491d88834d8af35b9701f92d972212d873dbb6a0 |
|
10-Oct-2017 |
Adam Vartanian <flooey@google.com> |
Deprecate BC implementations of duplicated algorithms The first step in deprecating the BC implementations of algorithms that are also provided by Conscrypt. This checks whether the app's target API level is greater than a given threshold (currently O, but subject to change later) and disallows access to those algorithms when true. This limit only applies to requests from the system-created BC provider. Apps can install their own provider, in which case they get the implementations they requested. This doesn't yet implement the deprecation for Cipher instances, since the transformation scheme makes that more complicated. The ultimate removal of these algorithms, once a sufficient deprecation period has elapsed, is tracked in b/67761667. Bug: 67626877 Test: cts -m CtsLibcoreTestCases Test: cts -m CtsLibcoreOkHttpTestCases Test: cts -m CtsLibcoreWycheproofBCTestCases Test: cts -m CtsLibcoreWycheproofConscryptTestCases Change-Id: I48f07226e66873a65859121af32028c1547952ac
|
4155a2498a57fb09e92815f8993a70c216ddc5ec |
|
02-Feb-2011 |
Brian Carlstrom <bdc@google.com> |
Performance improvements to NativeCrypto based MessageDigest API NativeCrypto API improvements: - Move to using EVP_MD related native methods, some of which are derived from the EVP_MD_CTX versions with similar name. The new EVP_get_digestbyname allows one time lookup of the EVP_MD from the string name, avoiding doing it on every call to EVP_DigestInit. - EVP_MD_CTX_create is now removed, it is just done as part of EVP_DigestInit and EVP_VerifyInit to an extra JNI call. - EVP_DigestFinal now destroys the EVP_MD_CTX to avoid needing to make another call JNI call to EVP_MD_CTX_destroy. EVP_MD_CTX_destroy is kept for cases when EVP_DigestFinal is never called. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java In addition to the improved NativeCrypto API to allow better performance for callers, the implementations use of throwExceptionIfNecessary was made conditional based on the status code from various operations, which had a noticeable impact on performance compared to android.security.MessageDigest luni/src/main/native/NativeCrypto.cpp Updated MessageDigest.getInstance default implementation to use new NativeCrypto API. An EVP_MD instance is looked up at class load time for a specific digest type and then used to call NativeCrypto.EVP_DigestInit as needed, avoiding a lookup of EVP_MD for each new digest. The EVP_MD is also for a one-time lookup the digest output size in bytes, to avoid native calls for engineGetDigestLength. Finally, the creation of the EVP_MD_CTX is now lazy, only created when needed, avoiding unnecessarily create/free in reset cases such as engineDigest. See also external/bouncycastle's OpenSSLDigest implementation which had similar optimizations. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLMessageDigestJDK.java OpenSSLSignature also used EVP_MD_CTX_create, and its EVP_VerifyInit was changed similar to EVP_DigestInit to internally allocate the EVP_MD_CTX on the call to init. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java Fix test to work with arbitrary provider order luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigest2Test.java Fix CloseGuard warnings luni/src/test/java/tests/security/MessageDigestTest.java Bug: 3392028 Change-Id: Idb266ebc0918ffd5550e0f457784256400cd2ff0
|
f33eae7e84eb6d3b0f4e86b59605bb3de73009f3 |
|
13-May-2010 |
Elliott Hughes <enh@google.com> |
Remove all trailing whitespace from the dalvik team-maintained parts of libcore. Gentlemen, you may now set your editors to "strip trailing whitespace"... Change-Id: I85b2f6c80e5fbef1af6cab11789790b078c11b1b
|
cec4dd4b1d33f78997603d0f89c0d0e56e64dbcd |
|
26-Apr-2010 |
Peter Hallam <peterhal@google.com> |
merge more modules into luni
|