4ae98d829
ibcore/java/security/TestKeyStore.java
ibcore/javax/net/ssl/TestTrustManager.java
|
0c7d369eb9cae44596f73cf2f044d59397abab8d |
04-Nov-2010 |
Elliott Hughes <enh@google.com> |
GZIPInputStream/GZIPOutputStream test improvements. 1. Ensure that there's a direct mapping from the class to its test, so we're more likely to run the right tests. I've broken GzipTest into two for this. 2. Include actual data rather than always round-tripping, to avoid potential symmetric errors. (This wasn't important in this case.) 3. Remove a dead file that belonged to a test that's already been removed. Bug: 3164285 Change-Id: I312237454eead26d0dbbdb8f6339aa29ed8eea4e
ests/resources/GZIPInputStream/hyts_gInput.txt.gz
|
b4bb9aba620d8a363fb3617b25839093caf39cf4 |
03-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
resolved conflicts for merge of a5c608e5 to dalvik-dev Change-Id: I0319c132ec8f42782475906da267439938308e77
|
a5c608e59f9d574ea4bc65e9dff44aae2f34fd26 |
01-Nov-2010 |
Brian Carlstrom <bdc@google.com> |
TrustManager improvements Overhaul of TrustManagerImpl - PKIXParameters can now be final in TrustManagerImpl because we always immediately create an IndexedPKIXParameters instead of only doing it in SSLParametersImpl.createDefaultTrustManager. - Use new KeyStore constructor for IndexedPKIXParameters to remove duplicate logic for creating set of TrustAnchors from a KeyStore. - Improved checkTrusted/cleanupCertChain to remove special cases for directly trusting the end cert or pruning only self signed certs. To support b/2530852, we need to stop prune the chain as soon as we find any trust anchor (using newly improved TrustManagerImpl.isTrustAnchor), which could be at the beginning, middle, or end. That means cleanupCertChain can return an empty chain if everything was trusted directly. (and we don't need to do extra checks on exception cases to see if the problem was just that the trust anchor was in the chain) - isDirectlyTrusted -> isTrustAnchor here as well, using new IndexedPKIXParameters.isTrustAnchor APIs - Fix incorrect assumption in getAcceptedIssuers that all TrustAnchor instances have non-null results for getTrustedCert. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Removed indexing in createDefaultTrustManager since we always index now luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParametersImpl.java Overhaul of IndexedPKIXParameters - Single map from subject X500Principal to TrustAnchors instead of two different X500Principal keyed maps to check - Removed map based on encoded cert. For b/2530852, we want to treat certs as equal if they have the same name and public key, not byte-for-byte equality, which can be done with the remaining map. Revamped isDirectlyTrusted into isTrustAnchor(cert) to perform this new name/key based comparison. - Added helper isTrustAnchor(cert, anchors) to reuse code in non-IndexedPKIXParameters case in TrustManagerImpl. - Added constructor from KeyStore - Moved anchor indexing code to index() from old constructor luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java TestKeyStore.getPrivateKey allowed some existing test simplification. luni/src/test/java/libcore/java/security/KeyStoreTest.java luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java support/src/test/java/libcore/java/security/TestKeyStore.java Added missing "fail()" before catching expected exceptions. luni/src/test/java/libcore/java/security/KeyStoreTest.java Expanded KeyManagerFactoryTest to excercise ManagerFactoryParameters b/1628001 luni/src/test/java/libcore/javax/net/ssl/KeyManagerFactoryTest.java Added KeyStoreBuilderParametersTest because I thought I saw a bug in KeyStoreBuilderParameters, but this convinced me otherwise. luni/src/test/java/libcore/javax/net/ssl/KeyStoreBuilderParametersTest.java New TrustManagerFactory test modeled on expanded KeyManagerFactoryTest. test_TrustManagerFactory_intermediate specifically is targeting the new functionality of b/2530852 to handling trust anchors within the chain. luni/src/test/java/libcore/javax/net/ssl/TrustManagerFactoryTest.java support/src/test/java/libcore/java/security/StandardNames.java Some initial on tests for Elliptic Curve (b/3058375) after the RI started reporting it was supported. Removed old @KnownFailure tags. Skipped a test on the RI that it can't handle. Improved some assert messages. luni/src/test/java/libcore/javax/net/ssl/SSLEngineTest.java luni/src/test/java/libcore/javax/net/ssl/SSLSocketTest.java support/src/test/java/libcore/java/security/StandardNames.java support/src/test/java/libcore/java/security/TestKeyStore.java Removed unneeded bytes->javax->bytes->java case of which can just go bytes->java directly. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java Removed super() luni/src/main/java/javax/net/ssl/KeyStoreBuilderParameters.java Made Security.secprops final luni/src/main/java/java/security/Security.java Pulled SamplingProfiler fix from dalvik-dev branch git cherry-pick --no-commit f9dc3450e8f23cab91efc9df99bb860221ac3d6c dalvik/src/main/java/dalvik/system/SamplingProfiler.java Bug: 2530852 Change-Id: I95e0c7ee6a2f66b6986b3a9da9583d1ae52f94dd
ibcore/java/security/StandardNames.java
ibcore/java/security/TestKeyStore.java
|
f8eacd8619e6e567869eb82fe14e550554af19b5 |
30-Oct-2010 |
Dan Bornstein <danfuzz@android.com> |
am 9103cc15: am 47d94511: am 95d52b3b: Remove a pointless test, which just tested a test support class. * commit '9103cc15655ac1b6ec1a9f3af12f57df47ca0073': Remove a pointless test, which just tested a test support class.
|
9103cc15655ac1b6ec1a9f3af12f57df47ca0073 |
30-Oct-2010 |
Dan Bornstein <danfuzz@android.com> |
am 47d94511: am 95d52b3b: Remove a pointless test, which just tested a test support class. * commit '47d9451154a9eed03ae5d51b384547a292cc6759': Remove a pointless test, which just tested a test support class.
|
95d52b3b1446af2fefd46f57efc1afb6c679e8cc |
30-Oct-2010 |
Dan Bornstein <danfuzz@android.com> |
Remove a pointless test, which just tested a test support class. Change-Id: Ifef2b25500474f7e3b18ff97e7831717f2c9b391
rg/apache/harmony/security/tests/support/cert/PolicyNodeImpl.java
|
8ac847a52e72f0cefbb20a6850ae04468d433a9e |
28-Oct-2010 |
Jesse Wilson <jessewilson@google.com> |
Fix broken interactions between HTTP response caches and redirects. This fixes several specific problems: - HTTP header map didn't contain the status line (under the null key) - response code, message and version weren't set by caches - caches didn't work with redirects This change also makes some significant cleanup to the Headers class. We might be able to simplify this further by dropping the map, should that prove efficient enough. Change-Id: Ib79ec17bef5978b3234f68102114eee7d4b7cda2 http://b/3139211 http://b/3139211
ests/http/MockWebServer.java
|
2dcd7e784e98faf21190a6431aa1dbff7212eb80 |
27-Oct-2010 |
Jesse Wilson <jessewilson@google.com> |
Merge "Fix ResponseCache to support caching of HTTPS responses." into dalvik-dev
|
37dcf5581f177229ca6c8e7d0d640361640bfb00 |
27-Oct-2010 |
Jesse Wilson <jessewilson@google.com> |
Fix ResponseCache to support caching of HTTPS responses. Previously it would fail with an internal error because of inconsistencies because HttpURLConnectionImpl claimed to be 'connected' when it had a cache hit, and HttpsURLConnection acted upon this by talking to its sockets. Change-Id: I51f4215ceb9c5fd851223a501488306fa6d382b1 http://b/3043966
ests/http/DefaultResponseCache.java
|
2ae03aff183962fd52a0465f60db86fa16e49c4d |
27-Oct-2010 |
Jesse Wilson <jessewilson@google.com> |
Fixing concurrency bug in CloseGuardTester. Hudson was complaining with this exception: java.util.ConcurrentModificationException at java.util.ArrayList$ArrayListIterator.next(ArrayList.java:576) at libcore.dalvik.system.CloseGuardTester.assertEverythingWasClosed(CloseGuardTester.java:59) at libcore.java.lang.ProcessBuilderTest.testDestroyDoesNotLeak(ProcessBuilderTest.java:91) Change-Id: Ie6be12186c94e14ba4d5df8a392144269abb598b
ibcore/dalvik/system/CloseGuardTester.java
|
2353846b64570fa5932028143a0af507d41a85c5 |
25-Oct-2010 |
Jesse Wilson <jessewilson@google.com> |
Close process-spawned streams when the process is destroyed. This is consistent with the RI's behavior. I can't come up with a reasonable approach to closing these streams if they are never requested; that's presumably a finalizer problem anyway because only the finalizer knows that the streams won't be needed. This change also adds test infrastructure around CloseGuard. My approach hooks into the logger rather than reflection because I can't be sure where the CloseGuard instance would be in the object hierarchy. This approach also degrades reasonably when run on the reference implementation (where it passes). Change-Id: I08e882494d69d4245e40fb1035edbc6d3df23fbc http://b/3111120
ibcore/dalvik/system/CloseGuardTester.java
|
a467278a3f06f88f28a5075d6a2027c12ca4fdf9 |
06-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
am 8a81dbf2: am 1d2861f4: am 7d38fa0f: Merge "Test updates for new SecretKeyFactory.PBKDF2WithHmacSHA1 support" into gingerbread Merge commit '8a81dbf2f44e9b6af155dc918945174f07dad7b9' into dalvik-dev * commit '8a81dbf2f44e9b6af155dc918945174f07dad7b9': Test updates for new SecretKeyFactory.PBKDF2WithHmacSHA1 support
|
8a81dbf2f44e9b6af155dc918945174f07dad7b9 |
06-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
am 1d2861f4: am 7d38fa0f: Merge "Test updates for new SecretKeyFactory.PBKDF2WithHmacSHA1 support" into gingerbread Merge commit '1d2861f436ccf4017c45ee3be2fce8dcd0d6859b' * commit '1d2861f436ccf4017c45ee3be2fce8dcd0d6859b': Test updates for new SecretKeyFactory.PBKDF2WithHmacSHA1 support
|
f7aab022dcbfcd8f27b409ab92b4bca4a84d0b8a |
30-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
CloseGuard: finalizers for closeable objects should log complaints Introducing CloseGuard which warns when resources are implictly cleaned up by finalizers when an explicit termination method, to use the Effective Java "Issue 7: Avoid finalizers" terminology, should have been used by the caller. libcore classes that can use CloseGuard now do so. Bug: 3041575 Change-Id: I4a4e3554addaf3075c823feb0a0ff0ad1c1f6196
ibcore/javax/net/ssl/TestSSLContext.java
ibcore/javax/net/ssl/TestSSLSessions.java
ibcore/javax/net/ssl/TestSSLSocketPair.java
|
915789995fc136049c13c8b0354e2f7009b653e4 |
04-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
Test updates for new SecretKeyFactory.PBKDF2WithHmacSHA1 support Bug: 3059950 Change-Id: I24546cb9e38b17ea615e36de3606ec6d373df594
ibcore/java/security/StandardNames.java
|
ecfa0645b680e5f68e90eda5db0413ef72306d3b |
04-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
am 65eee03b: am 2d9aee7a: Merge "Update TestUtils certificates to fix CertPathBuilder1Test and CertPathTest" into gingerbread Merge commit '65eee03bc90772ba766348ac4be4927959314c80' * commit '65eee03bc90772ba766348ac4be4927959314c80': Update TestUtils certificates to fix CertPathBuilder1Test and CertPathTest
|
52dea0ad773d902ad8402e1354afe0842dd364b5 |
04-Oct-2010 |
Brian Carlstrom <bdc@google.com> |
Update TestUtils certificates to fix CertPathBuilder1Test and CertPathTest Bug: 2322662 Change-Id: I8ad9a91f4095807bd710045eef3a97a86b560f49
rg/apache/harmony/security/tests/support/cert/TestUtils.java
rg/apache/harmony/testframework/serialization/SerializationTest.java
|
42e02ace8881e1d4e06de76e301dcb5dbf046ab4 |
25-Sep-2010 |
Jesse Wilson <jessewilson@google.com> |
resolved conflicts for merge of 0c4b3205 to master Change-Id: Ie38e3b5aafd43844afec93e2c6387a81b2bc9fb2
|
a884f455e2ad843819c36d2607790450d47475dd |
25-Sep-2010 |
Jesse Wilson <jessewilson@google.com> |
Merge "Rely on the test runner to ensure a pristine VM." into gingerbread
|
6e65088f21ac5bda5d25fade13ee360c5cba3457 |
25-Sep-2010 |
Jesse Wilson <jessewilson@google.com> |
Rely on the test runner to ensure a pristine VM. Change-Id: I6f5bfad6f861eb7b398ed7d86747d66cea4f2343 http://b/issue?id=2660429
ests/util/TestEnvironment.java
|
4904723e812b2341b6dee2e6b58c23c998146b01 |
24-Sep-2010 |
Jesse Wilson <jessewilson@google.com> |
am 82e18c5a: am 53bbb2b2: am 00feece2: Strip usage of the term \'localhost\' from URLConnectionTest. Merge commit '82e18c5adf0c19c8a937cef51621ae655f7824ea' into dalvik-dev * commit '82e18c5adf0c19c8a937cef51621ae655f7824ea': Strip usage of the term 'localhost' from URLConnectionTest.
|
00feece22909b7dc79fc96d666d157390b93858e |
24-Sep-2010 |
Jesse Wilson <jessewilson@google.com> |
Strip usage of the term 'localhost' from URLConnectionTest. Change-Id: I8ea7923c3ea72728c7df64c13bdd6f94b91be121 http://b/3032912
ests/http/MockWebServer.java
|
dc5f509c458cb88eb66a744f040b8ea55cb6b2d5 |
20-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
am 1501cd6b: am 4e44dbbe: am a2e75c78: Update supported cipher suites list Merge commit '1501cd6b2ec1c6cc8957bc8bc4ad912900bd9903' into dalvik-dev * commit '1501cd6b2ec1c6cc8957bc8bc4ad912900bd9903': Update supported cipher suites list
|
a2e75c78d67795d28e86704192222c3fd8829154 |
19-Sep-2010 |
Brian Carlstrom <bdc@google.com> |
Update supported cipher suites list Update list of cipher suites supported by the current RI Change-Id: Ifa2a799bd3ca40b4979fa44f5423d744e90af35c
ibcore/java/security/StandardNames.java
|
cf7970e8a323e5203329b7f87a116cff185fef77 |
15-Sep-2010 |
Jesse Wilson <jessewilson@google.com> |
am 001c38bb: am 82cc2fdb: am 8edffc91: Merge "Fix test code that hardcodes the keystore. Necessary for the host build." into gingerbread Merge commit '001c38bb783045e72695f7d3d111f1afa308bf9f' into dalvik-dev * commit '001c38bb783045e72695f7d3d111f1afa308bf9f': Fix test code that hardcodes the keystore. Necessary for the host build.
|
28192ac5dbb128c63d914fab324d15757fe98fda |
14-Sep-2010 |
Jesse Wilson <jessewilson@google.com> |
Fix test code that hardcodes the keystore. Necessary for the host build. Change-Id: Ie371a4bc9cd8bcb9aed169f08aba18d285e21099
ests/util/TestEnvironment.java
|
1538b872b4b7943e0f8d175eb3856afab8b8d9c3 |
24-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
am e721ac62: am a8d1672a: am 48dfb27f: Restore PBE Ciphers and SecreyKeyFactories if underlying algorithm is supported for better PKCS12 support Merge commit 'e721ac62db13847d3258928368f8d87471798e42' into dalvik-dev * commit 'e721ac62db13847d3258928368f8d87471798e42': Restore PBE Ciphers and SecreyKeyFactories if underlying algorithm is supported for better PKCS12 support
|
48dfb27f884ddc5ada89c5b613d11a986f50513a |
24-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
Restore PBE Ciphers and SecreyKeyFactories if underlying algorithm is supported for better PKCS12 support This restores the Password Based Encryption (PBE) algorithms when we were including the underlying algorithms used (3DES, AES, DES, MD5, RC2, SHA1, SHA256) Specficially we leave out PBE definitions that include algorithms such as MD2, RIPEMD, Tiger that are not in our BouncyCastle jar. Bug: 2942581 Change-Id: Ibef31aad56fc24b4db82a43a69153553660af65d
ibcore/java/security/StandardNames.java
|
264f1385d48c7d81772a7091efcf46939bd1b30b |
23-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
am 1b878d30: am f4d21046: am ccb503dd: Merge "Updating StandardNames for recent ARCFOUR and Blowfish additions" into gingerbread Merge commit '1b878d300094f577ba062e0c3f349f6d34ca3880' into dalvik-dev * commit '1b878d300094f577ba062e0c3f349f6d34ca3880': Updating StandardNames for recent ARCFOUR and Blowfish additions
|
649e3c0004d965fe388ad454eeb20e307a12edd2 |
20-Aug-2010 |
Jesse Wilson <jessewilson@google.com> |
Fix the exception thrown by getDeclaredFields if the class is unavailable. http://b/issue?id=2634005 Change-Id: I1ebad41a29c9527565efea539b8f2b31f117f370
ests/util/ClassLoaderBuilder.java
|
7fd25e8506fbe2962323d757f54628c40c1b2c46 |
19-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
Merge remote branch 'goog/dalvik-dev' into dalvik-dev-to-gingerbread Conflicts: luni/src/main/native/java_lang_StrictMath.cpp Change-Id: I82fcb4033fce8c7bb8d21b09f6abfa2638091af6
|
a0925f86988f588926c163fe1372b8b4f7e1a78d |
19-Aug-2010 |
Brian Carlstrom <bdc@google.com> |
Updating StandardNames for recent ARCFOUR and Blowfish additions Change-Id: I8c22e443b6929c41e984f0cb85480a57894b199d
ava/security/StandardNames.java
|
4557728efb66c455a52b7669a8eefef7a9e54854 |
11-Aug-2010 |
Jesse Wilson <jessewilson@google.com> |
Moving tests to be under the libcore.* package. This is indended to make it easier to run on VMs that restrict the packages from which application classes can be loaded. For example, on the RI you need to use the bootclasspath to load these tests. Change-Id: I52193f35c5fcca18b5a3e1d280505b1e29b388af
ava/security/StandardNames.java
ava/security/TestKeyStore.java
avax/net/ssl/TestSSLContext.java
avax/net/ssl/TestSSLEnginePair.java
avax/net/ssl/TestSSLSessions.java
avax/net/ssl/TestSSLSocketPair.java
ibcore/java/security/StandardNames.java
ibcore/java/security/TestKeyStore.java
ibcore/javax/net/ssl/TestSSLContext.java
ibcore/javax/net/ssl/TestSSLEnginePair.java
ibcore/javax/net/ssl/TestSSLSessions.java
ibcore/javax/net/ssl/TestSSLSocketPair.java
|
4559b1d37edcb5d7f1da086cf2e3290388d74f46 |
23-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Support for TLS Extensions enabled SSLSockets with fallback to vanila SSL See also b/1569612 Summary: - OpenSSlSocket support for SNI, session tickets, compression - URLConnection mimics Chrome behavior of trying connection with these enabled, falling back to SSL w/o encryption on failure Details: libcore URLConnection https retry Change HttpConnection.getSecureSocket to enable non-standard features on first connection attempt. On second attempt, we back off to SSLv3 from TLSv1, mimicking Chrome's behavior. luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpConnection.java Change HttpsEngine.connect to implement SSL reconnect luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/https/HttpsURLConnectionImpl.java OpenSSL SSLSocket implementation OpenSSLSocketImpl and OpenSSLServerSocketImpl now have an array of enabled compression methods interface and implementation to parallel that of procotols and ciphersuites. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java OpenSSLSessionImpl now has a cache of the native compressionMethod. Also replaced "gives" javadoc working with "returns". luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java OpenSSLSocketImpl session caching now needs to skip cached sessions with mismatched compression requirements. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java OpenSSLSocketImpl.startHandshake now uses NativeCrypto to support our non-standard extensions. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java NativeCrypto changes - Added declaration of SSL options for tickets and compression. - Added general "compression methods" interface paralleling "cipher suites" and "protocols" interfaces. - Added SSL_set_tlsext_host_name to set SNI (Server Name Indication) value - Added SSL_get_servername to read SNI (Server Name Indication) value - Added SSL_SESSION_compress_meth read negotiated compression method - SSL_new makes sure to default compression to off for compatibility luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java luni/src/main/native/NativeCrypto.cpp Testing Added URLConnectionTest.testConnectViaHttpsWithSSLFallback to make sure we properly retry an https connection if the server terminates unexpectedly. Fixed up URLConnectionTest.testHttpsWithCustomTrustManager with new expected certificate chain. Fixed a few mistaken TestSSLContext.serverContext uses to clientContext luni/src/test/java/java/net/URLConnectionTest.java Added test_SSL_set_tlsext_host_name, test_SSL_get_servername, test_SSL_SESSION_compress_meth. Added a number of missing fail() calls in expected exception cases which caught one test with mistaken expectations. Removed some unnecessary scopes. Fixed some badly scoped catch blocks. luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Changed MockWebServer to support a new MockResponse propery of disconnectAtStart, which immediately terminates the connection support/src/test/java/tests/http/MockResponse.java support/src/test/java/tests/http/MockWebServer.java external/openssl Restore -ZLIB to OpenSSL build. Note that NativeCrypto.SSL_new disables compression by for default SSLSocket for compatibility. android-config.mk Force clean build with new CFLAGS CleanSpec.mk Change-Id: Iba6268f9096f2be43f0d30de151dd3fd0aea4a81
ests/http/MockResponse.java
ests/http/MockWebServer.java
|
6882e31b7ce2d04ebbc91c7a55d7840e8fdce8a5 |
20-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Bring SSLSocketImpl and SSLEngine in line with OpenSSLSocketImpl's cipher suites Wrote an interoperability test between our OpenSSL and SSLEngine based SSLSocket implementations. Used it to flush out problems between the implementations, which mostly were in the non-native implementation. Filling out the SSLEngine (and therefore non-native SSLSocket) support led to the list of supported and default cipher suites now being the same as out OpenSSL SSLSocket. Most of the work was making the the NULL, RC4, and AES ciphers work with SSLEngine as well as some minor bug fixes in related code. Summary: - changing test_SSLSocket_getSupportedCipherSuites_connect to try all combinations of our two SSLContext/SSLSocket implementations - fixed SSLEngine with *_WITH_NULL_* CipherSuites to use javax.crypto.NullCipher - added *_AES_* cipher suites to SSLEngine (and therefore Java SSLSocketImpl) - remove *_DH_* cipher suites which are not supported by the RI or our OpenSSL implementation - fixed Java SSLSocket to not handshake on accept so will pass the basic SSLSocketTest - added new KeyManagerFactoryTest while testing "DH_" cipher suite key types This change depends on restoring bouncycastle's RC4 implementation (separate CL in external/bouncycastle) Details: Fixed SSLEngine with *_WITH_NULL_* CipherSuites by use javax.crypto.NullCipher expectations/knownfailures.txt luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateSSLv3.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateTLS.java Previously I had changed the string name of CipherSuites from "TLS_..." to "SSL_..." where appropriate to match the RI. Since I was doing maintenance on overall list, I renamed the CODE_TLS_... and TLS_... static fields as well to match. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java Removed IDEA and RC2 CipherSuites to make it clear they are not supported. While technically this happened as a side effect of the assignment "supported = false" if the CipherSuite failed to load, we truly intend not to support these. Also removed SSH_DH_* suites which don't work with DSA keys and aren't supported by the RI or our OpenSSL implementation. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java Old connection state code assumed that if a cipher was blocked, the block size was 8 bytes. This is not true for the 16 byte AES ciphers. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionState.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateSSLv3.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ConnectionStateTLS.java No wonder our OpenSSL implementation incorrect did a startHandshake when accepting the socket... it got it from the Java implementation. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java Test for KeyManagerFactory (and KeyManager). TestKeyStore now creates KeyManagers and TrustManagers from the keystore as a convenience for KeyManagerFactoryTest (instead of having the code in the TestSSLContext where we didn't keep a pointer to the created values). luni/src/test/java/javax/net/ssl/KeyManagerFactoryTest.java support/src/test/java/java/security/StandardNames.java support/src/test/java/java/security/TestKeyStore.java support/src/test/java/javax/net/ssl/TestSSLContext.java Remove CIPHER_SUITES_SSLENGINE now that its the same as CIPHER_SUITES luni/src/test/java/javax/net/ssl/SSLEngineTest.java support/src/test/java/java/security/StandardNames.java test_SSLSocket_getSupportedCipherSuites_connect now does interoperability testing not just between the default SSLContext's SSLSockets but between the four combinations of our two SSLContext. It also now sends some test data bi-directionally between the client and server. luni/src/test/java/javax/net/ssl/SSLSocketTest.java Changed TestSSLContext.create to allow a different Provider for the client and server SSLContexts. luni/src/test/java/javax/net/ssl/SSLEngineTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java support/src/test/java/javax/net/ssl/TestSSLContext.java RC4 is now available in bouncycastle for the non-OpenSSL SSLContext to use for parity with the OpenSSL implementation. support/src/test/java/java/security/StandardNames.java Changed TestSSLSocketPair to use Futures like NativeCryptoTest so its easier to choose between client and server errors while debuging. support/src/test/java/javax/net/ssl/TestSSLSocketPair.java Removed bogus import luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Change-Id: I080c0343a3f86f27b7c191a7b80b585b9ca52d93
ava/security/StandardNames.java
ava/security/TestKeyStore.java
avax/net/ssl/TestSSLContext.java
avax/net/ssl/TestSSLSocketPair.java
|
e3a187163504f00c98bd75cbd8bcbdde123ae2cd |
14-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Fix PKCS12 and BKS KeyStore as well as SSL renegotiation Summary: - Added KeyStoreTest and fixed PKCS and BKS keystores to be fully functional - KeyStore and KeyStoreImpl improvements in libcore and bouncycastle for more RI-like behavior - SSL Renegotiation fix for new implementation Details: external/bouncycastle TwoFish added back for BKS KeyStore. Like RC2, it not supported as a general cipher, but instead used internally for KeyStore implementation. src/main/java/org/bouncycastle/crypto/engines/TwofishEngine.java bouncycastle.config Added back PBEWITHSHAANDTWOFISH, PBEWITHSHAANDTWOFISH-CBC, PBEWITHSHA1ANDRC2-CBC, PBEWITHHMACSHA, PBEWITHHMACSHA1 to support PKCS12 and BKS KeyStore implementations (as determined by new KeyStoreTest) src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java src/main/java/org/bouncycastle/jce/provider/JCEBlockCipher.java src/main/java/org/bouncycastle/jce/provider/JCEMac.java src/main/java/org/bouncycastle/jce/provider/JCESecretKeyFactory.java Don't throw an error when deleting a non-existing KeyStore entry. The RI documentation (and behavior) says it throws an error when it fails to remove an entry, not when the entry does not exist. src/main/java/org/bouncycastle/jce/provider/JDKKeyStore.java src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Try to make BC's PKCS KeyStore have a more RI-like getCreationDate behavior src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Make BC's PKCS KeyStore failfast on setting non-supported key, instead of failing later on get. src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Make BC's PKCS KeyStore handle setting a PrivateKey with an emtpy chain. src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Add more general avoidance of NullPointerExceptions on null aliases src/main/java/org/bouncycastle/jce/provider/JDKPKCS12KeyStore.java Added notes about changes improvements patches/README Regenerated patch with above changes patches/android.patch libcore KeyStore improvements based on KeyStoreTest - Fix UnrecoverableKeyException to be a subclass of UnrecoverableEntryException, which was keeping the new KeyStoreTest from compiling. luni/src/main/java/java/security/UnrecoverableKeyException.java - Fix to not convert UnrecoverableKeyException to KeyStoreException, which was only being done because of the UnrecoverableKeyException superclass bug. luni/src/main/java/java/security/KeyStoreSpi.java - Harmony KeyStore was being overly aggresive about throwing on null alias arguments in cases where the RI was happy to pass them to the KeyStoreSpi. luni/src/main/java/java/security/KeyStore.java - New test after PKCS12 regresion. It enumerates and excercises all methods on all available KeyStore implementations. Unfortunately, the main varieties of KeyStores made this a lot more complicated than I was originally expecting. It does clarifiy the differences between the RI and BC KeyStore implementations, especially for PKCS12, where in some ways the RI is more feature complete (setting key via byte[]), but in other ways BC goes beyond some RI limitations (allowing storage of certificates). luni/src/test/java/java/security/KeyStoreTest.java TestKeyStore improvements while writing KeyStoreTest - Renamed "keyStorePassword" working usages to clarify if it really means the "storePassword" on the whole KeyStore, or if it is a "keyPassword" on individual keys. - Moved TestKeyStore from javax.net.ssl to java.security luni/src/test/java/javax/net/ssl/SSLContextTest.java luni/src/test/java/javax/net/ssl/SSLEngineTest.java luni/src/test/java/javax/net/ssl/SSLSessionTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java support/src/test/java/java/security/StandardNames.java support/src/test/java/java/security/TestKeyStore.java support/src/test/java/javax/net/ssl/TestKeyStore.java support/src/test/java/javax/net/ssl/TestSSLContext.java Fixing up SSL renegotiation support. Now that we are not trying to prevent renegotiation, make sure it is working correctly. - Remove SSL_VERIFY_CLIENT_ONCE to take the default behavior of re-requesting client certificate on renegotiation. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java - Updated comments to reflect renegotiation. Bug fix to not clear out callback reference on handshake complete, since we need it for renegotiation. luni/src/main/native/NativeCrypto.cpp Updated for PKCS12 KeyStore support support/src/test/java/java/security/StandardNames.java Added javadoc when writint KeyStoreTest luni/src/test/java/java/security/ProviderTest.java frameworks/base Tracking changes to UnrecoverableKeyException superclass api/8.xml api/current.xml Change-Id: I6349dbfc02896417595b52e364ade8000b567615
ava/security/StandardNames.java
ava/security/TestKeyStore.java
avax/net/ssl/TestKeyStore.java
avax/net/ssl/TestSSLContext.java
|
059dbc04218144f985b20a228bbe98139d400d0c |
08-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Improved client certificate and certificate chain support Summary: - openssl: add openssl support for specifying per key certificate chains - libcore: properly implement client certificate request call back - libcore: properly implement sending certificate chain - libcore: properly implement retreiving local certificate chain - libcore: added an SSLContext for non-OpenSSL SSLSocket creation Details: external/openssl Improve patch generate support by applying all other patches to baseline to remove cross polluting other patch changes into target patch. Move cleanup of ./Configure output to import script from openssl.config. import_openssl.sh openssl.config Adding SSL_use_certificate_chain and SSL_get_certificate_chain to continue to finish most of remaining JSSE issues. include/openssl/ssl.h ssl/s3_both.c ssl/ssl.h ssl/ssl_locl.h ssl/ssl_rsa.c Updated patch (and list of input files to patch) patches/jsse.patch openssl.config libcore Restoring SSLContextImpl as provider of non-OpenSSL SSLSocketImpl instances for interoperability testing. OpenSSLContextImpl is the new subclass that provides OpenSSLSocketImpl. JSSEProvider provides the old style SSLContexts, OpenSSLProvider provides the OpenSSL SSLContext, which includes the "default" context. Changed to register SSLContexts without aliases to match the RI. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLProvider.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DefaultSSLContextImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLContextImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLContextImpl.java Native interface updates to support OpenSSLSocketImpl improvements - KEY_TYPES now expanded based on what we are being provided by OpenSSL. keyType function now maps key type values received from clientCertificateRequested callback. - Removed remaining uses of string PEM encoding, now using ASN1 DER consistently Includes SSL_SESSION_get_peer_cert_chain, verifyCertificateChain - Fixed clientCertificateRequested to properly include all key types supported by server, not just the one from the cipher suite. We also now properly include the list of supported CAs to help the client select a certificate to use. - Fixed NativeCrypto.SSL_use_certificate implementation to use new SSL_use_certificate_chain function from openssl to pass chain to OpenSSL. - Added error handling of all uses of sk_*_push which can fail due to out of memory - Fixed compile warning due to missing JNI_TRACE argument luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java luni/src/main/native/NativeCrypto.cpp luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java Pass this into chooseServerAlias call as well in significantly revamped choseClientAlias luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java Minor code cleanup while reviewing diff between checkClientTrusted and checkServerTrusted luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Improvements to SSL test support to go along with client certificate and certificate chain changes. TestSSLContext now has separate contexts for the client and server (as well as seperate key stores information). TestKeyStore now is more realistic by default, creating a CA, intermediate CA, and separate client and server certificates, as well as a client keystore that simply contains the CA and no certificates. support/src/test/java/javax/net/ssl/TestKeyStore.java support/src/test/java/javax/net/ssl/TestSSLContext.java Tests tracking API changes. Tests involving cert chains now now updated to use TestKeyStore.assertChainLength to avoid hardwiring expected chain length in tests. These tests also now use TestSSLContext.assertClientCertificateChain to validate that the chain is properly constructed and trusted by a trust manager. luni/src/test/java/java/net/URLConnectionTest.java luni/src/test/java/javax/net/ssl/SSLContextTest.java luni/src/test/java/javax/net/ssl/SSLEngineTest.java luni/src/test/java/javax/net/ssl/SSLSessionContextTest.java luni/src/test/java/javax/net/ssl/SSLSessionTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java support/src/test/java/java/security/StandardNames.java support/src/test/java/javax/net/ssl/TestSSLEnginePair.java support/src/test/java/javax/net/ssl/TestSSLSocketPair.java frameworks/base Tracking change of SSLContextImpl to OpenSSLContextImpl core/java/android/net/SSLCertificateSocketFactory.java core/java/android/net/http/HttpsConnection.java tests/CoreTests/android/core/SSLPerformanceTest.java tests/CoreTests/android/core/SSLSocketTest.java Tracking changes to TestSSLContext core/tests/coretests/src/android/net/http/HttpsThroughHttpProxyTest.java Change-Id: Ie35ebce89966dfce62c316f7fe7252bf06935680
ava/security/StandardNames.java
avax/net/ssl/TestKeyStore.java
avax/net/ssl/TestSSLContext.java
avax/net/ssl/TestSSLEnginePair.java
avax/net/ssl/TestSSLSocketPair.java
|
b7eec62f6db198a76b67d7915b03e59189c6df4f |
02-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
TestKeyStore only use RSA by default & fixing SSLEngine client auth with DSA client and RSA server Summary: Goal here was to just make most tests faster by only having TestKeyStore create RSA keys by default. However, when I did that SSLEngineTest#test_SSLEngine_clientAuth started working, so I ended up investigating a much deeper issue with DSA client authentication against an RSA SSLEngine server. Details: Changed the TestKeyStore.get singleton to only contain RSA keys. TestKeyStore.create now requires the caller enumerate what keys they want if they need more than that or an alternative. support/src/test/java/javax/net/ssl/TestKeyStore.java Changed test_SSLSocket_getSupportedCipherSuites_connect to explicitly request RSA and DSA keys since it needs both to try connecting all possible cipher suites. luni/src/test/java/javax/net/ssl/SSLSocketTest.java Fixing SSLEngine client authentication when server uses RSA but client uses DSA Fixed java.net.ssl.SSLEngineTest#test_SSLEngine_clientAuth expectations/knownfailures.txt Added CiperSuite.authType field which contains the algorithm name such as RSA, DSA, DH, that the client will use to authenticate the server. Like the cipherName, hmacName, and hashName, this is logically derivable from the the CiperSuite.KEY_EXCHANGE_*, but we remember it to avoid repeatedly doing large cascading "if" tests to determine which key algorithm should be used for each case. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java Fixed a number of client certificate authentication bugs in SSLEngine - Changed ClientHandshakeImpl's in the SSL/Tls Certificate message code to mirror ServerHandshakeImpl's implementation to properly use chooseEngineClientAlias in the SSLEngine case. - Changed to use the client certifcates key algorithm for computing the signature for the SSL/TLS CertificateVerify message. Previously we used the cipher suites negoitated key exchange method, but if the client may select a certificate with a different algorithm if the server provides a CA for another algorithm. - Also changed to use CipherSuite.isAnonymous in two places rather than the inlined equivalent. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java Fixed client authentication to use the client's certificate (not the server's) to do verify the CertificateVerify message signature. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java Fixed bug in DigitalSignature which did not Signature.update in verifySignature, so it could never have properly authenticated DSA signatures. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java Added CertificateMessage getAuthType convenience luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CertificateMessage.java Made CertificateRequest certificate_authorities final, found we were double allocating it luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CertificateRequest.java Cleaning up imports of HandshakeProtocol while working on its subclasses. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/HandshakeProtocol.java Cleaned up while looking at X509KeyManager implementations while debugging. support/src/test/java/org/apache/harmony/xnet/tests/support/X509KeyManagerImpl.java Change-Id: I74b98754c11000cbfea416f1571c380c9c67abf3
avax/net/ssl/TestKeyStore.java
rg/apache/harmony/xnet/tests/support/X509KeyManagerImpl.java
|
096aac7b8a607d3da237900f52cab1c5066bf992 |
01-Jul-2010 |
Jesse Wilson <jessewilson@google.com> |
Buffering the decoding of chunked encoding and HTTP headers. Also cleanup of HttpConfiguration (renamed HttpConnection.Address), including removing some dead code. Also adding performance-run support to MockWebServer to permit benchmarking. I benchmarked different buffer sizes, and a buffer as small as 16 bytes halved the runtime on some HTTP requests. Ultimately I chose a 128 byte buffer, since that's the point of diminishing returns. The following report shows benchmark results for 5 different buffer sizes. Notice how our previous unbuffered behaviour was particularly inefficient. bodySize transferEncoding responseHeaders bufferSize ms logarithmic runtime 0 FIXED_LENGTH MINIMAL 0 5.44 = 0 FIXED_LENGTH MINIMAL 16 5.17 = 0 FIXED_LENGTH MINIMAL 128 5.06 = 0 FIXED_LENGTH MINIMAL 512 5.19 = 0 FIXED_LENGTH MINIMAL 1024 5.27 = 0 FIXED_LENGTH TYPICAL 0 14.61 =========== 0 FIXED_LENGTH TYPICAL 16 7.35 ==== 0 FIXED_LENGTH TYPICAL 128 6.48 === 0 FIXED_LENGTH TYPICAL 512 6.97 ==== 0 FIXED_LENGTH TYPICAL 1024 6.92 ==== 0 CHUNKED MINIMAL 0 5.72 == 0 CHUNKED MINIMAL 16 5.26 = 0 CHUNKED MINIMAL 128 5.27 = 0 CHUNKED MINIMAL 512 5.16 = 0 CHUNKED MINIMAL 1024 5.31 = 0 CHUNKED TYPICAL 0 14.81 =========== 0 CHUNKED TYPICAL 16 7.30 ==== 0 CHUNKED TYPICAL 128 6.62 === 0 CHUNKED TYPICAL 512 6.51 === 0 CHUNKED TYPICAL 1024 6.50 === 1024 FIXED_LENGTH MINIMAL 0 5.47 = 1024 FIXED_LENGTH MINIMAL 16 5.40 = 1024 FIXED_LENGTH MINIMAL 128 5.43 = 1024 FIXED_LENGTH MINIMAL 512 5.40 = 1024 FIXED_LENGTH MINIMAL 1024 5.37 = 1024 FIXED_LENGTH TYPICAL 0 14.83 =========== 1024 FIXED_LENGTH TYPICAL 16 7.42 ==== 1024 FIXED_LENGTH TYPICAL 128 6.50 === 1024 FIXED_LENGTH TYPICAL 512 6.50 === 1024 FIXED_LENGTH TYPICAL 1024 6.51 === 1024 CHUNKED MINIMAL 0 6.12 == 1024 CHUNKED MINIMAL 16 5.51 = 1024 CHUNKED MINIMAL 128 5.55 = 1024 CHUNKED MINIMAL 512 5.60 == 1024 CHUNKED MINIMAL 1024 5.50 = 1024 CHUNKED TYPICAL 0 15.00 =========== 1024 CHUNKED TYPICAL 16 7.56 ===== 1024 CHUNKED TYPICAL 128 6.86 ==== 1024 CHUNKED TYPICAL 512 6.73 === 1024 CHUNKED TYPICAL 1024 6.60 === 1048576 FIXED_LENGTH MINIMAL 0 25.27 ================= 1048576 FIXED_LENGTH MINIMAL 16 25.36 ================= 1048576 FIXED_LENGTH MINIMAL 128 25.86 ================= 1048576 FIXED_LENGTH MINIMAL 512 25.25 ================= 1048576 FIXED_LENGTH MINIMAL 1024 32.51 =================== 1048576 FIXED_LENGTH TYPICAL 0 36.65 ===================== 1048576 FIXED_LENGTH TYPICAL 16 27.43 ================== 1048576 FIXED_LENGTH TYPICAL 128 26.88 ================= 1048576 FIXED_LENGTH TYPICAL 512 26.94 ================= 1048576 FIXED_LENGTH TYPICAL 1024 33.13 ==================== 1048576 CHUNKED MINIMAL 0 77.02 ============================ 1048576 CHUNKED MINIMAL 16 51.32 ======================== 1048576 CHUNKED MINIMAL 128 50.98 ======================== 1048576 CHUNKED MINIMAL 512 51.82 ======================== 1048576 CHUNKED MINIMAL 1024 50.40 ======================== 1048576 CHUNKED TYPICAL 0 88.99 ============================== 1048576 CHUNKED TYPICAL 16 53.94 ======================== 1048576 CHUNKED TYPICAL 128 53.03 ======================== 1048576 CHUNKED TYPICAL 512 52.14 ======================== 1048576 CHUNKED TYPICAL 1024 50.90 ======================== Benchmark source code is here: http://code.google.com/p/dalvik/source/browse/trunk/benchmarks/regression/URLConnectionBenchmark.java Change-Id: Ie3e754ab8497e6200f8b6e7f9c63c40a7d4784e2
ests/http/MockWebServer.java
|
38570b4b80f066bed09944d85c5062c9935cb975 |
01-Jul-2010 |
Brian Carlstrom <bdc@google.com> |
Trim BouncyCastle *-OpenSSL algorithms These were not previously removed because they were believed to be part of Android OpenSSL native implementation. Change-Id: I6dd5eb22c5758f5337dae66669104ea6aa7b4234
ava/security/StandardNames.java
|
51e468abf2628ce964d3657042f3ac8f2c947504 |
26-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Fixing response cache and connection reuse for HTTP client. The code splits our HTTP input streams into four (!) inner classes. The base class takes care of ensuring split() and single byte reads get cached and call disconnect() as necessary. Our code closes the cache when the stream is exhausted; this is different from the RI which closes it when in.close() is called. When a fixed length input stream of length 0 is received, we cache it immediately. This has behavior consequences for CONNECT, which needs the otherwise-recyclable connection to stick around. This adds explicit shutdown capabilities to MockWebServer. This is necessary now that we don't guarantee all enqueued responses will be requested. We still need test coverage for malformed chunk sizes. Change-Id: Iaf866af4fc1d76faea559df267a4bde6fdfa1d83
ests/http/DefaultResponseCache.java
ests/http/MockResponse.java
ests/http/MockWebServer.java
|
12cd1f00c2fa1a7f37bf644cecdf7588bdc0b0a9 |
23-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Remove libcore's dependency on bouncycastle external/bouncycastle - Change to be the primary build for bouncycastle sources (as opposed to part of libcore) - Moved OpenSSLMessageDigest from libcore to OpenSSLDigest It uses NativeCrypto API from core, but implements a bouncycastle specific interface - restored registration of bouncycastle MessageDigests for SHA-1, SHA-256, MD5 OpenSSLProvider versions take precedence, but explicit provider of "BC" allows choice - enabled native versions of SHA-384 and SHA-512 - pruned MD4 implementation frameworks/base - frameworks and CoreTests modules now depend on bouncycastle - update preloades classes for NativeBN package change - moved CryptoTest to libcore libcore - core now builds without bouncycastle sources - core-tests, core-tests-support, core-tests-supportlib now depend on bouncycastle - removed libcore/openssl directory, moving NativeBN to java/math - minor cleanup of Provider, Security, Services style while working on ProviderTest - added new OpenSSLProvider registered as first provider to have priority over the others to ensure our native implementations are used - moved BouncyCastle to have priority as a provider over Harmony - JarVerifier and JarUtils now implicitly use OpenSSLMessageDigest - Cleanedup OpenSSLSignature, implementation needs to be finished to move to OpenSSLProvider - To avoid using PEMWriter from BouncyCastle, NativeCrypto now takes binary encoded certs and keys This is more efficient as well avoiding the base64 decode/encode of the binary data - removed SHA-224 to match the RI packages/apps/CertInstaller - CertificateInstaller module now depends on bouncycastle this is the only app to depend on bouncycastle system/core - updated BOOTCLASSPATH Change-Id: I6205366b12baec4331b4a76e2c85d8324bf64b2c
ava/security/StandardNames.java
|
f979bbd1277c77ca945ad981e7864fb4e9f6ae05 |
25-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Scrubbing tests marked @BrokenTest. This rearranges the security test support infrastructure. We no longer rely on many top-level classes defined in CipherHelper.java to provide test support. Instead these each have their own top level class in our test support package: support/src/test/java/tests/security. Similarly for abstract classes intended to be subclassed by cipher-specific tests. Other test methods that were duplicated in Harmony have been removed. We need to pay closer attention to Harmony failures because they are now our only source of coverage for some of these tests. Change-Id: I1a1ca8a046bc9b6a33d5fa3f55fecc0d39f72c16
ests/security/AlgorithmParameterAsymmetricHelper.java
ests/security/AlgorithmParameterGeneratorTest.java
ests/security/AlgorithmParameterKeyAgreementHelper.java
ests/security/AlgorithmParameterSignatureHelper.java
ests/security/AlgorithmParameterSymmetricHelper.java
ests/security/AlgorithmParametersTest.java
ests/security/CipherAsymmetricCryptHelper.java
ests/security/CipherHelper.java
ests/security/CipherSymmetricCryptHelper.java
ests/security/DefaultKeys.java
ests/security/KeyAgreementHelper.java
ests/security/KeyFactoryTest.java
ests/security/KeyPairGeneratorTest.java
ests/security/MessageDigestTest.java
ests/security/SignatureHelper.java
ests/security/SignatureTest.java
ests/security/TestHelper.java
|
17baca0a1628322f512b2a91486d8f454b722ac2 |
22-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Deduplicating failed tests in org.apache.harmony.luni.tests.java.lang. Some tests were copied from Harmony and fixed in Dalvik. I've applied fixes in our SVN copy of Harmony and removed the duplicate copies here. Also improving error reporting for missing resource files. Some of our serialization tests were failing due to missing files; the corresponding Harmony tests succeed. Change-Id: I73872b03674f8731ff237f575dcda66f9d53c06a
ests/support/resource/Support_Resources.java
|
9a106a63508697a6f5f02c20b7cc6b7c6152695f |
21-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Move StandardNames from javax.net.ssl package to the more appropriate java.security Change-Id: I7ef73ae164fa001f279e8229b4869e72fd5a3a7d
ava/security/StandardNames.java
avax/net/ssl/StandardNames.java
avax/net/ssl/TestSSLContext.java
|
f3abdd4561d269d0a9f9c4346f231c72f7db0a07 |
21-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Updating StandardNames for updated bouncycastle that is closer to the RI Change-Id: I684a4c99ab70855d7bf86c1825bdede6b2727d39
avax/net/ssl/StandardNames.java
|
767061d064e8b6a3566a6a7dac974ef873f92bbd |
18-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Merge "Implementing ZoneInfo.hasSameRules()." into dalvik-dev
|
e32b21f14d52bac429a9c54fe031f9e92c911d64 |
18-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Implementing ZoneInfo.hasSameRules(). Moving TimeZoneTest to OldTimeZoneTest and removing test methods that are duplicated between libcore and Harmony. Also adding Objects.equals() to make implementing this easy, and removing redundant time zone tests. I did a few searches to find candidate code that could take advantage of this new utility method and adopted it there. Change-Id: I133298f1b36d755bd35c1ad0dc0ab366fd164270
rg/apache/harmony/testframework/serialization/SerializationTest.java
|
88404afd0c510524045e3724aaae5825b4372f8f |
18-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Remove targets.* Change-Id: I9b795477fb1f64f613c2d7cc48476284702fd429
argets/AlgorithmParameterGenerators.java
argets/AlgorithmParameters.java
argets/CertPathBuilders.java
argets/CertPathValidators.java
argets/CertificateFactories.java
argets/Charsets.java
argets/Cipher.java
argets/KeyAgreement.java
argets/KeyFactories.java
argets/KeyGenerator.java
argets/KeyPairGenerators.java
argets/KeyStores.java
argets/Mac.java
argets/MessageDigests.java
argets/SecretKeyFactory.java
argets/SecureRandoms.java
argets/Signatures.java
|
8bdd385d39da5d53ca540bbfb159161e68cb6eb3 |
18-Jun-2010 |
Brian Carlstrom <bdc@google.com> |
Add ProviderTest to verify expected algorithms from register Providers This works on RI 6 but fails on with our version of BouncyCastle derived from 1.34 because of the one missing class org.bouncycastle.jce.provider.JCEMac$ISO9797_DES It is still useful because it fixes the list of algorithms in StandardNames to make sure we don't unintentionally add or remove algorithms when we upgrade to BouncyCastle 1.45. Change-Id: I51e42a59505797d823004a798413ee2299bd163f
avax/net/ssl/StandardNames.java
|
c8977f474b30c5f3807398859a6b16687af6fc7b |
15-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Fixing various problems with HTTPS proxies thru HTTP. - reading extra bytes from the server depending on available() - not sending the port with the proxy request - returning a read-til-the-end stream instead of a read-0-bytes-stream on CONNECT requests - fixing MockWebServer to omit the unnecessary \r\n after the response body - tests no longer mask the issue by unambiguously reading characters. Trailing newlines aren't discarded! - New tests when content-length and content disagree. The RI fails the test when the transfer-encoding is not chunked. Change-Id: I888569844d323bc770cd5bb95ac71c740dd5e720
ests/http/MockResponse.java
ests/http/MockWebServer.java
|
60476787f0e0f052366d8031c74e507ffd3d16a3 |
12-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Adding testcases for HttpsURLConnection and through a proxy. One failure is here: http://b/issue?id=2761326 Change-Id: If1918a2e59bd4335e38ce3ec4214dfccd24ee798
ests/http/MockWebServer.java
|
706d53593cd8841d378dbe298a8d1940db1e71df |
09-Jun-2010 |
Jesse Wilson <jessewilson@google.com> |
Adding HTTPS and proxy support to our mock webserver. Also exposing core-tests-support for use by tests in frameworks/base. I'm not particularly happy about this, but it seems to be the best way to share test support code between the two build targets. Change-Id: I5e8dcac90fc5d9be791e46c2606498978212108e
ests/http/MockResponse.java
ests/http/MockWebServer.java
|
0c131a2ca38465b7d1df4eaee63ac73ce4d5986d |
21-May-2010 |
Brian Carlstrom <bdc@google.com> |
RI 6 support for javax.net.ssl Summary: - RI 6 support for javax.net.ssl - SSLEngine fixes based on new SSLEngineTest - fix Cipher.checkMode bug recently introduced in dalvik-dev Details: Fix Cipher.checkMode that was preventing most javax.net.ssl tests from working luni/src/main/java/javax/crypto/Cipher.java RI 6 has introduced the concept of a "Default" SSLContext. This is accessed via SSLContext.getDefault() and also SSLContext.getInstance("Default"). Harmony had its own DefaultSSLContext but it was not created via an SSLContextSpi. It also was a single shared instance whereas the new RI6 Default SSLContext shares internal SSLSessionContext instances between different Default SSLContexts. Refactored the old code into an SSLContextImpl subclass that allows it to be created via SSLContext.getInstance. SSLContextImpl ensures that we only ever create one set of SSLSessionContext instances for the Default context. luni/src/main/java/javax/net/ssl/DefaultSSLContext.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DefaultSSLContextImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLContextImpl.java Added SSLContext.getDefault and SSLContext.setDefault luni/src/main/java/javax/net/ssl/SSLContext.java Replace dependencies of old DefaultSSLContext with use of SSLContext.getDefault luni/src/main/java/javax/net/ssl/SSLServerSocketFactory.java luni/src/main/java/javax/net/ssl/SSLSocketFactory.java Register "SSLContext.Default" as DefaultSSLContextImpl class for SSLContext.getInstance() luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java Added constant for new "Default" standard name and added it to SSL_CONTEXT_PROTOCOLS. New tests based on SSL_CONTEXT_PROTOCOLS made it clear that neither Android or RI support SSLv2 so removed it from SSL_CONTEXT_PROTOCOLS and SSL_SOCKET_PROTOCOLS. Added constant for TLS as well which was previously scattered all over tests. Remove SSLv2Hello from SSL_SOCKET_PROTOCOLS for Android since with OpenSSL disablign SSLv2 means you can not use SSLv2Hello either. support/src/test/java/javax/net/ssl/StandardNames.java Added tests for SSLContext.getDefault and SSLContext.setDefault. Changed existing tests to work on all protocols including new "Default". luni/src/test/java/javax/net/ssl/SSLContextTest.java RI 6 has introduced the notion of SSLParameters which encapsulate SSL the handshake parameters of desired cipher suites, protocols, and client authentication requirements. The main new class SSLParameters is basically just a bag of fields with accessors and a couple simple constructors. The only things of note are that it clones all String arrays on input and output and the setters for the two boolean fields ensure that only one is true at a time. luni/src/main/java/javax/net/ssl/SSLParameters.java Added SSLContext.getDefaultSSLParameters and SSLContext.getSupportedSSLParameters which simply delegate to the SSLContextSpi. luni/src/main/java/javax/net/ssl/SSLContext.java Added abstract SSLContextSpi.engineGetDefaultSSLParameters and SSLContext.engineGetSupportedSSLParameters. luni/src/main/java/javax/net/ssl/SSLContextSpi.java Added engineGetDefaultSSLParameters and engineGetSupportedSSLParameters implementation. The RI documents in SSLContextSpi that these are implemented by default by creating a socket via the SSLContext's SocketFactory and asking for the enabled/supported cipher suites and protocols respectively, so that is what is done. The doc mentions throwing UnsupportedOperationException if there is a problem, so we do that as well. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLContextImpl.java Added {SSLEngine,SSLSocket}.{getSSLParameters,setSSLParameters} which are analogous. luni/src/main/java/javax/net/ssl/SSLEngine.java luni/src/main/java/javax/net/ssl/SSLSocket.java Added SSLParametersTest luni/src/test/java/javax/net/ssl/SSLParametersTest.java luni/src/test/java/javax/net/ssl/AllTests.java Added SSLContext.get{Default,Supported}SSLParameters tests luni/src/test/java/javax/net/ssl/SSLContextTest.java Added SSLSocket.{getSSLParameters,setSSLParameters} tests and added some extra asserts to test_SSLSocketPair_create based on experience with test_SSLEnginePair_create. luni/src/test/java/javax/net/ssl/SSLSocketTest.java Dummy implementation of new SSLContextSpi for test classes. support/src/test/java/org/apache/harmony/security/tests/support/MySSLContextSpi.java support/src/test/java/org/apache/harmony/xnet/tests/support/MySSLContextSpi.java Other minor RI 6 API changes: RI 6 removed Serializable from HandshakeCompletedEvent and SSLSessionBindingEvent luni/src/main/java/javax/net/ssl/HandshakeCompletedEvent.java luni/src/main/java/javax/net/ssl/SSLSessionBindingEvent.java RI 6 added generic types to the KeyStoreBuilderParameters List constructor and accessor as well as to SSLSessionContext.getIds. Fixed tests to compile with generic types. luni/src/main/java/javax/net/ssl/KeyStoreBuilderParameters.java luni/src/main/java/javax/net/ssl/SSLSessionContext.java luni/src/test/java/tests/api/javax/net/ssl/KeyStoreBuilderParametersTest.java SSLEngine improvements. Since I was changing SSLEngine, I wrote an SSLEngineTest based on my SSLSocketTest to do some simply sanity checking. It expose a number of issues. I've fixed the small ones, marked the rest as known failures. Renamed some TLS_ cipher suites to SSL_ to match JSSE standard names. These were all old suites no longer supported by RI or OpenSSL which is why they were missed in an earlier cleanup of this type in this class. Also fixed SSLEngine supported cipher suites list not to include SSL_NULL_WITH_NULL_NULL which is not a valid suite to negotiate. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java SSLEngine instances can have null host values, which caused a NullPointerException in the ClientSessionContext implementation. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientSessionContext.java SSLEngine tests were failing because SSLParameters was throwing NullPointerException instead of IllegalArgument exception on null element values. Fixed null pointer message style while I was here. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java Fixed SSLEngine instances to default to server mode like RI luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLContextImpl.java Fixed KEY_TYPES based on SSLEngine implementation. Removed dead code NativeCrypto.getEnabledProtocols which was recently made obsolete. Cleaned up null exception messages to follow our convention. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java Added SSLEngineTest which parallels SSLSocketTest in its coverage. Similarly added TestSSLEnginePair which loosely parallels TestSSLSocketPair. luni/src/test/java/javax/net/ssl/SSLEngineTest.java luni/src/test/java/javax/net/ssl/AllTests.java support/src/test/java/javax/net/ssl/TestSSLEnginePair.java SSLEngineTest betters exposed the differences between SSLSocket and SSLEngine supported cipher suites. StandardNames now has an CIPHER_SUITES_SSLENGINE definition which denotes what is missing and what is extra and why in the SSLEngine implementation. support/src/test/java/javax/net/ssl/StandardNames.java Created StandardNames.assert{Valid,Supported}{CipherSuites,Protocols} to factor out some code test code that is also used by new tests. support/src/test/java/javax/net/ssl/StandardNames.java luni/src/test/java/javax/net/ssl/SSLSocketFactoryTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java Remove SSLSocketTest known failure and add new SSLEngineTest known failures expectations/knownfailures.txt SSL_OP_NO_TICKET change was recently merged from master which required some fixes. For the moment, sslServerSocketSupportsSessionTickets always returns false. support/src/test/java/javax/net/ssl/TestSSLContext.java Fixed flakey test_SSLSocket_HandshakeCompletedListener which had a race because the client thread look in the server session context for an session by id potentially before the server thread had a chance to store its session. Made noticable because of SSL_OP_NO_TICKET recently merged from master (before this code path was host only, not device) luni/src/test/java/javax/net/ssl/SSLSocketTest.java Fix checkjni issue where we need to check for pending exception in OpenSSL callback. Possibly introduced by recent merge of SSL_OP_NO_TICKET from master. luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp Expectation updates Remove SSLSocketTest known failure and add new SSLEngineTest known failures expectations/knownfailures.txt Tag test_SSLSocket_getSupportedCipherSuites_connect as large expectations/taggedtests.txt Misc changes: opening brace on wrong line luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerSessionContext.java Long line cleanup while debugging luni/src/main/java/org/apache/harmony/xnet/provider/jsse/HandshakeProtocol.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketFactoryImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketFactoryImpl.java support/src/test/java/javax/net/ssl/TestKeyStore.java Removed bogus import luni/src/test/java/javax/net/ssl/SSLSessionContextTest.java Comment clarify while debugging luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java Ctor -> Constructor in comment luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLEngineImpl.java Fixed naming of SocketTest_Test_create to TestSocketPair_Create to match renamed classes luni/src/test/java/javax/net/ssl/SSLSocketTest.java Change-Id: I99505e97d6047eeabe4a0b93202075a0b2d486ec
avax/net/ssl/StandardNames.java
avax/net/ssl/TestKeyStore.java
avax/net/ssl/TestSSLContext.java
avax/net/ssl/TestSSLEnginePair.java
rg/apache/harmony/security/tests/support/MySSLContextSpi.java
rg/apache/harmony/xnet/tests/support/MySSLContextSpi.java
|
aacf6f9741dea0f12fbff5e7696e53f251177280 |
20-May-2010 |
Brian Carlstrom <bdc@google.com> |
Enable Diffie-Hellman cipher suites Enable Diffie-Hellman cipher suites in NativeCrypto (and in StandardNames to match for testing). This means we now have the same default cipher suite list as RI 5. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java support/src/test/java/javax/net/ssl/StandardNames.java Enabling DH made it obvious that the RI check for enable cipher suites on SSLServerSocket.accept was not as stringent as first thought. Apparently they don't care if all enabled cipher suites have certificates/keys, just that at least one of them will work, even if its anonymous. Factored out the logic to check this into checkEnabledCipherSuites for clarity along with the supporting checkForPrivateKey. Also only check if the socket is in server mode, since its fine to have nothing configured for server acting as a client for handshake purposes. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java The real work to enable Diffie-Hellman was to use SSL_CTX_set_tmp_dh_callback to set a callback to get DH parameters. There are two ways to create the parameters. The first is to use DH_generate_parameters_ex which is very slow (minutes) as is recommended as install time option. The second is to use DSA_generate_parameters_ex followed by DSA_dup_DH, which is faster for a single call, but must be done every time, so slower overall. We currently take the second approach to just have DH working. luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp Changed ephemeral RSA keys to be stored per SSL in AppData, not in a static global. luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp Fix LS_ to TLS_ typo in commented out constant. Removed easy to miss wrapping in array definition. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java Renamed CipherSuites defaultPretendant to defaultCipherSuites which led to renaming the CipherSuites constants to follow the coding style. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientHandshakeImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DigitalSignature.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerHandshakeImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerKeyExchange.java Change-Id: Ia38de48cabb699b24fe6e341ba79f34e3da8b543
avax/net/ssl/StandardNames.java
|
b35597648f05db8d67c6a11d63044102a76cffda |
18-May-2010 |
Jesse Wilson <jessewilson@google.com> |
Merge "Testing that URLConnection uses CookieManager for send and receive." into dalvik-dev
|
211d3bbada505912bb16e9d1a6c1a9f1f5c16cff |
18-May-2010 |
Jesse Wilson <jessewilson@google.com> |
Testing that URLConnection uses CookieManager for send and receive. These all fail on Dalvik because we haven't wired these together. On the RI, everything passes except for the two tests that check parsing for multiple cookies in a single HTTP header. Change-Id: Idb10c5b51b7ae5ca400dc564f2926f0d5792093d
ests/http/MockWebServer.java
|
fd487fbac3547360ea81d96edea9827fad080f86 |
18-May-2010 |
Brian Carlstrom <bdc@google.com> |
Change Harmony CipherSuite to use JSSE names Change text names of Harmony CipherSuite's (used by SSLEngine and some places with OpenSSL code) to match JSSE names. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/CipherSuite.java Added StandardName constant for SSL_NULL_WITH_NULL_NULL support/src/test/java/javax/net/ssl/StandardNames.java Marked test as working with above fix, changed to use newly defined constant. luni/src/test/java/javax/net/ssl/SSLSessionTest.java Change-Id: Id48d2adcbbff71306296f1fdf8ff970c618fdcc6
avax/net/ssl/StandardNames.java
|
204cab3c22b4d75c866c95e2d2eec42e14cbd924 |
18-May-2010 |
Brian Carlstrom <bdc@google.com> |
Supported cipher suites improvements Added new test_SSLSocket_getSupportedCipherSuites_connect to make sure all cipher suites we claim work actually do. It clearly exposed that although a large number of cipher suites are supported by libssl.so, they are not properly wired up into the OpenSSL JSSE implementation. In particular Elliptic Curve has been disabled in our version Bouncy Castle does not work. In addition Diffie-Hellman does not work because we need to further integration work with OpenSSL via SSL_set_tmp_dh_callback or SSL_set_tmp_dh. Finally, SSL_RSA_EXPORT_WITH_RC4_40_MD5 doesn't work but that is being left as KnownFailure for more immediate cleanup based on ServerHandshakeImpl's handling of KeyExchange_RSA_EXPORT as part of having OpenSSL call us back for certificates dynamically. luni/src/test/java/javax/net/ssl/SSLSocketTest.java Refactored TestSSLContext.createKeyStore to create TestKeyStore which now factors out TestSSLContext.createKeys from the old createKeyStore method, which allows createKeys to be called multiple times for different key algorithms (for example DSA in addition to RSA). Also added a reusable singleton instance to cut down on test execution time. support/src/test/java/javax/net/ssl/TestKeyStore.java Removed publicAlias/privateAlias from TestSSLContext since we now include both RSA and DSA key pairs in they KeyStore by default. Added TestSSLContext.assertCertificateInKeyStore methods to help tests the previously used the alias fields fields. TestSSLContext.create API changed as well since the alias names are no longer required. TestSSLContext.createClient now needs to iterate over all server certificates when setting up its TrustManager instead of just grabbing one by alias name. support/src/test/java/javax/net/ssl/TestSSLContext.java luni/src/test/java/javax/net/ssl/SSLContextTest.java luni/src/test/java/javax/net/ssl/SSLSessionTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java TestSSLSocketPair.connect now allows optional inclusion of server cipher suite list. support/src/test/java/javax/net/ssl/TestSSLSocketPair.java luni/src/test/java/javax/net/ssl/SSLSessionContextTest.java Turning off Elliptic Curve and Diffie-Hellman which are not currently working. Updating test expectations to match. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java support/src/test/java/javax/net/ssl/StandardNames.java Turn on registration of ECDSA and DSA since this part is currently functional (and excercised by TestKeyStore.create()) luni/src/main/java/org/bouncycastle/x509/X509Util.java Improve logging by including SSL pointer in error messages, which makes it easier to relate these errors to JNI_TRACE messages. luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp Change-Id: I014d001a6a21a46c360678a346d3a3c8232f4d53
avax/net/ssl/StandardNames.java
avax/net/ssl/TestKeyStore.java
avax/net/ssl/TestSSLContext.java
avax/net/ssl/TestSSLSocketPair.java
|
3534c7cb3d4c67e3a4f2925fc7ecec43aeed879a |
15-May-2010 |
Brian Carlstrom <bdc@google.com> |
Remove ScopedGlobalRef (and other cleanups) ScopedGlobalRef caused more trouble that it was worth. Rather than trying to fix it to require updating of the JNIEnv, remove it to remove the temptation for others to use it. Also update SSL_set_ciphers_lists to use ScopedLocalRef and add HTML anchors to Standard names javadoc JSEE references. Change-Id: Ic3ed1bae3f29ee971d4461de31395b78c4949090
avax/net/ssl/StandardNames.java
|
9acacc36bafda869c6e9cc63786cdddd995ca96a |
14-May-2010 |
Brian Carlstrom <bdc@google.com> |
Use JSSE cipher suite names and restore JSSE SSLSessionContext semantics Summary: - Switch to using JSSE cipher suite names - SSLSessionContext implementation cleanup - Updated tests Details: Switch to using JSSE cipher suite names - We maintain backward compatability for enabling cipher suites using OpenSSL names for old code that did so without checking for the presence of the names in the supported list. - We now have a well defined list of the supported cipher suites which are sorted in priority order as specified in JSSE documentation so that callers doing: s.setEnabledCipherSuites(s.getSupportedCipherSuites()) will get something reasonable. - We now have a default cipher suite list that is chose to match RI behavior and priority, not based on OpenSSLs default and priorities. Details: - Added NativeCrypto OPENSSL_TO_STANDARD and STANDARD_TO_OPENSSL mapping between naming conventions. STANDARD_TO_OPENSSL is a LinkedHashMap so enumerating it gives the proper order for SUPPORTED_CIPHER_SUITES. - SSL_get_ciphers and SSL_set_cipher_list are removed, we now use our own SSL_set_cipher_lists (defined seperately in external/openssl/patches/jsse.patch) to set the set and order of cipher suites. SSL_CTX_get_ciphers is also removed because we no longer rely on the OpenSSL for the default cipher suites behavior. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp Add cipherSuite and protocol field caches for native values, mapping the cipherSuite to a JSSE name from the OpenSSL name returned by SSL_SESSION_cipher. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java Fixed a long standing bug where we reused sessions found in the client host/port cache even if the old protocol and cipher suite where no longer compatible with what was specified by setEnabledCipherSuites and setProtocols. Also fixed a recently introduced bug where lastAccessedTime was being set on a cached session even if it was not reused, found by fixed the above. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java Move most of SSLSessionContext implementation from subclasses to AbstractSessionContext. This was primarily to align the implementations of how different sessions id for the same host and port were handled for RI compatability. client subclasses now focuses on handling its host/port based cache and both deal with their own persistent cache details. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/AbstractSessionContext.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientSessionContext.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerSessionContext.java Tests Added some variants of assertSSLSessionContextSize to simplify tests code. Broke test_SSLSessionContext_setSessionCacheSize_oneConnect out of test_SSLSessionContext_setSessionCacheSize_dynamic. Renamed test_SSLSessionContext_setSessionCacheSize_basic to test_SSLSessionContext_setSessionCacheSize_noConnect to match name of _oneConnect. _dynamic was cleaned up a bit as getting it working was the only goal of this change list. Fixed to filter SSL_RSA_EXPORT_ ciphers since our test certificate key length is too long for those. Lower test requirement to 3 unique cipher suites. luni/src/test/java/javax/net/ssl/SSLSessionContextTest.java Added checks that cipher suites and protocols have standard names. luni/src/test/java/javax/net/ssl/SSLSessionTest.java Removing known failures related to cipher suite naming. Fixed bug of using assertNotNull instead of assertTrue. Added extra size/length check which would have found the assertNotNull/assertTrue issue. luni/src/test/java/javax/net/ssl/SSLSocketFactoryTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java Fixing test the explicitly worked around broken cipher suite naming. luni/src/test/java/tests/api/javax/net/ssl/SSLSessionTest.java Updated standard cipher suites to RI 6 list, which also now specifies ordering, which we now align with. support/src/test/java/javax/net/ssl/StandardNames.java Unrelated Remove more now obsolete jars from the test classpath run-core-tests Change-Id: I45c274a9327c9a1aeeccb39ecaf5a3fbe2903c8f
avax/net/ssl/StandardNames.java
|
f33eae7e84eb6d3b0f4e86b59605bb3de73009f3 |
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove all trailing whitespace from the dalvik team-maintained parts of libcore. Gentlemen, you may now set your editors to "strip trailing whitespace"... Change-Id: I85b2f6c80e5fbef1af6cab11789790b078c11b1b
avax/net/ssl/TestSSLContext.java
rg/apache/harmony/security/tests/support/CertificateStub.java
rg/apache/harmony/security/tests/support/IdentityScopeStub.java
rg/apache/harmony/security/tests/support/IdentityStub.java
rg/apache/harmony/security/tests/support/KeyStoreTestSupport.java
rg/apache/harmony/security/tests/support/MDGoldenData.java
rg/apache/harmony/security/tests/support/MyAlgorithmParameterGeneratorSpi.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator1.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator2.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator3.java
rg/apache/harmony/security/tests/support/MyKeyPairGeneratorSpi.java
rg/apache/harmony/security/tests/support/MyKeyStore.java
rg/apache/harmony/security/tests/support/MyKeyStoreSpi.java
rg/apache/harmony/security/tests/support/MyLoadStoreParams.java
rg/apache/harmony/security/tests/support/MyMessageDigest1.java
rg/apache/harmony/security/tests/support/MyMessageDigest2.java
rg/apache/harmony/security/tests/support/MySSLContextSpi.java
rg/apache/harmony/security/tests/support/MySignature1.java
rg/apache/harmony/security/tests/support/MySignature2.java
rg/apache/harmony/security/tests/support/MyTrustManagerFactorySpi.java
rg/apache/harmony/security/tests/support/PrivateKeyStub.java
rg/apache/harmony/security/tests/support/PublicKeyStub.java
rg/apache/harmony/security/tests/support/RandomImpl.java
rg/apache/harmony/security/tests/support/SecurityChecker.java
rg/apache/harmony/security/tests/support/SignerStub.java
rg/apache/harmony/security/tests/support/SpiEngUtils.java
rg/apache/harmony/security/tests/support/TestCertUtils.java
rg/apache/harmony/security/tests/support/TestKeyPair.java
rg/apache/harmony/security/tests/support/TestKeyStoreSpi.java
rg/apache/harmony/security/tests/support/TestUtils.java
rg/apache/harmony/security/tests/support/cert/MyCRL.java
rg/apache/harmony/security/tests/support/cert/MyCertPath.java
rg/apache/harmony/security/tests/support/cert/MyCertPathBuilderSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertPathValidatorSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreParameters.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertificate.java
rg/apache/harmony/security/tests/support/cert/MyCertificateFactorySpi.java
rg/apache/harmony/security/tests/support/cert/MyFailingCertPath.java
rg/apache/harmony/security/tests/support/cert/MyFailingCertificate.java
rg/apache/harmony/security/tests/support/cert/TestUtils.java
rg/apache/harmony/security/tests/support/interfaces/DSAKeyPairGeneratorImpl.java
rg/apache/harmony/security/tests/support/interfaces/RSAMultiPrimePrivateCrtKeyImpl.java
rg/apache/harmony/security/tests/support/tmpCallbackHandler.java
rg/apache/harmony/testframework/serialization/SerializationTest.java
rg/apache/harmony/xnet/tests/support/KeyManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/MyKeyManagerFactorySpi.java
rg/apache/harmony/xnet/tests/support/MySSLContextSpi.java
rg/apache/harmony/xnet/tests/support/MyTrustManagerFactorySpi.java
rg/apache/harmony/xnet/tests/support/SSLContextSpiImpl.java
rg/apache/harmony/xnet/tests/support/SSLSocketFactoryImpl.java
rg/apache/harmony/xnet/tests/support/TrustManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/X509KeyManagerImpl.java
rg/apache/harmony/xnet/tests/support/X509TrustManagerImpl.java
rg/apache/harmony/xnet/tests/support/mySSLSession.java
argets/Charsets.java
ests/support/Support_ASimpleInputStream.java
ests/support/Support_ASimpleOutputStream.java
ests/support/Support_ASimpleReader.java
ests/support/Support_ASimpleWriter.java
ests/support/Support_BitSet.java
ests/support/Support_ClassLoader.java
ests/support/Support_CollectionTest.java
ests/support/Support_Configuration.java
ests/support/Support_DeleteOnExitTest.java
ests/support/Support_Exec.java
ests/support/Support_Field.java
ests/support/Support_Format.java
ests/support/Support_GetLocal.java
ests/support/Support_GetPutFields.java
ests/support/Support_GetPutFieldsDefaulted.java
ests/support/Support_GetPutFieldsDeprecated.java
ests/support/Support_GetResource.java
ests/support/Support_IOTestSecurityManager.java
ests/support/Support_ListTest.java
ests/support/Support_MapTest2.java
ests/support/Support_MessageFormat.java
ests/support/Support_NetworkInterface.java
ests/support/Support_OutputStream.java
ests/support/Support_PlatformFile.java
ests/support/Support_PortManager.java
ests/support/Support_ProviderTrust.java
ests/support/Support_Proxy_I1.java
ests/support/Support_Proxy_I2.java
ests/support/Support_Proxy_ParentException.java
ests/support/Support_Proxy_SubException.java
ests/support/Support_SetTest.java
ests/support/Support_SimpleDateFormat.java
ests/support/Support_StringReader.java
ests/support/Support_StringWriter.java
ests/support/Support_TestProvider.java
ests/support/Support_TestResource.java
ests/support/Support_TestResource_en.java
ests/support/Support_TestResource_en_US.java
ests/support/Support_TestResource_fr.java
ests/support/Support_TestResource_fr_FR.java
ests/support/Support_TestResource_fr_FR_VAR.java
ests/support/Support_TestWebData.java
ests/support/Support_TimeZone.java
ests/support/Support_UnmodifiableCollectionTest.java
ests/support/Support_UnmodifiableMapTest.java
ests/support/Support_Xml.java
ests/support/resource/Support_Resources.java
ests/util/CallVerificationStack.java
ests/util/FieldTestFileGenerator.java
ests/util/SerializationTester.java
|
fd6bb3510c2f94d636f3572dcf5f7f4dcd1a2726 |
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove //$NON-NLS-\d$ cruft. Mostly done by perl(1), with manual cleanup of the few misspelled instances. This makes our trailing whitespace slightly worse, but I'll fix all that with a follow-on change. Change-Id: I0b4ca98819be6f9519c4ba980d759bd1ee1a0303
ests/support/Support_ASimpleOutputStream.java
ests/support/Support_ASimpleWriter.java
ests/support/Support_OutputStream.java
|
d36e64750cc11e98a96eaa6e89e6445857af85d6 |
12-May-2010 |
Jesse Wilson <jessewilson@google.com> |
Merge "Adding checks to make sure the HTTP method is consistent with its body." into dalvik-dev
|
0af0a7959d838c48e6b4e8dc9ac188ff6bbb6a87 |
11-May-2010 |
Brian Carlstrom <bdc@google.com> |
SSLSessionContexts should throw NullPointerException on getSession(null) Add an explicit null check to ensure failure on a null argument to getSession to match the RI luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientSessionContext.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerSessionContext.java Remove KnownFailures resolved by above fix as well as clarifiying SSL session cache expections on Android vs the RI. The KnownFailures were also hiding some latent issues to do SSL session tickets, so fixed those up as well. luni/src/test/java/javax/net/ssl/SSLSessionContextTest.java Added constants for expected SSL session cache behavior for RI vs Android support/src/test/java/javax/net/ssl/TestSSLContext.java Change-Id: Ic6285192cf76c0a5c3fa45a24eaa504ed0babff5
avax/net/ssl/TestSSLContext.java
|
fd4350050d7a0d333f9d346560b167040c3f44df |
10-May-2010 |
Jesse Wilson <jessewilson@google.com> |
Adding checks to make sure the HTTP method is consistent with its body. From the post-review comments here: https://android-git.corp.google.com/g/51054 Change-Id: I67be25a6648a2df02a888a0ae8559c05614de20c
ests/http/MockWebServer.java
|
b1b5baac449d2725002338735f4db34bec8fd001 |
08-May-2010 |
Jesse Wilson <jessewilson@google.com> |
New MockWebServer for HTTP testing. Unlike the Support_TestWebServer, this server is dumb but scriptable. It's intended to make it easier to test uncommon HTTP behavior, such as an intermediate HTTP proxy. Change-Id: Iac07e0b4788eeaa172d5c55d8ed9e034d98aa8e6
ests/http/MockResponse.java
ests/http/MockWebServer.java
ests/http/RecordedRequest.java
|
e688a4123f165ed2905878e312b074b8c825d119 |
05-May-2010 |
Brian Carlstrom <bdc@google.com> |
Addressing post-submit comments regarding OpenSSL handhake changes Following up on feedback from earlier change https://android-git.corp.google.com/g/50435 Added new test_SSLSocket_startHandshake_noClientCertificate to make sure handshaking works when no client certificates are present after issues raised by hwu during code review. luni/src/test/java/javax/net/ssl/SSLSocketTest.java Improve TestSSLContext.create* options - added javadoc comments to help distinguish different versions - fixed bug of not passing in keyStorePassword in create() - added new createClient(server) method to create a TestSSLContext that trusts the provided server TestSSLContext's certificate for use by test_SSLSocket_startHandshake_noClientCertificate - made createKeyStore optionally create a more minimal keystore if aliases are not present support/src/test/java/javax/net/ssl/TestSSLContext.java Fixed argument names in SSL_*_mode methods names as pointed out by hwu luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java Added comment to explain purpose of OpenSSLSessionImpl.resetId. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java Two changes to OpenSocketImpl - Added logging on runtime exception catch around HandshakeCompletedListener execution to closely mirror RI behavior. - Cleaned up peerCertificate check to not just be on the client path. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java Addressed enh's comments about using clearEnv and when to delete AppData luni/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp Change-Id: I34f54e3e41a5d53d81fdc22aa34ca4de4ee9826f
avax/net/ssl/TestSSLContext.java
|
17c744222e249ed5f7ab36e49ed11f9bb062a302 |
04-May-2010 |
Brian Carlstrom <bdc@google.com> |
Remove workarounds from JSSE tests now that SSLServerSocket.accept no longer tries to handshake Change-Id: I1188c34901b4c2c42d6b88e798e2eda24b0bfc4c
avax/net/ssl/TestSSLSessions.java
avax/net/ssl/TestSSLSocketPair.java
|
bcfb325d5b1f9529b439cc0805a1c140521510f7 |
02-May-2010 |
Brian Carlstrom <bdc@google.com> |
OpenSSLSocket handshake overhaul Summary: - SSLSocket.startHandshake now generalized to handle both client and server handshaking as well as client/server role reversal - handshake_cutthrough.patch is properly integrated with support delayed handshake completion now integrated with delayed updates to session cache and callbacks to HandshakeCompletedListeners - Many fixes to SSLSession, which is the end product of the handshake - Generally more RI and SSLEngine compliant behavior. - More native code deletion through unification of client/server handshake, unification of client/server certificate chain verification, etc. More native code moved from various OpenSSL classes to cleaner NativeCrypto interfaces that more directly mirror the OpenSSL interfaces. Details: Delay SSL_new call until handshake time when we know for sure whether the OpenSSLSocket will be used in client or server mode and we can allocate the SSL_new from the apppriate client or server SSL_CTX used for session caching. Now that no SSL is allocated for an OpenSSLServerSocketImpl, store enabledProtocols and enabledCipherSuites in instance String arrays. Use new NativeCrypto.checkEnabled* methdods for argument validation. OpenSSLServerSocketImpl passes these enabled arrays to a new OpenSSLSocket constructor during accept(). Removed finalizer from OpenSSLServerSocketImpl since it no longer has any native storage and socket is already closed by PlainSocketImpl finalizer. X-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLServerSocketImpl.java x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java OpenSSLSocket major overhaul to properly implement handshaking including switching client and server roles and session ID caching with handshake_cutthrough.patch. - now implements NativeCrypto.HandshakeCompletedListeners for properly timed callback when handshake_cutthrough.patch delays handshake completion until first SSLSocket.getInputStream() read. - similar enabledProtocols/enabledCipherSuites changes as OpenSSLServerSocketImpl since we need to store the state somewhere other than an openssl SSL struct until we are sure if we are doing a client or server handshake. - added handshake completed field so that startHandshake can tell if handshake was completed during SSL_do_handshake or will be completed later by a call to HandshakeCompletedCallback.handshakeCompleted. - removed nativegetsession as the equivalent value is now returned by SSL_do_handshake - removed nativecipherauthenticationmethod as the value is now passed to verifyCertificateChain - startHandshake is now a wrapper that forces a fully synchronous handshake - startHandshake(boolean) is the the most changed method in this changelist, combinding both the old startHandshake logic, but also the OpenSSLSocketImpl.accept code as well. Notable differences from the old code: * now responsible for SSL_new * single code path for client/server handshaking dealing with SSLSession caching * now handles server certificate requests previously in OpenSSLServerSocketImpl, since a client can request to act like a server and therefore need to be able to make suck demands on its peer. * supports turning off handshake_cutthrough at a callers request via explicit call to startHandshake() * certificate verification happens during an upcall from openssl during SSL_do_handshake to verifyCertificateChain for both client and server cases. previously there was not quite right upcall support on the server side and post-handshake checking on the client, which did not allow for a proper alert to be sent to the peer informing them of the issue, which the RI and SSLEngine code do. * Similarly, setEnableSessionCreation(false) did not send an alert to the peer as the RI and SSLEngine code in the client case. In the server case, nothing was previously done. * The use of local certificates was not determined from introspecting the SSL struct post-handshake. This is now partially implemented and will be completed in a later change. - SSLSocket.{shutdownInput,shutdownOutput} are now restored to the proper behavior of throwing UnsupportedOperationException. - Gutted OpenSSLSocketImpl finalizer. The comment explains in detail the trouble of having the finalizer do anything more than touch its the instances own state due to unpredictable order of finalization and the future possability of parallel finalization. x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java SSLSession fixes - Made OpenSSLSessionImpl.sessionContext non-final so it could be nulled by SSLSession.invalidate to match RI behavior. - As noted in AbstractSessionContext discussion, removed OpenSSLSessionImpl constructor that took SSLParameters, instead we take the possibly null localCertificates directly. OpenSSLSessionImpl.getLocalCertificates now simply returns the localCertificates member variable instead of incorrectly trying to query the KeyManager for certificates that may not have been used. - OpenSSLSessionImpl now caches its native ID to avoid numerious native calls but also now provides as resetId which will update the cache when a delayed handshake happens due to the handshake_cutthrough.patch - Fixed bug in getPeerPrincipal that it wasn't calling getPeerCertificates to initialize peerCertificates field. - freeImpl is now 'public static' in preparation for move to NativeCrypto. x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java The old SSLSessionImpl class that is still used for representing the invalid session now returns isValid => false and getProtocol => "NONE" to match the RI. x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java NativeCrypto improvements - Adding NativeCrypto.SSL_{get,set,clear}_mode similar to NativeCrypto.SSL_{get,set,clear}_options along with SSL_MODE_HANDSHAKE_CUTTHROUGH constant which is used to explicitly disable/enable the Android handshake_cutthrough.patch behavior. - Added missing NativeCrypto.SSL_clear_options and used to properly implement NativeCrypto.setEnabledProtocols. - Added NativeCrypto.checkEnabledProtocols and NativeCrypto.checkEnabledCipherSuites helpers to implement exception compatability with the RI. While some of this code is refactored from existing NativeCrypto code, it is now also used by OpenSSLServerSocketImpl and OpenSSLSocketImpl which maintain their own String[]s of what is enabled until startHandshake time. (see below) - Changed NativeCrypto.findSuite to use foreach style loop for clarity. - Moved OpenSSLServerSocketImpl nativesetclientauth and SSL_VERIFY_* constants to NativeCrypto.SSL_set_verify - Added NativeCrypto.SSL_set_session based on part of old OpenSSLSocketImpl.nativeconnect - Added NativeCrypto.SSL_set_session_creation_enabled to properly implement SSLSocket.setEnableSessionCreation(false) which uses new external/openssl/patches/jsse.patch functionality. - New NativeCrypto.SSL_do_handshake consolidates OpenSSLSocketImpl.{nativeconnect, nativeaccept} while properly implementing SSLSocket.setUseClientMode(false) for clients and SSLSocket.setUseClientMode(true) for servers. - New NativeCrypto.SSL_get_certificate is determine if local certificate requested by peer. While functional, currently NativeCrypto.SSL_new always sets a value via SSL_use_certificate instead of relying on a callback set via SSL_CTX_set_client_cert_cb. - Changed NativeCrypto.CertificateChainVerifier.verifyCertificateChain to throw a checked CertificateException to match TrustManager.{checkServerTrusted, checkClientTrusted}. It also takes an authMethod so avoid the need to call the old OpenSSLSocketImpl.nativecipherauthenticationmethod. - Added NativeCrypto.HandshakeCompletedCallback which has its handshakeCompleted method called from OpenSSL when the now delayed handshake_cutthrough.patch handshake is completed so SSLSession caching can be delayed until a session ID is available and to provide a better time for HandshakeCompletedListeners to be notified. x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp Some other changes specific to the naitve side of the code - Added JNITRACE calls (enabled at compile time with JNI_TRACE) for future debugging. - throw SSLException subclass of IOException instead IOException itself for better RI compatability x-net/src/main/native/org_apache_harmony_xnet_provider_jsse_NativeCrypto.cpp - changed from old struct app_data to new class AppData at enh's request Remove dubious usage of SSLParameters within AbstractSessionContext to pass through to OpenSSLSessionImpl constructor for use in calling getLocalCertificates for sessions created from a byte array with AbstractSessionContext.toSession. Our AbstractSessionContext.toBytes doesn't currently include the local certificates in its output, so it cannot be expected to have in toSession. x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/AbstractSessionContext.java x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/ClientSessionContext.java x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/ServerSessionContext.java x-net/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParameters.java Test maintenance openssl 1.0.0 adds support for RFC 4507 session tickets which remove the need for server side session state. These tests needed to be updated for this new behavior. If IS_RI is true, they still follow the old behavior. luni/src/test/java/javax/net/ssl/SSLSessionContextTest.java luni/src/test/java/javax/net/ssl/SSLSessionTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java Update KnownFailures and add specific comments at point of failure about what remains to be fixed. luni/src/test/java/javax/net/ssl/SSLSessionTest.java Added tests to cover the use of standard cipher suite names. Historically Android has used OpenSSL string constants for cipher suite names, but JSSE actually specifies supported and expected names. luni/src/test/java/javax/net/ssl/SSLSocketFactoryTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java Create new support/src/test/java/javax/net/ssl with old Helper support code pulled from javax.net.ssl tests: SSLContextTest.Helper -> TestSSLContext SSLSocketTest.Helper -> TestSSLSocketPair SSLSessionTest.Helper -> TestSSLSessions Also added new StandardNames here, which contains a collection of expected constants for test validation. luni/src/test/java/javax/net/ssl/SSLContextTest.java luni/src/test/java/javax/net/ssl/SSLSocketTest.java luni/src/test/java/javax/net/ssl/SSLSessionTest.java support/src/test/java/javax/net/ssl/TestSSLContext.java support/src/test/java/javax/net/ssl/TestSSLSocketPair.java support/src/test/java/javax/net/ssl/TestSSLSessions.java support/src/test/java/javax/net/ssl/StandardNames.java Removed some now fixed KnownFailures and unneeded !IS_RI code. Marked some [Un]KnownFailures where exceptions are thrown and visible in the output but aren't correctly causing the test to fail. Fixed assertNonNull to assertTrue in test_SSLSocketTest_Test_create. Added stress_test_SSLSocketTest_Test_create to track down test flakiness, leading to rewrite of SSLSocket finalization. luni/src/test/java/javax/net/ssl/SSLSocketTest.java Reenable javax.net.ssl.AllTests now that it is does not hang luni/src/test/java/tests/AllTests.java Improve error messages while debugging overflow problem. Added new assert when debugging new RFC 4507 behavior. Removed KnownFailure annotation for now working test case. x-net/src/test/java/tests/api/javax/net/ssl/SSLSessionTest.java Client code changes Now that startHandshake implies synchronous vs Android's default async handshake, remove unneeded explict calls to SSLSocket.startHandshake luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpConnection.java Removed IBM 1.4.x codepath that involved startHandshake x-net/src/main/java/javax/net/ssl/DefaultHostnameVerifier.java Unrelated Remove unneed SSLSocket.setUseClientMode while removing unneeded SSLSocket.startHandshake luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpConnection.java Removed warnings due to now missing modules in classpath run-core-tests Change-Id: I6e149ae259b3feccdfb0673209c85cfeb60befc8
avax/net/ssl/StandardNames.java
avax/net/ssl/TestSSLContext.java
avax/net/ssl/TestSSLSessions.java
avax/net/ssl/TestSSLSocketPair.java
|
8baf143a7c8921d07b54adbc66ac1e5b42de5fe6 |
21-Apr-2010 |
Jesse Wilson <jessewilson@google.com> |
Rewrite the HTTP connection pool used by HttpURLConnection. This started off as incremental changes, but it ended up going far enough that it earned the "rewrite" badge. System.getProperty() is not called for every HTTP connection. This is slightly controversial, but the old code had to bend over backwards to support dynamic pool changes, and it didn't even support the case when the pool shrank but not to 0. The new code doesn't do I/O within static synchronized blocks. This should reduce contention described here: http://b/issue?id=2606547 Also: simpify implementation, prettier names, more focused doc.
ests/support/Support_TestWebServer.java
|
6e94ca64944375a1496f752c64503baeafca2bc4 |
29-Mar-2010 |
Jesse Wilson <jessewilson@google.com> |
Merge commit '8812fdd7' into manualmerge Conflicts: libcore/xml/src/test/java/tests/api/javax/xml/parsers/SAXParserFactoryTest.java
|
5ab82b77afbc8af3b91e90ab46b0a7cc0a090f04 |
26-Mar-2010 |
Jesse Wilson <jessewilson@google.com> |
Fixing tests to handle changes in our behaviour since DOM 3. Our exception priority has changed for DOM attributes. We previously used to throw DOMExceptions with namespace error codes and now throw DOMExceptions with character error codes when the attribute name is malformed. This caused changes to many tests. Another notable behaviour change is that we now supply the qname (like the RI) where previously we did not. It is optional, but we now include it for RI-consistency. Yet another behaviour change is that we don't look at System properties when choosing a SAX implementation. This simplifies our internals significantly. End users who want an alternative SAX implementation should construct it manually. Also adding @KnownFailure tags for new tests that we have never yet passed. Change-Id: I6f81bedd7c2a0867086dc507b3220c2b07c4d3d3
ests/util/TestEnvironment.java
|
e2a6f77f112c01109db196d8b19767896ee977ea |
22-Feb-2010 |
Elliott Hughes <enh@google.com> |
Merge remote branch 'goog/master' into mm Conflicts: libcore/JavaLibrary.mk
|
1ec94feeb09591c30996c7c0834d6f131e204922 |
19-Feb-2010 |
Jesse Wilson <jessewilson@google.com> |
Filling in some gaps in our XML DOM v3 API. Specifically, these methods on Node: - setTextContent() - isSameNode() - lookupPrefix() - lookupNamespaceURI() In order to implement the last 2 I needed to fix our KXml parser to include namespace attributes (ie. xmlns) in the pulled document. Previously these were being elided. Added a new testcase to verify our behaviour. It passes the RI. On Dalvik we have a small issue with entity declarations. Added a new testcase to verify Node.getBaseURI(). This test fails because the method isn't implemented. Part of this test required moving a method out to Support_Resources.java; in order to verify the BaseURI the XML must be read from a file and not a stream (so that path information exists). Also... - Style cleanup: changing static calls to look like static calls. - Efficiency: avoiding concatenating with "" when unnecessary - Duplication: sharing prefix validation between attributes and elements - Renaming NodeTests to NodeTest for vogar-friendliness Outstanding: - I need to write a test for setTextContent().
ests/support/resource/Support_Resources.java
|
6461d8fe30e94c08d10ccd40c9ceeb83b9c43b7b |
12-Feb-2010 |
Elliott Hughes <enh@google.com> |
Remove some potential test flakiness. Bug: 2441548
ests/support/Support_TestWebServer.java
|
fc8bb3aece9bbff2a09509d8e211935ef054c085 |
30-Jan-2010 |
Elliott Hughes <enh@google.com> |
Fix all the harmony java.util.Formatter tests. ICU thinks that German short weekday names should be "So." et seq rather than "So". This brings us into line with frameworks/base, which I'm depressed to find has its own copy of the CLDR data in XML form (and its own date/time formatters). Also fix TestEnvironment to not clobber "user.name", which we need in order to set our expectations in cases where being root affects what we can/can't do. (This also fixes a few other harmony tests.)
ests/util/TestEnvironment.java
|
a2263b501dd19e5de07facdde47f08b4ae7a470e |
28-Jan-2010 |
Brett Chabot <brettchabot@android.com> |
am ff3a96c9: am c4f93305: Fix for DecimalFormatTest#test_formatToCharacterIteratorLjava_lang_Object Merge commit 'ff3a96c9055888140893158fff8b33831b949e49' * commit 'ff3a96c9055888140893158fff8b33831b949e49': Fix for DecimalFormatTest#test_formatToCharacterIteratorLjava_lang_Object
|
e7a431c2c8b09f22235d03d45f4786e2f6b40bfb |
21-Jan-2010 |
Brett Chabot <brettchabot@android.com> |
Fix for DecimalFormatTest#test_formatToCharacterIteratorLjava_lang_Object Add additional logic to skip checks that require specific locales. Bug 2386416 Change-Id: Icc30e04d393a22b272966555e617598323aefa0b
ests/support/Support_DecimalFormat.java
ests/support/Support_Locale.java
|
e1e5e8e60af12f145c4dd0395e30069665f97529 |
14-Jan-2010 |
Elliott Hughes <enh@google.com> |
Fix Date.toString. Date.toString was using the TimeZone id ("America/Los_Angeles") rather than the time zone short name ("PDT" or "PST", depending on time of year). The naive fix made things 5x slower, so I improved Resources.getDisplayTimeZone so the fixed Date.toString is only 2x slower. This could be improved further with a faster getDisplayTimeZone. I hoped to replace the body of Date.toString with a call to SimpleDateFormat, but that turns out to be 40x slower. This patch also optimizes SimpleDateFormat to bring the gap down to 8x by using Resources.getDisplayTimeZone instead of asking for all the strings. (Note that these improvements refer to the hopefully common case of localized strings for the default locale. If you have the misfortune to need strings for other locales, the new code will be more like 600x faster. At 0.5s a call on the fastest current hardware, I hope no-one's actually doing that. Dalvik Explorer -- available on the Market -- needs to do it when generating summary reports, and it is indeed ridiculously slow. It uses two SimpleDateFormat objects per locale, so it takes 1s per locale, for about 60 locales. I've tested Dalvik Explorer with this patch, and it does fix that pathological behavior.) Also fix a bug I introduced in https://android-git.corp.google.com/g/36242 that meant that our zone names String[][] contained incorrect values (accidentally concatenating each successive value in a row), found by existing tests now we use more of those values. Also replace a couple of "new Integer" calls with Integer.valueOf for a modest speedup. Also factor out some duplication. Bug: http://code.google.com/p/android/issues/detail?id=6013
ests/util/TestEnvironment.java
|
398cf32a303a3b2a878a48cbae54be5ac23f7ecd |
07-Jan-2010 |
Jesse Wilson <jessewilson@google.com> |
Fixing our default HTTP Accept header to be spec-compliant. See bug http://code.google.com/p/android/issues/detail?id=5843 Also fixing a bug in the test webserver, where we weren't formatting the headers properly. I'm dumbfounded how the tests passed previously; although I fear that omitting the @TestTargetNew annotation might mean that they weren't being run. I'll investigate that in a follow up.
ests/support/Support_TestWebServer.java
|
a0f38182a8fb81a6ae34372895e7a8a421f66fa1 |
22-Dec-2009 |
Brett Chabot <brettchabot@android.com> |
am d3b06457: am 6cdbef55: Merge change I1d9b205f into eclair Merge commit 'd3b0645772fd3364575b93c74428ae19f88c4238' * commit 'd3b0645772fd3364575b93c74428ae19f88c4238': Skip locale dependent libcore tests if required locales are not present.
|
7f326eba50620211e5b698d4c584b861d11d1d6f |
19-Dec-2009 |
Brett Chabot <brettchabot@android.com> |
Skip locale dependent libcore tests if required locales are not present. Previously these tests were marked as KnownFailures - which is undesirable since they can pass if the right Locale's are present on target. Bug 2335906 Change-Id: I1d9b205f740b71880c57b48f069c302c5cec8792
ests/support/Support_Locale.java
|
e124afe6e959d2c24d4ee943007cb5317c64eab5 |
02-Dec-2009 |
Claire Ho <chinglanho@gmail.com> |
Android ICU4.2.1 upgrade. For detail of dalvik changes, please see: https://docs.google.com/a/google.com/View?docid=0AfZlO7RuiBh5Y2NmMjdndmJfNDVmNWM2cGY0NQ&hl=en Bug: 1823720 Reviewed-by: jessewilson@google.com,enh@google.com CC: Signed-off-by:
ests/support/Support_SimpleDateFormat.java
|
ff42219e3ea3d712f931ae7f26af236339b5cf23 |
18-Nov-2009 |
Elliott Hughes <enh@google.com> |
Fix KXmlSerializer so it won't generate invalid XML. We were allowing arbitrary characters to be output (which, surprisingly, XML does not), and we weren't correctly escaping CDATA sections that contained "]]>". Pull out some of my test helpers from DocumentBuilderTest into Support_Xml, because they're more generally useful when writing tests involving XML. Also correct a bunch of spelling mistakes in XmlSerializer's javadoc, since I happened to be reading through.
ests/support/Support_Xml.java
|
e40c9e3935a5024c0f3ebfb3f1441fcd5c48ed86 |
12-Nov-2009 |
Elliott Hughes <enh@google.com> |
Fix HttpURLConnection's chunked encoding behavior. A third-party developer who wasn't reading to the end of the stream found that their next connection would return junk, which turned out to be the tail of the first response (thanks to connection recycling). Make sure we clean up a chunked-encoding stream before allowing the connection to be reused. Enhance our test web server to implement chunked encoding properly, with configurable chunk sizes, rather than just responding with a single chunk. Bug: http://code.google.com/p/android/issues/detail?id=2939
ests/support/Support_TestWebData.java
ests/support/Support_TestWebServer.java
|
a152bc98bbb8feadb1b8b755f1f40fb66548ea12 |
05-Nov-2009 |
Elliott Hughes <enh@google.com> |
Remove deadlock-prone thread pool. This is only test code, so let's not make it any more complicated than it needs to be. (The code sometimes locked the Vector before the individual Worker, and sometimes the other way round.)
ests/support/Support_TestWebServer.java
|
82a2dfcd2281c2f8042fd5f09c98bea1e728530f |
30-Oct-2009 |
Jesse Wilson <jessewilson@google.com> |
Fixing 1 of the 4 BufferedReader test failures in bug 2224903. This CL includes the following functional changes: - changing read to not clear the mark upon reading EOF - changing read(char[], int, int) to use the 'read directly from the source stream' shortcut when the mark has exceeded its limit. Previously we took the shortcut only when the mark was unset. And these nonfunctional changes - rewrote read(char[], int, int) dramatically. The new revision contains only one call to 'System.arrayCopy' and the related bookkeeping. Previously there was one call before the loop, and another call in the loop. - renamed markpos to mark - renamed marklimit to markLimit - renamed count to end (it isn't a count, it's a position) - simplifying conditions that used >= when > was impossible - reducing the number of field reads where convenient
ests/support/ThrowingReader.java
|
1805727c24b2b80161fef93c4b7742cf2322bdea |
27-Oct-2009 |
Elliott Hughes <enh@google.com> |
Implement ProcessBuilder.redirectErrorStream. Also simplify and correct the security to ensure that the user can't modify the command to be executed after the SecurityManager has approved it. Bug: 2180063
ests/support/Support_Exec.java
|
d37c804ccd11e38ee9221194866a152a4de6c8e9 |
24-Oct-2009 |
Jesse Wilson <jessewilson@google.com> |
A new hygenic way for tests to clean up before or after execution. This replaces PrefsTester and is more general purpose.
ests/util/PrefsTester.java
ests/util/TestEnvironment.java
|
1c422fc0ab0692e10a05af6f48c6276c4dad4bea |
16-Oct-2009 |
Jesse Wilson <jessewilson@google.com> |
Respond to impossible CloneNotSupportedExceptions with AssertionErrors. See bug 2183132.
rg/apache/harmony/security/tests/support/cert/MyCertStoreParameters.java
|
9c048fb7738ee3ac3677ba2170e360de8d70dcab |
10-Oct-2009 |
Jesse Wilson <jessewilson@google.com> |
Adding a timeout for standard out as well as standard error.
ests/support/Support_Exec.java
|
1f4eba15dc9e4086ce7e2a4fc7cac83fe6bbc03d |
10-Oct-2009 |
Jesse Wilson <jessewilson@google.com> |
Rewrite Support_Exec to support timeouts on waiting processes. Also rewriting SupportExec to use ProcessBuilder rather than Runtime.exec(). Changed callers to use the ProcessBuilder directly rather than calling-through chained methods.
ests/support/Support_Exec.java
|
2564a911708acb90dfb9ecbff93ac560da01117a |
15-Sep-2009 |
Android (Google) Code Review <android-gerrit@google.com> |
Merge change 24110 into eclair * changes: JarFile was not able to verify signed files with size 0.
|
adad03692b86958bbc1da598c260b5e322f4d8ce |
12-Sep-2009 |
Jesse Wilson <jessewilson@google.com> |
Fixing the delimiter for the HTTP "Accept" header to be well-formed. See bug 2107897.
ests/support/Support_TestWebServer.java
|
d477459f4b89725dc32043aac8ad6f1dfc93de50 |
07-Sep-2009 |
Urs Grob <ursg@google.com> |
JarFile was not able to verify signed files with size 0. This regressen was introduced by harmony optimizations done in HARMONY-4569. This fix allows for jar entries of size 0 to also get successfully validated. A regression test has been added to JarFileTest.
ests/resources/EmptyEntries_signed.jar
|
5cc8cb84ac4a3474cfb666c9b94fd721e4615ca0 |
31-Aug-2009 |
Jesse Wilson <jessewilson@google.com> |
Update prefs to Harmony r772995. Notable changes: - exception handling has changed to cleanup more reliably - calls to Collection.toArray() size the array properly - lots of style tweaks (rewrapping Javadoc, reintending wrapped code, whitespace) - new PrefsTester class ensures tests store prefs in the tmp directory Squashed commit of the following: commit 2157269d8ed39ccb8a71d735c12bbabcfd548243 Merge: d287282 97818bf Author: Jesse Wilson <jessewilson@google.com> Date: Wed Aug 5 11:14:26 2009 -0700 Merge branch 'prefs_772995' into prefs_dalvik Conflicts: libcore/prefs/.classpath libcore/prefs/.settings/org.eclipse.jdt.core.prefs libcore/prefs/build.xml libcore/prefs/make/exclude.linux.x86_64.drl libcore/prefs/make/exclude.windows.x86.drl libcore/prefs/make/exclude.windows.x86_64.drl libcore/prefs/src/main/java/java/util/prefs/AbstractPreferences.java libcore/prefs/src/main/java/java/util/prefs/BackingStoreException.java libcore/prefs/src/main/java/java/util/prefs/FilePreferencesFactoryImpl.java libcore/prefs/src/main/java/java/util/prefs/FilePreferencesImpl.java libcore/prefs/src/main/java/java/util/prefs/InvalidPreferencesFormatException.java libcore/prefs/src/main/java/java/util/prefs/NodeChangeEvent.java libcore/prefs/src/main/java/java/util/prefs/NodeChangeListener.java libcore/prefs/src/main/java/java/util/prefs/PreferenceChangeEvent.java libcore/prefs/src/main/java/java/util/prefs/PreferenceChangeListener.java libcore/prefs/src/main/java/java/util/prefs/Preferences.java libcore/prefs/src/main/java/java/util/prefs/PreferencesFactory.java libcore/prefs/src/main/java/java/util/prefs/RegistryPreferencesFactoryImpl.java libcore/prefs/src/main/java/java/util/prefs/RegistryPreferencesImpl.java libcore/prefs/src/main/java/java/util/prefs/XMLParser.java libcore/prefs/src/main/java/org/apache/harmony/prefs/internal/nls/Messages.java libcore/prefs/src/main/native/prefs/windows/PreferencesImpl.c libcore/prefs/src/main/native/prefs/windows/hyprefs.rc libcore/prefs/src/main/native/prefs/windows/makefile libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/AbstractPreferencesTest.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/AllTests.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/FilePreferencesImplTest.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/MockAbstractPreferences.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/MockPreferencesFactory.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/MockSecurityManager.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/NodeChangeListenerTest.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/PreferenceChangeListenerTest.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/PreferencesFactoryTest.java libcore/prefs/src/test/java/org/apache/harmony/prefs/tests/java/util/prefs/PreferencesTest.java libcore/prefs/src/test/java/tests/prefs/AllTests.java commit d287282b550d4a5d262f1d1703344ed61bdc6d15 Author: Jesse Wilson <jessewilson@google.com> Date: Tue Aug 4 14:36:36 2009 -0700 Dalvik Prefs commit 97818bf21cfde744eeb5fbf1f9c31d9bd66f5a2e Author: Jesse Wilson <jessewilson@google.com> Date: Tue Aug 4 14:35:52 2009 -0700 Prefs 772995 commit 9a506f93947938dad3b41e1393f53b766ba0319f Author: Jesse Wilson <jessewilson@google.com> Date: Tue Aug 4 14:22:40 2009 -0700 Prefs 527399
ests/util/PrefsTester.java
|
1b544a6111a1005e502559a6e5f269c8ecf4a53b |
26-Aug-2009 |
Lorenzo Colitti <lorenzo@google.com> |
IPv6 fixes to java.net.InetAddress. 1. Make hashCode() do something that makes sense for IPv6 addresses. 2. Expand coverage of hashCode unit test. 3. Fix failing regression test for getAllByName(). 4. Document that the getByName test is broken. I will fix it in a future change. 5. Expand test coverage of the isMulticastAddress test to include IPv6 and non-multicast addresses. All tests now pass. Change-Id: I6f52c7c3213dd01bf773228b1ed5d44df813f877
ests/support/Support_Configuration.java
|
87eb4de6347e1be029cde77dd43ad9b1af901472 |
22-Jul-2009 |
Urs Grob <ursg@google.com> |
Removing MD2
argets/MessageDigests.java
ests/support/Support_TestProvider.java
|
728d33e7431ed0a19c3fe2f3caad92a9343c7f81 |
29-Apr-2009 |
Urs Grob <ursg@google.com> |
Reactivating tests disabled because of ClassLoader loop Since ClassLoader.isAncestorOf has been fixed these tests now succeed. So they can be reactivated. BUG=1732214
ests/support/resource/Support_Resources.java
|
998421c91bc71aa3677dd91ac4a6b106f4bd297b |
28-Apr-2009 |
Jorg Pleumann <> |
AI 147896: Some more fixes for tests that failed in the CTS, but worked fine in run-core-tests: - One cert test needs isolation, because it destroys the security provider. - The Thread.sleep() tests were too flaky. - Tests that tried to open a temporary DEX file failed in the CTS because we do not have access to the system DEX cache. We are now simply creating our own. The Java plan in the CTS should now pass fully. Yippie! BUG=1285921 Automated import of CL 147896
ests/support/Support_ClassLoader.java
|
214a4e01cfb8ac07474c128b9431b19b7ed1b99b |
21-Apr-2009 |
Urs Grob <> |
AI 147121: Fixes for tests in the luni module. There are still some tests that are failing in the cts host. This CL will fix most of them in the luni module. BUG=1285921 Automated import of CL 147121
ests/support/Support_HttpConstants.java
ests/support/Support_TestWebData.java
ests/support/Support_TestWebServer.java
|
ab9bdb0e83663493b6518c0067873abef42f90ad |
27-Mar-2009 |
Jorg Pleumann <> |
AI 143070: Two small fixes for the support module. The classloader factory didn't work, since the innerhalb classes had to be static. Plus we don't want to see System.out stuff in the tests. BUG=1285921 Automated import of CL 143070
ests/support/Support_ClassLoader.java
ests/support/Support_Exec.java
|
3cde025355ca04d7030eb6acebe8d84c7eec9ac8 |
25-Mar-2009 |
Urs Grob <> |
Automated import from //branches/cupcake/...@141706,141706
rg/apache/harmony/xnet/tests/support/SSLSessionContextImpl.java
rg/apache/harmony/xnet/tests/support/TrustManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/mySSLSession.java
rg/apache/harmony/xnet/tests/support/mySSLSocket.java
|
eeb220adf9eea613d6cd97a131b0a9ef49e31a5b |
20-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake_rel/...@141571
ests/support/Support_ClassLoader.java
|
fa890109ecc4522f0e07481431c04d4cf6ba16d1 |
13-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake_rel/...@138607
argets/Signatures.java
|
ab28398a565e5ce8a56cdfd50ac6226e5317cf66 |
11-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake/...@137873
rg/apache/harmony/security/tests/support/cert/TestUtils.java
rg/apache/harmony/testframework/serialization/SerializationTest.java
ests/support/Support_SimpleDateFormat.java
|
adc854b798c1cfe3bfd4c27d68d5cee38ca617da |
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
rg/apache/harmony/security/tests/support/CertificateStub.java
rg/apache/harmony/security/tests/support/IdentityScopeStub.java
rg/apache/harmony/security/tests/support/IdentityStub.java
rg/apache/harmony/security/tests/support/KeyStoreTestSupport.java
rg/apache/harmony/security/tests/support/MDGoldenData.java
rg/apache/harmony/security/tests/support/MyAlgorithmParameterGeneratorSpi.java
rg/apache/harmony/security/tests/support/MyBasicPermission.java
rg/apache/harmony/security/tests/support/MyGuard.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator1.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator2.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator3.java
rg/apache/harmony/security/tests/support/MyKeyPairGeneratorSpi.java
rg/apache/harmony/security/tests/support/MyKeyStore.java
rg/apache/harmony/security/tests/support/MyKeyStoreSpi.java
rg/apache/harmony/security/tests/support/MyLoadStoreParams.java
rg/apache/harmony/security/tests/support/MyMessageDigest1.java
rg/apache/harmony/security/tests/support/MyMessageDigest2.java
rg/apache/harmony/security/tests/support/MyPermission.java
rg/apache/harmony/security/tests/support/MyPermissionCollection.java
rg/apache/harmony/security/tests/support/MyProvider.java
rg/apache/harmony/security/tests/support/MySSLContextSpi.java
rg/apache/harmony/security/tests/support/MySignature1.java
rg/apache/harmony/security/tests/support/MySignature2.java
rg/apache/harmony/security/tests/support/MyTrustManagerFactorySpi.java
rg/apache/harmony/security/tests/support/PrivateKeyStub.java
rg/apache/harmony/security/tests/support/PublicKeyStub.java
rg/apache/harmony/security/tests/support/RandomImpl.java
rg/apache/harmony/security/tests/support/SecurityChecker.java
rg/apache/harmony/security/tests/support/SignerStub.java
rg/apache/harmony/security/tests/support/SpiEngUtils.java
rg/apache/harmony/security/tests/support/TestCertUtils.java
rg/apache/harmony/security/tests/support/TestKeyPair.java
rg/apache/harmony/security/tests/support/TestKeyStoreSpi.java
rg/apache/harmony/security/tests/support/TestUtils.java
rg/apache/harmony/security/tests/support/acl/AclEntryImpl.java
rg/apache/harmony/security/tests/support/acl/AclEnumerator.java
rg/apache/harmony/security/tests/support/acl/AclImpl.java
rg/apache/harmony/security/tests/support/acl/GroupImpl.java
rg/apache/harmony/security/tests/support/acl/OwnerImpl.java
rg/apache/harmony/security/tests/support/acl/PermissionImpl.java
rg/apache/harmony/security/tests/support/acl/PrincipalImpl.java
rg/apache/harmony/security/tests/support/cert/MyCRL.java
rg/apache/harmony/security/tests/support/cert/MyCertPath.java
rg/apache/harmony/security/tests/support/cert/MyCertPathBuilderSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertPathValidatorSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreParameters.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertificate.java
rg/apache/harmony/security/tests/support/cert/MyCertificateFactorySpi.java
rg/apache/harmony/security/tests/support/cert/MyFailingCertPath.java
rg/apache/harmony/security/tests/support/cert/MyFailingCertificate.java
rg/apache/harmony/security/tests/support/cert/PolicyNodeImpl.java
rg/apache/harmony/security/tests/support/cert/TestUtils.java
rg/apache/harmony/security/tests/support/interfaces/DSAKeyPairGeneratorImpl.java
rg/apache/harmony/security/tests/support/interfaces/RSAMultiPrimePrivateCrtKeyImpl.java
rg/apache/harmony/security/tests/support/spec/MyEncodedKeySpec.java
rg/apache/harmony/security/tests/support/tmpCallbackHandler.java
rg/apache/harmony/testframework/serialization/SerializationTest.java
rg/apache/harmony/xnet/tests/support/KeyManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/MyKeyManagerFactorySpi.java
rg/apache/harmony/xnet/tests/support/MySSLContextSpi.java
rg/apache/harmony/xnet/tests/support/MyTrustManagerFactorySpi.java
rg/apache/harmony/xnet/tests/support/SSLContextSpiImpl.java
rg/apache/harmony/xnet/tests/support/SSLSessionContextImpl.java
rg/apache/harmony/xnet/tests/support/SSLSocketFactoryImpl.java
rg/apache/harmony/xnet/tests/support/TrustManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/X509KeyManagerImpl.java
rg/apache/harmony/xnet/tests/support/X509TrustManagerImpl.java
rg/apache/harmony/xnet/tests/support/mySSLSession.java
rg/apache/harmony/xnet/tests/support/mySSLSocket.java
argets/AlgorithmParameterGenerators.java
argets/AlgorithmParameters.java
argets/CertPathBuilders.java
argets/CertPathValidators.java
argets/CertificateFactories.java
argets/Charsets.java
argets/Cipher.java
argets/KeyAgreement.java
argets/KeyFactories.java
argets/KeyGenerator.java
argets/KeyPairGenerators.java
argets/KeyStores.java
argets/Mac.java
argets/MessageDigests.java
argets/SecretKeyFactory.java
argets/SecureRandoms.java
argets/Signatures.java
ests/resources/Broken_entry.jar
ests/resources/Broken_entry_data.jar
ests/resources/Broken_manifest.jar
ests/resources/Created_by_1_4.jar
ests/resources/GZIPInputStream/hyts_gInput.txt.gz
ests/resources/Harmony.GIF
ests/resources/Inserted_Entry_Manifest.jar
ests/resources/Inserted_Entry_Manifest_with_DigestCode.jar
ests/resources/Integrate.jar
ests/resources/JarIndex/hyts_11.jar
ests/resources/JarIndex/hyts_12.jar
ests/resources/JarIndex/hyts_13.jar
ests/resources/JarIndex/hyts_14.jar
ests/resources/JarIndex/hyts_21.jar
ests/resources/JarIndex/hyts_22-new.jar
ests/resources/JarIndex/hyts_22.jar
ests/resources/JarIndex/hyts_23.jar
ests/resources/JarIndex/hyts_31.jar
ests/resources/JarIndex/hyts_32.jar
ests/resources/JarIndex/hyts_33.jar
ests/resources/JarIndex/hyts_41.jar
ests/resources/JarIndex/hyts_42.jar
ests/resources/Modified_Class.jar
ests/resources/Modified_Manifest_EntryAttributes.jar
ests/resources/Modified_Manifest_MainAttributes.jar
ests/resources/Modified_SF_EntryAttributes.jar
ests/resources/Package/hyts_all_attributes.jar
ests/resources/Package/hyts_all_attributes_dex.jar
ests/resources/Package/hyts_c.jar
ests/resources/Package/hyts_c_dex.jar
ests/resources/Package/hyts_no_attributes.jar
ests/resources/Package/hyts_no_attributes_dex.jar
ests/resources/Package/hyts_no_entry.jar
ests/resources/Package/hyts_no_entry_dex.jar
ests/resources/Package/hyts_package.jar
ests/resources/Package/hyts_package_dex.jar
ests/resources/Package/hyts_pq.jar
ests/resources/Package/hyts_pq_dex.jar
ests/resources/Package/hyts_some_attributes.jar
ests/resources/Package/hyts_some_attributes_dex.jar
ests/resources/TestCodeSigners.jar
ests/resources/cts_dalvikExecTest.jar
ests/resources/cts_dalvikExecTest_classes.dex
ests/resources/hyts_Bar.ser
ests/resources/hyts_Foo.ser
ests/resources/hyts_PropertiesTest.properties
ests/resources/hyts_ZipFile.zip
ests/resources/hyts_att.jar
ests/resources/hyts_available.tst
ests/resources/hyts_checkInput.txt
ests/resources/hyts_compDiction.txt
ests/resources/hyts_compressD.txt
ests/resources/hyts_constru_O.txt
ests/resources/hyts_constru_OD.txt
ests/resources/hyts_constru_ODI.txt
ests/resources/hyts_des-ede3-cbc.test1.ciphertext
ests/resources/hyts_des-ede3-cbc.test1.iv
ests/resources/hyts_des-ede3-cbc.test1.key
ests/resources/hyts_des-ede3-cbc.test1.plaintext
ests/resources/hyts_des-ede3-cbc.test2.ciphertext
ests/resources/hyts_des-ede3-cbc.test2.iv
ests/resources/hyts_des-ede3-cbc.test2.key
ests/resources/hyts_des-ede3-cbc.test2.plaintext
ests/resources/hyts_des-ede3-cbc.test3.ciphertext
ests/resources/hyts_des-ede3-cbc.test3.iv
ests/resources/hyts_des-ede3-cbc.test3.key
ests/resources/hyts_des-ede3-cbc.test3.plaintext
ests/resources/hyts_htmltest.html
ests/resources/hyts_mainClass.ser
ests/resources/hyts_manifest1.jar
ests/resources/hyts_missingclass.ser
ests/resources/hyts_patch.jar
ests/resources/hyts_patch2.jar
ests/resources/hyts_resource.properties
ests/resources/hyts_security.jar
ests/resources/hyts_signed.jar
ests/resources/hyts_signed_inc.jar
ests/resources/illegalClasses.jar
ests/resources/junit4-4.3.1.jar
ests/resources/manifest/hyts_MANIFEST.MF
ests/resources/morestuff/hyts_patch.jar
ests/resources/morestuff/hyts_patch2.jar
ests/resources/net/InvalidJar.jar
ests/resources/net/TestCodeSigners.jar
ests/resources/net/lf.jar
ests/resources/subfolder/tests/resources/hyts_resource.properties
ests/resources/test.cert
ests/support/Support_ASimpleInputStream.java
ests/support/Support_ASimpleOutputStream.java
ests/support/Support_ASimpleReader.java
ests/support/Support_ASimpleWriter.java
ests/support/Support_BitSet.java
ests/support/Support_CollectionTest.java
ests/support/Support_Configuration.java
ests/support/Support_DecimalFormat.java
ests/support/Support_DeleteOnExitTest.java
ests/support/Support_Exec.java
ests/support/Support_Field.java
ests/support/Support_Format.java
ests/support/Support_GetLocal.java
ests/support/Support_GetPutFields.java
ests/support/Support_GetPutFieldsDefaulted.java
ests/support/Support_GetPutFieldsDeprecated.java
ests/support/Support_GetResource.java
ests/support/Support_IOTestSecurityManager.java
ests/support/Support_ListTest.java
ests/support/Support_MapTest2.java
ests/support/Support_MessageFormat.java
ests/support/Support_NetworkInterface.java
ests/support/Support_OutputStream.java
ests/support/Support_PlatformFile.java
ests/support/Support_PortManager.java
ests/support/Support_ProviderTrust.java
ests/support/Support_Proxy_I1.java
ests/support/Support_Proxy_I2.java
ests/support/Support_Proxy_ParentException.java
ests/support/Support_Proxy_SubException.java
ests/support/Support_SetTest.java
ests/support/Support_SimpleDateFormat.java
ests/support/Support_StringReader.java
ests/support/Support_StringWriter.java
ests/support/Support_TestProvider.java
ests/support/Support_TestResource.java
ests/support/Support_TestResource_en.java
ests/support/Support_TestResource_en_US.java
ests/support/Support_TestResource_fr.java
ests/support/Support_TestResource_fr_FR.java
ests/support/Support_TestResource_fr_FR_VAR.java
ests/support/Support_TimeZone.java
ests/support/Support_UnmodifiableCollectionTest.java
ests/support/Support_UnmodifiableMapTest.java
ests/support/resource/Support_Resources.java
ests/util/CallVerificationStack.java
ests/util/FieldTestFileGenerator.java
ests/util/SerializationTester.java
|
1c0fed63c71ddb230f3b304aac12caffbedf2f21 |
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
rg/apache/harmony/security/tests/support/CertificateStub.java
rg/apache/harmony/security/tests/support/IdentityScopeStub.java
rg/apache/harmony/security/tests/support/IdentityStub.java
rg/apache/harmony/security/tests/support/KeyStoreTestSupport.java
rg/apache/harmony/security/tests/support/MDGoldenData.java
rg/apache/harmony/security/tests/support/MyAlgorithmParameterGeneratorSpi.java
rg/apache/harmony/security/tests/support/MyBasicPermission.java
rg/apache/harmony/security/tests/support/MyGuard.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator1.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator2.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator3.java
rg/apache/harmony/security/tests/support/MyKeyPairGeneratorSpi.java
rg/apache/harmony/security/tests/support/MyKeyStore.java
rg/apache/harmony/security/tests/support/MyKeyStoreSpi.java
rg/apache/harmony/security/tests/support/MyLoadStoreParams.java
rg/apache/harmony/security/tests/support/MyMessageDigest1.java
rg/apache/harmony/security/tests/support/MyMessageDigest2.java
rg/apache/harmony/security/tests/support/MyPermission.java
rg/apache/harmony/security/tests/support/MyPermissionCollection.java
rg/apache/harmony/security/tests/support/MyProvider.java
rg/apache/harmony/security/tests/support/MySSLContextSpi.java
rg/apache/harmony/security/tests/support/MySignature1.java
rg/apache/harmony/security/tests/support/MySignature2.java
rg/apache/harmony/security/tests/support/MyTrustManagerFactorySpi.java
rg/apache/harmony/security/tests/support/PrivateKeyStub.java
rg/apache/harmony/security/tests/support/PublicKeyStub.java
rg/apache/harmony/security/tests/support/RandomImpl.java
rg/apache/harmony/security/tests/support/SecurityChecker.java
rg/apache/harmony/security/tests/support/SignerStub.java
rg/apache/harmony/security/tests/support/SpiEngUtils.java
rg/apache/harmony/security/tests/support/TestCertUtils.java
rg/apache/harmony/security/tests/support/TestKeyPair.java
rg/apache/harmony/security/tests/support/TestKeyStoreSpi.java
rg/apache/harmony/security/tests/support/TestUtils.java
rg/apache/harmony/security/tests/support/acl/AclEntryImpl.java
rg/apache/harmony/security/tests/support/acl/AclEnumerator.java
rg/apache/harmony/security/tests/support/acl/AclImpl.java
rg/apache/harmony/security/tests/support/acl/GroupImpl.java
rg/apache/harmony/security/tests/support/acl/OwnerImpl.java
rg/apache/harmony/security/tests/support/acl/PermissionImpl.java
rg/apache/harmony/security/tests/support/acl/PrincipalImpl.java
rg/apache/harmony/security/tests/support/cert/MyCRL.java
rg/apache/harmony/security/tests/support/cert/MyCertPath.java
rg/apache/harmony/security/tests/support/cert/MyCertPathBuilderSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertPathValidatorSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreParameters.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertificate.java
rg/apache/harmony/security/tests/support/cert/MyCertificateFactorySpi.java
rg/apache/harmony/security/tests/support/cert/MyFailingCertPath.java
rg/apache/harmony/security/tests/support/cert/MyFailingCertificate.java
rg/apache/harmony/security/tests/support/cert/PolicyNodeImpl.java
rg/apache/harmony/security/tests/support/cert/TestUtils.java
rg/apache/harmony/security/tests/support/interfaces/DSAKeyPairGeneratorImpl.java
rg/apache/harmony/security/tests/support/interfaces/RSAMultiPrimePrivateCrtKeyImpl.java
rg/apache/harmony/security/tests/support/spec/MyEncodedKeySpec.java
rg/apache/harmony/security/tests/support/tmpCallbackHandler.java
rg/apache/harmony/testframework/serialization/SerializationTest.java
rg/apache/harmony/xnet/tests/support/KeyManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/MyKeyManagerFactorySpi.java
rg/apache/harmony/xnet/tests/support/MySSLContextSpi.java
rg/apache/harmony/xnet/tests/support/MyTrustManagerFactorySpi.java
rg/apache/harmony/xnet/tests/support/SSLContextSpiImpl.java
rg/apache/harmony/xnet/tests/support/SSLSessionContextImpl.java
rg/apache/harmony/xnet/tests/support/SSLSocketFactoryImpl.java
rg/apache/harmony/xnet/tests/support/TrustManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/X509KeyManagerImpl.java
rg/apache/harmony/xnet/tests/support/X509TrustManagerImpl.java
rg/apache/harmony/xnet/tests/support/mySSLSession.java
rg/apache/harmony/xnet/tests/support/mySSLSocket.java
argets/AlgorithmParameterGenerators.java
argets/AlgorithmParameters.java
argets/CertPathBuilders.java
argets/CertPathValidators.java
argets/CertificateFactories.java
argets/Charsets.java
argets/Cipher.java
argets/KeyAgreement.java
argets/KeyFactories.java
argets/KeyGenerator.java
argets/KeyPairGenerators.java
argets/KeyStores.java
argets/Mac.java
argets/MessageDigests.java
argets/SecretKeyFactory.java
argets/SecureRandoms.java
argets/Signatures.java
ests/resources/Broken_entry.jar
ests/resources/Broken_entry_data.jar
ests/resources/Broken_manifest.jar
ests/resources/Created_by_1_4.jar
ests/resources/GZIPInputStream/hyts_gInput.txt.gz
ests/resources/Harmony.GIF
ests/resources/Inserted_Entry_Manifest.jar
ests/resources/Inserted_Entry_Manifest_with_DigestCode.jar
ests/resources/Integrate.jar
ests/resources/JarIndex/hyts_11.jar
ests/resources/JarIndex/hyts_12.jar
ests/resources/JarIndex/hyts_13.jar
ests/resources/JarIndex/hyts_14.jar
ests/resources/JarIndex/hyts_21.jar
ests/resources/JarIndex/hyts_22-new.jar
ests/resources/JarIndex/hyts_22.jar
ests/resources/JarIndex/hyts_23.jar
ests/resources/JarIndex/hyts_31.jar
ests/resources/JarIndex/hyts_32.jar
ests/resources/JarIndex/hyts_33.jar
ests/resources/JarIndex/hyts_41.jar
ests/resources/JarIndex/hyts_42.jar
ests/resources/Modified_Class.jar
ests/resources/Modified_Manifest_EntryAttributes.jar
ests/resources/Modified_Manifest_MainAttributes.jar
ests/resources/Modified_SF_EntryAttributes.jar
ests/resources/Package/hyts_all_attributes.jar
ests/resources/Package/hyts_all_attributes_dex.jar
ests/resources/Package/hyts_c.jar
ests/resources/Package/hyts_c_dex.jar
ests/resources/Package/hyts_no_attributes.jar
ests/resources/Package/hyts_no_attributes_dex.jar
ests/resources/Package/hyts_no_entry.jar
ests/resources/Package/hyts_no_entry_dex.jar
ests/resources/Package/hyts_package.jar
ests/resources/Package/hyts_package_dex.jar
ests/resources/Package/hyts_pq.jar
ests/resources/Package/hyts_pq_dex.jar
ests/resources/Package/hyts_some_attributes.jar
ests/resources/Package/hyts_some_attributes_dex.jar
ests/resources/TestCodeSigners.jar
ests/resources/cts_dalvikExecTest.jar
ests/resources/cts_dalvikExecTest_classes.dex
ests/resources/hyts_Bar.ser
ests/resources/hyts_Foo.ser
ests/resources/hyts_PropertiesTest.properties
ests/resources/hyts_ZipFile.zip
ests/resources/hyts_att.jar
ests/resources/hyts_available.tst
ests/resources/hyts_checkInput.txt
ests/resources/hyts_compDiction.txt
ests/resources/hyts_compressD.txt
ests/resources/hyts_constru_O.txt
ests/resources/hyts_constru_OD.txt
ests/resources/hyts_constru_ODI.txt
ests/resources/hyts_des-ede3-cbc.test1.ciphertext
ests/resources/hyts_des-ede3-cbc.test1.iv
ests/resources/hyts_des-ede3-cbc.test1.key
ests/resources/hyts_des-ede3-cbc.test1.plaintext
ests/resources/hyts_des-ede3-cbc.test2.ciphertext
ests/resources/hyts_des-ede3-cbc.test2.iv
ests/resources/hyts_des-ede3-cbc.test2.key
ests/resources/hyts_des-ede3-cbc.test2.plaintext
ests/resources/hyts_des-ede3-cbc.test3.ciphertext
ests/resources/hyts_des-ede3-cbc.test3.iv
ests/resources/hyts_des-ede3-cbc.test3.key
ests/resources/hyts_des-ede3-cbc.test3.plaintext
ests/resources/hyts_htmltest.html
ests/resources/hyts_mainClass.ser
ests/resources/hyts_manifest1.jar
ests/resources/hyts_missingclass.ser
ests/resources/hyts_patch.jar
ests/resources/hyts_patch2.jar
ests/resources/hyts_resource.properties
ests/resources/hyts_security.jar
ests/resources/hyts_signed.jar
ests/resources/hyts_signed_inc.jar
ests/resources/illegalClasses.jar
ests/resources/junit4-4.3.1.jar
ests/resources/manifest/hyts_MANIFEST.MF
ests/resources/morestuff/hyts_patch.jar
ests/resources/morestuff/hyts_patch2.jar
ests/resources/net/InvalidJar.jar
ests/resources/net/TestCodeSigners.jar
ests/resources/net/lf.jar
ests/resources/subfolder/tests/resources/hyts_resource.properties
ests/resources/test.cert
ests/support/Support_ASimpleInputStream.java
ests/support/Support_ASimpleOutputStream.java
ests/support/Support_ASimpleReader.java
ests/support/Support_ASimpleWriter.java
ests/support/Support_BitSet.java
ests/support/Support_CollectionTest.java
ests/support/Support_Configuration.java
ests/support/Support_DecimalFormat.java
ests/support/Support_DeleteOnExitTest.java
ests/support/Support_Exec.java
ests/support/Support_Field.java
ests/support/Support_Format.java
ests/support/Support_GetLocal.java
ests/support/Support_GetPutFields.java
ests/support/Support_GetPutFieldsDefaulted.java
ests/support/Support_GetPutFieldsDeprecated.java
ests/support/Support_GetResource.java
ests/support/Support_IOTestSecurityManager.java
ests/support/Support_ListTest.java
ests/support/Support_MapTest2.java
ests/support/Support_MessageFormat.java
ests/support/Support_NetworkInterface.java
ests/support/Support_OutputStream.java
ests/support/Support_PlatformFile.java
ests/support/Support_PortManager.java
ests/support/Support_ProviderTrust.java
ests/support/Support_Proxy_I1.java
ests/support/Support_Proxy_I2.java
ests/support/Support_Proxy_ParentException.java
ests/support/Support_Proxy_SubException.java
ests/support/Support_SetTest.java
ests/support/Support_SimpleDateFormat.java
ests/support/Support_StringReader.java
ests/support/Support_StringWriter.java
ests/support/Support_TestProvider.java
ests/support/Support_TestResource.java
ests/support/Support_TestResource_en.java
ests/support/Support_TestResource_en_US.java
ests/support/Support_TestResource_fr.java
ests/support/Support_TestResource_fr_FR.java
ests/support/Support_TestResource_fr_FR_VAR.java
ests/support/Support_TimeZone.java
ests/support/Support_UnmodifiableCollectionTest.java
ests/support/Support_UnmodifiableMapTest.java
ests/support/resource/Support_Resources.java
ests/util/CallVerificationStack.java
ests/util/FieldTestFileGenerator.java
ests/util/SerializationTester.java
|
b7926325a1c1a370c84c81db80372f59af240a53 |
11-Feb-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake/...@130745
rg/apache/harmony/security/tests/support/MySignature1.java
argets/KeyAgreement.java
argets/Mac.java
argets/SecretKeyFactory.java
ests/resources/Package/hyts_all_attributes_dex.jar
ests/resources/Package/hyts_c_dex.jar
ests/resources/Package/hyts_no_attributes_dex.jar
ests/resources/Package/hyts_no_entry_dex.jar
ests/resources/Package/hyts_package_dex.jar
ests/resources/Package/hyts_pq_dex.jar
ests/resources/Package/hyts_some_attributes_dex.jar
ests/resources/cts_dalvikExecTest.jar
ests/resources/cts_dalvikExecTest_classes.dex
ests/resources/hyts_signed_inc.jar
ests/support/Support_Exec.java
ests/support/resource/Support_Resources.java
|
a0881d052ee72e3f7e773374e9b1aa75fbd6be4c |
10-Jan-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //branches/cupcake/...@125939
rg/apache/harmony/security/tests/support/MyKeyStoreSpi.java
rg/apache/harmony/security/tests/support/MyProvider.java
rg/apache/harmony/security/tests/support/MySSLContextSpi.java
rg/apache/harmony/security/tests/support/Support_Configuration.java
rg/apache/harmony/security/tests/support/TestKeyStoreSpi.java
rg/apache/harmony/security/tests/support/acl/AclEntryImpl.java
rg/apache/harmony/security/tests/support/acl/AclEnumerator.java
rg/apache/harmony/security/tests/support/acl/AclImpl.java
rg/apache/harmony/security/tests/support/acl/GroupImpl.java
rg/apache/harmony/security/tests/support/acl/OwnerImpl.java
rg/apache/harmony/security/tests/support/acl/PermissionImpl.java
rg/apache/harmony/security/tests/support/acl/PrincipalImpl.java
rg/apache/harmony/security/tests/support/cert/MyCertPath.java
rg/apache/harmony/security/tests/support/cert/MyCertificate.java
rg/apache/harmony/security/tests/support/cert/MyCertificateFactorySpi.java
rg/apache/harmony/security/tests/support/cert/MyFailingCertPath.java
rg/apache/harmony/security/tests/support/cert/MyFailingCertificate.java
rg/apache/harmony/security/tests/support/cert/PolicyNodeImpl.java
rg/apache/harmony/security/tests/support/cert/TestUtils.java
rg/apache/harmony/security/tests/support/interfaces/DSAKeyPairGeneratorImpl.java
rg/apache/harmony/security/tests/support/interfaces/RSAMultiPrimePrivateCrtKeyImpl.java
rg/apache/harmony/security/tests/support/resource/Support_Resources.java
rg/apache/harmony/testframework/serialization/SerializationTest.java
rg/apache/harmony/xnet/tests/support/KeyManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/MySSLContextSpi.java
rg/apache/harmony/xnet/tests/support/SSLContextSpiImpl.java
rg/apache/harmony/xnet/tests/support/SSLSessionContextImpl.java
rg/apache/harmony/xnet/tests/support/SSLSocketFactoryImpl.java
rg/apache/harmony/xnet/tests/support/TrustManagerFactorySpiImpl.java
rg/apache/harmony/xnet/tests/support/X509KeyManagerImpl.java
rg/apache/harmony/xnet/tests/support/X509TrustManagerImpl.java
rg/apache/harmony/xnet/tests/support/mySSLSession.java
rg/apache/harmony/xnet/tests/support/mySSLSocket.java
argets/AlgorithmParameterGenerators.java
argets/AlgorithmParameters.java
argets/CertPathBuilders.java
argets/CertPathValidators.java
argets/CertificateFactories.java
argets/Charsets.java
argets/Cipher.java
argets/KeyFactories.java
argets/KeyGenerator.java
argets/KeyPairGenerators.java
argets/KeyStores.java
argets/MessageDigests.java
argets/SecureRandoms.java
argets/Signatures.java
ests/resources/Broken_entry.jar
ests/resources/Broken_entry_data.jar
ests/resources/Broken_manifest.jar
ests/resources/Package/hyts_package.jar
ests/resources/hyts_des-ede3-cbc.test1.ciphertext
ests/resources/hyts_des-ede3-cbc.test1.iv
ests/resources/hyts_des-ede3-cbc.test1.key
ests/resources/hyts_des-ede3-cbc.test1.plaintext
ests/resources/hyts_des-ede3-cbc.test2.ciphertext
ests/resources/hyts_des-ede3-cbc.test2.iv
ests/resources/hyts_des-ede3-cbc.test2.key
ests/resources/hyts_des-ede3-cbc.test2.plaintext
ests/resources/hyts_des-ede3-cbc.test3.ciphertext
ests/resources/hyts_des-ede3-cbc.test3.iv
ests/resources/hyts_des-ede3-cbc.test3.key
ests/resources/hyts_des-ede3-cbc.test3.plaintext
ests/resources/illegalClasses.jar
ests/resources/junit4-4.3.1.jar
ests/resources/net/InvalidJar.jar
ests/resources/net/TestCodeSigners.jar
ests/resources/net/lf.jar
ests/resources/test.cert
ests/support/Support_ASimpleInputStream.java
ests/support/Support_ASimpleOutputStream.java
ests/support/Support_ASimpleReader.java
ests/support/Support_ASimpleWriter.java
ests/support/Support_Configuration.java
ests/support/Support_DecimalFormat.java
ests/support/Support_DeleteOnExitTest.java
ests/support/Support_Exec.java
ests/support/Support_GetPutFields.java
ests/support/Support_GetPutFieldsDefaulted.java
ests/support/Support_GetPutFieldsDeprecated.java
ests/support/Support_IOTestSecurityManager.java
ests/support/Support_OutputStream.java
ests/support/Support_TestResource.java
ests/util/FieldTestFileGenerator.java
|
dd828f42a5c83b4270d4fbf6fce2da1878f1e84a |
18-Dec-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Code drop from //branches/cupcake/...@124589
rg/apache/harmony/security/tests/support/MySSLContextSpi.java
rg/apache/harmony/security/tests/support/MyTrustManagerFactorySpi.java
rg/apache/harmony/security/tests/support/Support_Configuration.java
rg/apache/harmony/security/tests/support/cert/MyCertPath.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertificate.java
rg/apache/harmony/security/tests/support/cert/MyCertificateFactorySpi.java
rg/apache/harmony/security/tests/support/resource/Support_Resources.java
rg/apache/harmony/testframework/serialization/SerializationTest.java
ests/support/Support_CollectionTest.java
ests/support/Support_GetResource.java
ests/support/Support_ListTest.java
ests/support/Support_SetTest.java
ests/support/Support_UnmodifiableCollectionTest.java
ests/support/Support_UnmodifiableMapTest.java
|
fdb2704414a9ed92394ada0d1395e4db86889465 |
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
rg/apache/harmony/security/tests/support/CertificateStub.java
rg/apache/harmony/security/tests/support/IdentityScopeStub.java
rg/apache/harmony/security/tests/support/IdentityStub.java
rg/apache/harmony/security/tests/support/KeyStoreTestSupport.java
rg/apache/harmony/security/tests/support/MDGoldenData.java
rg/apache/harmony/security/tests/support/MyAlgorithmParameterGeneratorSpi.java
rg/apache/harmony/security/tests/support/MyBasicPermission.java
rg/apache/harmony/security/tests/support/MyGuard.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator1.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator2.java
rg/apache/harmony/security/tests/support/MyKeyPairGenerator3.java
rg/apache/harmony/security/tests/support/MyKeyPairGeneratorSpi.java
rg/apache/harmony/security/tests/support/MyKeyStore.java
rg/apache/harmony/security/tests/support/MyKeyStoreSpi.java
rg/apache/harmony/security/tests/support/MyLoadStoreParams.java
rg/apache/harmony/security/tests/support/MyMessageDigest1.java
rg/apache/harmony/security/tests/support/MyMessageDigest2.java
rg/apache/harmony/security/tests/support/MyPermission.java
rg/apache/harmony/security/tests/support/MyPermissionCollection.java
rg/apache/harmony/security/tests/support/MySignature1.java
rg/apache/harmony/security/tests/support/MySignature2.java
rg/apache/harmony/security/tests/support/PrivateKeyStub.java
rg/apache/harmony/security/tests/support/PublicKeyStub.java
rg/apache/harmony/security/tests/support/RandomImpl.java
rg/apache/harmony/security/tests/support/SecurityChecker.java
rg/apache/harmony/security/tests/support/SignerStub.java
rg/apache/harmony/security/tests/support/SpiEngUtils.java
rg/apache/harmony/security/tests/support/TestCertUtils.java
rg/apache/harmony/security/tests/support/TestKeyPair.java
rg/apache/harmony/security/tests/support/TestUtils.java
rg/apache/harmony/security/tests/support/cert/MyCRL.java
rg/apache/harmony/security/tests/support/cert/MyCertPath.java
rg/apache/harmony/security/tests/support/cert/MyCertPathBuilderSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertPathValidatorSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreParameters.java
rg/apache/harmony/security/tests/support/cert/MyCertStoreSpi.java
rg/apache/harmony/security/tests/support/cert/MyCertificate.java
rg/apache/harmony/security/tests/support/cert/MyCertificateFactorySpi.java
rg/apache/harmony/security/tests/support/cert/TestUtils.java
rg/apache/harmony/security/tests/support/spec/MyEncodedKeySpec.java
rg/apache/harmony/security/tests/support/tmpCallbackHandler.java
rg/apache/harmony/testframework/serialization/SerializationTest.java
rg/apache/harmony/xnet/tests/support/MyKeyManagerFactorySpi.java
rg/apache/harmony/xnet/tests/support/MySSLContextSpi.java
rg/apache/harmony/xnet/tests/support/MyTrustManagerFactorySpi.java
ests/resources/Created_by_1_4.jar
ests/resources/GZIPInputStream/hyts_gInput.txt.gz
ests/resources/Harmony.GIF
ests/resources/Inserted_Entry_Manifest.jar
ests/resources/Inserted_Entry_Manifest_with_DigestCode.jar
ests/resources/Integrate.jar
ests/resources/JarIndex/hyts_11.jar
ests/resources/JarIndex/hyts_12.jar
ests/resources/JarIndex/hyts_13.jar
ests/resources/JarIndex/hyts_14.jar
ests/resources/JarIndex/hyts_21.jar
ests/resources/JarIndex/hyts_22-new.jar
ests/resources/JarIndex/hyts_22.jar
ests/resources/JarIndex/hyts_23.jar
ests/resources/JarIndex/hyts_31.jar
ests/resources/JarIndex/hyts_32.jar
ests/resources/JarIndex/hyts_33.jar
ests/resources/JarIndex/hyts_41.jar
ests/resources/JarIndex/hyts_42.jar
ests/resources/Modified_Class.jar
ests/resources/Modified_Manifest_EntryAttributes.jar
ests/resources/Modified_Manifest_MainAttributes.jar
ests/resources/Modified_SF_EntryAttributes.jar
ests/resources/Package/hyts_all_attributes.jar
ests/resources/Package/hyts_c.jar
ests/resources/Package/hyts_no_attributes.jar
ests/resources/Package/hyts_no_entry.jar
ests/resources/Package/hyts_pq.jar
ests/resources/Package/hyts_some_attributes.jar
ests/resources/TestCodeSigners.jar
ests/resources/hyts_Bar.ser
ests/resources/hyts_Foo.ser
ests/resources/hyts_PropertiesTest.properties
ests/resources/hyts_ZipFile.zip
ests/resources/hyts_att.jar
ests/resources/hyts_available.tst
ests/resources/hyts_checkInput.txt
ests/resources/hyts_compDiction.txt
ests/resources/hyts_compressD.txt
ests/resources/hyts_constru_O.txt
ests/resources/hyts_constru_OD.txt
ests/resources/hyts_constru_ODI.txt
ests/resources/hyts_htmltest.html
ests/resources/hyts_mainClass.ser
ests/resources/hyts_manifest1.jar
ests/resources/hyts_missingclass.ser
ests/resources/hyts_patch.jar
ests/resources/hyts_patch2.jar
ests/resources/hyts_resource.properties
ests/resources/hyts_security.jar
ests/resources/hyts_signed.jar
ests/resources/manifest/hyts_MANIFEST.MF
ests/resources/morestuff/hyts_patch.jar
ests/resources/morestuff/hyts_patch2.jar
ests/resources/subfolder/tests/resources/hyts_resource.properties
ests/support/Support_BitSet.java
ests/support/Support_CollectionTest.java
ests/support/Support_Configuration.java
ests/support/Support_DecimalFormat.java
ests/support/Support_Exec.java
ests/support/Support_Field.java
ests/support/Support_Format.java
ests/support/Support_GetLocal.java
ests/support/Support_ListTest.java
ests/support/Support_MapTest2.java
ests/support/Support_MessageFormat.java
ests/support/Support_NetworkInterface.java
ests/support/Support_PlatformFile.java
ests/support/Support_PortManager.java
ests/support/Support_ProviderTrust.java
ests/support/Support_Proxy_I1.java
ests/support/Support_Proxy_I2.java
ests/support/Support_Proxy_ParentException.java
ests/support/Support_Proxy_SubException.java
ests/support/Support_SetTest.java
ests/support/Support_SimpleDateFormat.java
ests/support/Support_StringReader.java
ests/support/Support_StringWriter.java
ests/support/Support_TestProvider.java
ests/support/Support_TestResource.java
ests/support/Support_TestResource_en.java
ests/support/Support_TestResource_en_US.java
ests/support/Support_TestResource_fr.java
ests/support/Support_TestResource_fr_FR.java
ests/support/Support_TestResource_fr_FR_VAR.java
ests/support/Support_TimeZone.java
ests/support/Support_UnmodifiableCollectionTest.java
ests/support/Support_UnmodifiableMapTest.java
ests/support/resource/Support_Resources.java
ests/util/CallVerificationStack.java
ests/util/SerializationTester.java
|