diff options
86 files changed, 2033 insertions, 1292 deletions
diff --git a/NativeCode.mk b/NativeCode.mk index 12e8114..0ae615e 100644 --- a/NativeCode.mk +++ b/NativeCode.mk @@ -66,7 +66,7 @@ $(foreach dir, \ core_c_includes := libcore/include $(LOCAL_C_INCLUDES) core_shared_libraries := $(LOCAL_SHARED_LIBRARIES) core_static_libraries := $(LOCAL_STATIC_LIBRARIES) -core_cflags := -Wall -Wextra -Werror +core_cflags := $(LOCAL_CFLAGS) -Wall -Wextra -Werror core_cppflags += -std=gnu++11 core_test_files := \ diff --git a/dalvik/src/main/java/dalvik/system/DexClassLoader.java b/dalvik/src/main/java/dalvik/system/DexClassLoader.java index ac2a70a..a645f42 100644 --- a/dalvik/src/main/java/dalvik/system/DexClassLoader.java +++ b/dalvik/src/main/java/dalvik/system/DexClassLoader.java @@ -24,9 +24,9 @@ import java.io.File; * installed as part of an application. * * <p>This class loader requires an application-private, writable directory to - * cache optimized classes. Use {@code Context.getDir(String, int)} to create + * cache optimized classes. Use {@code Context.getCodeCacheDir()} to create * such a directory: <pre> {@code - * File dexOutputDir = context.getDir("dex", 0); + * File dexOutputDir = context.getCodeCacheDir(); * }</pre> * * <p><strong>Do not cache optimized classes on external storage.</strong> diff --git a/expectations/knownfailures.txt b/expectations/knownfailures.txt index 2da25b0..c8a1b35 100644 --- a/expectations/knownfailures.txt +++ b/expectations/knownfailures.txt @@ -1449,6 +1449,36 @@ name: "org.apache.harmony.tests.java.util.GregorianCalendarTest#test_computeTime" }, { + description: "SpdyConnection issue https://github.com/square/okhttp/issues/644 crashes the test app. Android does not provide SPDY/HTTP_2 connections by default so have been suppressed.", + bug: 14462336, + names: [ + "com.squareup.okhttp.ConnectionPoolTest", + "com.squareup.okhttp.internal.spdy.SpdyConnectionTest", + "com.squareup.okhttp.internal.http.HttpOverHttp20Draft09Test", + "com.squareup.okhttp.internal.http.HttpOverSpdy3Test", + "com.squareup.okhttp.internal.http.URLConnectionTest#npnSetsProtocolHeader_SPDY_3", + "com.squareup.okhttp.internal.http.URLConnectionTest#npnSetsProtocolHeader_HTTP_2", + "com.squareup.okhttp.internal.http.URLConnectionTest#zeroLengthPost_SPDY_3", + "com.squareup.okhttp.internal.http.URLConnectionTest#zeroLengthPost_HTTP_2", + "com.squareup.okhttp.internal.http.URLConnectionTest#zeroLengthPut_SPDY_3", + "com.squareup.okhttp.internal.http.URLConnectionTest#zeroLengthPut_HTTP_2" + ] +}, +{ + description: "Okhttp test hardcodes the TLS version expected.", + bug: 14462336, + names: [ + "com.squareup.okhttp.internal.http.URLConnectionTest#sslFallbackNotUsedWhenRecycledConnectionFails" + ] +}, +{ + description: "The test relies on SimpleDateFormat zzz producing GMT not GMT+00:00 as it does on Android. Android issue 66136.", + bug: 14462336, + names: [ + "com.squareup.okhttp.internal.http.HttpResponseCacheTest#setIfModifiedSince" + ] +}, +{ description: "libcore.java.text.DecimalFormatSymbolsTest#test_getInstance_unknown_or_invalid_locale assumes fallback to locale other than en_US_POSIX.", bug: 17374604, names: [ diff --git a/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java b/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java index 49e7868..d5d8191 100644 --- a/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java +++ b/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java @@ -23,8 +23,11 @@ import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.net.URL; +import java.security.CodeSigner; import java.security.Permission; import java.security.cert.Certificate; +import java.security.cert.X509Certificate; +import java.util.Arrays; import java.util.Enumeration; import java.util.Vector; import java.util.jar.Attributes; @@ -92,6 +95,12 @@ public class JarFileTest extends TestCase { private final String emptyEntry3 = "svgunit.js"; + private static final String VALID_CHAIN_JAR = "hyts_signed_validChain.jar"; + + private static final String INVALID_CHAIN_JAR = "hyts_signed_invalidChain.jar"; + + private static final String AMBIGUOUS_SIGNERS_JAR = "hyts_signed_ambiguousSignerArray.jar"; + private File resources; // custom security manager @@ -641,6 +650,73 @@ public class JarFileTest extends TestCase { + jarName + "\"", foundCerts); } + private static class Results { + public Certificate[] certificates; + public CodeSigner[] signers; + } + + private Results getSignedJarCerts(String jarName) throws Exception { + Support_Resources.copyFile(resources, null, jarName); + + File file = new File(resources, jarName); + Results results = new Results(); + + JarFile jarFile = new JarFile(file, true, ZipFile.OPEN_READ); + try { + + Enumeration<JarEntry> e = jarFile.entries(); + while (e.hasMoreElements()) { + JarEntry entry = e.nextElement(); + InputStream is = jarFile.getInputStream(entry); + // Skip bytes because we have to read the entire file for it to read signatures. + is.skip(entry.getSize()); + is.close(); + Certificate[] certs = entry.getCertificates(); + CodeSigner[] signers = entry.getCodeSigners(); + if (certs != null && certs.length > 0) { + results.certificates = certs; + results.signers = signers; + break; + } + } + } finally { + jarFile.close(); + } + + return results; + } + + public void testJarFile_Signed_ValidChain() throws Exception { + Results result = getSignedJarCerts(VALID_CHAIN_JAR); + assertNotNull(result); + assertEquals(Arrays.deepToString(result.certificates), 3, result.certificates.length); + assertEquals(Arrays.deepToString(result.signers), 1, result.signers.length); + assertEquals(3, result.signers[0].getSignerCertPath().getCertificates().size()); + assertEquals("CN=fake-chain", ((X509Certificate) result.certificates[0]).getSubjectDN().toString()); + assertEquals("CN=intermediate1", ((X509Certificate) result.certificates[1]).getSubjectDN().toString()); + assertEquals("CN=root1", ((X509Certificate) result.certificates[2]).getSubjectDN().toString()); + } + + public void testJarFile_Signed_InvalidChain() throws Exception { + Results result = getSignedJarCerts(INVALID_CHAIN_JAR); + assertNotNull(result); + assertEquals(Arrays.deepToString(result.certificates), 3, result.certificates.length); + assertEquals(Arrays.deepToString(result.signers), 1, result.signers.length); + assertEquals(3, result.signers[0].getSignerCertPath().getCertificates().size()); + assertEquals("CN=fake-chain", ((X509Certificate) result.certificates[0]).getSubjectDN().toString()); + assertEquals("CN=intermediate1", ((X509Certificate) result.certificates[1]).getSubjectDN().toString()); + assertEquals("CN=root1", ((X509Certificate) result.certificates[2]).getSubjectDN().toString()); + } + + public void testJarFile_Signed_AmbiguousSigners() throws Exception { + Results result = getSignedJarCerts(AMBIGUOUS_SIGNERS_JAR); + assertNotNull(result); + assertEquals(Arrays.deepToString(result.certificates), 2, result.certificates.length); + assertEquals(Arrays.deepToString(result.signers), 2, result.signers.length); + assertEquals(1, result.signers[0].getSignerCertPath().getCertificates().size()); + assertEquals(1, result.signers[1].getSignerCertPath().getCertificates().size()); + } + /* * The jar created by 1.4 which does not provide a * algorithm-Digest-Manifest-Main-Attributes entry in .SF file. diff --git a/luni/src/main/files/cacerts/03f2b8cf.0 b/luni/src/main/files/cacerts/03f2b8cf.0 new file mode 100644 index 0000000..82813fb --- /dev/null +++ b/luni/src/main/files/cacerts/03f2b8cf.0 @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBG +MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNV +BAMMEkNBIOayg+mAmuagueivgeS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgw +MTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRl +ZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k8H/r +D195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld1 +9AXbbQs5uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExf +v5RxadmWPgxDT74wwJ85dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnk +UkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+L +NVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFyb7Ao65vh4YOhn0pdr8yb ++gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc76DbT52V +qyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6K +yX2m+Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0G +AbQOXDBGVWCvOGU6yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaK +J/kR8slC/k7e3x9cxKSGhxYzoacXGKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwEC +AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O +BBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUAA4ICAQBqinA4 +WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6 +yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj +/feTZU7n85iYr83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6 +jBAyvd0zaziGfjk9DgNyp115j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2 +ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0AkLppRQjbbpCBhqcqBT/mhDn4t/lX +X0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97qA4bLJyuQHCH2u2n +FoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Yjj4D +u9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10l +O1Hm13ZBONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Le +ie2uPAmvylezkolwQOQvT8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR1 +2KvxAmLBsX5VYc8T1yaw15zLKYs4SgsOkI26oQ== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 50:70:6b:cd:d8:13:fc:1b:4e:3b:33:72:d2:11:48:8d + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=CN, O=WoSign CA Limited, CN=CA \xE6\xB2\x83\xE9\x80\x9A\xE6\xA0\xB9\xE8\xAF\x81\xE4\xB9\xA6 + Validity + Not Before: Aug 8 01:00:01 2009 GMT + Not After : Aug 8 01:00:01 2039 GMT + Subject: C=CN, O=WoSign CA Limited, CN=CA \xE6\xB2\x83\xE9\x80\x9A\xE6\xA0\xB9\xE8\xAF\x81\xE4\xB9\xA6 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:d0:49:21:1e:25:fc:87:c1:2a:c2:ac:db:76:86: + 06:4e:e7:d0:74:34:dc:ed:65:35:fc:50:d6:88:3f: + a4:f0:7f:eb:0f:5f:79:2f:89:b1:fd:bc:63:58:37: + 93:9b:38:f8:b7:5b:a9:fa:d8:71:c7:b4:bc:80:97: + 8d:6c:4b:f1:50:d5:2a:29:aa:a8:19:7a:96:e6:95: + 8e:74:ed:97:0a:57:75:f4:05:db:6d:0b:39:b9:01: + 7f:aa:f6:d6:da:6c:e6:05:e0:a4:4d:52:fc:db:d0: + 74:b7:11:8c:7b:8d:4f:ff:87:83:ae:ff:05:03:13: + 57:50:37:fe:8c:96:52:10:4c:5f:bf:94:71:69:d9: + 96:3e:0c:43:4f:be:30:c0:9f:39:74:4f:06:45:5d: + a3:d6:56:39:68:07:cc:87:4f:50:77:93:71:d9:44: + 08:b1:8a:34:e9:89:ac:db:9b:4e:e1:d9:e4:52:45: + 8c:2e:14:1f:91:6b:19:1d:68:29:2c:56:c4:e2:1e: + 13:57:64:f0:61:e3:b9:11:df:b0:e1:57:a0:1b:ad: + d7:5f:d1:af:db:2b:2d:3f:d0:68:8e:0f:ea:9f:0f: + 8b:35:58:1b:13:1c:f4:de:35:a1:0a:5d:d6:ea:df: + 12:6f:c0:fb:69:07:46:72:dc:81:f6:04:23:17:e0: + 4d:75:e1:72:6f:b0:28:eb:9b:e1:e1:83:a1:9f:4a: + 5d:af:cc:9b:fa:02:20:b6:18:62:77:91:3b:a3:d5: + 65:ad:dc:7c:90:77:1c:44:41:a4:4a:8b:eb:95:72: + e9:f6:09:64:dc:a8:2d:9f:74:78:e8:c1:a2:09:63: + 9c:ef:a0:db:4f:9d:95:ab:20:4f:b7:b0:f7:87:5c: + a6:a0:e4:37:38:c7:5c:e3:35:0f:2c:ad:a3:80:a2: + ec:2e:5d:c0:cf:ed:8b:05:c2:e6:73:6e:f6:89:d5: + f5:d2:46:8e:ea:6d:63:1b:1e:8a:c9:7d:a6:f8:9c: + eb:e5:d5:63:85:4d:73:66:69:11:fe:c8:0e:f4:c1: + c7:66:49:53:7e:e4:19:6b:f1:e9:7a:59:a3:6d:7e: + c5:17:e6:27:c6:ef:1b:db:6f:fc:0d:4d:06:01:b4: + 0e:5c:30:46:55:60:af:38:65:3a:ca:47:ba:ac:2c: + cc:46:1f:b2:46:96:3f:f3:ed:26:05:ee:77:a1:6a: + 6b:7e:2d:6d:58:5c:4a:d4:8e:67:b8:f1:da:d5:46: + 8a:27:f9:11:f2:c9:42:fe:4e:de:df:1f:5c:c4:a4: + 86:87:16:33:a1:a7:17:18:a5:0d:e4:05:e5:2b:c2: + 2b:0b:a2:95:90:b9:fd:60:3c:4e:89:3e:e7:9c:ee: + 1f:bb:01 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + E0:4D:BF:DC:9B:41:5D:13:E8:64:F0:A7:E9:15:A4:E1:81:C1:BA:31 + Signature Algorithm: sha256WithRSAEncryption + 6a:8a:70:38:59:b6:da:8b:18:c8:be:2a:d3:b6:19:d5:66:29: + 7a:5d:cd:5b:2f:73:1c:26:4e:a3:7d:6f:ab:b7:29:4d:a6:e9: + a5:11:83:a7:39:73:af:10:44:92:e6:25:5d:4f:61:fa:c8:06: + be:4e:4b:ef:fe:f3:31:fe:c6:7c:70:0a:41:58:da:e8:99:4b: + 96:c9:78:bc:98:7c:02:29:ed:09:80:e6:0a:3a:82:02:2a:e2: + c9:2f:c8:56:19:26:ee:78:1c:23:fd:f7:93:65:4e:e7:f3:98: + 98:af:cd:dd:d9:9e:40:88:31:28:3a:ab:2e:0b:b0:ac:0c:24: + fa:7a:26:98:f3:12:61:10:f4:5d:17:f7:7e:e2:78:97:54:e2: + 8c:e8:29:ba:8c:10:32:bd:dd:33:6b:38:86:7e:39:3d:0e:03: + 72:a7:5d:79:8f:45:8a:59:ae:5b:21:6e:31:46:d5:59:8d:cf: + 15:5f:dd:31:25:cf:db:60:d6:81:44:72:29:02:57:f6:96:d4: + d6:ff:ea:29:db:39:c5:b8:2c:8a:1a:8d:ce:cb:e7:42:31:86: + 05:68:0e:9e:14:dd:00:90:ba:69:45:08:db:6e:90:81:86:a7: + 2a:05:3f:e6:84:39:f8:b7:f9:57:5f:4c:a4:79:5a:10:0c:5e: + d5:6b:ff:35:5f:05:51:1e:6c:a3:75:a9:cf:50:83:d3:7c:f4: + 66:f7:82:8d:3d:0c:7d:e8:df:7b:a8:0e:1b:2c:9c:ae:40:70: + 87:da:ed:a7:16:82:5a:be:35:6c:20:4e:22:61:d9:bc:51:7a: + cd:7a:61:dc:4b:11:f9:fe:67:34:cf:2e:04:66:61:5c:57:97: + 23:8c:f3:86:1b:48:df:2a:af:a7:c1:ff:d8:8e:3e:03:bb:d8: + 2a:b0:fa:14:25:b2:51:6b:86:43:85:2e:07:23:16:80:8d:4c: + fb:b4:63:3b:cc:c3:74:ed:1b:a3:1e:fe:35:0f:5f:7c:1d:16: + 86:f5:0e:c3:95:f1:2f:af:5d:25:3b:51:e6:d7:76:41:38:d1: + 4b:03:39:28:a5:1e:91:72:d4:7d:ab:97:33:c4:d3:3e:e0:69: + b6:28:79:a0:09:8d:1c:d1:ff:41:72:48:06:fc:9a:2e:e7:20: + f9:9b:a2:de:89:ed:ae:3c:09:af:ca:57:b3:92:89:70:40:e4: + 2f:4f:c2:70:83:40:d7:24:2c:6b:e7:09:1f:d3:d5:c7:c1:08: + f4:db:0e:3b:1c:07:0b:43:11:84:21:86:e9:80:d4:75:d8:ab: + f1:02:62:c1:b1:7e:55:61:cf:13:d7:26:b0:d7:9c:cb:29:8b: + 38:4a:0b:0e:90:8d:ba:a1 +SHA1 Fingerprint=16:32:47:8D:89:F9:21:3A:92:00:85:63:F5:A4:A7:D3:12:40:8A:D6 diff --git a/luni/src/main/files/cacerts/1dbdda5b.0 b/luni/src/main/files/cacerts/1dbdda5b.0 deleted file mode 100644 index b9e52f6..0000000 --- a/luni/src/main/files/cacerts/1dbdda5b.0 +++ /dev/null @@ -1,74 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC+TCCAmKgAwIBAgIENvEbGTANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJF -UzENMAsGA1UEChMERk5NVDEYMBYGA1UECxMPRk5NVCBDbGFzZSAyIENBMB4XDTk5 -MDMxODE0NTYxOVoXDTE5MDMxODE1MjYxOVowNjELMAkGA1UEBhMCRVMxDTALBgNV -BAoTBEZOTVQxGDAWBgNVBAsTD0ZOTVQgQ2xhc2UgMiBDQTCBnTANBgkqhkiG9w0B -AQEFAAOBiwAwgYcCgYEAmD+tGTaTPT7+dkIU/TVv8fqtInpY40bQXcZa+WItjzFe -/rQw/lB0rNadHeBixkndFBJ9cQusBsE/1waH4JCJ1uXjA7LyJ7GfM8iqazZKo8Q/ -eUGdiUYvKz5j1DhWkaodsQ1CdU3zh07jD03MtGy/YhOH6tCbjrbi/xn0lAnVlmEC -AQOjggEUMIIBEDARBglghkgBhvhCAQEEBAMCAAcwWAYDVR0fBFEwTzBNoEugSaRH -MEUxCzAJBgNVBAYTAkVTMQ0wCwYDVQQKEwRGTk1UMRgwFgYDVQQLEw9GTk1UIENs -YXNlIDIgQ0ExDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMTk5OTAzMTgxNDU2 -MTlagQ8yMDE5MDMxODE0NTYxOVowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFECa -dkSXdAfErBTLHo1POkV8MNdhMB0GA1UdDgQWBBRAmnZEl3QHxKwUyx6NTzpFfDDX -YTAMBgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqG -SIb3DQEBBQUAA4GBAGFMoHxZY1tm+O5lE85DgEe5sjXJyITHa3NgReSdN531jiW5 -+aqqyuP4Q5wvoIkFsUUylCoeA41dpt7PV5Xa3yZgX8vflR64zgjY+IrJT6lodZPj -LwVMZGACokIeb4ZoZVUO2ENv8pExPqNHPCgFr0W2nSJMJntLfVsV+RlG3whd ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 921770777 (0x36f11b19) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=ES, O=FNMT, OU=FNMT Clase 2 CA - Validity - Not Before: Mar 18 14:56:19 1999 GMT - Not After : Mar 18 15:26:19 2019 GMT - Subject: C=ES, O=FNMT, OU=FNMT Clase 2 CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:98:3f:ad:19:36:93:3d:3e:fe:76:42:14:fd:35: - 6f:f1:fa:ad:22:7a:58:e3:46:d0:5d:c6:5a:f9:62: - 2d:8f:31:5e:fe:b4:30:fe:50:74:ac:d6:9d:1d:e0: - 62:c6:49:dd:14:12:7d:71:0b:ac:06:c1:3f:d7:06: - 87:e0:90:89:d6:e5:e3:03:b2:f2:27:b1:9f:33:c8: - aa:6b:36:4a:a3:c4:3f:79:41:9d:89:46:2f:2b:3e: - 63:d4:38:56:91:aa:1d:b1:0d:42:75:4d:f3:87:4e: - e3:0f:4d:cc:b4:6c:bf:62:13:87:ea:d0:9b:8e:b6: - e2:ff:19:f4:94:09:d5:96:61 - Exponent: 3 (0x3) - X509v3 extensions: - Netscape Cert Type: - SSL CA, S/MIME CA, Object Signing CA - X509v3 CRL Distribution Points: - - Full Name: - DirName: C = ES, O = FNMT, OU = FNMT Clase 2 CA, CN = CRL1 - - X509v3 Private Key Usage Period: - Not Before: Mar 18 14:56:19 1999 GMT, Not After: Mar 18 14:56:19 2019 GMT - X509v3 Key Usage: - Certificate Sign, CRL Sign - X509v3 Authority Key Identifier: - keyid:40:9A:76:44:97:74:07:C4:AC:14:CB:1E:8D:4F:3A:45:7C:30:D7:61 - - X509v3 Subject Key Identifier: - 40:9A:76:44:97:74:07:C4:AC:14:CB:1E:8D:4F:3A:45:7C:30:D7:61 - X509v3 Basic Constraints: - CA:TRUE - 1.2.840.113533.7.65.0: - 0 -..V4.0.... - Signature Algorithm: sha1WithRSAEncryption - 61:4c:a0:7c:59:63:5b:66:f8:ee:65:13:ce:43:80:47:b9:b2: - 35:c9:c8:84:c7:6b:73:60:45:e4:9d:37:9d:f5:8e:25:b9:f9: - aa:aa:ca:e3:f8:43:9c:2f:a0:89:05:b1:45:32:94:2a:1e:03: - 8d:5d:a6:de:cf:57:95:da:df:26:60:5f:cb:df:95:1e:b8:ce: - 08:d8:f8:8a:c9:4f:a9:68:75:93:e3:2f:05:4c:64:60:02:a2: - 42:1e:6f:86:68:65:55:0e:d8:43:6f:f2:91:31:3e:a3:47:3c: - 28:05:af:45:b6:9d:22:4c:26:7b:4b:7d:5b:15:f9:19:46:df: - 08:5d -SHA1 Fingerprint=43:F9:B1:10:D5:BA:FD:48:22:52:31:B0:D0:08:2B:37:2F:EF:9A:54 diff --git a/luni/src/main/files/cacerts/1f58a078.0 b/luni/src/main/files/cacerts/1f58a078.0 new file mode 100644 index 0000000..ac07485 --- /dev/null +++ b/luni/src/main/files/cacerts/1f58a078.0 @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL +BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc +BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 +MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf +qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW +n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym +c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ +O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 +o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j +IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq +IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz +8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh +vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l +7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG +cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD +ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 +AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC +roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga +W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n +lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE ++V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV +csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd +dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg +KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM +HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 +WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+M +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 44:57:34:24:5b:81:89:9b:35:f2:ce:b8:2b:3b:5b:a7:26:f0:75:28 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3 + Validity + Not Before: Jan 12 18:59:32 2012 GMT + Not After : Jan 12 18:59:32 2042 GMT + Subject: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:a1:ae:25:b2:01:18:dc:57:88:3f:46:eb:f9:af: + e2:eb:23:71:e2:9a:d1:61:66:21:5f:aa:af:27:51: + e5:6e:1b:16:d4:2d:7d:50:b0:53:77:bd:78:3a:60: + e2:64:02:9b:7c:86:9b:d6:1a:8e:ad:ff:1f:15:7f: + d5:95:1e:12:cb:e6:14:84:04:c1:df:36:b3:16:9f: + 8a:e3:c9:db:98:34:ce:d8:33:17:28:46:fc:a7:c9: + f0:d2:b4:d5:4d:09:72:49:f9:f2:87:e3:a9:da:7d: + a1:7d:6b:b2:3a:25:a9:6d:52:44:ac:f8:be:6e:fb: + dc:a6:73:91:90:61:a6:03:14:20:f2:e7:87:a3:88: + ad:ad:a0:8c:ff:a6:0b:25:52:25:e7:16:01:d5:cb: + b8:35:81:0c:a3:3b:f0:e1:e1:fc:5a:5d:ce:80:71: + 6d:f8:49:ab:3e:3b:ba:b8:d7:80:01:fb:a5:eb:5b: + b3:c5:5e:60:2a:31:a0:af:37:e8:20:3a:9f:a8:32: + 2c:0c:cc:09:1d:d3:9e:8e:5d:bc:4c:98:ee:c5:1a: + 68:7b:ec:53:a6:e9:14:35:a3:df:cd:80:9f:0c:48: + fb:1c:f4:f1:bf:4a:b8:fa:d5:8c:71:4a:c7:1f:ad: + fe:41:9a:b3:83:5d:f2:84:56:ef:a5:57:43:ce:29: + ad:8c:ab:55:bf:c4:fb:5b:01:dd:23:21:a1:58:00: + 8e:c3:d0:6a:13:ed:13:e3:12:2b:80:dc:67:e6:95: + b2:cd:1e:22:6e:2a:f8:41:d4:f2:ca:14:07:8d:8a: + 55:12:c6:69:f5:b8:86:68:2f:53:5e:b0:d2:aa:21: + c1:98:e6:30:e3:67:55:c7:9b:6e:ac:19:a8:55:a6: + 45:06:d0:23:3a:db:eb:65:5d:2a:11:11:f0:3b:4f: + ca:6d:f4:34:c4:71:e4:ff:00:5a:f6:5c:ae:23:60: + 85:73:f1:e4:10:b1:25:ae:d5:92:bb:13:c1:0c:e0: + 39:da:b4:39:57:b5:ab:35:aa:72:21:3b:83:35:e7: + 31:df:7a:21:6e:b8:32:08:7d:1d:32:91:15:4a:62: + 72:cf:e3:77:a1:bc:d5:11:1b:76:01:67:08:e0:41: + 0b:c3:eb:15:6e:f8:a4:19:d9:a2:ab:af:e2:27:52: + 56:2b:02:8a:2c:14:24:f9:bf:42:02:bf:26:c8:c6: + 8f:e0:6e:38:7d:53:2d:e5:ed:98:b3:95:63:68:7f: + f9:35:f4:df:88:c5:60:35:92:c0:7c:69:1c:61:95: + 16:d0:eb:de:0b:af:3e:04:10:45:65:58:50:38:af: + 48:f2:59:b6:16:f2:3c:0d:90:02:c6:70:2e:01:ad: + 3c:15:d7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + ED:E7:6F:76:5A:BF:60:EC:49:5B:C6:A5:77:BB:72:16:71:9B:C4:3D + Signature Algorithm: sha256WithRSAEncryption + 91:df:80:3f:43:09:7e:71:c2:f7:eb:b3:88:8f:e1:51:b2:bc: + 3d:75:f9:28:5d:c8:bc:99:9b:7b:5d:aa:e5:ca:e1:0a:f7:e8: + b2:d3:9f:dd:67:31:7e:ba:01:aa:c7:6a:41:3b:90:d4:08:5c: + b2:60:6a:90:f0:c8:ce:03:62:f9:8b:ed:fb:6e:2a:dc:06:4d: + 3c:29:0f:89:16:8a:58:4c:48:0f:e8:84:61:ea:3c:72:a6:77: + e4:42:ae:88:a3:43:58:79:7e:ae:ca:a5:53:0d:a9:3d:70:bd: + 20:19:61:a4:6c:38:fc:43:32:e1:c1:47:ff:f8:ec:f1:11:22: + 32:96:9c:c2:f6:5b:69:96:7b:20:0c:43:41:9a:5b:f6:59:19: + 88:de:55:88:37:51:0b:78:5c:0a:1e:a3:42:fd:c7:9d:88:0f: + c0:f2:78:02:24:54:93:af:89:87:88:c9:4a:80:1d:ea:d0:6e: + 3e:61:2e:36:bb:35:0e:27:96:fd:66:34:3b:61:72:73:f1:16: + 5c:47:06:54:49:00:7a:58:12:b0:0a:ef:85:fd:b1:b8:33:75: + 6a:93:1c:12:e6:60:5e:6f:1d:7f:c9:1f:23:cb:84:61:9f:1e: + 82:44:f9:5f:ad:62:55:24:9a:52:98:ed:51:e7:a1:7e:97:3a: + e6:2f:1f:11:da:53:80:2c:85:9e:ab:35:10:db:22:5f:6a:c5: + 5e:97:53:f2:32:02:09:30:a3:58:f0:0d:01:d5:72:c6:b1:7c: + 69:7b:c3:f5:36:45:cc:61:6e:5e:4c:94:c5:5e:ae:e8:0e:5e: + 8b:bf:f7:cd:e0:ed:a1:0e:1b:33:ee:54:18:fe:0f:be:ef:7e: + 84:6b:43:e3:70:98:db:5d:75:b2:0d:59:07:85:15:23:39:d6: + f1:df:a9:26:0f:d6:48:c7:b3:a6:22:f5:33:37:5a:95:47:9f: + 7b:ba:18:15:6f:ff:d6:14:64:83:49:d2:0a:67:21:db:0f:35: + 63:60:28:22:e3:b1:95:83:cd:85:a6:dd:2f:0f:e7:67:52:6e: + bb:2f:85:7c:f5:4a:73:e7:c5:3e:c0:bd:21:12:05:3f:fc:b7: + 03:49:02:5b:c8:25:e6:e2:54:38:f5:79:87:8c:1d:53:b2:4e: + 85:7b:06:38:c7:2c:f8:f8:b0:72:8d:25:e5:77:52:f4:03:1c: + 48:a6:50:5f:88:20:30:6e:f2:82:43:ab:3d:97:84:e7:53:fb: + 21:c1:4f:0f:22:9a:86:b8:59:2a:f6:47:3d:19:88:2d:e8:85: + e1:9e:ec:85:08:6a:b1:6c:34:c9:1d:ec:48:2b:3b:78:ed:66: + c4:8e:79:69:83:de:7f:8c +SHA1 Fingerprint=09:3C:61:F3:8B:8B:DC:7D:55:DF:75:38:02:05:00:E1:25:F5:C8:36 diff --git a/luni/src/main/files/cacerts/2e8714cb.0 b/luni/src/main/files/cacerts/2e8714cb.0 deleted file mode 100644 index c67d949..0000000 --- a/luni/src/main/files/cacerts/2e8714cb.0 +++ /dev/null @@ -1,103 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFUjCCBDqgAwIBAgIBAjANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJLUjEN -MAsGA1UEChMES0lTQTEuMCwGA1UECxMlS29yZWEgQ2VydGlmaWNhdGlvbiBBdXRo -b3JpdHkgQ2VudHJhbDEWMBQGA1UEAxMNS0lTQSBSb290Q0EgMzAeFw0wNDExMTkw -NjM5NTFaFw0xNDExMTkwNjM5NTFaMGQxCzAJBgNVBAYTAktSMQ0wCwYDVQQKEwRL -SVNBMS4wLAYDVQQLEyVLb3JlYSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBDZW50 -cmFsMRYwFAYDVQQDEw1LSVNBIFJvb3RDQSAzMIIBIDANBgkqhkiG9w0BAQEFAAOC -AQ0AMIIBCAKCAQEA3rrtF2Wu0b1KPazbgHLMWOHn4ZPazDB6z+8Lri2nQ6u/p0LP -CFYIpEcdffqG79gwlyY0YTyADvjU65/8IjAboW0+40zSVU4WQDfC9gdu2we1pYyW -geKbXH6UYcjOhDyx+gDmctMJhXfp3F4hT7TkTvTiF6tQrxz/oTlYdVsSspa5jfBw -YkhbVigqpYeRNrkeJPW5unu2UlFbF1pgBWycwubGjD756t08jP+J3kNwrB248XXN -OMpTDUdoasY8GMq94bS+DvTQ49IT+rBRERHUQavo9DmO4TSETwuTqmo4/OXGeEeu -dhf6oYA3BgAVCP1rI476cg2V1ktisWjC3TSbXQIBA6OCAg8wggILMB8GA1UdIwQY -MBaAFI+B8NqmzXQ8vmb0FWtGpP4GKMyqMB0GA1UdDgQWBBSPgfDaps10PL5m9BVr -RqT+BijMqjAOBgNVHQ8BAf8EBAMCAQYwggEuBgNVHSAEggElMIIBITCCAR0GBFUd -IAAwggETMDAGCCsGAQUFBwIBFiRodHRwOi8vd3d3LnJvb3RjYS5vci5rci9yY2Ev -Y3BzLmh0bWwwgd4GCCsGAQUFBwICMIHRHoHOx3QAIMd4yZ3BHLKUACCs9cd4x3jJ -ncEcx4WyyLLkACgAVABoAGkAcwAgAGMAZQByAHQAaQBmAGkAYwBhAHQAZQAgAGkA -cwAgAGEAYwBjAHIAZQBkAGkAdABlAGQAIAB1AG4AZABlAHIAIABFAGwAZQBjAHQA -cgBvAG4AaQBjACAAUwBpAGcAbgBhAHQAdQByAGUAIABBAGMAdAAgAG8AZgAgAHQA -aABlACAAUgBlAHAAdQBiAGwAaQBjACAAbwBmACAASwBvAHIAZQBhACkwMwYDVR0R -BCwwKqQoMCYxJDAiBgNVBAMMG+2VnOq1reygleuztOuztO2YuOynhO2dpeybkDAz -BgNVHRIELDAqpCgwJjEkMCIGA1UEAwwb7ZWc6rWt7KCV67O067O07Zi47KeE7Z2l -7JuQMA8GA1UdEwEB/wQFMAMBAf8wDAYDVR0kBAUwA4ABADANBgkqhkiG9w0BAQUF -AAOCAQEAz9b3Dv2wjG4FFY6oXCuyWtEeV6ZeGKqCEQj8mbdbp+PI0qLT+SQ09+Pk -rolUR9NpScmAwRHr4inH9gaLX7riXs+rw87P7pIl3J85Hg4D9N6QW6FwmVzHc07J -pHVJeyWhn4KSjU3sYcUMMqfHODiAVToqgx2cZHm5Dac1Smjvj/8F2LpOVmHY+Epw -mAiWk9hgxzrsX58dKzVPSBShmrtv7tIDhlPxEMcHVGJeNo7iHCsdF03m9VrvirqC -6HfZKBF+N4dKlArJQOk1pTr7ZD7yXxZ683bXzu4/RB1Fql8RqlMcOh9SUWJUD6OQ -Nc9Nb7rHviwJ8TX4Absk3TC8SA/u2Q== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 2 (0x2) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=KR, O=KISA, OU=Korea Certification Authority Central, CN=KISA RootCA 3 - Validity - Not Before: Nov 19 06:39:51 2004 GMT - Not After : Nov 19 06:39:51 2014 GMT - Subject: C=KR, O=KISA, OU=Korea Certification Authority Central, CN=KISA RootCA 3 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:de:ba:ed:17:65:ae:d1:bd:4a:3d:ac:db:80:72: - cc:58:e1:e7:e1:93:da:cc:30:7a:cf:ef:0b:ae:2d: - a7:43:ab:bf:a7:42:cf:08:56:08:a4:47:1d:7d:fa: - 86:ef:d8:30:97:26:34:61:3c:80:0e:f8:d4:eb:9f: - fc:22:30:1b:a1:6d:3e:e3:4c:d2:55:4e:16:40:37: - c2:f6:07:6e:db:07:b5:a5:8c:96:81:e2:9b:5c:7e: - 94:61:c8:ce:84:3c:b1:fa:00:e6:72:d3:09:85:77: - e9:dc:5e:21:4f:b4:e4:4e:f4:e2:17:ab:50:af:1c: - ff:a1:39:58:75:5b:12:b2:96:b9:8d:f0:70:62:48: - 5b:56:28:2a:a5:87:91:36:b9:1e:24:f5:b9:ba:7b: - b6:52:51:5b:17:5a:60:05:6c:9c:c2:e6:c6:8c:3e: - f9:ea:dd:3c:8c:ff:89:de:43:70:ac:1d:b8:f1:75: - cd:38:ca:53:0d:47:68:6a:c6:3c:18:ca:bd:e1:b4: - be:0e:f4:d0:e3:d2:13:fa:b0:51:11:11:d4:41:ab: - e8:f4:39:8e:e1:34:84:4f:0b:93:aa:6a:38:fc:e5: - c6:78:47:ae:76:17:fa:a1:80:37:06:00:15:08:fd: - 6b:23:8e:fa:72:0d:95:d6:4b:62:b1:68:c2:dd:34: - 9b:5d - Exponent: 3 (0x3) - X509v3 extensions: - X509v3 Authority Key Identifier: - keyid:8F:81:F0:DA:A6:CD:74:3C:BE:66:F4:15:6B:46:A4:FE:06:28:CC:AA - - X509v3 Subject Key Identifier: - 8F:81:F0:DA:A6:CD:74:3C:BE:66:F4:15:6B:46:A4:FE:06:28:CC:AA - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: http://www.rootca.or.kr/rca/cps.html - User Notice: - Explicit Text: Çt - - X509v3 Subject Alternative Name: - DirName:/CN=\xED\x95\x9C\xEA\xB5\xAD\xEC\xA0\x95\xEB\xB3\xB4\xEB\xB3\xB4\xED\x98\xB8\xEC\xA7\x84\xED\x9D\xA5\xEC\x9B\x90 - X509v3 Issuer Alternative Name: - DirName:/CN=\xED\x95\x9C\xEA\xB5\xAD\xEC\xA0\x95\xEB\xB3\xB4\xEB\xB3\xB4\xED\x98\xB8\xEC\xA7\x84\xED\x9D\xA5\xEC\x9B\x90 - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Policy Constraints: - Require Explicit Policy:0 - Signature Algorithm: sha1WithRSAEncryption - cf:d6:f7:0e:fd:b0:8c:6e:05:15:8e:a8:5c:2b:b2:5a:d1:1e: - 57:a6:5e:18:aa:82:11:08:fc:99:b7:5b:a7:e3:c8:d2:a2:d3: - f9:24:34:f7:e3:e4:ae:89:54:47:d3:69:49:c9:80:c1:11:eb: - e2:29:c7:f6:06:8b:5f:ba:e2:5e:cf:ab:c3:ce:cf:ee:92:25: - dc:9f:39:1e:0e:03:f4:de:90:5b:a1:70:99:5c:c7:73:4e:c9: - a4:75:49:7b:25:a1:9f:82:92:8d:4d:ec:61:c5:0c:32:a7:c7: - 38:38:80:55:3a:2a:83:1d:9c:64:79:b9:0d:a7:35:4a:68:ef: - 8f:ff:05:d8:ba:4e:56:61:d8:f8:4a:70:98:08:96:93:d8:60: - c7:3a:ec:5f:9f:1d:2b:35:4f:48:14:a1:9a:bb:6f:ee:d2:03: - 86:53:f1:10:c7:07:54:62:5e:36:8e:e2:1c:2b:1d:17:4d:e6: - f5:5a:ef:8a:ba:82:e8:77:d9:28:11:7e:37:87:4a:94:0a:c9: - 40:e9:35:a5:3a:fb:64:3e:f2:5f:16:7a:f3:76:d7:ce:ee:3f: - 44:1d:45:aa:5f:11:aa:53:1c:3a:1f:52:51:62:54:0f:a3:90: - 35:cf:4d:6f:ba:c7:be:2c:09:f1:35:f8:01:bb:24:dd:30:bc: - 48:0f:ee:d9 -SHA1 Fingerprint=5F:4E:1F:CF:31:B7:91:3B:85:0B:54:F6:E5:FF:50:1A:2B:6F:C6:CF diff --git a/luni/src/main/files/cacerts/48478734.0 b/luni/src/main/files/cacerts/48478734.0 deleted file mode 100644 index e317faf..0000000 --- a/luni/src/main/files/cacerts/48478734.0 +++ /dev/null @@ -1,76 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDczCCAlugAwIBAgIBBDANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJLUjEN -MAsGA1UECgwES0lTQTEuMCwGA1UECwwlS29yZWEgQ2VydGlmaWNhdGlvbiBBdXRo -b3JpdHkgQ2VudHJhbDEWMBQGA1UEAwwNS0lTQSBSb290Q0EgMTAeFw0wNTA4MjQw -ODA1NDZaFw0yNTA4MjQwODA1NDZaMGQxCzAJBgNVBAYTAktSMQ0wCwYDVQQKDARL -SVNBMS4wLAYDVQQLDCVLb3JlYSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBDZW50 -cmFsMRYwFAYDVQQDDA1LSVNBIFJvb3RDQSAxMIIBIDANBgkqhkiG9w0BAQEFAAOC -AQ0AMIIBCAKCAQEAvATk+hM58DSWIGtsaLv623f/J/es7C/n/fB/bW+MKs0lCVsk -9KFo/CjsySXirO3eyDOE9bClCTqnsUdIxcxPjHmc+QZXfd3uOPbPFLKc6tPAXXdi -8EcNuRpAU1xkcK8IWsD3z3X5bI1kKB4g/rcbGdNaZoNy4rCbvdMlFQ0yb2Q3lIVG -yHK+d9VuHygvx2nt54OJM1jT3qC/QOhDUO7cTWu8peqmyGGO9cNkrwYV3CmLP3WM -vHFE2/yttRcdbYmDz8Yzvb9Fov4Kn6MRXw+5H5wawkbMnChmn3AmPC7fqoD+jMUE -CSVPzZNHPDfqAmeS/vwiJFys0izgXAEzisEZ2wIBA6MyMDAwHQYDVR0OBBYEFL+2 -J9gDWnZlTGEBQVYx5Yt7OtnMMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEF -BQADggEBABOvUQveimpb5poKyLGQSk6hAp3MiNKrZr097LuxQpVqslxa/6FjZJap -aBV/JV6K+KRzwYCKhQoOUugy50X4TmWAkZl0Q+VFnUkq8JSV3enhMNITbslOsXfl -BM+tWh6UCVrXPAgcrnrpFDLBRa3SJkhyrKhB2vAhhzle3/xk/2F0KpzZm4tfwjeT -2KM3LzuTa7IbB6d/CVDv0zq+IWuKkDsnSlFOa56ch534eJAx7REnxqhZvvwYC/uO -fi5C4e3nCSG9uRPFVmf0JqZCQ5BEVLRxm3bkGhKsGigA35vB1fjbXKP4krG9tNT5 -UNkAAk/bg9ART6RCVmE6fhMy04Qfybo= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 4 (0x4) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=KR, O=KISA, OU=Korea Certification Authority Central, CN=KISA RootCA 1 - Validity - Not Before: Aug 24 08:05:46 2005 GMT - Not After : Aug 24 08:05:46 2025 GMT - Subject: C=KR, O=KISA, OU=Korea Certification Authority Central, CN=KISA RootCA 1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:bc:04:e4:fa:13:39:f0:34:96:20:6b:6c:68:bb: - fa:db:77:ff:27:f7:ac:ec:2f:e7:fd:f0:7f:6d:6f: - 8c:2a:cd:25:09:5b:24:f4:a1:68:fc:28:ec:c9:25: - e2:ac:ed:de:c8:33:84:f5:b0:a5:09:3a:a7:b1:47: - 48:c5:cc:4f:8c:79:9c:f9:06:57:7d:dd:ee:38:f6: - cf:14:b2:9c:ea:d3:c0:5d:77:62:f0:47:0d:b9:1a: - 40:53:5c:64:70:af:08:5a:c0:f7:cf:75:f9:6c:8d: - 64:28:1e:20:fe:b7:1b:19:d3:5a:66:83:72:e2:b0: - 9b:bd:d3:25:15:0d:32:6f:64:37:94:85:46:c8:72: - be:77:d5:6e:1f:28:2f:c7:69:ed:e7:83:89:33:58: - d3:de:a0:bf:40:e8:43:50:ee:dc:4d:6b:bc:a5:ea: - a6:c8:61:8e:f5:c3:64:af:06:15:dc:29:8b:3f:75: - 8c:bc:71:44:db:fc:ad:b5:17:1d:6d:89:83:cf:c6: - 33:bd:bf:45:a2:fe:0a:9f:a3:11:5f:0f:b9:1f:9c: - 1a:c2:46:cc:9c:28:66:9f:70:26:3c:2e:df:aa:80: - fe:8c:c5:04:09:25:4f:cd:93:47:3c:37:ea:02:67: - 92:fe:fc:22:24:5c:ac:d2:2c:e0:5c:01:33:8a:c1: - 19:db - Exponent: 3 (0x3) - X509v3 extensions: - X509v3 Subject Key Identifier: - BF:B6:27:D8:03:5A:76:65:4C:61:01:41:56:31:E5:8B:7B:3A:D9:CC - X509v3 Basic Constraints: critical - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 13:af:51:0b:de:8a:6a:5b:e6:9a:0a:c8:b1:90:4a:4e:a1:02: - 9d:cc:88:d2:ab:66:bd:3d:ec:bb:b1:42:95:6a:b2:5c:5a:ff: - a1:63:64:96:a9:68:15:7f:25:5e:8a:f8:a4:73:c1:80:8a:85: - 0a:0e:52:e8:32:e7:45:f8:4e:65:80:91:99:74:43:e5:45:9d: - 49:2a:f0:94:95:dd:e9:e1:30:d2:13:6e:c9:4e:b1:77:e5:04: - cf:ad:5a:1e:94:09:5a:d7:3c:08:1c:ae:7a:e9:14:32:c1:45: - ad:d2:26:48:72:ac:a8:41:da:f0:21:87:39:5e:df:fc:64:ff: - 61:74:2a:9c:d9:9b:8b:5f:c2:37:93:d8:a3:37:2f:3b:93:6b: - b2:1b:07:a7:7f:09:50:ef:d3:3a:be:21:6b:8a:90:3b:27:4a: - 51:4e:6b:9e:9c:87:9d:f8:78:90:31:ed:11:27:c6:a8:59:be: - fc:18:0b:fb:8e:7e:2e:42:e1:ed:e7:09:21:bd:b9:13:c5:56: - 67:f4:26:a6:42:43:90:44:54:b4:71:9b:76:e4:1a:12:ac:1a: - 28:00:df:9b:c1:d5:f8:db:5c:a3:f8:92:b1:bd:b4:d4:f9:50: - d9:00:02:4f:db:83:d0:11:4f:a4:42:56:61:3a:7e:13:32:d3: - 84:1f:c9:ba -SHA1 Fingerprint=02:72:68:29:3E:5F:5D:17:AA:A4:B3:C3:E6:36:1E:1F:92:57:5E:AA diff --git a/luni/src/main/files/cacerts/4d654d1d.0 b/luni/src/main/files/cacerts/4d654d1d.0 deleted file mode 100644 index 737193b..0000000 --- a/luni/src/main/files/cacerts/4d654d1d.0 +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD -VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv -bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv -b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV -UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU -cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds -b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH -iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS -r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4 -04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r -GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9 -3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P -lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/ ------END CERTIFICATE----- -Certificate: - Data: - Version: 1 (0x0) - Serial Number: 421 (0x1a5) - Signature Algorithm: md5WithRSAEncryption - Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root - Validity - Not Before: Aug 13 00:29:00 1998 GMT - Not After : Aug 13 23:59:00 2018 GMT - Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:95:0f:a0:b6:f0:50:9c:e8:7a:c7:88:cd:dd:17: - 0e:2e:b0:94:d0:1b:3d:0e:f6:94:c0:8a:94:c7:06: - c8:90:97:c8:b8:64:1a:7a:7e:6c:3c:53:e1:37:28: - 73:60:7f:b2:97:53:07:9f:53:f9:6d:58:94:d2:af: - 8d:6d:88:67:80:e6:ed:b2:95:cf:72:31:ca:a5:1c: - 72:ba:5c:02:e7:64:42:e7:f9:a9:2c:d6:3a:0d:ac: - 8d:42:aa:24:01:39:e6:9c:3f:01:85:57:0d:58:87: - 45:f8:d3:85:aa:93:69:26:85:70:48:80:3f:12:15: - c7:79:b4:1f:05:2f:3b:62:99 - Exponent: 65537 (0x10001) - Signature Algorithm: md5WithRSAEncryption - 6d:eb:1b:09:e9:5e:d9:51:db:67:22:61:a4:2a:3c:48:77:e3: - a0:7c:a6:de:73:a2:14:03:85:3d:fb:ab:0e:30:c5:83:16:33: - 81:13:08:9e:7b:34:4e:df:40:c8:74:d7:b9:7d:dc:f4:76:55: - 7d:9b:63:54:18:e9:f0:ea:f3:5c:b1:d9:8b:42:1e:b9:c0:95: - 4e:ba:fa:d5:e2:7c:f5:68:61:bf:8e:ec:05:97:5f:5b:b0:d7: - a3:85:34:c4:24:a7:0d:0f:95:93:ef:cb:94:d8:9e:1f:9d:5c: - 85:6d:c7:aa:ae:4f:1f:22:b5:cd:95:ad:ba:a7:cc:f9:ab:0b: - 7a:7f -SHA1 Fingerprint=97:81:79:50:D8:1C:96:70:CC:34:D8:09:CF:79:44:31:36:7E:F4:74 diff --git a/luni/src/main/files/cacerts/52b525c7.0 b/luni/src/main/files/cacerts/52b525c7.0 new file mode 100644 index 0000000..98adef0 --- /dev/null +++ b/luni/src/main/files/cacerts/52b525c7.0 @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQEL +BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc +BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00 +MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEgRzMwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakEPBtV +wedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWe +rNrwU8lmPNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF341 +68Xfuw6cwI2H44g4hWf6Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh +4Pw5qlPafX7PGglTvF0FBM+hSo+LdoINofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXp +UhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/lg6AnhF4EwfWQvTA9xO+o +abw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV7qJZjqlc +3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/G +KubX9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSt +hfbZxbGL0eUQMk1fiyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KO +Tk0k+17kBL5yG6YnLUlamXrXXAkgt3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOt +zCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZIhvcNAQELBQAD +ggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC +MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2 +cDMT/uFPpiN3GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUN +qXsCHKnQO18LwIE6PWThv6ctTr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5 +YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP+V04ikkwj+3x6xn0dxoxGE1nVGwv +b2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh3jRJjehZrJ3ydlo2 +8hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fawx/k +NSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNj +ZgKAvQU6O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhp +q1467HxpvMc7hU6eFbm0FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFt +nh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOVhMJKzRwuJIczYOXD +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 78:58:5f:2e:ad:2c:19:4b:e3:37:07:35:34:13:28:b5:96:d4:65:93 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 1 G3 + Validity + Not Before: Jan 12 17:27:44 2012 GMT + Not After : Jan 12 17:27:44 2042 GMT + Subject: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 1 G3 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:a0:be:50:10:8e:e9:f2:6c:40:b4:04:9c:85:b9: + 31:ca:dc:2d:e4:11:a9:04:3c:1b:55:c1:e7:58:30: + 1d:24:b4:c3:ef:85:de:8c:2c:e1:c1:3d:df:82:e6: + 4f:ad:47:87:6c:ec:5b:49:c1:4a:d5:bb:8f:ec:87: + ac:7f:82:9a:86:ec:3d:03:99:52:01:d2:35:9e:ac: + da:f0:53:c9:66:3c:d4:ac:02:01:da:24:d3:3b:a8: + 02:46:af:a4:1c:e3:f8:73:58:76:b7:f6:0e:90:0d: + b5:f0:cf:cc:fa:f9:c6:4c:e5:c3:86:30:0a:8d:17: + 7e:35:eb:c5:df:bb:0e:9c:c0:8d:87:e3:88:38:85: + 67:fa:3e:c7:ab:e0:13:9c:05:18:98:cf:93:f5:b1: + 92:b4:fc:23:d3:cf:d5:c4:27:49:e0:9e:3c:9b:08: + a3:8b:5d:2a:21:e0:fc:39:aa:53:da:7d:7e:cf:1a: + 09:53:bc:5d:05:04:cf:a1:4a:8f:8b:76:82:0d:a1: + f8:d2:c7:14:77:5b:90:36:07:81:9b:3e:06:fa:52: + 5e:63:c5:a6:00:fe:a5:e9:52:1b:52:b5:92:39:72: + 03:09:62:bd:b0:60:16:6e:a6:dd:25:c2:03:66:dd: + f3:04:d1:40:e2:4e:8b:86:f4:6f:e5:83:a0:27:84: + 5e:04:c1:f5:90:bd:30:3d:c4:ef:a8:69:bc:38:9b: + a4:a4:96:d1:62:da:69:c0:01:96:ae:cb:c4:51:34: + ea:0c:aa:ff:21:8e:59:8f:4a:5c:e4:61:9a:a7:d2: + e9:2a:78:8d:51:3d:3a:15:ee:a2:59:8e:a9:5c:de: + c5:f9:90:22:e5:88:45:71:dd:91:99:6c:7a:9f:3d: + 3d:98:7c:5e:f6:be:16:68:a0:5e:ae:0b:23:fc:5a: + 0f:aa:22:76:2d:c9:a1:10:1d:e4:d3:44:23:90:88: + 9f:c6:2a:e6:d7:f5:9a:b3:58:1e:2f:30:89:08:1b: + 54:a2:b5:98:23:ec:08:77:1c:95:5d:61:d1:cb:89: + 9c:5f:a2:4a:91:9a:ef:21:aa:49:16:08:a8:bd:61: + 28:31:c9:74:ad:85:f6:d9:c5:b1:8b:d1:e5:10:32: + 4d:5f:8b:20:3a:3c:49:1f:33:85:59:0d:db:cb:09: + 75:43:69:73:fb:6b:71:7d:f0:df:c4:4c:7d:c6:a3: + 2e:c8:95:79:cb:73:a2:8e:4e:4d:24:fb:5e:e4:04: + be:72:1b:a6:27:2d:49:5a:99:7a:d7:5c:09:20:b7: + 7f:94:b9:4f:f1:0d:1c:5e:88:42:1b:11:b7:e7:91: + db:9e:6c:f4:6a:df:8c:06:98:03:ad:cc:28:ef:a5: + 47:f3:53 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + A3:97:D6:F3:5E:A2:10:E1:AB:45:9F:3C:17:64:3C:EE:01:70:9C:CC + Signature Algorithm: sha256WithRSAEncryption + 18:fa:5b:75:fc:3e:7a:c7:5f:77:c7:ca:df:cf:5f:c3:12:c4: + 40:5d:d4:32:aa:b8:6a:d7:d5:15:15:46:98:23:a5:e6:90:5b: + 18:99:4c:e3:ad:42:a3:82:31:36:88:cd:e9:fb:c4:04:96:48: + 8b:01:c7:8d:01:cf:5b:33:06:96:46:66:74:1d:4f:ed:c1:b6: + b9:b4:0d:61:cc:63:7e:d7:2e:77:8c:96:1c:2a:23:68:6b:85: + 57:76:70:33:13:fe:e1:4f:a6:23:77:18:fa:1a:8c:e8:bd:65: + c9:cf:3f:f4:c9:17:dc:eb:c7:bc:c0:04:2e:2d:46:2f:69:66: + c3:1b:8f:fe:ec:3e:d3:ca:94:bf:76:0a:25:0d:a9:7b:02:1c: + a9:d0:3b:5f:0b:c0:81:3a:3d:64:e1:bf:a7:2d:4e:bd:4d:c4: + d8:29:c6:22:18:d0:c5:ac:72:02:82:3f:aa:3a:a2:3a:22:97: + 31:dd:08:63:c3:75:14:b9:60:28:2d:5b:68:e0:16:a9:66:82: + 23:51:f5:eb:53:d8:31:9b:7b:e9:b7:9d:4b:eb:88:16:cf:f9: + 5d:38:8a:49:30:8f:ed:f1:eb:19:f4:77:1a:31:18:4d:67:54: + 6c:2f:6f:65:f9:db:3d:ec:21:ec:5e:f4:f4:8b:ca:60:65:54: + d1:71:64:f4:f9:a6:a3:81:33:36:33:71:f0:a4:78:5f:4e:ad: + 83:21:de:34:49:8d:e8:59:ac:9d:f2:76:5a:36:f2:13:f4:af: + e0:09:c7:61:2a:6c:f7:e0:9d:ae:bb:86:4a:28:6f:2e:ee:b4: + 79:cd:90:33:c3:b3:76:fa:f5:f0:6c:9d:01:90:fa:9e:90:f6: + 9c:72:cf:47:da:c3:1f:e4:35:20:53:f2:54:d1:df:61:83:a6: + 02:e2:25:38:de:85:32:2d:5e:73:90:52:5d:42:c4:ce:3d:4b: + e1:f9:19:84:1d:d5:a2:50:cc:41:fb:41:14:c3:bd:d6:c9:5a: + a3:63:66:02:80:bd:05:3a:3b:47:9c:ec:00:26:4c:f5:88:51: + bf:a8:23:7f:18:07:b0:0b:ed:8b:26:a1:64:d3:61:4a:eb:5c: + 9f:de:b3:af:67:03:b3:1f:dd:6d:5d:69:68:69:ab:5e:3a:ec: + 7c:69:bc:c7:3b:85:4e:9e:15:b9:b4:15:4f:c3:95:7a:58:d7: + c9:6c:e9:6c:b9:f3:29:63:5e:b4:2c:f0:2d:3d:ed:5a:65:e0: + a9:5b:40:c2:48:99:81:6d:9e:1f:06:2a:3c:12:b4:8b:0f:9b: + a2:24:f0:a6:8d:d6:7a:e0:4b:b6:64:96:63:95:84:c2:4a:cd: + 1c:2e:24:87:33:60:e5:c3 +SHA1 Fingerprint=1B:8E:EA:57:96:29:1A:C9:39:EA:B8:0A:81:1A:73:73:C0:93:79:67 diff --git a/luni/src/main/files/cacerts/5a5372fc.0 b/luni/src/main/files/cacerts/5a5372fc.0 deleted file mode 100644 index b69d119..0000000 --- a/luni/src/main/files/cacerts/5a5372fc.0 +++ /dev/null @@ -1,74 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFSzCCBLSgAwIBAgIBaTANBgkqhkiG9w0BAQQFADCBmTELMAkGA1UEBhMCSFUx -ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0 -b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTIwMAYDVQQD -EylOZXRMb2NrIFV6bGV0aSAoQ2xhc3MgQikgVGFudXNpdHZhbnlraWFkbzAeFw05 -OTAyMjUxNDEwMjJaFw0xOTAyMjAxNDEwMjJaMIGZMQswCQYDVQQGEwJIVTERMA8G -A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh -Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxMjAwBgNVBAMTKU5l -dExvY2sgVXpsZXRpIChDbGFzcyBCKSBUYW51c2l0dmFueWtpYWRvMIGfMA0GCSqG -SIb3DQEBAQUAA4GNADCBiQKBgQCx6gTsIKAjwo84YM/HRrPVG/77uZmeBNwcf4xK -gZjupNTKihe5In+DCnVMm8Bp2GQ5o+2So/1bXHQawEfKOml2mrriRBf8TKPV/riX -iK+IA4kfpPIEPsgHC+b5sy96YhQJRhTKZPWLgLViqNhr1nGTLbO/CVRY7QbrqHvc -Q7GhaQIDAQABo4ICnzCCApswEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8E -BAMCAAYwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1G -SUdZRUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFu -b3MgU3pvbGdhbHRhdGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBh -bGFwamFuIGtlc3p1bHQuIEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExv -Y2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2VnLWJpenRvc2l0YXNhIHZlZGkuIEEgZGln -aXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYXogZWxvaXJ0 -IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJh -c2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGph -biBhIGh0dHBzOi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJo -ZXRvIGF6IGVsbGVub3J6ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBP -UlRBTlQhIFRoZSBpc3N1YW5jZSBhbmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmlj -YXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sgQ1BTIGF2YWlsYWJsZSBhdCBo -dHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBjcHNA -bmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4GBAATbrowXr/gOkDFOzT4JwG06 -sPgzTEdM43WIEJessDgVkcYplswhwG08pXTP2IKlOcNl40JwuyKQ433bNXbhoLXa -n3BukxowOR0w2y7jfLKRstE3Kfq51hdcR0/jHTjrn9V7lagonhVK0dHQKwCXoOKS -NitjrFgBazMpUIaD8QFI ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 105 (0x69) - Signature Algorithm: md5WithRSAEncryption - Issuer: C=HU, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Uzleti (Class B) Tanusitvanykiado - Validity - Not Before: Feb 25 14:10:22 1999 GMT - Not After : Feb 20 14:10:22 2019 GMT - Subject: C=HU, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Uzleti (Class B) Tanusitvanykiado - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:b1:ea:04:ec:20:a0:23:c2:8f:38:60:cf:c7:46: - b3:d5:1b:fe:fb:b9:99:9e:04:dc:1c:7f:8c:4a:81: - 98:ee:a4:d4:ca:8a:17:b9:22:7f:83:0a:75:4c:9b: - c0:69:d8:64:39:a3:ed:92:a3:fd:5b:5c:74:1a:c0: - 47:ca:3a:69:76:9a:ba:e2:44:17:fc:4c:a3:d5:fe: - b8:97:88:af:88:03:89:1f:a4:f2:04:3e:c8:07:0b: - e6:f9:b3:2f:7a:62:14:09:46:14:ca:64:f5:8b:80: - b5:62:a8:d8:6b:d6:71:93:2d:b3:bf:09:54:58:ed: - 06:eb:a8:7b:dc:43:b1:a1:69 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:4 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - Netscape Cert Type: - SSL CA, S/MIME CA, Object Signing CA - Netscape Comment: - FIGYELEM! Ezen tanusitvany a NetLock Kft. Altalanos Szolgaltatasi Felteteleiben leirt eljarasok alapjan keszult. A hitelesites folyamatat a NetLock Kft. termekfelelosseg-biztositasa vedi. A digitalis alairas elfogadasanak feltetele az eloirt ellenorzesi eljaras megtetele. Az eljaras leirasa megtalalhato a NetLock Kft. Internet honlapjan a https://www.netlock.net/docs cimen vagy kerheto az ellenorzes@netlock.net e-mail cimen. IMPORTANT! The issuance and the use of this certificate is subject to the NetLock CPS available at https://www.netlock.net/docs or by e-mail at cps@netlock.net. - Signature Algorithm: md5WithRSAEncryption - 04:db:ae:8c:17:af:f8:0e:90:31:4e:cd:3e:09:c0:6d:3a:b0: - f8:33:4c:47:4c:e3:75:88:10:97:ac:b0:38:15:91:c6:29:96: - cc:21:c0:6d:3c:a5:74:cf:d8:82:a5:39:c3:65:e3:42:70:bb: - 22:90:e3:7d:db:35:76:e1:a0:b5:da:9f:70:6e:93:1a:30:39: - 1d:30:db:2e:e3:7c:b2:91:b2:d1:37:29:fa:b9:d6:17:5c:47: - 4f:e3:1d:38:eb:9f:d5:7b:95:a8:28:9e:15:4a:d1:d1:d0:2b: - 00:97:a0:e2:92:36:2b:63:ac:58:01:6b:33:29:50:86:83:f1: - 01:48 -SHA1 Fingerprint=87:9F:4B:EE:05:DF:98:58:3B:E3:60:D6:33:E7:0D:3F:FE:98:71:AF diff --git a/luni/src/main/files/cacerts/635ccfd5.0 b/luni/src/main/files/cacerts/635ccfd5.0 deleted file mode 100644 index 79753cd..0000000 --- a/luni/src/main/files/cacerts/635ccfd5.0 +++ /dev/null @@ -1,74 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFTzCCBLigAwIBAgIBaDANBgkqhkiG9w0BAQQFADCBmzELMAkGA1UEBhMCSFUx -ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0 -b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMTQwMgYDVQQD -EytOZXRMb2NrIEV4cHJlc3N6IChDbGFzcyBDKSBUYW51c2l0dmFueWtpYWRvMB4X -DTk5MDIyNTE0MDgxMVoXDTE5MDIyMDE0MDgxMVowgZsxCzAJBgNVBAYTAkhVMREw -DwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9u -c2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE0MDIGA1UEAxMr -TmV0TG9jayBFeHByZXNzeiAoQ2xhc3MgQykgVGFudXNpdHZhbnlraWFkbzCBnzAN -BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6+ywbGGKIyWvYCDj2Z/8kwvbXY2wobNA -OoLO/XXgeDIDhlqGlZHtU/qdQPzm6N3ZW3oDvV3zOwzDUXmbrVWg6dADEK8KuhRC -2VImESLH0iDMgqSaqf64gXadarfSNnU+sYYJ9m5tfk63euyucYT2BDMIJTLrdKwW -RMbkQJMdf60CAwEAAaOCAp8wggKbMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0P -AQH/BAQDAgAGMBEGCWCGSAGG+EIBAQQEAwIABzCCAmAGCWCGSAGG+EIBDQSCAlEW -ggJNRklHWUVMRU0hIEV6ZW4gdGFudXNpdHZhbnkgYSBOZXRMb2NrIEtmdC4gQWx0 -YWxhbm9zIFN6b2xnYWx0YXRhc2kgRmVsdGV0ZWxlaWJlbiBsZWlydCBlbGphcmFz -b2sgYWxhcGphbiBrZXN6dWx0LiBBIGhpdGVsZXNpdGVzIGZvbHlhbWF0YXQgYSBO -ZXRMb2NrIEtmdC4gdGVybWVrZmVsZWxvc3NlZy1iaXp0b3NpdGFzYSB2ZWRpLiBB -IGRpZ2l0YWxpcyBhbGFpcmFzIGVsZm9nYWRhc2FuYWsgZmVsdGV0ZWxlIGF6IGVs -b2lydCBlbGxlbm9yemVzaSBlbGphcmFzIG1lZ3RldGVsZS4gQXogZWxqYXJhcyBs -ZWlyYXNhIG1lZ3RhbGFsaGF0byBhIE5ldExvY2sgS2Z0LiBJbnRlcm5ldCBob25s -YXBqYW4gYSBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIGNpbWVuIHZhZ3kg -a2VyaGV0byBheiBlbGxlbm9yemVzQG5ldGxvY2submV0IGUtbWFpbCBjaW1lbi4g -SU1QT1JUQU5UISBUaGUgaXNzdWFuY2UgYW5kIHRoZSB1c2Ugb2YgdGhpcyBjZXJ0 -aWZpY2F0ZSBpcyBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIENQUyBhdmFpbGFibGUg -YXQgaHR0cHM6Ly93d3cubmV0bG9jay5uZXQvZG9jcyBvciBieSBlLW1haWwgYXQg -Y3BzQG5ldGxvY2submV0LjANBgkqhkiG9w0BAQQFAAOBgQAQrX/XDDKACtiG8XmY -ta3UzbM2xJZIwVzNmtkFLp++UOv0JhQQLdRmF/iewSf98e3ke0ugbLWrmldwpu2g -pO0u9f38vf5NNwgMvOOWgyL1SRt/Syu0VMGAfJlOHdCM7tCs5ZL6dVb+ZKATj7i4 -Fp1hBWeAyNDYpQcCNJgEjTME1A== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 104 (0x68) - Signature Algorithm: md5WithRSAEncryption - Issuer: C=HU, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Expressz (Class C) Tanusitvanykiado - Validity - Not Before: Feb 25 14:08:11 1999 GMT - Not After : Feb 20 14:08:11 2019 GMT - Subject: C=HU, L=Budapest, O=NetLock Halozatbiztonsagi Kft., OU=Tanusitvanykiadok, CN=NetLock Expressz (Class C) Tanusitvanykiado - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:eb:ec:b0:6c:61:8a:23:25:af:60:20:e3:d9:9f: - fc:93:0b:db:5d:8d:b0:a1:b3:40:3a:82:ce:fd:75: - e0:78:32:03:86:5a:86:95:91:ed:53:fa:9d:40:fc: - e6:e8:dd:d9:5b:7a:03:bd:5d:f3:3b:0c:c3:51:79: - 9b:ad:55:a0:e9:d0:03:10:af:0a:ba:14:42:d9:52: - 26:11:22:c7:d2:20:cc:82:a4:9a:a9:fe:b8:81:76: - 9d:6a:b7:d2:36:75:3e:b1:86:09:f6:6e:6d:7e:4e: - b7:7a:ec:ae:71:84:f6:04:33:08:25:32:eb:74:ac: - 16:44:c6:e4:40:93:1d:7f:ad - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:4 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - Netscape Cert Type: - SSL CA, S/MIME CA, Object Signing CA - Netscape Comment: - FIGYELEM! Ezen tanusitvany a NetLock Kft. Altalanos Szolgaltatasi Felteteleiben leirt eljarasok alapjan keszult. A hitelesites folyamatat a NetLock Kft. termekfelelosseg-biztositasa vedi. A digitalis alairas elfogadasanak feltetele az eloirt ellenorzesi eljaras megtetele. Az eljaras leirasa megtalalhato a NetLock Kft. Internet honlapjan a https://www.netlock.net/docs cimen vagy kerheto az ellenorzes@netlock.net e-mail cimen. IMPORTANT! The issuance and the use of this certificate is subject to the NetLock CPS available at https://www.netlock.net/docs or by e-mail at cps@netlock.net. - Signature Algorithm: md5WithRSAEncryption - 10:ad:7f:d7:0c:32:80:0a:d8:86:f1:79:98:b5:ad:d4:cd:b3: - 36:c4:96:48:c1:5c:cd:9a:d9:05:2e:9f:be:50:eb:f4:26:14: - 10:2d:d4:66:17:f8:9e:c1:27:fd:f1:ed:e4:7b:4b:a0:6c:b5: - ab:9a:57:70:a6:ed:a0:a4:ed:2e:f5:fd:fc:bd:fe:4d:37:08: - 0c:bc:e3:96:83:22:f5:49:1b:7f:4b:2b:b4:54:c1:80:7c:99: - 4e:1d:d0:8c:ee:d0:ac:e5:92:fa:75:56:fe:64:a0:13:8f:b8: - b8:16:9d:61:05:67:80:c8:d0:d8:a5:07:02:34:98:04:8d:33: - 04:d4 -SHA1 Fingerprint=E3:92:51:2F:0A:CF:F5:05:DF:F6:DE:06:7F:75:37:E1:65:EA:57:4B diff --git a/luni/src/main/files/cacerts/6adf0799.0 b/luni/src/main/files/cacerts/6adf0799.0 deleted file mode 100644 index 74b4813..0000000 --- a/luni/src/main/files/cacerts/6adf0799.0 +++ /dev/null @@ -1,80 +0,0 @@ ------BEGIN CERTIFICATE----- -MIID5TCCAs2gAwIBAgIEOeSXnjANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMC -VVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9v -dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDAxMDExMTY0MTI4WhcNMjEwMTE0 -MTY0MTI4WjCBgjELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSww -KgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0G -A1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVqDM7Jvk0/82bfuUER84A4n13 -5zHCLielTWi5MbqNQ1mXx3Oqfz1cQJ4F5aHiidlMuD+b+Qy0yGIZLEWukR5zcUHE -SxP9cMIlrCL1dQu3U+SlK93OvRw6esP3E48mVJwWa2uv+9iWsWCaSOAlIiR5NM4O -JgALTqv9i86C1y8IcGjBqAr5dE8Hq6T54oN+J3N0Prj5OEL8pahbSCOz6+MlsoCu -ltQKnMJ4msZoGK43YjdeUXWoWGPAUe5AeH6orxqg4bB4nVCMe+ez/I4jsNtlAHCE -AQgAFG5Uhpq6zPk3EPbg3oQtnaSFN9OH4xXQwReQfhkhahKpdv0SAulPIV4XAgMB -AAGjYTBfMA8GA1UdEwEB/wQFMAMBAf8wTAYDVR0gBEUwQzBBBgtghkgBhvt7hwcB -CzAyMDAGCCsGAQUFBwIBFiRodHRwOi8vd3d3LndlbGxzZmFyZ28uY29tL2NlcnRw -b2xpY3kwDQYJKoZIhvcNAQEFBQADggEBANIn3ZwKdyu7IvICtUpKkfnRLb7kuxpo -7w6kAOnu5+/u9vnldKTC2FJYxHT7zmu1Oyl5GFrvm+0fazbuSCUlFLZWohDo7qd/ -0D+j0MNdJu4HzMPBJCGHHt8qElNvQRbn7a6U+oxy+hNH8Dx+rn0ROhPs7fpvcmR7 -nX1/Jv16+yWt6j4pf0zjAFcysLPp7VMX2YuyFA4w6OXVE8Zkr8QA1dhYJPz1j+zx -x32l2w8n0cbyQIjmH/ZhqPRCyLk306m+LFZ4wnKbWV01QIroTmMatukgalHizqSQ -33ZwmVxwQ023tqcZZE6St8WRPH9IFmV7Fv3L/PvZ1dZPIWU7Sn9Ho/s= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 971282334 (0x39e4979e) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, O=Wells Fargo, OU=Wells Fargo Certification Authority, CN=Wells Fargo Root Certificate Authority - Validity - Not Before: Oct 11 16:41:28 2000 GMT - Not After : Jan 14 16:41:28 2021 GMT - Subject: C=US, O=Wells Fargo, OU=Wells Fargo Certification Authority, CN=Wells Fargo Root Certificate Authority - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:d5:a8:33:3b:26:f9:34:ff:cd:9b:7e:e5:04:47: - ce:00:e2:7d:77:e7:31:c2:2e:27:a5:4d:68:b9:31: - ba:8d:43:59:97:c7:73:aa:7f:3d:5c:40:9e:05:e5: - a1:e2:89:d9:4c:b8:3f:9b:f9:0c:b4:c8:62:19:2c: - 45:ae:91:1e:73:71:41:c4:4b:13:fd:70:c2:25:ac: - 22:f5:75:0b:b7:53:e4:a5:2b:dd:ce:bd:1c:3a:7a: - c3:f7:13:8f:26:54:9c:16:6b:6b:af:fb:d8:96:b1: - 60:9a:48:e0:25:22:24:79:34:ce:0e:26:00:0b:4e: - ab:fd:8b:ce:82:d7:2f:08:70:68:c1:a8:0a:f9:74: - 4f:07:ab:a4:f9:e2:83:7e:27:73:74:3e:b8:f9:38: - 42:fc:a5:a8:5b:48:23:b3:eb:e3:25:b2:80:ae:96: - d4:0a:9c:c2:78:9a:c6:68:18:ae:37:62:37:5e:51: - 75:a8:58:63:c0:51:ee:40:78:7e:a8:af:1a:a0:e1: - b0:78:9d:50:8c:7b:e7:b3:fc:8e:23:b0:db:65:00: - 70:84:01:08:00:14:6e:54:86:9a:ba:cc:f9:37:10: - f6:e0:de:84:2d:9d:a4:85:37:d3:87:e3:15:d0:c1: - 17:90:7e:19:21:6a:12:a9:76:fd:12:02:e9:4f:21: - 5e:17 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Certificate Policies: - Policy: 2.16.840.1.114171.903.1.11 - CPS: http://www.wellsfargo.com/certpolicy - - Signature Algorithm: sha1WithRSAEncryption - d2:27:dd:9c:0a:77:2b:bb:22:f2:02:b5:4a:4a:91:f9:d1:2d: - be:e4:bb:1a:68:ef:0e:a4:00:e9:ee:e7:ef:ee:f6:f9:e5:74: - a4:c2:d8:52:58:c4:74:fb:ce:6b:b5:3b:29:79:18:5a:ef:9b: - ed:1f:6b:36:ee:48:25:25:14:b6:56:a2:10:e8:ee:a7:7f:d0: - 3f:a3:d0:c3:5d:26:ee:07:cc:c3:c1:24:21:87:1e:df:2a:12: - 53:6f:41:16:e7:ed:ae:94:fa:8c:72:fa:13:47:f0:3c:7e:ae: - 7d:11:3a:13:ec:ed:fa:6f:72:64:7b:9d:7d:7f:26:fd:7a:fb: - 25:ad:ea:3e:29:7f:4c:e3:00:57:32:b0:b3:e9:ed:53:17:d9: - 8b:b2:14:0e:30:e8:e5:d5:13:c6:64:af:c4:00:d5:d8:58:24: - fc:f5:8f:ec:f1:c7:7d:a5:db:0f:27:d1:c6:f2:40:88:e6:1f: - f6:61:a8:f4:42:c8:b9:37:d3:a9:be:2c:56:78:c2:72:9b:59: - 5d:35:40:8a:e8:4e:63:1a:b6:e9:20:6a:51:e2:ce:a4:90:df: - 76:70:99:5c:70:43:4d:b7:b6:a7:19:64:4e:92:b7:c5:91:3c: - 7f:48:16:65:7b:16:fd:cb:fc:fb:d9:d5:d6:4f:21:65:3b:4a: - 7f:47:a3:fb -SHA1 Fingerprint=93:E6:AB:22:03:03:B5:23:28:DC:DA:56:9E:BA:E4:D1:D1:CC:FB:65 diff --git a/luni/src/main/files/cacerts/7651b327.0 b/luni/src/main/files/cacerts/7651b327.0 deleted file mode 100644 index 29d7a10..0000000 --- a/luni/src/main/files/cacerts/7651b327.0 +++ /dev/null @@ -1,49 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkG -A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz -cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2 -MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV -BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt -YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN -ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE -BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is -I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G -CSqGSIb3DQEBBQUAA4GBABByUqkFFBkyCEHwxWsKzH4PIRnN5GfcX6kb5sroc50i -2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWXbj9T/UWZYB2oK0z5XqcJ -2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/D/xwzoiQ ------END CERTIFICATE----- -Certificate: - Data: - Version: 1 (0x0) - Serial Number: - 3c:91:31:cb:1f:f6:d0:1b:0e:9a:b8:d0:44:bf:12:be - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - Validity - Not Before: Jan 29 00:00:00 1996 GMT - Not After : Aug 2 23:59:59 2028 GMT - Subject: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:c9:5c:59:9e:f2:1b:8a:01:14:b4:10:df:04:40: - db:e3:57:af:6a:45:40:8f:84:0c:0b:d1:33:d9:d9: - 11:cf:ee:02:58:1f:25:f7:2a:a8:44:05:aa:ec:03: - 1f:78:7f:9e:93:b9:9a:00:aa:23:7d:d6:ac:85:a2: - 63:45:c7:72:27:cc:f4:4c:c6:75:71:d2:39:ef:4f: - 42:f0:75:df:0a:90:c6:8e:20:6f:98:0f:f8:ac:23: - 5f:70:29:36:a4:c9:86:e7:b1:9a:20:cb:53:a5:85: - e7:3d:be:7d:9a:fe:24:45:33:dc:76:15:ed:0f:a2: - 71:64:4c:65:2e:81:68:45:a7 - Exponent: 65537 (0x10001) - Signature Algorithm: sha1WithRSAEncryption - 10:72:52:a9:05:14:19:32:08:41:f0:c5:6b:0a:cc:7e:0f:21: - 19:cd:e4:67:dc:5f:a9:1b:e6:ca:e8:73:9d:22:d8:98:6e:73: - 03:61:91:c5:7c:b0:45:40:6e:44:9d:8d:b0:b1:96:74:61:2d: - 0d:a9:45:d2:a4:92:2a:d6:9a:75:97:6e:3f:53:fd:45:99:60: - 1d:a8:2b:4c:f9:5e:a7:09:d8:75:30:d7:d2:65:60:3d:67:d6: - 48:55:75:69:3f:91:f5:48:0b:47:69:22:69:82:96:be:c9:c8: - 38:86:4a:7a:2c:73:19:48:69:4e:6b:7c:65:bf:0f:fc:70:ce: - 88:90 -SHA1 Fingerprint=A1:DB:63:93:91:6F:17:E4:18:55:09:40:04:15:C7:02:40:B0:AE:6B diff --git a/luni/src/main/files/cacerts/7d3cd826.0 b/luni/src/main/files/cacerts/7d3cd826.0 deleted file mode 100644 index f3944f2..0000000 --- a/luni/src/main/files/cacerts/7d3cd826.0 +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0 -IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz -BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y -aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG -9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMjIzM1oXDTE5MDYy -NjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y -azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs -YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw -Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl -cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjmFGWHOjVsQaBalfD -cnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td3zZxFJmP3MKS8edgkpfs -2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89HBFx1cQqY -JJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliE -Zwgs3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJ -n0WuPIqpsHEzXcjFV9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/A -PhmcGcwTTYJBtYze4D1gCCAPRX5ron+jjBXu ------END CERTIFICATE----- -Certificate: - Data: - Version: 1 (0x0) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 3 Policy Validation Authority, CN=http://www.valicert.com//emailAddress=info@valicert.com - Validity - Not Before: Jun 26 00:22:33 1999 GMT - Not After : Jun 26 00:22:33 2019 GMT - Subject: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 3 Policy Validation Authority, CN=http://www.valicert.com//emailAddress=info@valicert.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:e3:98:51:96:1c:e8:d5:b1:06:81:6a:57:c3:72: - 75:93:ab:cf:9e:a6:fc:f3:16:52:d6:2d:4d:9f:35: - 44:a8:2e:04:4d:07:49:8a:38:29:f5:77:37:e7:b7: - ab:5d:df:36:71:14:99:8f:dc:c2:92:f1:e7:60:92: - 97:ec:d8:48:dc:bf:c1:02:20:c6:24:a4:28:4c:30: - 5a:76:6d:b1:5c:f3:dd:de:9e:10:71:a1:88:c7:5b: - 9b:41:6d:ca:b0:b8:8e:15:ee:ad:33:2b:cf:47:04: - 5c:75:71:0a:98:24:98:29:a7:49:59:a5:dd:f8:b7: - 43:62:61:f3:d3:e2:d0:55:3f - Exponent: 65537 (0x10001) - Signature Algorithm: sha1WithRSAEncryption - 56:bb:02:58:84:67:08:2c:df:1f:db:7b:49:33:f5:d3:67:9d: - f4:b4:0a:10:b3:c9:c5:2c:e2:92:6a:71:78:27:f2:70:83:42: - d3:3e:cf:a9:54:f4:f1:d8:92:16:8c:d1:04:cb:4b:ab:c9:9f: - 45:ae:3c:8a:a9:b0:71:33:5d:c8:c5:57:df:af:a8:35:b3:7f: - 89:87:e9:e8:25:92:b8:7f:85:7a:ae:d6:bc:1e:37:58:2a:67: - c9:91:cf:2a:81:3e:ed:c6:39:df:c0:3e:19:9c:19:cc:13:4d: - 82:41:b5:8c:de:e0:3d:60:08:20:0f:45:7e:6b:a2:7f:a3:8c: - 15:ee -SHA1 Fingerprint=69:BD:8C:F4:9C:D3:00:FB:59:2E:17:93:CA:55:6A:F3:EC:AA:35:FB diff --git a/luni/src/main/files/cacerts/8d6437c3.0 b/luni/src/main/files/cacerts/8d6437c3.0 new file mode 100644 index 0000000..2097b64 --- /dev/null +++ b/luni/src/main/files/cacerts/8d6437c3.0 @@ -0,0 +1,80 @@ +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv +b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl +cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSA +n61UQbVH35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4Htecc +biJVMWWXvdMX0h5i89vqbFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9Hp +EgjAALAcKxHad3A2m67OeYfcgnDmCXRwVWmvo2ifv922ebPynXApVfSr/5Vh88lA +bx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OPYLfykqGxvYmJHzDNw6Yu +YjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+RnlTGNAgMB +AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQW +BBTOw0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPI +QW5pJ6d1Ee88hjZv0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I +0jJmwYrA8y8678Dj1JGG0VDjA9tzd29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4Gni +lmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAWhsI6yLETcDbYz+70CjTVW0z9 +B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0MjomZmWzwPDCv +ON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo +IhNzbM8m9Yop5w== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:93:1c:3a:d6:39:67:ea:67:23:bf:c3:af:9a:f4:4b + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G2 + Validity + Not Before: Aug 1 12:00:00 2013 GMT + Not After : Jan 15 12:00:00 2038 GMT + Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:d9:e7:28:2f:52:3f:36:72:49:88:93:34:f3:f8: + 6a:1e:31:54:80:9f:ad:54:41:b5:47:df:96:a8:d4: + af:80:2d:b9:0a:cf:75:fd:89:a5:7d:24:fa:e3:22: + 0c:2b:bc:95:17:0b:33:bf:19:4d:41:06:90:00:bd: + 0c:4d:10:fe:07:b5:e7:1c:6e:22:55:31:65:97:bd: + d3:17:d2:1e:62:f3:db:ea:6c:50:8c:3f:84:0c:96: + cf:b7:cb:03:e0:ca:6d:a1:14:4c:1b:89:dd:ed:00: + b0:52:7c:af:91:6c:b1:38:13:d1:e9:12:08:c0:00: + b0:1c:2b:11:da:77:70:36:9b:ae:ce:79:87:dc:82: + 70:e6:09:74:70:55:69:af:a3:68:9f:bf:dd:b6:79: + b3:f2:9d:70:29:55:f4:ab:ff:95:61:f3:c9:40:6f: + 1d:d1:be:93:bb:d3:88:2a:bb:9d:bf:72:5a:56:71: + 3b:3f:d4:f3:d1:0a:fe:28:ef:a3:ee:d9:99:af:03: + d3:8f:60:b7:f2:92:a1:b1:bd:89:89:1f:30:cd:c3: + a6:2e:62:33:ae:16:02:77:44:5a:e7:81:0a:3c:a7: + 44:2e:79:b8:3f:04:bc:5c:a0:87:e1:1b:af:51:8e: + cd:ec:2c:fa:f8:fe:6d:f0:3a:7c:aa:8b:e4:67:95: + 31:8d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + CE:C3:4A:B9:99:55:F2:B8:DB:60:BF:A9:7E:BD:56:B5:97:36:A7:D6 + Signature Algorithm: sha256WithRSAEncryption + ca:a5:55:8c:e3:c8:41:6e:69:27:a7:75:11:ef:3c:86:36:6f: + d2:9d:c6:78:38:1d:69:96:a2:92:69:2e:38:6c:9b:7d:04:d4: + 89:a5:b1:31:37:8a:c9:21:cc:ab:6c:cd:8b:1c:9a:d6:bf:48: + d2:32:66:c1:8a:c0:f3:2f:3a:ef:c0:e3:d4:91:86:d1:50:e3: + 03:db:73:77:6f:4a:39:53:ed:de:26:c7:b5:7d:af:2b:42:d1: + 75:62:e3:4a:2b:02:c7:50:4b:e0:69:e2:96:6c:0e:44:66:10: + 44:8f:ad:05:eb:f8:79:ac:a6:1b:e8:37:34:9d:53:c9:61:aa: + a2:52:af:4a:70:16:86:c2:3a:c8:b1:13:70:36:d8:cf:ee:f4: + 0a:34:d5:5b:4c:fd:07:9c:a2:ba:d9:01:72:5c:f3:4d:c1:dd: + 0e:b1:1c:0d:c4:63:be:ad:f4:14:fb:89:ec:a2:41:0e:4c:cc: + c8:57:40:d0:6e:03:aa:cd:0c:8e:89:99:99:6c:f0:3c:30:af: + 38:df:6f:bc:a3:be:29:20:27:ab:74:ff:13:22:78:de:97:52: + 55:1e:83:b5:54:20:03:ee:ae:c0:4f:56:de:37:cc:c3:7f:aa: + 04:27:bb:d3:77:b8:62:db:17:7c:9c:28:22:13:73:6c:cf:26: + f5:8a:29:e7 +SHA1 Fingerprint=A1:4B:48:D9:43:EE:0A:0E:40:90:4F:3C:E0:A4:C0:91:93:51:5D:3F diff --git a/luni/src/main/files/cacerts/961f5451.0 b/luni/src/main/files/cacerts/961f5451.0 new file mode 100644 index 0000000..2a61cb0 --- /dev/null +++ b/luni/src/main/files/cacerts/961f5451.0 @@ -0,0 +1,121 @@ +-----BEGIN CERTIFICATE----- +MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBV +MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNV +BAMTIUNlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgw +MTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJBgNVBAYTAkNOMRowGAYDVQQKExFX +b1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvcqN +rLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1U +fcIiePyOCbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcScc +f+Hb0v1naMQFXQoOXXDX2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2 +ZjC1vt7tj/id07sBMOby8w7gLJKA84X5KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4M +x1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR+ScPewavVIMYe+HdVHpR +aG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ezEC8wQjch +zDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDar +uHqklWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221K +mYo0SLwX3OSACCK28jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvA +Sh0JWzko/amrzgD5LkhLJuYwTKVYyrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWv +HYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0CAwEAAaNCMEAwDgYDVR0PAQH/ +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R8bNLtwYgFP6H +EtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1 +LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJ +MuYhOZO9sxXqT2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2e +JXLOC62qx1ViC777Y7NhRCOjy+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VN +g64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC2nz4SNAzqfkHx5Xh9T71XXG68pWp +dIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes5cVAWubXbHssw1ab +R80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/EaEQ +PkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGce +xGATVdVhmVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+ +J7x6v+Db9NpSvd4MVHAxkUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMl +OtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGikpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWT +ee5Ehr7XHuQe+w== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign + Validity + Not Before: Aug 8 01:00:01 2009 GMT + Not After : Aug 8 01:00:01 2039 GMT + Subject: C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:bd:ca:8d:ac:b8:91:15:56:97:7b:6b:5c:7a:c2: + de:6b:d9:a1:b0:c3:10:23:fa:a7:a1:b2:cc:31:fa: + 3e:d9:a6:29:6f:16:3d:e0:6b:f8:b8:40:5f:db:39: + a8:00:7a:8b:a0:4d:54:7d:c2:22:78:fc:8e:09:b8: + a8:85:d7:cc:95:97:4b:74:d8:9e:7e:f0:00:e4:0e: + 89:ae:49:28:44:1a:10:99:32:0f:25:88:53:a4:0d: + b3:0f:12:08:16:0b:03:71:27:1c:7f:e1:db:d2:fd: + 67:68:c4:05:5d:0a:0e:5d:70:d7:d8:97:a0:bc:53: + 41:9a:91:8d:f4:9e:36:66:7a:7e:56:c1:90:5f:e6: + b1:68:20:36:a4:8c:24:2c:2c:47:0b:59:76:66:30: + b5:be:de:ed:8f:f8:9d:d3:bb:01:30:e6:f2:f3:0e: + e0:2c:92:80:f3:85:f9:28:8a:b4:54:2e:9a:ed:f7: + 76:fc:15:68:16:eb:4a:6c:eb:2e:12:8f:d4:cf:fe: + 0c:c7:5c:1d:0b:7e:05:32:be:5e:b0:09:2a:42:d5: + c9:4e:90:b3:59:0d:bb:7a:7e:cd:d5:08:5a:b4:7f: + d8:1c:69:11:f9:27:0f:7b:06:af:54:83:18:7b:e1: + dd:54:7a:51:68:6e:77:fc:c6:bf:52:4a:66:46:a1: + b2:67:1a:bb:a3:4f:77:a0:be:5d:ff:fc:56:0b:43: + 72:77:90:ca:9e:f9:f2:39:f5:0d:a9:f4:ea:d7:e7: + b3:10:2f:30:42:37:21:cc:30:70:c9:86:98:0f:cc: + 58:4d:83:bb:7d:e5:1a:a5:37:8d:b6:ac:32:97:00: + 3a:63:71:24:1e:9e:37:c4:ff:74:d4:37:c0:e2:fe: + 88:46:60:11:dd:08:3f:50:36:ab:b8:7a:a4:95:62: + 6a:6e:b0:ca:6a:21:5a:69:f3:f3:fb:1d:70:39:95: + f3:a7:6e:a6:81:89:a1:88:c5:3b:71:ca:a3:52:ee: + 83:bb:fd:a0:77:f4:e4:6f:e7:42:db:6d:4a:99:8a: + 34:48:bc:17:dc:e4:80:08:22:b6:f2:31:c0:3f:04: + 3e:eb:9f:20:79:d6:b8:06:64:64:02:31:d7:a9:cd: + 52:fb:84:45:69:09:00:2a:dc:55:8b:c4:06:46:4b: + c0:4a:1d:09:5b:39:28:fd:a9:ab:ce:00:f9:2e:48: + 4b:26:e6:30:4c:a5:58:ca:b4:44:82:4f:e7:91:1e: + 33:c3:b0:93:ff:11:fc:81:d2:ca:1f:71:29:dd:76: + 4f:92:25:af:1d:81:b7:0f:2f:8c:c3:06:cc:2f:27: + a3:4a:e4:0e:99:ba:7c:1e:45:1f:7f:aa:19:45:96: + fd:fc:3d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + E1:66:CF:0E:D1:F1:B3:4B:B7:06:20:14:FE:87:12:D5:F6:FE:FB:3E + Signature Algorithm: sha1WithRSAEncryption + a8:cb:72:40:b2:76:c1:7e:7b:fc:ad:64:e3:32:7b:cc:3c:b6: + 5d:46:d3:f5:2c:e2:70:5d:c8:2e:d8:06:7d:98:d1:0b:21:a0: + 89:59:24:01:9d:f9:af:09:7d:0a:23:82:34:d5:fc:7c:72:99: + b9:a3:d7:54:f4:ea:52:70:0e:c5:f5:d6:3b:e1:3a:09:32:e6: + 21:39:93:bd:b3:15:ea:4f:6a:f4:f5:8b:3f:2f:7c:8d:58:2e: + c5:e1:39:a0:3e:c7:3d:4a:73:9e:40:7a:c0:2b:61:a9:67:c9: + f3:24:b9:b3:6d:55:2c:5a:1d:9e:25:72:ce:0b:ad:aa:c7:55: + 62:0b:be:fb:63:b3:61:44:23:a3:cb:e1:1a:0e:f7:9a:06:4d: + de:d4:23:4e:21:96:5b:39:5b:57:1d:2f:5d:08:5e:09:79:ff: + 7c:97:b5:4d:83:ae:0d:d6:e6:a3:79:e0:33:d0:99:96:02:30: + a7:3e:ff:d2:a3:43:3f:05:5a:06:ea:44:02:da:7c:f8:48:d0: + 33:a9:f9:07:c7:95:e1:f5:3e:f5:5d:71:ba:f2:95:a9:74:88: + 61:59:e3:bf:ca:5a:13:ba:72:b4:8c:5d:36:87:e9:a6:c5:3c: + 13:bf:de:d0:44:26:ee:b7:ec:2e:70:fa:d7:9d:b7:ac:e5:c5: + 40:5a:e6:d7:6c:7b:2c:c3:56:9b:47:cd:0b:ce:fa:1b:b4:21: + d7:b7:66:b8:f4:25:30:8b:5c:0d:b9:ea:67:b2:f4:6d:ae:d5: + a1:9e:4f:d8:9f:e9:27:02:b0:1d:06:d6:8f:e3:fb:48:12:9f: + 7f:11:a1:10:3e:4c:51:3a:96:b0:d1:13:f1:c7:d8:26:ae:3a: + ca:91:c4:69:9d:df:01:29:64:51:6f:68:da:14:ec:08:41:97: + 90:8d:d0:b2:80:f2:cf:c2:3d:bf:91:68:c5:80:67:1e:c4:60: + 13:55:d5:61:99:57:7c:ba:95:0f:61:49:3a:ca:75:bc:c9:0a: + 93:3f:67:0e:12:f2:28:e2:31:1b:c0:57:16:df:08:7c:19:c1: + 7e:0f:1f:85:1e:0a:36:7c:5b:7e:27:bc:7a:bf:e0:db:f4:da: + 52:bd:de:0c:54:70:31:91:43:95:c8:bc:f0:3e:dd:09:7e:30: + 64:50:ed:7f:01:a4:33:67:4d:68:4f:be:15:ef:b0:f6:02:11: + a2:1b:13:25:3a:dc:c2:59:f1:e3:5c:46:bb:67:2c:02:46:ea: + 1e:48:a6:e6:5b:d9:b5:bc:51:a2:92:96:db:aa:c6:37:22:a6: + fe:cc:20:74:a3:2d:a9:2e:6b:cb:c0:82:11:21:b5:93:79:ee: + 44:86:be:d7:1e:e4:1e:fb +SHA1 Fingerprint=B9:42:94:BF:91:EA:8F:B6:4B:E6:10:97:C7:FB:00:13:59:B6:76:CB diff --git a/luni/src/main/files/cacerts/a2c66da8.0 b/luni/src/main/files/cacerts/a2c66da8.0 new file mode 100644 index 0000000..f922408 --- /dev/null +++ b/luni/src/main/files/cacerts/a2c66da8.0 @@ -0,0 +1,121 @@ +-----BEGIN CERTIFICATE----- +MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg +RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu +Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y +ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If +xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV +ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO +DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ +jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/ +CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi +EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM +fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY +uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK +chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t +9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD +ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2 +SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd ++SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc +fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa +sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N +cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N +0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie +4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI +r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1 +/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm +gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+ +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c + Signature Algorithm: sha384WithRSAEncryption + Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4 + Validity + Not Before: Aug 1 12:00:00 2013 GMT + Not After : Jan 15 12:00:00 2038 GMT + Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:bf:e6:90:73:68:de:bb:e4:5d:4a:3c:30:22:30: + 69:33:ec:c2:a7:25:2e:c9:21:3d:f2:8a:d8:59:c2: + e1:29:a7:3d:58:ab:76:9a:cd:ae:7b:1b:84:0d:c4: + 30:1f:f3:1b:a4:38:16:eb:56:c6:97:6d:1d:ab:b2: + 79:f2:ca:11:d2:e4:5f:d6:05:3c:52:0f:52:1f:c6: + 9e:15:a5:7e:be:9f:a9:57:16:59:55:72:af:68:93: + 70:c2:b2:ba:75:99:6a:73:32:94:d1:10:44:10:2e: + df:82:f3:07:84:e6:74:3b:6d:71:e2:2d:0c:1b:ee: + 20:d5:c9:20:1d:63:29:2d:ce:ec:5e:4e:c8:93:f8: + 21:61:9b:34:eb:05:c6:5e:ec:5b:1a:bc:eb:c9:cf: + cd:ac:34:40:5f:b1:7a:66:ee:77:c8:48:a8:66:57: + 57:9f:54:58:8e:0c:2b:b7:4f:a7:30:d9:56:ee:ca: + 7b:5d:e3:ad:c9:4f:5e:e5:35:e7:31:cb:da:93:5e: + dc:8e:8f:80:da:b6:91:98:40:90:79:c3:78:c7:b6: + b1:c4:b5:6a:18:38:03:10:8d:d8:d4:37:a4:2e:05: + 7d:88:f5:82:3e:10:91:70:ab:55:82:41:32:d7:db: + 04:73:2a:6e:91:01:7c:21:4c:d4:bc:ae:1b:03:75: + 5d:78:66:d9:3a:31:44:9a:33:40:bf:08:d7:5a:49: + a4:c2:e6:a9:a0:67:dd:a4:27:bc:a1:4f:39:b5:11: + 58:17:f7:24:5c:46:8f:64:f7:c1:69:88:76:98:76: + 3d:59:5d:42:76:87:89:97:69:7a:48:f0:e0:a2:12: + 1b:66:9a:74:ca:de:4b:1e:e7:0e:63:ae:e6:d4:ef: + 92:92:3a:9e:3d:dc:00:e4:45:25:89:b6:9a:44:19: + 2b:7e:c0:94:b4:d2:61:6d:eb:33:d9:c5:df:4b:04: + 00:cc:7d:1c:95:c3:8f:f7:21:b2:b2:11:b7:bb:7f: + f2:d5:8c:70:2c:41:60:aa:b1:63:18:44:95:1a:76: + 62:7e:f6:80:b0:fb:e8:64:a6:33:d1:89:07:e1:bd: + b7:e6:43:a4:18:b8:a6:77:01:e1:0f:94:0c:21:1d: + b2:54:29:25:89:6c:e5:0e:52:51:47:74:be:26:ac: + b6:41:75:de:7a:ac:5f:8d:3f:c9:bc:d3:41:11:12: + 5b:e5:10:50:eb:31:c5:ca:72:16:22:09:df:7c:4c: + 75:3f:63:ec:21:5f:c4:20:51:6b:6f:b1:ab:86:8b: + 4f:c2:d6:45:5f:9d:20:fc:a1:1e:c5:c0:8f:a2:b1: + 7e:0a:26:99:f5:e4:69:2f:98:1d:2d:f5:d9:a9:b2: + 1d:e5:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + EC:D7:E3:82:D2:71:5D:64:4C:DF:2E:67:3F:E7:BA:98:AE:1C:0F:4F + Signature Algorithm: sha384WithRSAEncryption + bb:61:d9:7d:a9:6c:be:17:c4:91:1b:c3:a1:a2:00:8d:e3:64: + 68:0f:56:cf:77:ae:70:f9:fd:9a:4a:99:b9:c9:78:5c:0c:0c: + 5f:e4:e6:14:29:56:0b:36:49:5d:44:63:e0:ad:9c:96:18:66: + 1b:23:0d:3d:79:e9:6d:6b:d6:54:f8:d2:3c:c1:43:40:ae:1d: + 50:f5:52:fc:90:3b:bb:98:99:69:6b:c7:c1:a7:a8:68:a4:27: + dc:9d:f9:27:ae:30:85:b9:f6:67:4d:3a:3e:8f:59:39:22:53: + 44:eb:c8:5d:03:ca:ed:50:7a:7d:62:21:0a:80:c8:73:66:d1: + a0:05:60:5f:e8:a5:b4:a7:af:a8:f7:6d:35:9c:7c:5a:8a:d6: + a2:38:99:f3:78:8b:f4:4d:d2:20:0b:de:04:ee:8c:9b:47:81: + 72:0d:c0:14:32:ef:30:59:2e:ae:e0:71:f2:56:e4:6a:97:6f: + 92:50:6d:96:8d:68:7a:9a:b2:36:14:7a:06:f2:24:b9:09:11: + 50:d7:08:b1:b8:89:7a:84:23:61:42:29:e5:a3:cd:a2:20:41: + d7:d1:9c:64:d9:ea:26:a1:8b:14:d7:4c:19:b2:50:41:71:3d: + 3f:4d:70:23:86:0c:4a:dc:81:d2:cc:32:94:84:0d:08:09:97: + 1c:4f:c0:ee:6b:20:74:30:d2:e0:39:34:10:85:21:15:01:08: + e8:55:32:de:71:49:d9:28:17:50:4d:e6:be:4d:d1:75:ac:d0: + ca:fb:41:b8:43:a5:aa:d3:c3:05:44:4f:2c:36:9b:e2:fa:e2: + 45:b8:23:53:6c:06:6f:67:55:7f:46:b5:4c:3f:6e:28:5a:79: + 26:d2:a4:a8:62:97:d2:1e:e2:ed:4a:8b:bc:1b:fd:47:4a:0d: + df:67:66:7e:b2:5b:41:d0:3b:e4:f4:3b:f4:04:63:e9:ef:c2: + 54:00:51:a0:8a:2a:c9:ce:78:cc:d5:ea:87:04:18:b3:ce:af: + 49:88:af:f3:92:99:b6:b3:e6:61:0f:d2:85:00:e7:50:1a:e4: + 1b:95:9d:19:a1:b9:9c:b1:9b:b1:00:1e:ef:d0:0f:4f:42:6c: + c9:0a:bc:ee:43:fa:3a:71:a5:c8:4d:26:a5:35:fd:89:5d:bc: + 85:62:1d:32:d2:a0:2b:54:ed:9a:57:c1:db:fa:10:cf:19:b7: + 8b:4a:1b:8f:01:b6:27:95:53:e8:b6:89:6d:5b:bc:68:d4:23: + e8:8b:51:a2:56:f9:f0:a6:80:a0:d6:1e:b3:bc:0f:0f:53:75: + 29:aa:ea:13:77:e4:de:8c:81:21:ad:07:10:47:11:ad:87:3d: + 07:d1:75:bc:cf:f3:66:7e +SHA1 Fingerprint=DD:FB:16:CD:49:31:C9:73:A2:03:7D:3F:C8:3A:4D:7D:77:5D:05:E4 diff --git a/luni/src/main/files/cacerts/bcdd5959.0 b/luni/src/main/files/cacerts/bcdd5959.0 deleted file mode 100644 index 39e952b..0000000 --- a/luni/src/main/files/cacerts/bcdd5959.0 +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0 -IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz -BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y -aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG -9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAwMTk1NFoXDTE5MDYy -NjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y -azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs -YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw -Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl -cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOOnHK5avIWZJV16vY -dA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVCCSRrCl6zfN1SLUzm1NZ9 -WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7RfZHM047QS -v4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9v -UJSZSWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTu -IYEZoDJJKPTEjlbVUjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwC -W/POuZ6lcg5Ktz885hZo+L7tdEy8W9ViH0Pd ------END CERTIFICATE----- -Certificate: - Data: - Version: 1 (0x0) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com//emailAddress=info@valicert.com - Validity - Not Before: Jun 26 00:19:54 1999 GMT - Not After : Jun 26 00:19:54 2019 GMT - Subject: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 2 Policy Validation Authority, CN=http://www.valicert.com//emailAddress=info@valicert.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:ce:3a:71:ca:e5:ab:c8:59:92:55:d7:ab:d8:74: - 0e:f9:ee:d9:f6:55:47:59:65:47:0e:05:55:dc:eb: - 98:36:3c:5c:53:5d:d3:30:cf:38:ec:bd:41:89:ed: - 25:42:09:24:6b:0a:5e:b3:7c:dd:52:2d:4c:e6:d4: - d6:7d:5a:59:a9:65:d4:49:13:2d:24:4d:1c:50:6f: - b5:c1:85:54:3b:fe:71:e4:d3:5c:42:f9:80:e0:91: - 1a:0a:5b:39:36:67:f3:3f:55:7c:1b:3f:b4:5f:64: - 73:34:e3:b4:12:bf:87:64:f8:da:12:ff:37:27:c1: - b3:43:bb:ef:7b:6e:2e:69:f7 - Exponent: 65537 (0x10001) - Signature Algorithm: sha1WithRSAEncryption - 3b:7f:50:6f:6f:50:94:99:49:62:38:38:1f:4b:f8:a5:c8:3e: - a7:82:81:f6:2b:c7:e8:c5:ce:e8:3a:10:82:cb:18:00:8e:4d: - bd:a8:58:7f:a1:79:00:b5:bb:e9:8d:af:41:d9:0f:34:ee:21: - 81:19:a0:32:49:28:f4:c4:8e:56:d5:52:33:fd:50:d5:7e:99: - 6c:03:e4:c9:4c:fc:cb:6c:ab:66:b3:4a:21:8c:e5:b5:0c:32: - 3e:10:b2:cc:6c:a1:dc:9a:98:4c:02:5b:f3:ce:b9:9e:a5:72: - 0e:4a:b7:3f:3c:e6:16:68:f8:be:ed:74:4c:bc:5b:d5:62:1f: - 43:dd -SHA1 Fingerprint=31:7A:2A:D0:7F:2B:33:5E:F5:A1:C3:4E:4B:57:E8:B7:D8:F1:FC:A6 diff --git a/luni/src/main/files/cacerts/c491639e.0 b/luni/src/main/files/cacerts/c491639e.0 new file mode 100644 index 0000000..ec9e422 --- /dev/null +++ b/luni/src/main/files/cacerts/c491639e.0 @@ -0,0 +1,53 @@ +-----BEGIN CERTIFICATE----- +MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQsw +CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu +ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg +RzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBlMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu +Y29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQBgcq +hkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJf +Zn4f5dwbRXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17Q +RSAPWXYQ1qAk8C3eNvJsKTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAKBggqhkjOPQQD +AwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5FyYZ5eEJJZVrmDxxDnOOlY +JjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy1vUhZscv +6pZjamVFkpUBtA== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0b:a1:5a:fa:1d:df:a0:b5:49:44:af:cd:24:a0:6c:ec + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G3 + Validity + Not Before: Aug 1 12:00:00 2013 GMT + Not After : Jan 15 12:00:00 2038 GMT + Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G3 + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:19:e7:bc:ac:44:65:ed:cd:b8:3f:58:fb:8d:b1: + 57:a9:44:2d:05:15:f2:ef:0b:ff:10:74:9f:b5:62: + 52:5f:66:7e:1f:e5:dc:1b:45:79:0b:cc:c6:53:0a: + 9d:8d:5d:02:d9:a9:59:de:02:5a:f6:95:2a:0e:8d: + 38:4a:8a:49:c6:bc:c6:03:38:07:5f:55:da:7e:09: + 6e:e2:7f:5e:d0:45:20:0f:59:76:10:d6:a0:24:f0: + 2d:de:36:f2:6c:29:39 + ASN1 OID: secp384r1 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + CB:D0:BD:A9:E1:98:05:51:A1:4D:37:A2:83:79:CE:8D:1D:2A:E4:84 + Signature Algorithm: ecdsa-with-SHA384 + 30:64:02:30:25:a4:81:45:02:6b:12:4b:75:74:4f:c8:23:e3: + 70:f2:75:72:de:7c:89:f0:cf:91:72:61:9e:5e:10:92:59:56: + b9:83:c7:10:e7:38:e9:58:26:36:7d:d5:e4:34:86:39:02:30: + 7c:36:53:f0:30:e5:62:63:3a:99:e2:b6:a3:3b:9b:34:fa:1e: + da:10:92:71:5e:91:13:a7:dd:a4:6e:92:cc:32:d6:f5:21:66: + c7:2f:ea:96:63:6a:65:45:92:95:01:b4 +SHA1 Fingerprint=F5:17:A2:4F:9A:48:C6:C9:F8:A2:00:26:9F:DC:0F:48:2C:AB:30:89 diff --git a/luni/src/main/files/cacerts/c8763593.0 b/luni/src/main/files/cacerts/c8763593.0 deleted file mode 100644 index 70675c7..0000000 --- a/luni/src/main/files/cacerts/c8763593.0 +++ /dev/null @@ -1,132 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsx -CzAJBgNVBAYTAkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRp -ZmljYWNpw7NuIERpZ2l0YWwgLSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwa -QUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4wHhcNMDYxMTI3MjA0NjI5WhcNMzAw -NDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2Ft -ZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMu -QS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkq -hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeG -qentLhM0R7LQcNzJPNCNyu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzL -fDe3fezTf3MZsGqy2IiKLUV0qPezuMDU2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQ -Y5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU34ojC2I+GdV75LaeHM/J4 -Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP2yYe68yQ -54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+b -MMCm8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48j -ilSH5L887uvDdUhfHjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++Ej -YfDIJss2yKHzMI+ko6Kh3VOz3vCaMh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/zt -A/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK5lw1omdMEWux+IBkAC1vImHF -rEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1bczwmPS9KvqfJ -pxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCB -lTCBkgYEVR0gADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFy -YS5jb20vZHBjLzBaBggrBgEFBQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW50 -7WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2UgcHVlZGVuIGVuY29udHJhciBlbiBs -YSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEfAygPU3zmpFmps4p6 -xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuXEpBc -unvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/ -Jre7Ir5v/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dp -ezy4ydV/NgIlqmjCMRW3MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42 -gzmRkBDI8ck1fj+404HGIGQatlDCIaR43NAvO2STdPCWkPHv+wlaNECW8DYSwaN0 -jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wkeZBWN7PGKX6jD/EpOe9+ -XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f/RWmnkJD -W2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/ -RL5hRqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35r -MDOhYil/SrnhLecUIw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxk -BYn8eNZcLCZDqQ== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 07:7e:52:93:7b:e0:15:e3:57:f0:69:8c:cb:ec:0c - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=CO, O=Sociedad Cameral de Certificaci\xC3\xB3n Digital - Certic\xC3\xA1mara S.A., CN=AC Ra\xC3\xADz Certic\xC3\xA1mara S.A. - Validity - Not Before: Nov 27 20:46:29 2006 GMT - Not After : Apr 2 21:42:02 2030 GMT - Subject: C=CO, O=Sociedad Cameral de Certificaci\xC3\xB3n Digital - Certic\xC3\xA1mara S.A., CN=AC Ra\xC3\xADz Certic\xC3\xA1mara S.A. - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (4096 bit) - Modulus: - 00:ab:6b:89:a3:53:cc:48:23:08:fb:c3:cf:51:96: - 08:2e:b8:08:7a:6d:3c:90:17:86:a9:e9:ed:2e:13: - 34:47:b2:d0:70:dc:c9:3c:d0:8d:ca:ee:4b:17:ab: - d0:85:b0:a7:23:04:cb:a8:a2:fc:e5:75:db:40:ca: - 62:89:8f:50:9e:01:3d:26:5b:18:84:1c:cb:7c:37: - b7:7d:ec:d3:7f:73:19:b0:6a:b2:d8:88:8a:2d:45: - 74:a8:f7:b3:b8:c0:d4:da:cd:22:89:74:4d:5a:15: - 39:73:18:74:4f:b5:eb:99:a7:c1:1e:88:b4:c2:93: - 90:63:97:f3:a7:a7:12:b2:09:22:07:33:d9:91:cd: - 0e:9c:1f:0e:20:c7:ee:bb:33:8d:8f:c2:d2:58:a7: - 5f:fd:65:37:e2:88:c2:d8:8f:86:75:5e:f9:2d:a7: - 87:33:f2:78:37:2f:8b:bc:1d:86:37:39:b1:94:f2: - d8:bc:4a:9c:83:18:5a:06:fc:f3:d4:d4:ba:8c:15: - 09:25:f0:f9:b6:8d:04:7e:17:12:33:6b:57:48:4c: - 4f:db:26:1e:eb:cc:90:e7:8b:f9:68:7c:70:0f:a3: - 2a:d0:3a:38:df:37:97:e2:5b:de:80:61:d3:80:d8: - 91:83:42:5a:4c:04:89:68:11:3c:ac:5f:68:80:41: - cc:60:42:ce:0d:5a:2a:0c:0f:9b:30:c0:a6:f0:86: - db:ab:49:d7:97:6d:48:8b:f9:03:c0:52:67:9b:12: - f7:c2:f2:2e:98:65:42:d9:d6:9a:e3:d0:19:31:0c: - ad:87:d5:57:02:7a:30:e8:86:26:fb:8f:23:8a:54: - 87:e4:bf:3c:ee:eb:c3:75:48:5f:1e:39:6f:81:62: - 6c:c5:2d:c4:17:54:19:b7:37:8d:9c:37:91:c8:f6: - 0b:d5:ea:63:6f:83:ac:38:c2:f3:3f:de:9a:fb:e1: - 23:61:f0:c8:26:cb:36:c8:a1:f3:30:8f:a4:a3:a2: - a1:dd:53:b3:de:f0:9a:32:1f:83:91:79:30:c1:a9: - 1f:53:9b:53:a2:15:53:3f:dd:9d:b3:10:3b:48:7d: - 89:0f:fc:ed:03:f5:fb:25:64:75:0e:17:19:0d:8f: - 00:16:67:79:7a:40:fc:2d:59:07:d9:90:fa:9a:ad: - 3d:dc:80:8a:e6:5c:35:a2:67:4c:11:6b:b1:f8:80: - 64:00:2d:6f:22:61:c5:ac:4b:26:e5:5a:10:82:9b: - a4:83:7b:34:f7:9e:89:91:20:97:8e:b7:42:c7:66: - c3:d0:e9:a4:d6:f5:20:8d:c4:c3:95:ac:44:0a:9d: - 5b:73:3c:26:3d:2f:4a:be:a7:c9:a7:10:1e:fb:9f: - 50:69:f3 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - D1:09:D0:E9:D7:CE:79:74:54:F9:3A:30:B3:F4:6D:2C:03:03:1B:68 - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: http://www.certicamara.com/dpc/ - User Notice: - Explicit Text: Limitaciones de garantías de este certificado se pueden encontrar en la DPC. - - Signature Algorithm: sha1WithRSAEncryption - 5c:94:b5:b8:45:91:4d:8e:61:1f:03:28:0f:53:7c:e6:a4:59: - a9:b3:8a:7a:c5:b0:ff:08:7c:2c:a3:71:1c:21:13:67:a1:95: - 12:40:35:83:83:8f:74:db:33:5c:f0:49:76:0a:81:52:dd:49: - d4:9a:32:33:ef:9b:a7:cb:75:e5:7a:cb:97:12:90:5c:ba:7b: - c5:9b:df:bb:39:23:c8:ff:98:ce:0a:4d:22:01:48:07:7e:8a: - c0:d5:20:42:94:44:ef:bf:77:a2:89:67:48:1b:40:03:05:a1: - 89:ec:cf:62:e3:3d:25:76:66:bf:26:b7:bb:22:be:6f:ff:39: - 57:74:ba:7a:c9:01:95:c1:95:51:e8:ab:2c:f8:b1:86:20:e9: - 3f:cb:35:5b:d2:17:e9:2a:fe:83:13:17:40:ee:88:62:65:5b: - d5:3b:60:e9:7b:3c:b8:c9:d5:7f:36:02:25:aa:68:c2:31:15: - b7:30:65:eb:7f:1d:48:79:b1:cf:39:e2:42:80:16:d3:f5:93: - 23:fc:4c:97:c9:5a:37:6c:7c:22:d8:4a:cd:d2:8e:36:83:39: - 91:90:10:c8:f1:c9:35:7e:3f:b8:d3:81:c6:20:64:1a:b6:50: - c2:21:a4:78:dc:d0:2f:3b:64:93:74:f0:96:90:f1:ef:fb:09: - 5a:34:40:96:f0:36:12:c1:a3:74:8c:93:7e:41:de:77:8b:ec: - 86:d9:d2:0f:3f:2d:d1:cc:40:a2:89:66:48:1e:20:b3:9c:23: - 59:73:a9:44:73:bc:24:79:90:56:37:b3:c6:29:7e:a3:0f:f1: - 29:39:ef:7e:5c:28:32:70:35:ac:da:b8:c8:75:66:fc:9b:4c: - 39:47:8e:1b:6f:9b:4d:02:54:22:33:ef:61:ba:9e:29:84:ef: - 4e:4b:33:47:76:97:6a:cb:7e:5f:fd:15:a6:9e:42:43:5b:66: - 5a:8a:88:0d:f7:16:b9:3f:51:65:2b:66:6a:8b:d1:38:52:a2: - d6:46:11:fa:fc:9a:1c:74:9e:8f:97:0b:02:4f:64:c6:f5:68: - d3:4b:2d:ff:a4:37:1e:8b:3f:bf:44:be:61:46:a1:84:3d:08: - 27:4c:81:20:77:89:08:ea:67:40:5e:6c:08:51:5f:34:5a:8c: - 96:68:cd:d7:f7:89:c2:1c:d3:32:00:af:52:cb:d3:60:5b:2a: - 3a:47:7e:6b:30:33:a1:62:29:7f:4a:b9:e1:2d:e7:14:23:0e: - 0e:18:47:e1:79:fc:15:55:d0:b1:fc:25:71:63:75:33:1c:23: - 2b:af:5c:d9:ed:47:77:60:0e:3b:0f:1e:d2:c0:dc:64:05:89: - fc:78:d6:5c:2c:26:43:a9 -SHA1 Fingerprint=CB:A1:C5:F8:B0:E3:5E:B8:B9:45:12:D3:F9:34:A2:E9:06:10:D3:36 diff --git a/luni/src/main/files/cacerts/c90bc37d.0 b/luni/src/main/files/cacerts/c90bc37d.0 new file mode 100644 index 0000000..e4460c1 --- /dev/null +++ b/luni/src/main/files/cacerts/c90bc37d.0 @@ -0,0 +1,80 @@ +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH +MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI +2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx +1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ +q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz +tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ +vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV +5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY +1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 +NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG +Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 +8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe +pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl +MrY= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 03:3a:f1:e6:a7:11:a9:a0:bb:28:64:b1:1d:09:fa:e5 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 + Validity + Not Before: Aug 1 12:00:00 2013 GMT + Not After : Jan 15 12:00:00 2038 GMT + Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:bb:37:cd:34:dc:7b:6b:c9:b2:68:90:ad:4a:75: + ff:46:ba:21:0a:08:8d:f5:19:54:c9:fb:88:db:f3: + ae:f2:3a:89:91:3c:7a:e6:ab:06:1a:6b:cf:ac:2d: + e8:5e:09:24:44:ba:62:9a:7e:d6:a3:a8:7e:e0:54: + 75:20:05:ac:50:b7:9c:63:1a:6c:30:dc:da:1f:19: + b1:d7:1e:de:fd:d7:e0:cb:94:83:37:ae:ec:1f:43: + 4e:dd:7b:2c:d2:bd:2e:a5:2f:e4:a9:b8:ad:3a:d4: + 99:a4:b6:25:e9:9b:6b:00:60:92:60:ff:4f:21:49: + 18:f7:67:90:ab:61:06:9c:8f:f2:ba:e9:b4:e9:92: + 32:6b:b5:f3:57:e8:5d:1b:cd:8c:1d:ab:95:04:95: + 49:f3:35:2d:96:e3:49:6d:dd:77:e3:fb:49:4b:b4: + ac:55:07:a9:8f:95:b3:b4:23:bb:4c:6d:45:f0:f6: + a9:b2:95:30:b4:fd:4c:55:8c:27:4a:57:14:7c:82: + 9d:cd:73:92:d3:16:4a:06:0c:8c:50:d1:8f:1e:09: + be:17:a1:e6:21:ca:fd:83:e5:10:bc:83:a5:0a:c4: + 67:28:f6:73:14:14:3d:46:76:c3:87:14:89:21:34: + 4d:af:0f:45:0c:a6:49:a1:ba:bb:9c:c5:b1:33:83: + 29:85 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + 4E:22:54:20:18:95:E6:E3:6E:E6:0F:FA:FA:B9:12:ED:06:17:8F:39 + Signature Algorithm: sha256WithRSAEncryption + 60:67:28:94:6f:0e:48:63:eb:31:dd:ea:67:18:d5:89:7d:3c: + c5:8b:4a:7f:e9:be:db:2b:17:df:b0:5f:73:77:2a:32:13:39: + 81:67:42:84:23:f2:45:67:35:ec:88:bf:f8:8f:b0:61:0c:34: + a4:ae:20:4c:84:c6:db:f8:35:e1:76:d9:df:a6:42:bb:c7:44: + 08:86:7f:36:74:24:5a:da:6c:0d:14:59:35:bd:f2:49:dd:b6: + 1f:c9:b3:0d:47:2a:3d:99:2f:bb:5c:bb:b5:d4:20:e1:99:5f: + 53:46:15:db:68:9b:f0:f3:30:d5:3e:31:e2:8d:84:9e:e3:8a: + da:da:96:3e:35:13:a5:5f:f0:f9:70:50:70:47:41:11:57:19: + 4e:c0:8f:ae:06:c4:95:13:17:2f:1b:25:9f:75:f2:b1:8e:99: + a1:6f:13:b1:41:71:fe:88:2a:c8:4f:10:20:55:d7:f3:14:45: + e5:e0:44:f4:ea:87:95:32:93:0e:fe:53:46:fa:2c:9d:ff:8b: + 22:b9:4b:d9:09:45:a4:de:a4:b8:9a:58:dd:1b:7d:52:9f:8e: + 59:43:88:81:a4:9e:26:d5:6f:ad:dd:0d:c6:37:7d:ed:03:92: + 1b:e5:77:5f:76:ee:3c:8d:c4:5d:56:5b:a2:d9:66:6e:b3:35: + 37:e5:32:b6 +SHA1 Fingerprint=DF:3C:24:F9:BF:D6:66:76:1B:26:80:73:FE:06:D1:CC:8D:4F:82:A4 diff --git a/luni/src/main/files/cacerts/d06393bb.0 b/luni/src/main/files/cacerts/d06393bb.0 new file mode 100644 index 0000000..0029410 --- /dev/null +++ b/luni/src/main/files/cacerts/d06393bb.0 @@ -0,0 +1,80 @@ +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx +KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd +BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl +YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 +OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy +aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 +ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd +AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC +FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi +1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq +jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ +wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ +WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy +NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC +uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw +IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 +g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP +BSeOE6Fuwg== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2 + Validity + Not Before: Oct 1 10:40:14 2008 GMT + Not After : Oct 1 23:59:59 2033 GMT + Subject: C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:aa:5f:da:1b:5f:e8:73:91:e5:da:5c:f4:a2:e6: + 47:e5:f3:68:55:60:05:1d:02:a4:b3:9b:59:f3:1e: + 8a:af:34:ad:fc:0d:c2:d9:48:19:ee:69:8f:c9:20: + fc:21:aa:07:19:ed:b0:5c:ac:65:c7:5f:ed:02:7c: + 7b:7c:2d:1b:d6:ba:b9:80:c2:18:82:16:84:fa:66: + b0:08:c6:54:23:81:e4:cd:b9:49:3f:f6:4f:6e:37: + 48:28:38:0f:c5:be:e7:68:70:fd:39:97:4d:d2:c7: + 98:91:50:aa:c4:44:b3:23:7d:39:47:e9:52:62:d6: + 12:93:5e:b7:31:96:42:05:fb:76:a7:1e:a3:f5:c2: + fc:e9:7a:c5:6c:a9:71:4f:ea:cb:78:bc:60:af:c7: + de:f4:d9:cb:be:7e:33:a5:6e:94:83:f0:34:fa:21: + ab:ea:8e:72:a0:3f:a4:de:30:5b:ef:86:4d:6a:95: + 5b:43:44:a8:10:15:1c:e5:01:57:c5:98:f1:e6:06: + 28:91:aa:20:c5:b7:53:26:51:43:b2:0b:11:95:58: + e1:c0:0f:76:d9:c0:8d:7c:81:f3:72:70:9e:6f:fe: + 1a:8e:d9:5f:35:c6:b2:6f:34:7c:be:48:4f:e2:5a: + 39:d7:d8:9d:78:9e:9f:86:3e:03:5e:19:8b:44:a2: + d5:c7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + BF:59:20:36:00:79:A0:A0:22:6B:8C:D5:F2:61:D2:B8:2C:CB:82:4A + Signature Algorithm: sha256WithRSAEncryption + 31:03:a2:61:0b:1f:74:e8:72:36:c6:6d:f9:4d:9e:fa:22:a8: + e1:81:56:cf:cd:bb:9f:ea:ab:91:19:38:af:aa:7c:15:4d:f3: + b6:a3:8d:a5:f4:8e:f6:44:a9:a7:e8:21:95:ad:3e:00:62:16: + 88:f0:02:ba:fc:61:23:e6:33:9b:30:7a:6b:36:62:7b:ad:04: + 23:84:58:65:e2:db:2b:8a:e7:25:53:37:62:53:5f:bc:da:01: + 62:29:a2:a6:27:71:e6:3a:22:7e:c1:6f:1d:95:70:20:4a:07: + 34:df:ea:ff:15:80:e5:ba:d7:7a:d8:5b:75:7c:05:7a:29:47: + 7e:40:a8:31:13:77:cd:40:3b:b4:51:47:7a:2e:11:e3:47:11: + de:9d:66:d0:8b:d5:54:66:fa:83:55:ea:7c:c2:29:89:1b:e9: + 6f:b3:ce:e2:05:84:c9:2f:3e:78:85:62:6e:c9:5f:c1:78:63: + 74:58:c0:48:18:0c:99:39:eb:a4:cc:1a:b5:79:5a:8d:15:9c: + d8:14:0d:f6:7a:07:57:c7:22:83:05:2d:3c:9b:25:26:3d:18: + b3:a9:43:7c:c8:c8:ab:64:8f:0e:a3:bf:9c:1b:9d:30:db:da: + d0:19:2e:aa:3c:f1:fb:33:80:76:e4:cd:ad:19:4f:05:27:8e: + 13:a1:6e:c2 +SHA1 Fingerprint=59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9 diff --git a/luni/src/main/files/cacerts/d537fba6.0 b/luni/src/main/files/cacerts/d537fba6.0 deleted file mode 100644 index 0ae2700..0000000 --- a/luni/src/main/files/cacerts/d537fba6.0 +++ /dev/null @@ -1,96 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEKzCCAxOgAwIBAgIEOsylTDANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJE -SzEVMBMGA1UEChMMVERDIEludGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQg -Um9vdCBDQTAeFw0wMTA0MDUxNjMzMTdaFw0yMTA0MDUxNzAzMTdaMEMxCzAJBgNV -BAYTAkRLMRUwEwYDVQQKEwxUREMgSW50ZXJuZXQxHTAbBgNVBAsTFFREQyBJbnRl -cm5ldCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLhA -vJHVYx/XmaCLDEAedLdInUaMArLgJF/wGROnN4NrXceO+YQwzho7+vvOi20jxsNu -Zp+Jpd/gQlBn+h9sHvTQBda/ytZO5GhgbEaqHF1j4QeGDmUApy6mcca8uYGoOn0a -0vnRrEvLznWv3Hv6gXPU/Lq9QYjUdLP5Xjg6PEOo0pVOd20TDJ2PeAG3WiAfAzc1 -4izbSysseLlJ28TQx5yc5IogCSEWVmb/Bexb4/DPqyQkXsN/cHoSxNK1EKC2IeGN -eGlVRGn1ypYcNIUXJXfi9i8nmHj9eQY6otZaQ8H/7AQ77hPv01ha/5Lr7K7a8jcD -R0G2l8ktCkEiu7vmpwIDAQABo4IBJTCCASEwEQYJYIZIAYb4QgEBBAQDAgAHMGUG -A1UdHwReMFwwWqBYoFakVDBSMQswCQYDVQQGEwJESzEVMBMGA1UEChMMVERDIElu -dGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQgUm9vdCBDQTENMAsGA1UEAxME -Q1JMMTArBgNVHRAEJDAigA8yMDAxMDQwNTE2MzMxN1qBDzIwMjEwNDA1MTcwMzE3 -WjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUbGQBx/2FbazI2p5QCIUItTxWqFAw -HQYDVR0OBBYEFGxkAcf9hW2syNqeUAiFCLU8VqhQMAwGA1UdEwQFMAMBAf8wHQYJ -KoZIhvZ9B0EABBAwDhsIVjUuMDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQBO -Q8zR3R0QGwZ/t6T609lN+yOfI1Rb5osvBCiLtSdtiaHsmGnc540mgwV5dOy0uaOX -wTUA/RXaOYE6lTGQ3pfphqiZdwzlWqCE/xIWrG64jcN7ksKsLtB9KOy282A4aW8+ -2ARVPp7MVdK6/rtHBNcK2RYKNCn1WBPVT8+PVkuzHu7TmHnaCB4Mb7j4Fifvwm89 -9qNLPg7kbWzbO0ESm70NRyN/PErQr8Cv9u8btRXE64PECV90i9kR+8JWsTz4cMo0 -jUNAE4z9mQNUecYu6oah9jrUCbz0vGbMPVjQV0kK7iXiQe4T+Zs4NNEA9X7nlB38 -aQNiuJkFBT1reBK9sG9l ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 986490188 (0x3acca54c) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=DK, O=TDC Internet, OU=TDC Internet Root CA - Validity - Not Before: Apr 5 16:33:17 2001 GMT - Not After : Apr 5 17:03:17 2021 GMT - Subject: C=DK, O=TDC Internet, OU=TDC Internet Root CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c4:b8:40:bc:91:d5:63:1f:d7:99:a0:8b:0c:40: - 1e:74:b7:48:9d:46:8c:02:b2:e0:24:5f:f0:19:13: - a7:37:83:6b:5d:c7:8e:f9:84:30:ce:1a:3b:fa:fb: - ce:8b:6d:23:c6:c3:6e:66:9f:89:a5:df:e0:42:50: - 67:fa:1f:6c:1e:f4:d0:05:d6:bf:ca:d6:4e:e4:68: - 60:6c:46:aa:1c:5d:63:e1:07:86:0e:65:00:a7:2e: - a6:71:c6:bc:b9:81:a8:3a:7d:1a:d2:f9:d1:ac:4b: - cb:ce:75:af:dc:7b:fa:81:73:d4:fc:ba:bd:41:88: - d4:74:b3:f9:5e:38:3a:3c:43:a8:d2:95:4e:77:6d: - 13:0c:9d:8f:78:01:b7:5a:20:1f:03:37:35:e2:2c: - db:4b:2b:2c:78:b9:49:db:c4:d0:c7:9c:9c:e4:8a: - 20:09:21:16:56:66:ff:05:ec:5b:e3:f0:cf:ab:24: - 24:5e:c3:7f:70:7a:12:c4:d2:b5:10:a0:b6:21:e1: - 8d:78:69:55:44:69:f5:ca:96:1c:34:85:17:25:77: - e2:f6:2f:27:98:78:fd:79:06:3a:a2:d6:5a:43:c1: - ff:ec:04:3b:ee:13:ef:d3:58:5a:ff:92:eb:ec:ae: - da:f2:37:03:47:41:b6:97:c9:2d:0a:41:22:bb:bb: - e6:a7 - Exponent: 65537 (0x10001) - X509v3 extensions: - Netscape Cert Type: - SSL CA, S/MIME CA, Object Signing CA - X509v3 CRL Distribution Points: - - Full Name: - DirName: C = DK, O = TDC Internet, OU = TDC Internet Root CA, CN = CRL1 - - X509v3 Private Key Usage Period: - Not Before: Apr 5 16:33:17 2001 GMT, Not After: Apr 5 17:03:17 2021 GMT - X509v3 Key Usage: - Certificate Sign, CRL Sign - X509v3 Authority Key Identifier: - keyid:6C:64:01:C7:FD:85:6D:AC:C8:DA:9E:50:08:85:08:B5:3C:56:A8:50 - - X509v3 Subject Key Identifier: - 6C:64:01:C7:FD:85:6D:AC:C8:DA:9E:50:08:85:08:B5:3C:56:A8:50 - X509v3 Basic Constraints: - CA:TRUE - 1.2.840.113533.7.65.0: - 0...V5.0:4.0.... - Signature Algorithm: sha1WithRSAEncryption - 4e:43:cc:d1:dd:1d:10:1b:06:7f:b7:a4:fa:d3:d9:4d:fb:23: - 9f:23:54:5b:e6:8b:2f:04:28:8b:b5:27:6d:89:a1:ec:98:69: - dc:e7:8d:26:83:05:79:74:ec:b4:b9:a3:97:c1:35:00:fd:15: - da:39:81:3a:95:31:90:de:97:e9:86:a8:99:77:0c:e5:5a:a0: - 84:ff:12:16:ac:6e:b8:8d:c3:7b:92:c2:ac:2e:d0:7d:28:ec: - b6:f3:60:38:69:6f:3e:d8:04:55:3e:9e:cc:55:d2:ba:fe:bb: - 47:04:d7:0a:d9:16:0a:34:29:f5:58:13:d5:4f:cf:8f:56:4b: - b3:1e:ee:d3:98:79:da:08:1e:0c:6f:b8:f8:16:27:ef:c2:6f: - 3d:f6:a3:4b:3e:0e:e4:6d:6c:db:3b:41:12:9b:bd:0d:47:23: - 7f:3c:4a:d0:af:c0:af:f6:ef:1b:b5:15:c4:eb:83:c4:09:5f: - 74:8b:d9:11:fb:c2:56:b1:3c:f8:70:ca:34:8d:43:40:13:8c: - fd:99:03:54:79:c6:2e:ea:86:a1:f6:3a:d4:09:bc:f4:bc:66: - cc:3d:58:d0:57:49:0a:ee:25:e2:41:ee:13:f9:9b:38:34:d1: - 00:f5:7e:e7:94:1d:fc:69:03:62:b8:99:05:05:3d:6b:78:12: - bd:b0:6f:65 -SHA1 Fingerprint=21:FC:BD:8E:7F:6C:AF:05:1B:D1:B3:43:EC:A8:E7:61:47:F2:0F:8A diff --git a/luni/src/main/files/cacerts/e442e424.0 b/luni/src/main/files/cacerts/e442e424.0 new file mode 100644 index 0000000..c715660 --- /dev/null +++ b/luni/src/main/files/cacerts/e442e424.0 @@ -0,0 +1,120 @@ +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQEL +BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc +BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00 +MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMgRzMwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286IxSR +/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNu +FoM7pmRLMon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXR +U7Ox7sWTaYI+FrUoRqHe6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+c +ra1AdHkrAj80//ogaX3T7mH1urPnMNA3I4ZyYUUpSFlob3emLoG+B01vr87ERROR +FHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3UVDmrJqMz6nWB2i3ND0/k +A9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f75li59wzw +eyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634Ryl +sSqiMd5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBp +VzgeAVuNVejH38DMdyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0Q +A4XN8f+MFrXBsj6IbGB/kE+V9/YtrQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ +ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZIhvcNAQELBQAD +ggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px +KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnI +FUBhynLWcKzSt/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5Wvv +oxXqA/4Ti2Tk08HS6IT7SdEQTXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFg +u/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9DuDcpmvJRPpq3t/O5jrFc/ZSXPsoaP +0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGibIh6BJpsQBJFxwAYf +3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmDhPbl +8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+ +DhcI00iX0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HN +PlopNLk9hM6xZdRZkZFWdSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ +ywaZWWDYWGWVjUTR939+J399roD1B0y2PpxxVJkES/1Y+Zj0 +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 2e:f5:9b:02:28:a7:db:7a:ff:d5:a3:a9:ee:bd:03:a0:cf:12:6a:1d + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 G3 + Validity + Not Before: Jan 12 20:26:32 2012 GMT + Not After : Jan 12 20:26:32 2042 GMT + Subject: C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 3 G3 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:b3:cb:0e:10:67:8e:ea:14:97:a7:32:2a:0a:56: + 36:7f:68:4c:c7:b3:6f:3a:23:14:91:ff:19:7f:a5: + ca:ac:ee:b3:76:9d:7a:e9:8b:1b:ab:6b:31:db:fa: + 0b:53:4c:af:c5:a5:1a:79:3c:8a:4c:ff:ac:df:25: + de:4e:d9:82:32:0b:44:de:ca:db:8c:ac:a3:6e:16: + 83:3b:a6:64:4b:32:89:fb:16:16:38:7e:eb:43:e2: + d3:74:4a:c2:62:0a:73:0a:dd:49:b3:57:d2:b0:0a: + 85:9d:71:3c:de:a3:cb:c0:32:f3:01:39:20:43:1b: + 35:d1:53:b3:b1:ee:c5:93:69:82:3e:16:b5:28:46: + a1:de:ea:89:09:ed:43:b8:05:46:8a:86:f5:59:47: + be:1b:6f:01:21:10:b9:fd:a9:d2:28:ca:10:39:09: + ca:13:36:cf:9c:ad:ad:40:74:79:2b:02:3f:34:ff: + fa:20:69:7d:d3:ee:61:f5:ba:b3:e7:30:d0:37:23: + 86:72:61:45:29:48:59:68:6f:77:a6:2e:81:be:07: + 4d:6f:af:ce:c4:45:13:91:14:70:06:8f:1f:9f:f8: + 87:69:b1:0e:ef:c3:89:19:eb:ea:1c:61:fc:7a:6c: + 8a:dc:d6:03:0b:9e:26:ba:12:dd:d4:54:39:ab:26: + a3:33:ea:75:81:da:2d:cd:0f:4f:e4:03:d1:ef:15: + 97:1b:6b:90:c5:02:90:93:66:02:21:b1:47:de:8b: + 9a:4a:80:b9:55:8f:b5:a2:2f:c0:d6:33:67:da:7e: + c4:a7:b4:04:44:eb:47:fb:e6:58:b9:f7:0c:f0:7b: + 2b:b1:c0:70:29:c3:40:62:2d:3b:48:69:dc:23:3c: + 48:eb:7b:09:79:a9:6d:da:a8:30:98:cf:80:72:03: + 88:a6:5b:46:ae:72:79:7c:08:03:21:65:ae:b7:e1: + 1c:a5:b1:2a:a2:31:de:66:04:f7:c0:74:e8:71:de: + ff:3d:59:cc:96:26:12:8b:85:95:57:1a:ab:6b:75: + 0b:44:3d:11:28:3c:7b:61:b7:e2:8f:67:4f:e5:ec: + 3c:4c:60:80:69:57:38:1e:01:5b:8d:55:e8:c7:df: + c0:cc:77:23:34:49:75:7c:f6:98:11:eb:2d:de:ed: + 41:2e:14:05:02:7f:e0:fe:20:eb:35:e7:11:ac:22: + ce:57:3d:de:c9:30:6d:10:03:85:cd:f1:ff:8c:16: + b5:c1:b2:3e:88:6c:60:7f:90:4f:95:f7:f6:2d:ad: + 01:39:07:04:fa:75:80:7d:bf:49:50:ed:ef:c9:c4: + 7c:1c:eb:80:7e:db:b6:d0:dd:13:fe:c9:d3:9c:d7: + b2:97:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + C6:17:D0:BC:A8:EA:02:43:F2:1B:06:99:5D:2B:90:20:B9:D7:9C:E4 + Signature Algorithm: sha256WithRSAEncryption + 34:61:d9:56:b5:12:87:55:4d:dd:a3:35:31:46:bb:a4:07:72: + bc:5f:61:62:e8:a5:fb:0b:37:b1:3c:b6:b3:fa:29:9d:7f:02: + f5:a4:c9:a8:93:b7:7a:71:28:69:8f:73:e1:52:90:da:d5:be: + 3a:e5:b7:76:6a:56:80:21:df:5d:e6:e9:3a:9e:e5:3e:f6:a2: + 69:c7:2a:0a:b0:18:47:dc:20:70:7d:52:a3:3e:59:7c:c1:ba: + c9:c8:15:40:61:ca:72:d6:70:ac:d2:b7:f0:1c:e4:86:29:f0: + ce:ef:68:63:d0:b5:20:8a:15:61:9a:7e:86:98:b4:c9:c2:76: + fb:cc:ba:30:16:cc:a3:61:c6:74:13:e5:6b:ef:a3:15:ea:03: + fe:13:8b:64:e4:d3:c1:d2:e8:84:fb:49:d1:10:4d:79:66:eb: + aa:fd:f4:8d:31:1e:70:14:ad:dc:de:67:13:4c:81:15:61:bc: + b7:d9:91:77:71:19:81:60:bb:f0:58:a5:b5:9c:0b:f7:8f:22: + 55:27:c0:4b:01:6d:3b:99:0d:d4:1d:9b:63:67:2f:d0:ee:0d: + ca:66:bc:94:4f:a6:ad:ed:fc:ee:63:ac:57:3f:65:25:cf:b2: + 86:8f:d0:08:ff:b8:76:14:6e:de:e5:27:ec:ab:78:b5:53:b9: + b6:3f:e8:20:f9:d2:a8:be:61:46:ca:87:8c:84:f3:f9:f1:a0: + 68:9b:22:1e:81:26:9b:10:04:91:71:c0:06:1f:dc:a0:d3:b9: + 56:a7:e3:98:2d:7f:83:9d:df:8c:2b:9c:32:8e:32:94:f0:01: + 3c:22:2a:9f:43:c2:2e:c3:98:39:07:38:7b:fc:5e:00:42:1f: + f3:32:26:79:83:84:f6:e5:f0:c1:51:12:c0:0b:1e:04:23:0c: + 54:a5:4c:2f:49:c5:4a:d1:b6:6e:60:0d:6b:fc:6b:8b:85:24: + 64:b7:89:0e:ab:25:47:5b:3c:cf:7e:49:bd:c7:e9:0a:c6:da: + f7:7e:0e:17:08:d3:48:97:d0:71:92:f0:0f:39:3e:34:6a:1c: + 7d:d8:f2:22:ae:bb:69:f4:33:b4:a6:48:55:d1:0f:0e:26:e8: + ec:b6:0b:2d:a7:85:35:cd:fd:59:c8:9f:d1:cd:3e:5a:29:34: + b9:3d:84:ce:b1:65:d4:59:91:91:56:75:21:c1:77:9e:f9:7a: + e1:60:9d:d3:ad:04:18:f4:7c:eb:5e:93:8f:53:4a:22:29:f8: + 48:2b:3e:4d:86:ac:5b:7f:cb:06:99:59:60:d8:58:65:95:8d: + 44:d1:f7:7f:7e:27:7f:7d:ae:80:f5:07:4c:b6:3e:9c:71:54: + 99:04:4b:fd:58:f9:98:f4 +SHA1 Fingerprint=48:12:BD:92:3C:A8:C4:39:06:E7:30:6D:27:96:E6:A4:CF:22:2E:7D diff --git a/luni/src/main/files/cacerts/ed39abd0.0 b/luni/src/main/files/cacerts/ed39abd0.0 new file mode 100644 index 0000000..188e375 --- /dev/null +++ b/luni/src/main/files/cacerts/ed39abd0.0 @@ -0,0 +1,53 @@ +-----BEGIN CERTIFICATE----- +MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw +CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu +ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe +Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw +EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x +IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF +K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG +fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO +Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd +BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx +AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ +oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 +sycX +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 05:55:56:bc:f2:5e:a4:35:35:c3:a4:0f:d5:ab:45:72 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3 + Validity + Not Before: Aug 1 12:00:00 2013 GMT + Not After : Jan 15 12:00:00 2038 GMT + Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3 + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:dd:a7:d9:bb:8a:b8:0b:fb:0b:7f:21:d2:f0:be: + be:73:f3:33:5d:1a:bc:34:ea:de:c6:9b:bc:d0:95: + f6:f0:cc:d0:0b:ba:61:5b:51:46:7e:9e:2d:9f:ee: + 8e:63:0c:17:ec:07:70:f5:cf:84:2e:40:83:9c:e8: + 3f:41:6d:3b:ad:d3:a4:14:59:36:78:9d:03:43:ee: + 10:13:6c:72:de:ae:88:a7:a1:6b:b5:43:ce:67:dc: + 23:ff:03:1c:a3:e2:3e + ASN1 OID: secp384r1 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + B3:DB:48:A4:F9:A1:C5:D8:AE:36:41:CC:11:63:69:62:29:BC:4B:C6 + Signature Algorithm: ecdsa-with-SHA384 + 30:65:02:31:00:ad:bc:f2:6c:3f:12:4a:d1:2d:39:c3:0a:09: + 97:73:f4:88:36:8c:88:27:bb:e6:88:8d:50:85:a7:63:f9:9e: + 32:de:66:93:0f:f1:cc:b1:09:8f:dd:6c:ab:fa:6b:7f:a0:02: + 30:39:66:5b:c2:64:8d:b8:9e:50:dc:a8:d5:49:a2:ed:c7:dc: + d1:49:7f:17:01:b8:c8:86:8f:4e:8c:88:2b:a8:9a:a9:8a:c5: + d1:00:bd:f8:54:e2:9a:e5:5b:7c:b3:27:17 +SHA1 Fingerprint=7E:04:DE:89:6A:3E:66:6D:00:E6:87:D3:3F:FA:D9:3B:E8:3D:34:9E diff --git a/luni/src/main/files/cacerts/ed524cf5.0 b/luni/src/main/files/cacerts/ed524cf5.0 deleted file mode 100644 index 29144fd..0000000 --- a/luni/src/main/files/cacerts/ed524cf5.0 +++ /dev/null @@ -1,87 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC -VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u -ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc -KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u -ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1 -MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UE -ChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5j -b3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBF -bnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUg -U2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUA -A4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/ -I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3 -wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OC -AdcwggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHb -oIHYpIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5 -BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1p -dHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVk -MTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp -b24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVu -dHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0 -MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8Bdi -E1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAa -MAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI -hvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN -95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd -2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 927650371 (0x374ad243) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority - Validity - Not Before: May 25 16:09:40 1999 GMT - Not After : May 25 16:39:40 2019 GMT - Subject: C=US, O=Entrust.net, OU=www.entrust.net/CPS incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Secure Server Certification Authority - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:cd:28:83:34:54:1b:89:f3:0f:af:37:91:31:ff: - af:31:60:c9:a8:e8:b2:10:68:ed:9f:e7:93:36:f1: - 0a:64:bb:47:f5:04:17:3f:23:47:4d:c5:27:19:81: - 26:0c:54:72:0d:88:2d:d9:1f:9a:12:9f:bc:b3:71: - d3:80:19:3f:47:66:7b:8c:35:28:d2:b9:0a:df:24: - da:9c:d6:50:79:81:7a:5a:d3:37:f7:c2:4a:d8:29: - 92:26:64:d1:e4:98:6c:3a:00:8a:f5:34:9b:65:f8: - ed:e3:10:ff:fd:b8:49:58:dc:a0:de:82:39:6b:81: - b1:16:19:61:b9:54:b6:e6:43 - Exponent: 3 (0x3) - X509v3 extensions: - Netscape Cert Type: - SSL CA, S/MIME CA, Object Signing CA - X509v3 CRL Distribution Points: - - Full Name: - DirName: C = US, O = Entrust.net, OU = www.entrust.net/CPS incorp. by ref. (limits liab.), OU = (c) 1999 Entrust.net Limited, CN = Entrust.net Secure Server Certification Authority, CN = CRL1 - - Full Name: - URI:http://www.entrust.net/CRL/net1.crl - - X509v3 Private Key Usage Period: - Not Before: May 25 16:09:40 1999 GMT, Not After: May 25 16:09:40 2019 GMT - X509v3 Key Usage: - Certificate Sign, CRL Sign - X509v3 Authority Key Identifier: - keyid:F0:17:62:13:55:3D:B3:FF:0A:00:6B:FB:50:84:97:F3:ED:62:D0:1A - - X509v3 Subject Key Identifier: - F0:17:62:13:55:3D:B3:FF:0A:00:6B:FB:50:84:97:F3:ED:62:D0:1A - X509v3 Basic Constraints: - CA:TRUE - 1.2.840.113533.7.65.0: - 0 -..V4.0.... - Signature Algorithm: sha1WithRSAEncryption - 90:dc:30:02:fa:64:74:c2:a7:0a:a5:7c:21:8d:34:17:a8:fb: - 47:0e:ff:25:7c:8d:13:0a:fb:e4:98:b5:ef:8c:f8:c5:10:0d: - f7:92:be:f1:c3:d5:d5:95:6a:04:bb:2c:ce:26:36:65:c8:31: - c6:e7:ee:3f:e3:57:75:84:7a:11:ef:46:4f:18:f4:d3:98:bb: - a8:87:32:ba:72:f6:3c:e2:3d:9f:d7:1d:d9:c3:60:43:8c:58: - 0e:22:96:2f:62:a3:2c:1f:ba:ad:05:ef:ab:32:78:87:a0:54: - 73:19:b5:5c:05:f9:52:3e:6d:2d:45:0b:f7:0a:93:ea:ed:06: - f9:b2 -SHA1 Fingerprint=99:A6:9B:E6:1A:FE:88:6B:4D:2B:82:00:7C:B8:54:FC:31:7E:15:39 diff --git a/luni/src/main/files/cacerts/f4996e82.0 b/luni/src/main/files/cacerts/f4996e82.0 deleted file mode 100644 index 4f59124..0000000 --- a/luni/src/main/files/cacerts/f4996e82.0 +++ /dev/null @@ -1,52 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0 -IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAz -BgNVBAsTLFZhbGlDZXJ0IENsYXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9y -aXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG -9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNTIyMjM0OFoXDTE5MDYy -NTIyMjM0OFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0d29y -azEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs -YXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRw -Oi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNl -cnQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYWYJ6ibiWuqYvaG9Y -LqdUHAZu9OqNSLwxlBfw8068srg1knaw0KWlAdcAAxIiGQj4/xEjm84H9b9pGib+ -TunRf50sQB1ZaG6m+FiwnRqP0z/x3BkGgagO4DrdyFNFCQbmD3DD+kCmDuJWBQ8Y -TfwggtFzVXSNdnKgHZ0dwN0/cQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFBoPUn0 -LBwGlN+VYH+Wexf+T3GtZMjdd9LvWVXoP+iOBSoh8gfStadS/pyxtuJbdxdA6nLW -I8sogTLDAHkY7FkXicnGah5xyf23dKUlRWnFSKsZ4UWKJWsZ7uW7EvV/96aNUcPw -nXS3qT6gpf+2SQMT2iLM7XGCK5nPOrf1LXLI ------END CERTIFICATE----- -Certificate: - Data: - Version: 1 (0x0) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 1 Policy Validation Authority, CN=http://www.valicert.com//emailAddress=info@valicert.com - Validity - Not Before: Jun 25 22:23:48 1999 GMT - Not After : Jun 25 22:23:48 2019 GMT - Subject: L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 1 Policy Validation Authority, CN=http://www.valicert.com//emailAddress=info@valicert.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (1024 bit) - Modulus: - 00:d8:59:82:7a:89:b8:96:ba:a6:2f:68:6f:58:2e: - a7:54:1c:06:6e:f4:ea:8d:48:bc:31:94:17:f0:f3: - 4e:bc:b2:b8:35:92:76:b0:d0:a5:a5:01:d7:00:03: - 12:22:19:08:f8:ff:11:23:9b:ce:07:f5:bf:69:1a: - 26:fe:4e:e9:d1:7f:9d:2c:40:1d:59:68:6e:a6:f8: - 58:b0:9d:1a:8f:d3:3f:f1:dc:19:06:81:a8:0e:e0: - 3a:dd:c8:53:45:09:06:e6:0f:70:c3:fa:40:a6:0e: - e2:56:05:0f:18:4d:fc:20:82:d1:73:55:74:8d:76: - 72:a0:1d:9d:1d:c0:dd:3f:71 - Exponent: 65537 (0x10001) - Signature Algorithm: sha1WithRSAEncryption - 50:68:3d:49:f4:2c:1c:06:94:df:95:60:7f:96:7b:17:fe:4f: - 71:ad:64:c8:dd:77:d2:ef:59:55:e8:3f:e8:8e:05:2a:21:f2: - 07:d2:b5:a7:52:fe:9c:b1:b6:e2:5b:77:17:40:ea:72:d6:23: - cb:28:81:32:c3:00:79:18:ec:59:17:89:c9:c6:6a:1e:71:c9: - fd:b7:74:a5:25:45:69:c5:48:ab:19:e1:45:8a:25:6b:19:ee: - e5:bb:12:f5:7f:f7:a6:8d:51:c3:f0:9d:74:b7:a9:3e:a0:a5: - ff:b6:49:03:13:da:22:cc:ed:71:82:2b:99:cf:3a:b7:f5:2d: - 72:c8 -SHA1 Fingerprint=E5:DF:74:3C:B6:01:C4:9B:98:43:DC:AB:8C:E8:6A:81:10:9F:E4:8E diff --git a/luni/src/main/java/android/system/ErrnoException.java b/luni/src/main/java/android/system/ErrnoException.java index 134d6a0..90155c8 100644 --- a/luni/src/main/java/android/system/ErrnoException.java +++ b/luni/src/main/java/android/system/ErrnoException.java @@ -24,8 +24,6 @@ import libcore.io.Libcore; * A checked exception thrown when {@link Os} methods fail. This exception contains the native * errno value, for comparison against the constants in {@link OsConstants}, should sophisticated * callers need to adjust their behavior based on the exact failure. - * - * @hide */ public final class ErrnoException extends Exception { private final String functionName; diff --git a/luni/src/main/java/android/system/Os.java b/luni/src/main/java/android/system/Os.java index e7613df..0b80b52 100644 --- a/luni/src/main/java/android/system/Os.java +++ b/luni/src/main/java/android/system/Os.java @@ -47,8 +47,6 @@ import libcore.io.Libcore; * primitives used to implement the higher-level APIs. * * <p>The corresponding constants can be found in {@link OsConstants}. - * - * @hide */ public final class Os { private Os() {} @@ -63,6 +61,8 @@ public final class Os { */ public static boolean access(String path, int mode) throws ErrnoException { return Libcore.os.access(path, mode); } + /** @hide */ public static InetAddress[] android_getaddrinfo(String node, StructAddrinfo hints, int netId) throws GaiException { return Libcore.os.android_getaddrinfo(node, hints, netId); } + /** * See <a href="http://man7.org/linux/man-pages/man2/bind.2.html">bind(2)</a>. */ @@ -157,8 +157,6 @@ public final class Os { */ public static String gai_strerror(int error) { return Libcore.os.gai_strerror(error); } - /** @hide */ public static InetAddress[] getaddrinfo(String node, StructAddrinfo hints) throws GaiException { return Libcore.os.getaddrinfo(node, hints); } - /** * See <a href="http://man7.org/linux/man-pages/man2/getegid.2.html">getegid(2)</a>. */ diff --git a/luni/src/main/java/android/system/OsConstants.java b/luni/src/main/java/android/system/OsConstants.java index 0a49311..c758eb7 100644 --- a/luni/src/main/java/android/system/OsConstants.java +++ b/luni/src/main/java/android/system/OsConstants.java @@ -18,7 +18,6 @@ package android.system; /** * Constants and helper functions for use with {@link Os}. - * @hide */ public final class OsConstants { private OsConstants() { diff --git a/luni/src/main/java/android/system/StructPollfd.java b/luni/src/main/java/android/system/StructPollfd.java index 8bdecb2..b812612 100644 --- a/luni/src/main/java/android/system/StructPollfd.java +++ b/luni/src/main/java/android/system/StructPollfd.java @@ -22,8 +22,6 @@ import libcore.util.Objects; /** * Used as an in/out parameter to {@link Os#poll}. * Corresponds to C's {@code struct pollfd} from {@code <poll.h>}. - * - * @hide */ public final class StructPollfd { /** The file descriptor to poll. */ diff --git a/luni/src/main/java/android/system/StructStat.java b/luni/src/main/java/android/system/StructStat.java index 87bd50c..a6958c1 100644 --- a/luni/src/main/java/android/system/StructStat.java +++ b/luni/src/main/java/android/system/StructStat.java @@ -21,8 +21,6 @@ import libcore.util.Objects; /** * File information returned by {@link Os#fstat}, {@link Os#lstat}, and {@link Os#stat}. * Corresponds to C's {@code struct stat} from {@code <stat.h>}. - * - * @hide */ public final class StructStat { /** Device ID of device containing file. */ diff --git a/luni/src/main/java/android/system/StructStatVfs.java b/luni/src/main/java/android/system/StructStatVfs.java index b0b7802..942a39a 100644 --- a/luni/src/main/java/android/system/StructStatVfs.java +++ b/luni/src/main/java/android/system/StructStatVfs.java @@ -20,8 +20,6 @@ import libcore.util.Objects; /** * File information returned by {@link Os#fstatvfs} and {@link Os#statvfs}. - * - * @hide */ public final class StructStatVfs { /** File system block size (used for block counts). */ diff --git a/luni/src/main/java/android/system/StructUtsname.java b/luni/src/main/java/android/system/StructUtsname.java index c62dbfa..5d9127b 100644 --- a/luni/src/main/java/android/system/StructUtsname.java +++ b/luni/src/main/java/android/system/StructUtsname.java @@ -21,8 +21,6 @@ import libcore.util.Objects; /** * Information returned by {@link Os#uname}. * Corresponds to C's {@code struct utsname} from {@code <sys/utsname.h>}. - * - * @hide */ public final class StructUtsname { /** The OS name, such as "Linux". */ diff --git a/luni/src/main/java/android/util/MutableBoolean.java b/luni/src/main/java/android/util/MutableBoolean.java index 90bf68c..5a8a200 100644 --- a/luni/src/main/java/android/util/MutableBoolean.java +++ b/luni/src/main/java/android/util/MutableBoolean.java @@ -17,7 +17,6 @@ package android.util; /** - * @hide */ public final class MutableBoolean { public boolean value; diff --git a/luni/src/main/java/android/util/MutableByte.java b/luni/src/main/java/android/util/MutableByte.java index 65738b9..7397ba4 100644 --- a/luni/src/main/java/android/util/MutableByte.java +++ b/luni/src/main/java/android/util/MutableByte.java @@ -17,7 +17,6 @@ package android.util; /** - * @hide */ public final class MutableByte { public byte value; diff --git a/luni/src/main/java/android/util/MutableChar.java b/luni/src/main/java/android/util/MutableChar.java index b59bab3..f435331 100644 --- a/luni/src/main/java/android/util/MutableChar.java +++ b/luni/src/main/java/android/util/MutableChar.java @@ -17,7 +17,6 @@ package android.util; /** - * @hide */ public final class MutableChar { public char value; diff --git a/luni/src/main/java/android/util/MutableDouble.java b/luni/src/main/java/android/util/MutableDouble.java index 3e2cc3a..f62f47e 100644 --- a/luni/src/main/java/android/util/MutableDouble.java +++ b/luni/src/main/java/android/util/MutableDouble.java @@ -17,7 +17,6 @@ package android.util; /** - * @hide */ public final class MutableDouble { public double value; diff --git a/luni/src/main/java/android/util/MutableFloat.java b/luni/src/main/java/android/util/MutableFloat.java index 6e30501..6b5441c 100644 --- a/luni/src/main/java/android/util/MutableFloat.java +++ b/luni/src/main/java/android/util/MutableFloat.java @@ -17,7 +17,6 @@ package android.util; /** - * @hide */ public final class MutableFloat { public float value; diff --git a/luni/src/main/java/android/util/MutableInt.java b/luni/src/main/java/android/util/MutableInt.java index 8220c44..2f93030 100644 --- a/luni/src/main/java/android/util/MutableInt.java +++ b/luni/src/main/java/android/util/MutableInt.java @@ -17,7 +17,6 @@ package android.util; /** - * @hide */ public final class MutableInt { public int value; diff --git a/luni/src/main/java/android/util/MutableLong.java b/luni/src/main/java/android/util/MutableLong.java index 5df6a0d..94beab5 100644 --- a/luni/src/main/java/android/util/MutableLong.java +++ b/luni/src/main/java/android/util/MutableLong.java @@ -17,7 +17,6 @@ package android.util; /** - * @hide */ public final class MutableLong { public long value; diff --git a/luni/src/main/java/android/util/MutableShort.java b/luni/src/main/java/android/util/MutableShort.java index 3880fef..cdd9923 100644 --- a/luni/src/main/java/android/util/MutableShort.java +++ b/luni/src/main/java/android/util/MutableShort.java @@ -17,7 +17,6 @@ package android.util; /** - * @hide */ public final class MutableShort { public short value; diff --git a/luni/src/main/java/java/io/ObjectInputStream.java b/luni/src/main/java/java/io/ObjectInputStream.java index d07075f..3a89b52 100644 --- a/luni/src/main/java/java/io/ObjectInputStream.java +++ b/luni/src/main/java/java/io/ObjectInputStream.java @@ -23,7 +23,6 @@ import java.lang.reflect.Array; import java.lang.reflect.Field; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; -import java.lang.reflect.Modifier; import java.lang.reflect.Proxy; import java.util.ArrayList; import java.util.Arrays; @@ -1053,7 +1052,8 @@ public class ObjectInputStream extends InputStream implements ObjectInput, Objec * @see #readFields * @see #readObject() */ - private void readFieldValues(Object obj, ObjectStreamClass classDesc) throws OptionalDataException, ClassNotFoundException, IOException { + private void readFieldValues(Object obj, ObjectStreamClass classDesc) + throws OptionalDataException, ClassNotFoundException, IOException { // Now we must read all fields and assign them to the receiver ObjectStreamField[] fields = classDesc.getLoadFields(); fields = (fields == null) ? ObjectStreamClass.NO_FIELDS : fields; @@ -1063,12 +1063,10 @@ public class ObjectInputStream extends InputStream implements ObjectInput, Objec } for (ObjectStreamField fieldDesc : fields) { - Field field = classDesc.getReflectionField(fieldDesc); - if (field != null && Modifier.isTransient(field.getModifiers())) { - field = null; // No setting transient fields! (http://b/4471249) - } - // We may not have been able to find the field, or it may be transient, but we still - // need to read the value and do the other checking... + // checkAndGetReflectionField() can return null if it was not able to find the field or + // if it is transient or static. We still need to read the data and do the other + // checking... + Field field = classDesc.checkAndGetReflectionField(fieldDesc); try { Class<?> type = fieldDesc.getTypeInternal(); if (type == byte.class) { @@ -1577,6 +1575,9 @@ public class ObjectInputStream extends InputStream implements ObjectInput, Objec ClassNotFoundException, IOException { // read classdesc for Enum first ObjectStreamClass classDesc = readEnumDesc(); + + Class enumType = classDesc.checkAndGetTcEnumClass(); + int newHandle = nextHandle(); // read name after class desc String name; @@ -1598,9 +1599,11 @@ public class ObjectInputStream extends InputStream implements ObjectInput, Objec Enum<?> result; try { - result = Enum.valueOf((Class) classDesc.forClass(), name); + result = Enum.valueOf(enumType, name); } catch (IllegalArgumentException e) { - throw new InvalidObjectException(e.getMessage()); + InvalidObjectException ioe = new InvalidObjectException(e.getMessage()); + ioe.initCause(e); + throw ioe; } registerObjectRead(result, newHandle, unshared); return result; @@ -1782,9 +1785,10 @@ public class ObjectInputStream extends InputStream implements ObjectInput, Objec throw missingClassDescriptor(); } + Class<?> objectClass = classDesc.checkAndGetTcObjectClass(); + int newHandle = nextHandle(); - Class<?> objectClass = classDesc.forClass(); - Object result = null; + Object result; Object registeredResult = null; if (objectClass != null) { // Now we know which class to instantiate and which constructor to @@ -2056,8 +2060,7 @@ public class ObjectInputStream extends InputStream implements ObjectInput, Objec * if the source stream does not contain readable serialized * objects. */ - protected void readStreamHeader() throws IOException, - StreamCorruptedException { + protected void readStreamHeader() throws IOException, StreamCorruptedException { if (input.readShort() == STREAM_MAGIC && input.readShort() == STREAM_VERSION) { return; @@ -2257,7 +2260,7 @@ public class ObjectInputStream extends InputStream implements ObjectInput, Objec // not primitive class // Use the first non-null ClassLoader on the stack. If null, use // the system class loader - cls = Class.forName(className, true, callerClassLoader); + cls = Class.forName(className, false, callerClassLoader); } } return cls; @@ -2331,8 +2334,7 @@ public class ObjectInputStream extends InputStream implements ObjectInput, Objec throws InvalidClassException { Class<?> localClass = loadedStreamClass.forClass(); - ObjectStreamClass localStreamClass = ObjectStreamClass - .lookupStreamClass(localClass); + ObjectStreamClass localStreamClass = ObjectStreamClass.lookupStreamClass(localClass); if (loadedStreamClass.getSerialVersionUID() != localStreamClass .getSerialVersionUID()) { diff --git a/luni/src/main/java/java/io/ObjectOutputStream.java b/luni/src/main/java/java/io/ObjectOutputStream.java index bb6711b..f67919d 100644 --- a/luni/src/main/java/java/io/ObjectOutputStream.java +++ b/luni/src/main/java/java/io/ObjectOutputStream.java @@ -928,9 +928,11 @@ public class ObjectOutputStream extends OutputStream implements ObjectOutput, Ob for (ObjectStreamField fieldDesc : classDesc.fields()) { try { Class<?> type = fieldDesc.getTypeInternal(); - Field field = classDesc.getReflectionField(fieldDesc); + Field field = classDesc.checkAndGetReflectionField(fieldDesc); if (field == null) { - throw new InvalidClassException(classDesc.getName() + " doesn't have a field " + fieldDesc.getName() + " of type " + type); + throw new InvalidClassException(classDesc.getName() + + " doesn't have a serializable field " + fieldDesc.getName() + + " of type " + type); } if (type == byte.class) { output.writeByte(field.getByte(obj)); @@ -1728,7 +1730,7 @@ public class ObjectOutputStream extends OutputStream implements ObjectOutput, Ob // Only write field "name" for enum class, which is the second field of // enum, that is fields[1]. Ignore all non-fields and fields.length < 2 if (fields != null && fields.length > 1) { - Field field = classDesc.getSuperclass().getReflectionField(fields[1]); + Field field = classDesc.getSuperclass().checkAndGetReflectionField(fields[1]); if (field == null) { throw new NoSuchFieldError(); } diff --git a/luni/src/main/java/java/io/ObjectStreamClass.java b/luni/src/main/java/java/io/ObjectStreamClass.java index 1bde314..1a27c9d 100644 --- a/luni/src/main/java/java/io/ObjectStreamClass.java +++ b/luni/src/main/java/java/io/ObjectStreamClass.java @@ -185,26 +185,46 @@ public class ObjectStreamClass implements Serializable { return constructor; } - Field getReflectionField(ObjectStreamField osf) { + /** + * Returns the {@link Field} referred to by {@link ObjectStreamField} for the class described by + * this {@link ObjectStreamClass}. A {@code null} value is returned if the local definition of + * the field does not meet the criteria for a serializable / deserializable field, i.e. the + * field must be non-static and non-transient. Caching of each field lookup is performed. The + * first time a field is returned it is made accessible with a call to + * {@link Field#setAccessible(boolean)}. + */ + Field checkAndGetReflectionField(ObjectStreamField osf) { synchronized (reflectionFields) { Field field = reflectionFields.get(osf); - if (field != null) { + // null might indicate a cache miss or a hit and a non-serializable field so we + // check for a mapping. + if (field != null || reflectionFields.containsKey(osf)) { return field; } } + Field field; try { Class<?> declaringClass = forClass(); - Field field = declaringClass.getDeclaredField(osf.getName()); - field.setAccessible(true); - synchronized (reflectionFields) { - reflectionFields.put(osf, field); + field = declaringClass.getDeclaredField(osf.getName()); + + int modifiers = field.getModifiers(); + if (Modifier.isStatic(modifiers) || Modifier.isTransient(modifiers)) { + // No serialization or deserialization of transient or static fields! + // See http://b/4471249 and http://b/17202597. + field = null; + } else { + field.setAccessible(true); } - return reflectionFields.get(osf); } catch (NoSuchFieldException ex) { // The caller messed up. We'll return null and won't try to resolve this again. - return null; + field = null; } + + synchronized (reflectionFields) { + reflectionFields.put(osf, field); + } + return field; } /* @@ -1068,7 +1088,6 @@ public class ObjectStreamClass implements Serializable { tlc.put(cl, cachedValue); } return cachedValue; - } /** @@ -1298,4 +1317,72 @@ public class ObjectStreamClass implements Serializable { public String toString() { return getName() + ": static final long serialVersionUID =" + getSerialVersionUID() + "L;"; } + + /** + * Checks the local class to make sure it is valid for {@link ObjectStreamConstants#TC_OBJECT} + * deserialization. Also performs some sanity checks of the stream data. This method is used + * during deserialization to confirm the local class is likely to be compatible with the coming + * stream data, but before an instance is instantiated. + * + * @hide used internally during deserialization + */ + public Class<?> checkAndGetTcObjectClass() throws InvalidClassException { + // We check some error possibilities that might cause problems later. + boolean wasSerializable = (flags & ObjectStreamConstants.SC_SERIALIZABLE) != 0; + boolean wasExternalizable = (flags & ObjectStreamConstants.SC_EXTERNALIZABLE) != 0; + if (wasSerializable == wasExternalizable) { + throw new InvalidClassException( + getName() + " stream data is corrupt: SC_SERIALIZABLE=" + wasSerializable + + " SC_EXTERNALIZABLE=" + wasExternalizable + + ", classDescFlags must have one or the other"); + } + + // TC_ENUM is handled elsewhere. See checkAndGetTcEnumClass(). + if (isEnum()) { + throw new InvalidClassException( + getName() + " local class is incompatible: Local class is an enum, streamed" + + " data is tagged with TC_OBJECT"); + } + + // isSerializable() is true if the local class implements Serializable. Externalizable + // classes are also Serializable via inheritance. + if (!isSerializable()) { + throw new InvalidClassException(getName() + " local class is incompatible: Not" + + " Serializable"); + } + + // The stream class was externalizable, but is only serializable locally. + if (wasExternalizable != isExternalizable()) { + throw new InvalidClassException( + getName() + " local class is incompatible: Local class is Serializable, stream" + + " data requires Externalizable"); + } + + // The following are left unchecked and thus are treated leniently at this point. + // SC_BLOCK_DATA may be set iff SC_EXTERNALIZABLE is set AND version 2 of the protocol is in + // use. + // SC_ENUM should not be set. + + return forClass(); + } + + /** + * Checks the local class to make sure it is valid for {@link ObjectStreamConstants#TC_ENUM} + * deserialization. This method is used during deserialization to confirm the local class is + * likely to be compatible with the coming stream data, but before an instance is instantiated. + * + * @hide used internally during deserialization + */ + public Class<?> checkAndGetTcEnumClass() throws InvalidClassException { + if (!isEnum()) { + throw new InvalidClassException( + getName() + " local class is incompatible: Local class is not an enum," + + " streamed data is tagged with TC_ENUM"); + } + + // The stream flags are expected to be SC_SERIALIZABLE | SC_ENUM but these and the + // other flags are not used when reading enum data so they are treated leniently. + + return forClass(); + } } diff --git a/luni/src/main/java/java/io/ObjectStreamConstants.java b/luni/src/main/java/java/io/ObjectStreamConstants.java index 8228b33..95f8b03 100644 --- a/luni/src/main/java/java/io/ObjectStreamConstants.java +++ b/luni/src/main/java/java/io/ObjectStreamConstants.java @@ -149,25 +149,25 @@ public abstract interface ObjectStreamConstants { // Flags that indicate if the object was serializable, externalizable // and had a writeObject method when dumped. /** - * Bit mask for the {@code flag} field in ObjectStreamClass. Indicates - * that a serializable class has its own {@code writeObject} method. + * Bit mask for the {@code flag} field in {@link ObjectStreamClass}. Indicates + * that a {@link Serializable} class has its own {@code writeObject} method. */ public static final byte SC_WRITE_METHOD = 0x01; // If SC_SERIALIZABLE /** - * Bit mask for the {@code flag} field in ObjectStreamClass. Indicates - * that a class is serializable. + * Bit mask for the {@code flag} field in {@link ObjectStreamClass}. Indicates + * that a class implements {@link Serializable} but not {@link Externalizable}. */ public static final byte SC_SERIALIZABLE = 0x02; /** - * Bit mask for the {@code flag} field in ObjectStreamClass. Indicates - * that a class is externalizable. + * Bit mask for the {@code flag} field in {@link ObjectStreamClass}. Indicates + * that a class implements {@link Externalizable}. */ public static final byte SC_EXTERNALIZABLE = 0x04; /** - * Bit mask for the {@code flag} field in ObjectStreamClass. Indicates + * Bit mask for the {@code flag} field in {@link ObjectStreamClass}. Indicates * that an externalizable class is written in block data mode. */ public static final byte SC_BLOCK_DATA = 0x08; // If SC_EXTERNALIZABLE @@ -178,7 +178,7 @@ public abstract interface ObjectStreamConstants { public static final byte TC_ENUM = 0x7E; /** - * Bit mask for the {@code flag} field in ObjectStreamClass. Indicates + * Bit mask for the {@code flag} field in {@link ObjectStreamClass}. Indicates * that a class is an enum type. */ public static final byte SC_ENUM = 0x10; diff --git a/luni/src/main/java/java/net/AddressCache.java b/luni/src/main/java/java/net/AddressCache.java index 194761a..2aba78b 100644 --- a/luni/src/main/java/java/net/AddressCache.java +++ b/luni/src/main/java/java/net/AddressCache.java @@ -37,8 +37,36 @@ class AddressCache { private static final long TTL_NANOS = 2 * 1000000000L; // The actual cache. - private final BasicLruCache<String, AddressCacheEntry> cache - = new BasicLruCache<String, AddressCacheEntry>(MAX_ENTRIES); + private final BasicLruCache<AddressCacheKey, AddressCacheEntry> cache + = new BasicLruCache<AddressCacheKey, AddressCacheEntry>(MAX_ENTRIES); + + static class AddressCacheKey { + private final String mHostname; + private final int mNetId; + + AddressCacheKey(String hostname, int netId) { + mHostname = hostname; + mNetId = netId; + } + + @Override public boolean equals(Object o) { + if (this == o) { + return true; + } + if (!(o instanceof AddressCacheKey)) { + return false; + } + AddressCacheKey lhs = (AddressCacheKey) o; + return mHostname.equals(lhs.mHostname) && mNetId == lhs.mNetId; + } + + @Override public int hashCode() { + int result = 17; + result = 31 * result + mNetId; + result = 31 * result + mHostname.hashCode(); + return result; + } + } static class AddressCacheEntry { // Either an InetAddress[] for a positive entry, @@ -67,12 +95,12 @@ class AddressCache { } /** - * Returns the cached InetAddress[] associated with 'hostname'. Returns null if nothing is known - * about 'hostname'. Returns a String suitable for use as an UnknownHostException detail - * message if 'hostname' is known not to exist. + * Returns the cached InetAddress[] for 'hostname' on network 'netId'. Returns null + * if nothing is known about 'hostname'. Returns a String suitable for use as an + * UnknownHostException detail message if 'hostname' is known not to exist. */ - public Object get(String hostname) { - AddressCacheEntry entry = cache.get(hostname); + public Object get(String hostname, int netId) { + AddressCacheEntry entry = cache.get(new AddressCacheKey(hostname, netId)); // Do we have a valid cache entry? if (entry != null && entry.expiryNanos >= System.nanoTime()) { return entry.value; @@ -86,15 +114,15 @@ class AddressCache { * Associates the given 'addresses' with 'hostname'. The association will expire after a * certain length of time. */ - public void put(String hostname, InetAddress[] addresses) { - cache.put(hostname, new AddressCacheEntry(addresses)); + public void put(String hostname, int netId, InetAddress[] addresses) { + cache.put(new AddressCacheKey(hostname, netId), new AddressCacheEntry(addresses)); } /** * Records that 'hostname' is known not to have any associated addresses. (I.e. insert a * negative cache entry.) */ - public void putUnknownHost(String hostname, String detailMessage) { - cache.put(hostname, new AddressCacheEntry(detailMessage)); + public void putUnknownHost(String hostname, int netId, String detailMessage) { + cache.put(new AddressCacheKey(hostname, netId), new AddressCacheEntry(detailMessage)); } } diff --git a/luni/src/main/java/java/net/InetAddress.java b/luni/src/main/java/java/net/InetAddress.java index e31b4c3..5cfa15a 100644 --- a/luni/src/main/java/java/net/InetAddress.java +++ b/luni/src/main/java/java/net/InetAddress.java @@ -127,6 +127,9 @@ public class InetAddress implements Serializable { private static final long serialVersionUID = 3286316764910316507L; + /** Using NetID of NETID_UNSET indicates resolution should be done on default network. */ + private static final int NETID_UNSET = 0; + private int family; byte[] ipaddress; @@ -209,14 +212,29 @@ public class InetAddress implements Serializable { * @throws UnknownHostException if the address lookup fails. */ public static InetAddress[] getAllByName(String host) throws UnknownHostException { - return getAllByNameImpl(host).clone(); + return getAllByNameImpl(host, NETID_UNSET).clone(); } /** - * Returns the InetAddresses for {@code host}. The returned array is shared - * and must be cloned before it is returned to application code. + * Operates identically to {@code getAllByName} except host resolution is + * performed on the network designated by {@code netId}. + * + * @param host the hostname or literal IP string to be resolved. + * @param netId the network to use for host resolution. + * @return the array of addresses associated with the specified host. + * @throws UnknownHostException if the address lookup fails. + * @hide internal use only */ - private static InetAddress[] getAllByNameImpl(String host) throws UnknownHostException { + public static InetAddress[] getAllByNameOnNet(String host, int netId) throws UnknownHostException { + return getAllByNameImpl(host, netId).clone(); + } + + /** + * Returns the InetAddresses for {@code host} on network {@code netId}. The + * returned array is shared and must be cloned before it is returned to + * application code. + */ + private static InetAddress[] getAllByNameImpl(String host, int netId) throws UnknownHostException { if (host == null || host.isEmpty()) { return loopbackAddresses(); } @@ -231,7 +249,7 @@ public class InetAddress implements Serializable { return new InetAddress[] { result }; } - return lookupHostByName(host).clone(); + return lookupHostByName(host, netId).clone(); } private static InetAddress makeInetAddress(byte[] bytes, String hostName) throws UnknownHostException { @@ -264,7 +282,7 @@ public class InetAddress implements Serializable { hints.ai_flags = AI_NUMERICHOST; InetAddress[] addresses = null; try { - addresses = Libcore.os.getaddrinfo(address, hints); + addresses = Libcore.os.android_getaddrinfo(address, hints, NETID_UNSET); } catch (GaiException ignored) { } return (addresses != null) ? addresses[0] : null; @@ -284,7 +302,22 @@ public class InetAddress implements Serializable { * if the address lookup fails. */ public static InetAddress getByName(String host) throws UnknownHostException { - return getAllByNameImpl(host)[0]; + return getAllByNameImpl(host, NETID_UNSET)[0]; + } + + /** + * Operates identically to {@code getByName} except host resolution is + * performed on the network designated by {@code netId}. + * + * @param host + * the hostName to be resolved to an address or {@code null}. + * @param netId the network to use for host resolution. + * @return the {@code InetAddress} instance representing the host. + * @throws UnknownHostException if the address lookup fails. + * @hide internal use only + */ + public static InetAddress getByNameOnNet(String host, int netId) throws UnknownHostException { + return getAllByNameImpl(host, netId)[0]; } /** @@ -360,7 +393,7 @@ public class InetAddress implements Serializable { */ public static InetAddress getLocalHost() throws UnknownHostException { String host = Libcore.os.uname().nodename; - return lookupHostByName(host)[0]; + return lookupHostByName(host, NETID_UNSET)[0]; } /** @@ -377,12 +410,14 @@ public class InetAddress implements Serializable { * Resolves a hostname to its IP addresses using a cache. * * @param host the hostname to resolve. + * @param netId the network to perform resolution upon. * @return the IP addresses of the host. */ - private static InetAddress[] lookupHostByName(String host) throws UnknownHostException { + private static InetAddress[] lookupHostByName(String host, int netId) + throws UnknownHostException { BlockGuard.getThreadPolicy().onNetwork(); // Do we have a result cached? - Object cachedResult = addressCache.get(host); + Object cachedResult = addressCache.get(host, netId); if (cachedResult != null) { if (cachedResult instanceof InetAddress[]) { // A cached positive result. @@ -400,12 +435,12 @@ public class InetAddress implements Serializable { // for SOCK_STREAM and one for SOCK_DGRAM. Since we do not return the family // anyway, just pick one. hints.ai_socktype = SOCK_STREAM; - InetAddress[] addresses = Libcore.os.getaddrinfo(host, hints); + InetAddress[] addresses = Libcore.os.android_getaddrinfo(host, hints, netId); // TODO: should getaddrinfo set the hostname of the InetAddresses it returns? for (InetAddress address : addresses) { address.hostName = host; } - addressCache.put(host, addresses); + addressCache.put(host, netId, addresses); return addresses; } catch (GaiException gaiException) { // If the failure appears to have been a lack of INTERNET permission, throw a clear @@ -418,7 +453,7 @@ public class InetAddress implements Serializable { } // Otherwise, throw an UnknownHostException. String detailMessage = "Unable to resolve host \"" + host + "\": " + Libcore.os.gai_strerror(gaiException.error); - addressCache.putUnknownHost(host, detailMessage); + addressCache.putUnknownHost(host, netId, detailMessage); throw gaiException.rethrowAsUnknownHostException(detailMessage); } } diff --git a/luni/src/main/java/java/nio/DatagramChannelImpl.java b/luni/src/main/java/java/nio/DatagramChannelImpl.java index e736c40..9008637 100644 --- a/luni/src/main/java/java/nio/DatagramChannelImpl.java +++ b/luni/src/main/java/java/nio/DatagramChannelImpl.java @@ -130,7 +130,6 @@ class DatagramChannelImpl extends DatagramChannel implements FileDescriptorChann } } - /** @hide Until ready for a public API change */ @Override synchronized public boolean isConnected() { return connected; diff --git a/luni/src/main/java/java/nio/ServerSocketChannelImpl.java b/luni/src/main/java/java/nio/ServerSocketChannelImpl.java index 7185c32..ae33672 100644 --- a/luni/src/main/java/java/nio/ServerSocketChannelImpl.java +++ b/luni/src/main/java/java/nio/ServerSocketChannelImpl.java @@ -55,7 +55,6 @@ final class ServerSocketChannelImpl extends ServerSocketChannel implements FileD return socket; } - /** @hide Until ready for a public API change */ @Override public SocketChannel accept() throws IOException { if (!isOpen()) { diff --git a/luni/src/main/java/java/util/IllformedLocaleException.java b/luni/src/main/java/java/util/IllformedLocaleException.java index db1754e..3dec1cd 100644 --- a/luni/src/main/java/java/util/IllformedLocaleException.java +++ b/luni/src/main/java/java/util/IllformedLocaleException.java @@ -21,7 +21,6 @@ package java.util; * * See {@link Locale} and {@link Locale.Builder}. * - * @hide * @since 1.7 */ public class IllformedLocaleException extends RuntimeException { diff --git a/luni/src/main/java/java/util/Locale.java b/luni/src/main/java/java/util/Locale.java index 9cd89ec..09fb6e0 100644 --- a/luni/src/main/java/java/util/Locale.java +++ b/luni/src/main/java/java/util/Locale.java @@ -253,7 +253,6 @@ public final class Locale implements Cloneable, Serializable { * * See {@link #getExtension(char)} and {@link Builder#setExtension(char, String)}. * - * @hide * @since 1.7 */ public static final char PRIVATE_USE_EXTENSION = 'x'; @@ -264,7 +263,6 @@ public final class Locale implements Cloneable, Serializable { * * See {@link #getExtension(char)} and {@link Builder#setExtension(char, String)}. * - * @hide * @since 1.7 */ public static final char UNICODE_LOCALE_EXTENSION = 'u'; @@ -302,7 +300,6 @@ public final class Locale implements Cloneable, Serializable { * the structured state (keywords and attributes) specified therein. * * @since 1.7 - * @hide */ public static final class Builder { private String language; @@ -812,7 +809,6 @@ public final class Locale implements Cloneable, Serializable { * * @throws NullPointerException if {@code languageTag} is {@code null}. * - * @hide * @since 1.7 */ public static Locale forLanguageTag(String languageTag) { @@ -1150,6 +1146,8 @@ public final class Locale implements Cloneable, Serializable { * Returns the full variant name in the default {@code Locale} for the variant code of * this {@code Locale}. If there is no matching variant name, the variant code is * returned. + * + * @since 1.7 */ public final String getDisplayVariant() { return getDisplayVariant(getDefault()); @@ -1159,6 +1157,8 @@ public final class Locale implements Cloneable, Serializable { * Returns the full variant name in the specified {@code Locale} for the variant code * of this {@code Locale}. If there is no matching variant name, the variant code is * returned. + * + * @since 1.7 */ public String getDisplayVariant(Locale locale) { if (variantCode.isEmpty()) { @@ -1263,7 +1263,6 @@ public final class Locale implements Cloneable, Serializable { * If set, the script code will be a title cased string of length 4, as per the ISO 15924 * specification. * - * @hide * @since 1.7 */ public String getScript() { @@ -1273,7 +1272,6 @@ public final class Locale implements Cloneable, Serializable { /** * Equivalent to {@code getDisplayScript(Locale.getDefault()))} * - * @hide * @since 1.7 */ public String getDisplayScript() { @@ -1285,7 +1283,6 @@ public final class Locale implements Cloneable, Serializable { * script code is unknown, the return value of this method is the same as that of * {@link #getScript()}. * - * @hide * @since 1.7 */ public String getDisplayScript(Locale locale) { @@ -1321,7 +1318,6 @@ public final class Locale implements Cloneable, Serializable { * For example, we do not require scripts to be a registered ISO 15924 scripts or * languages to appear in the ISO-639-2 code list. * - * @hide * @since 1.7 */ public String toLanguageTag() { @@ -1528,7 +1524,6 @@ public final class Locale implements Cloneable, Serializable { * See <a href="https://tools.ietf.org/html/bcp47#section-2.1"> * the IETF BCP-47 specification</a> (Section 2.2.6) for details. * - * @hide * @since 1.7 */ public Set<Character> getExtensionKeys() { @@ -1543,7 +1538,6 @@ public final class Locale implements Cloneable, Serializable { * locale extension can be fetched using {@link #getUnicodeLocaleAttributes()}, * {@link #getUnicodeLocaleKeys()} and {@link #getUnicodeLocaleType}. * - * @hide * @since 1.7 */ public String getExtension(char extensionKey) { @@ -1556,7 +1550,6 @@ public final class Locale implements Cloneable, Serializable { * For more information about types and keywords, see {@link Builder#setUnicodeLocaleKeyword} * and <a href="http://www.unicode.org/reports/tr35/#BCP47">Unicode Technical Standard #35</a> * - * @hide * @since 1.7 */ public String getUnicodeLocaleType(String keyWord) { @@ -1569,7 +1562,6 @@ public final class Locale implements Cloneable, Serializable { * For more information about attributes, see {@link Builder#addUnicodeLocaleAttribute} * and <a href="http://www.unicode.org/reports/tr35/#BCP47">Unicode Technical Standard #35</a> * - * @hide * @since 1.7 */ public Set<String> getUnicodeLocaleAttributes() { @@ -1582,7 +1574,6 @@ public final class Locale implements Cloneable, Serializable { * For more information about types and keywords, see {@link Builder#setUnicodeLocaleKeyword} * and <a href="http://www.unicode.org/reports/tr35/#BCP47">Unicode Technical Standard #35</a> * - * @hide * @since 1.7 */ public Set<String> getUnicodeLocaleKeys() { diff --git a/luni/src/main/java/java/util/concurrent/ConcurrentLinkedDeque.java b/luni/src/main/java/java/util/concurrent/ConcurrentLinkedDeque.java index 54b53ae..b38d6a5 100644 --- a/luni/src/main/java/java/util/concurrent/ConcurrentLinkedDeque.java +++ b/luni/src/main/java/java/util/concurrent/ConcurrentLinkedDeque.java @@ -56,8 +56,6 @@ import java.util.Queue; * actions subsequent to the access or removal of that element from * the {@code ConcurrentLinkedDeque} in another thread. * - * @hide - * * @since 1.7 * @author Doug Lea * @author Martin Buchholz diff --git a/luni/src/main/java/java/util/concurrent/ForkJoinPool.java b/luni/src/main/java/java/util/concurrent/ForkJoinPool.java index 2e7adc1..9448616 100644 --- a/luni/src/main/java/java/util/concurrent/ForkJoinPool.java +++ b/luni/src/main/java/java/util/concurrent/ForkJoinPool.java @@ -127,7 +127,6 @@ import java.util.concurrent.TimeUnit; * or internal resources have been exhausted. * * @since 1.7 - * @hide * @author Doug Lea */ public class ForkJoinPool extends AbstractExecutorService { @@ -213,8 +212,7 @@ public class ForkJoinPool extends AbstractExecutorService { * choosing existing queues, and may be randomly repositioned upon * contention with other submitters. In essence, submitters act * like workers except that they are restricted to executing local - * tasks that they submitted (or in the case of CountedCompleters, - * others with the same root task). However, because most + * tasks that they submitted. However, because most * shared/external queue operations are more expensive than * internal, and because, at steady state, external submitters * will compete for CPU with workers, ForkJoinTask.join and @@ -419,12 +417,6 @@ public class ForkJoinPool extends AbstractExecutorService { * to find work (see MAX_HELP) and fall back to suspending the * worker and if necessary replacing it with another. * - * Helping actions for CountedCompleters are much simpler: Method - * helpComplete can take and execute any task with the same root - * as the task being waited on. However, this still entails some - * traversal of completer chains, so is less efficient than using - * CountedCompleters without explicit joins. - * * It is impossible to keep exactly the target parallelism number * of threads running at any given time. Determining the * existence of conservatively safe helping targets, the diff --git a/luni/src/main/java/java/util/concurrent/ForkJoinTask.java b/luni/src/main/java/java/util/concurrent/ForkJoinTask.java index b77c167..c6bc6de 100644 --- a/luni/src/main/java/java/util/concurrent/ForkJoinTask.java +++ b/luni/src/main/java/java/util/concurrent/ForkJoinTask.java @@ -74,10 +74,9 @@ import java.lang.reflect.Constructor; * but doing do requires three further considerations: (1) Completion * of few if any <em>other</em> tasks should be dependent on a task * that blocks on external synchronization or I/O. Event-style async - * tasks that are never joined (for example, those subclassing {@link - * CountedCompleter}) often fall into this category. (2) To minimize - * resource impact, tasks should be small; ideally performing only the - * (possibly) blocking action. (3) Unless the {@link + * tasks that are never joined often fall into this category. + * (2) To minimize resource impact, tasks should be small; ideally + * performing only the (possibly) blocking action. (3) Unless the {@link * ForkJoinPool.ManagedBlocker} API is used, or the number of possibly * blocked tasks is known to be less than the pool's {@link * ForkJoinPool#getParallelism} level, the pool cannot guarantee that @@ -120,13 +119,11 @@ import java.lang.reflect.Constructor; * <p>The ForkJoinTask class is not usually directly subclassed. * Instead, you subclass one of the abstract classes that support a * particular style of fork/join processing, typically {@link - * RecursiveAction} for most computations that do not return results, - * {@link RecursiveTask} for those that do, and {@link - * CountedCompleter} for those in which completed actions trigger - * other actions. Normally, a concrete ForkJoinTask subclass declares - * fields comprising its parameters, established in a constructor, and - * then defines a {@code compute} method that somehow uses the control - * methods supplied by this base class. + * RecursiveAction} for most computations that do not return results + * and {@link RecursiveTask} for those that do. Normally, a concrete + * ForkJoinTask subclass declares fields comprising its parameters, + * established in a constructor, and then defines a {@code compute} + * method that somehow uses the control methods supplied by this base class. * * <p>Method {@link #join} and its variants are appropriate for use * only when completion dependencies are acyclic; that is, the @@ -178,7 +175,6 @@ import java.lang.reflect.Constructor; * execution. Serialization is not relied on during execution itself. * * @since 1.7 - * @hide * @author Doug Lea */ public abstract class ForkJoinTask<V> implements Future<V>, Serializable { diff --git a/luni/src/main/java/java/util/concurrent/ForkJoinWorkerThread.java b/luni/src/main/java/java/util/concurrent/ForkJoinWorkerThread.java index 5f2799b..ae28700 100644 --- a/luni/src/main/java/java/util/concurrent/ForkJoinWorkerThread.java +++ b/luni/src/main/java/java/util/concurrent/ForkJoinWorkerThread.java @@ -18,7 +18,6 @@ package java.util.concurrent; * {@linkplain ForkJoinPool#ForkJoinPool use it} in a {@code ForkJoinPool}. * * @since 1.7 - * @hide * @author Doug Lea */ public class ForkJoinWorkerThread extends Thread { diff --git a/luni/src/main/java/java/util/concurrent/LinkedTransferQueue.java b/luni/src/main/java/java/util/concurrent/LinkedTransferQueue.java index cff5dbf..a041fb1 100644 --- a/luni/src/main/java/java/util/concurrent/LinkedTransferQueue.java +++ b/luni/src/main/java/java/util/concurrent/LinkedTransferQueue.java @@ -50,7 +50,6 @@ import java.util.concurrent.locks.LockSupport; * the {@code LinkedTransferQueue} in another thread. * * @since 1.7 - * @hide * @author Doug Lea * @param <E> the type of elements held in this collection */ diff --git a/luni/src/main/java/java/util/concurrent/Phaser.java b/luni/src/main/java/java/util/concurrent/Phaser.java index a9adbe5..a97d187 100644 --- a/luni/src/main/java/java/util/concurrent/Phaser.java +++ b/luni/src/main/java/java/util/concurrent/Phaser.java @@ -227,7 +227,6 @@ import java.util.concurrent.locks.LockSupport; * of participants. * * @since 1.7 - * @hide * @author Doug Lea */ public class Phaser { diff --git a/luni/src/main/java/java/util/concurrent/RecursiveAction.java b/luni/src/main/java/java/util/concurrent/RecursiveAction.java index 8d666f6..e3a6340 100644 --- a/luni/src/main/java/java/util/concurrent/RecursiveAction.java +++ b/luni/src/main/java/java/util/concurrent/RecursiveAction.java @@ -131,7 +131,6 @@ package java.util.concurrent; * }}</pre> * * @since 1.7 - * @hide * @author Doug Lea */ public abstract class RecursiveAction extends ForkJoinTask<Void> { diff --git a/luni/src/main/java/java/util/concurrent/RecursiveTask.java b/luni/src/main/java/java/util/concurrent/RecursiveTask.java index 421c9d3..80baa52 100644 --- a/luni/src/main/java/java/util/concurrent/RecursiveTask.java +++ b/luni/src/main/java/java/util/concurrent/RecursiveTask.java @@ -34,7 +34,6 @@ package java.util.concurrent; * sequentially solve rather than subdividing. * * @since 1.7 - * @hide * @author Doug Lea */ public abstract class RecursiveTask<V> extends ForkJoinTask<V> { diff --git a/luni/src/main/java/java/util/concurrent/ScheduledThreadPoolExecutor.java b/luni/src/main/java/java/util/concurrent/ScheduledThreadPoolExecutor.java index a52351b..483981d 100644 --- a/luni/src/main/java/java/util/concurrent/ScheduledThreadPoolExecutor.java +++ b/luni/src/main/java/java/util/concurrent/ScheduledThreadPoolExecutor.java @@ -690,7 +690,6 @@ public class ScheduledThreadPoolExecutor * @param value if {@code true}, remove on cancellation, else don't * @see #getRemoveOnCancelPolicy * @since 1.7 - * @hide */ public void setRemoveOnCancelPolicy(boolean value) { removeOnCancel = value; @@ -705,7 +704,6 @@ public class ScheduledThreadPoolExecutor * from the queue * @see #setRemoveOnCancelPolicy * @since 1.7 - * @hide */ public boolean getRemoveOnCancelPolicy() { return removeOnCancel; diff --git a/luni/src/main/java/java/util/concurrent/ThreadLocalRandom.java b/luni/src/main/java/java/util/concurrent/ThreadLocalRandom.java index a559321..5baf75f 100644 --- a/luni/src/main/java/java/util/concurrent/ThreadLocalRandom.java +++ b/luni/src/main/java/java/util/concurrent/ThreadLocalRandom.java @@ -30,7 +30,6 @@ import java.util.Random; * generation methods. * * @since 1.7 - * @hide * @author Doug Lea */ public class ThreadLocalRandom extends Random { diff --git a/luni/src/main/java/java/util/concurrent/TransferQueue.java b/luni/src/main/java/java/util/concurrent/TransferQueue.java index 9cd5773..4c2be6f 100644 --- a/luni/src/main/java/java/util/concurrent/TransferQueue.java +++ b/luni/src/main/java/java/util/concurrent/TransferQueue.java @@ -33,7 +33,6 @@ package java.util.concurrent; * and {@code transfer} are effectively synonymous. * * @since 1.7 - * @hide * @author Doug Lea * @param <E> the type of elements held in this collection */ diff --git a/luni/src/main/java/java/util/concurrent/atomic/Fences.java b/luni/src/main/java/java/util/concurrent/atomic/Fences.java index 7ecf45a..5714ba0 100644 --- a/luni/src/main/java/java/util/concurrent/atomic/Fences.java +++ b/luni/src/main/java/java/util/concurrent/atomic/Fences.java @@ -453,7 +453,6 @@ package java.util.concurrent.atomic; * * </dl> * - * @since 1.7 * @hide * @author Doug Lea */ diff --git a/luni/src/main/java/java/util/concurrent/locks/AbstractQueuedLongSynchronizer.java b/luni/src/main/java/java/util/concurrent/locks/AbstractQueuedLongSynchronizer.java index 4c5e280..37aa9d0 100644 --- a/luni/src/main/java/java/util/concurrent/locks/AbstractQueuedLongSynchronizer.java +++ b/luni/src/main/java/java/util/concurrent/locks/AbstractQueuedLongSynchronizer.java @@ -1255,7 +1255,6 @@ public abstract class AbstractQueuedLongSynchronizer * current thread, and {@code false} if the current thread * is at the head of the queue or the queue is empty * @since 1.7 - * @hide */ public final boolean hasQueuedPredecessors() { // The correctness of this depends on head being initialized diff --git a/luni/src/main/java/java/util/concurrent/locks/AbstractQueuedSynchronizer.java b/luni/src/main/java/java/util/concurrent/locks/AbstractQueuedSynchronizer.java index 0350060..e711da5 100644 --- a/luni/src/main/java/java/util/concurrent/locks/AbstractQueuedSynchronizer.java +++ b/luni/src/main/java/java/util/concurrent/locks/AbstractQueuedSynchronizer.java @@ -1485,7 +1485,6 @@ public abstract class AbstractQueuedSynchronizer * current thread, and {@code false} if the current thread * is at the head of the queue or the queue is empty * @since 1.7 - * @hide */ public final boolean hasQueuedPredecessors() { // The correctness of this depends on head being initialized diff --git a/luni/src/main/java/java/util/jar/JarEntry.java b/luni/src/main/java/java/util/jar/JarEntry.java index 85c8678..bceef63 100644 --- a/luni/src/main/java/java/util/jar/JarEntry.java +++ b/luni/src/main/java/java/util/jar/JarEntry.java @@ -17,16 +17,16 @@ package java.util.jar; -import javax.security.auth.x500.X500Principal; import java.io.IOException; import java.security.CodeSigner; import java.security.cert.CertPath; +import java.security.cert.CertPathValidator; import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.ArrayList; -import java.util.List; +import java.util.Arrays; import java.util.zip.ZipEntry; /** @@ -114,8 +114,12 @@ public class JarEntry extends ZipEntry { * entry or {@code null} if none exists. Make sure that the everything is * read from the input stream before calling this method, or else the method * returns {@code null}. + * <p> + * This method returns all the signers' unverified chains concatenated + * together in one array. To know which certificates were tied to the + * private keys that made the signatures on this entry, see + * {@link #getCodeSigners()} instead. * - * @return the certificate for this entry. * @see java.security.cert.Certificate */ public Certificate[] getCertificates() { @@ -126,7 +130,27 @@ public class JarEntry extends ZipEntry { if (jarVerifier == null) { return null; } - return jarVerifier.getCertificates(getName()); + + Certificate[][] certChains = jarVerifier.getCertificateChains(getName()); + if (certChains == null) { + return null; + } + + // Measure number of certs. + int count = 0; + for (Certificate[] chain : certChains) { + count += chain.length; + } + + // Create new array and copy all the certs into it. + Certificate[] certs = new Certificate[count]; + int i = 0; + for (Certificate[] chain : certChains) { + System.arraycopy(chain, 0, certs, i, chain.length); + i += chain.length; + } + + return certs; } void setAttributes(Attributes attrib) { @@ -138,68 +162,60 @@ public class JarEntry extends ZipEntry { * JAR file. If there is no such code signer, it returns {@code null}. Make * sure that the everything is read from the input stream before calling * this method, or else the method returns {@code null}. + * <p> + * Only the digital signature on the entry is cryptographically verified. + * None of the certificates in the the {@link CertPath} returned from + * {@link CodeSigner#getSignerCertPath()} are verified and must be verified + * by the caller if needed. See {@link CertPathValidator} for more + * information. * - * @return the code signers for the JAR entry. + * @return an array of CodeSigner for this JAR entry. * @see CodeSigner */ public CodeSigner[] getCodeSigners() { + if (parentJar == null) { + return null; + } + + JarVerifier jarVerifier = parentJar.verifier; + if (jarVerifier == null) { + return null; + } + if (signers == null) { - signers = getCodeSigners(getCertificates()); + signers = getCodeSigners(jarVerifier.getCertificateChains(getName())); } if (signers == null) { return null; } - CodeSigner[] tmp = new CodeSigner[signers.length]; - System.arraycopy(signers, 0, tmp, 0, tmp.length); - return tmp; + return signers.clone(); } - private CodeSigner[] getCodeSigners(Certificate[] certs) { - if (certs == null) { + private CodeSigner[] getCodeSigners(Certificate[][] certChains) { + if (certChains == null) { return null; } - X500Principal prevIssuer = null; - ArrayList<Certificate> list = new ArrayList<Certificate>(certs.length); - ArrayList<CodeSigner> asigners = new ArrayList<CodeSigner>(); + ArrayList<CodeSigner> asigners = new ArrayList<CodeSigner>(certChains.length); - for (Certificate element : certs) { - if (!(element instanceof X509Certificate)) { - // Only X509Certificate-s are taken into account - see API spec. - continue; - } - X509Certificate x509 = (X509Certificate) element; - if (prevIssuer != null) { - X500Principal subj = x509.getSubjectX500Principal(); - if (!prevIssuer.equals(subj)) { - // Ok, this ends the previous chain, - // so transform this one into CertPath ... - addCodeSigner(asigners, list); - // ... and start a new one - list.clear(); - }// else { it's still the same chain } - - } - prevIssuer = x509.getIssuerX500Principal(); - list.add(x509); - } - if (!list.isEmpty()) { - addCodeSigner(asigners, list); - } - if (asigners.isEmpty()) { - // 'signers' is 'null' already - return null; + for (Certificate[] chain : certChains) { + addCodeSigner(asigners, chain); } CodeSigner[] tmp = new CodeSigner[asigners.size()]; asigners.toArray(tmp); return tmp; - } - private void addCodeSigner(ArrayList<CodeSigner> asigners, - List<Certificate> list) { + private void addCodeSigner(ArrayList<CodeSigner> asigners, Certificate[] certs) { + for (Certificate cert : certs) { + // Only X509Certificate instances are counted. See API spec. + if (!(cert instanceof X509Certificate)) { + return; + } + } + CertPath certPath = null; if (!isFactoryChecked) { try { @@ -214,7 +230,7 @@ public class JarEntry extends ZipEntry { return; } try { - certPath = factory.generateCertPath(list); + certPath = factory.generateCertPath(Arrays.asList(certs)); } catch (CertificateException ex) { // do nothing } diff --git a/luni/src/main/java/java/util/jar/JarVerifier.java b/luni/src/main/java/java/util/jar/JarVerifier.java index c545a02..467e298 100644 --- a/luni/src/main/java/java/util/jar/JarVerifier.java +++ b/luni/src/main/java/java/util/jar/JarVerifier.java @@ -27,7 +27,6 @@ import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.cert.Certificate; import java.util.ArrayList; -import java.util.Collections; import java.util.HashMap; import java.util.Hashtable; import java.util.Iterator; @@ -72,8 +71,8 @@ class JarVerifier { private final Hashtable<String, Certificate[]> certificates = new Hashtable<String, Certificate[]>(5); - private final Hashtable<String, Certificate[]> verifiedEntries = - new Hashtable<String, Certificate[]>(); + private final Hashtable<String, Certificate[][]> verifiedEntries = + new Hashtable<String, Certificate[][]>(); /** * Stores and a hash and a message digest and verifies that massage digest @@ -87,16 +86,16 @@ class JarVerifier { private final byte[] hash; - private final Certificate[] certificates; + private final Certificate[][] certChains; - private final Hashtable<String, Certificate[]> verifiedEntries; + private final Hashtable<String, Certificate[][]> verifiedEntries; VerifierEntry(String name, MessageDigest digest, byte[] hash, - Certificate[] certificates, Hashtable<String, Certificate[]> verifedEntries) { + Certificate[][] certChains, Hashtable<String, Certificate[][]> verifedEntries) { this.name = name; this.digest = digest; this.hash = hash; - this.certificates = certificates; + this.certChains = certChains; this.verifiedEntries = verifedEntries; } @@ -132,7 +131,7 @@ class JarVerifier { if (!MessageDigest.isEqual(d, Base64.decode(hash))) { throw invalidDigest(JarFile.MANIFEST_NAME, name, name); } - verifiedEntries.put(name, certificates); + verifiedEntries.put(name, certChains); } } @@ -185,7 +184,7 @@ class JarVerifier { return null; } - ArrayList<Certificate> certs = new ArrayList<Certificate>(); + ArrayList<Certificate[]> certChains = new ArrayList<Certificate[]>(); Iterator<Map.Entry<String, HashMap<String, Attributes>>> it = signatures.entrySet().iterator(); while (it.hasNext()) { Map.Entry<String, HashMap<String, Attributes>> entry = it.next(); @@ -195,16 +194,16 @@ class JarVerifier { String signatureFile = entry.getKey(); Certificate[] certChain = certificates.get(signatureFile); if (certChain != null) { - Collections.addAll(certs, certChain); + certChains.add(certChain); } } } // entry is not signed - if (certs.isEmpty()) { + if (certChains.isEmpty()) { return null; } - Certificate[] certificatesArray = certs.toArray(new Certificate[certs.size()]); + Certificate[][] certChainsArray = certChains.toArray(new Certificate[certChains.size()][]); for (int i = 0; i < DIGEST_ALGORITHMS.length; i++) { final String algorithm = DIGEST_ALGORITHMS[i]; @@ -216,9 +215,8 @@ class JarVerifier { try { return new VerifierEntry(name, MessageDigest.getInstance(algorithm), hashBytes, - certificatesArray, verifiedEntries); - } catch (NoSuchAlgorithmException e) { - // ignored + certChainsArray, verifiedEntries); + } catch (NoSuchAlgorithmException ignored) { } } return null; @@ -396,20 +394,16 @@ class JarVerifier { } /** - * Returns all of the {@link java.security.cert.Certificate} instances that + * Returns all of the {@link java.security.cert.Certificate} chains that * were used to verify the signature on the JAR entry called - * {@code name}. + * {@code name}. Callers must not modify the returned arrays. * * @param name * the name of a JAR entry. - * @return an array of {@link java.security.cert.Certificate}. + * @return an array of {@link java.security.cert.Certificate} chains. */ - Certificate[] getCertificates(String name) { - Certificate[] verifiedCerts = verifiedEntries.get(name); - if (verifiedCerts == null) { - return null; - } - return verifiedCerts.clone(); + Certificate[][] getCertificateChains(String name) { + return verifiedEntries.get(name); } /** diff --git a/luni/src/main/java/java/util/jar/StrictJarFile.java b/luni/src/main/java/java/util/jar/StrictJarFile.java index fa175d8..4a8af5f 100644 --- a/luni/src/main/java/java/util/jar/StrictJarFile.java +++ b/luni/src/main/java/java/util/jar/StrictJarFile.java @@ -87,16 +87,51 @@ public final class StrictJarFile { } /** + * Return all certificate chains for a given {@link ZipEntry} belonging to this jar. + * This method MUST be called only after fully exhausting the InputStream belonging + * to this entry. + * + * Returns {@code null} if this jar file isn't signed or if this method is + * called before the stream is processed. + */ + public Certificate[][] getCertificateChains(ZipEntry ze) { + if (isSigned) { + return verifier.getCertificateChains(ze.getName()); + } + + return null; + } + + /** * Return all certificates for a given {@link ZipEntry} belonging to this jar. * This method MUST be called only after fully exhausting the InputStream belonging * to this entry. * * Returns {@code null} if this jar file isn't signed or if this method is * called before the stream is processed. + * + * @deprecated Switch callers to use getCertificateChains instead */ + @Deprecated public Certificate[] getCertificates(ZipEntry ze) { if (isSigned) { - return verifier.getCertificates(ze.getName()); + Certificate[][] certChains = verifier.getCertificateChains(ze.getName()); + + // Measure number of certs. + int count = 0; + for (Certificate[] chain : certChains) { + count += chain.length; + } + + // Create new array and copy all the certs into it. + Certificate[] certs = new Certificate[count]; + int i = 0; + for (Certificate[] chain : certChains) { + System.arraycopy(chain, 0, certs, i, chain.length); + i += chain.length; + } + + return certs; } return null; diff --git a/luni/src/main/java/javax/net/ssl/DefaultHostnameVerifier.java b/luni/src/main/java/javax/net/ssl/DefaultHostnameVerifier.java index 65c8b03..fa11371 100644 --- a/luni/src/main/java/javax/net/ssl/DefaultHostnameVerifier.java +++ b/luni/src/main/java/javax/net/ssl/DefaultHostnameVerifier.java @@ -154,7 +154,10 @@ public final class DefaultHostnameVerifier implements HostnameVerifier { int suffixLength = cn.length() - (asterisk + 1); int suffixStart = hostName.length() - suffixLength; if (hostName.indexOf('.', asterisk) < suffixStart) { - return false; // wildcard '*' can't match a '.' + // TODO: remove workaround for *.clients.google.com http://b/5426333 + if (!hostName.endsWith(".clients.google.com")) { + return false; // wildcard '*' can't match a '.' + } } if (!hostName.regionMatches(suffixStart, cn, asterisk + 1, suffixLength)) { diff --git a/luni/src/main/java/javax/net/ssl/DistinguishedNameParser.java b/luni/src/main/java/javax/net/ssl/DistinguishedNameParser.java index c3c1606..25ab76f 100644 --- a/luni/src/main/java/javax/net/ssl/DistinguishedNameParser.java +++ b/luni/src/main/java/javax/net/ssl/DistinguishedNameParser.java @@ -17,6 +17,9 @@ package javax.net.ssl; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; import javax.security.auth.x500.X500Principal; /** @@ -406,4 +409,71 @@ public final class DistinguishedNameParser { } } } + + /** + * Parses the DN and returns all values for an attribute type, in + * the order of decreasing significance (most significant first). + * + * @param attributeType attribute type to look for (e.g. "ca") + */ + public List<String> getAllMostSpecificFirst(String attributeType) { + // Initialize internal state. + pos = 0; + beg = 0; + end = 0; + cur = 0; + chars = dn.toCharArray(); + List<String> result = Collections.emptyList(); + + String attType = nextAT(); + if (attType == null) { + return result; + } + while (pos < length) { + String attValue = ""; + + switch (chars[pos]) { + case '"': + attValue = quotedAV(); + break; + case '#': + attValue = hexAV(); + break; + case '+': + case ',': + case ';': // compatibility with RFC 1779: semicolon can separate RDNs + //empty attribute value + break; + default: + attValue = escapedAV(); + } + + // Values are ordered from most specific to least specific + // due to the RFC2253 formatting. So take the first match + // we see. + if (attributeType.equalsIgnoreCase(attType)) { + if (result.isEmpty()) { + result = new ArrayList<String>(); + } + result.add(attValue); + } + + if (pos >= length) { + break; + } + + if (chars[pos] == ',' || chars[pos] == ';') { + } else if (chars[pos] != '+') { + throw new IllegalStateException("Malformed DN: " + dn); + } + + pos++; + attType = nextAT(); + if (attType == null) { + throw new IllegalStateException("Malformed DN: " + dn); + } + } + + return result; + } } diff --git a/luni/src/main/java/libcore/io/ForwardingOs.java b/luni/src/main/java/libcore/io/ForwardingOs.java index d09e442..bf4b448 100644 --- a/luni/src/main/java/libcore/io/ForwardingOs.java +++ b/luni/src/main/java/libcore/io/ForwardingOs.java @@ -52,6 +52,7 @@ public class ForwardingOs implements Os { public FileDescriptor accept(FileDescriptor fd, InetSocketAddress peerAddress) throws ErrnoException, SocketException { return os.accept(fd, peerAddress); } public boolean access(String path, int mode) throws ErrnoException { return os.access(path, mode); } + public InetAddress[] android_getaddrinfo(String node, StructAddrinfo hints, int netId) throws GaiException { return os.android_getaddrinfo(node, hints, netId); } public void bind(FileDescriptor fd, InetAddress address, int port) throws ErrnoException, SocketException { os.bind(fd, address, port); } public void chmod(String path, int mode) throws ErrnoException { os.chmod(path, mode); } public void chown(String path, int uid, int gid) throws ErrnoException { os.chown(path, uid, gid); } @@ -73,7 +74,6 @@ public class ForwardingOs implements Os { public void fsync(FileDescriptor fd) throws ErrnoException { os.fsync(fd); } public void ftruncate(FileDescriptor fd, long length) throws ErrnoException { os.ftruncate(fd, length); } public String gai_strerror(int error) { return os.gai_strerror(error); } - public InetAddress[] getaddrinfo(String node, StructAddrinfo hints) throws GaiException { return os.getaddrinfo(node, hints); } public int getegid() { return os.getegid(); } public int geteuid() { return os.geteuid(); } public int getgid() { return os.getgid(); } diff --git a/luni/src/main/java/libcore/io/Os.java b/luni/src/main/java/libcore/io/Os.java index a537aeb..511bb27 100644 --- a/luni/src/main/java/libcore/io/Os.java +++ b/luni/src/main/java/libcore/io/Os.java @@ -43,6 +43,7 @@ import java.nio.ByteBuffer; public interface Os { public FileDescriptor accept(FileDescriptor fd, InetSocketAddress peerAddress) throws ErrnoException, SocketException; public boolean access(String path, int mode) throws ErrnoException; + public InetAddress[] android_getaddrinfo(String node, StructAddrinfo hints, int netId) throws GaiException; public void bind(FileDescriptor fd, InetAddress address, int port) throws ErrnoException, SocketException; public void chmod(String path, int mode) throws ErrnoException; public void chown(String path, int uid, int gid) throws ErrnoException; @@ -64,7 +65,6 @@ public interface Os { public void fsync(FileDescriptor fd) throws ErrnoException; public void ftruncate(FileDescriptor fd, long length) throws ErrnoException; public String gai_strerror(int error); - public InetAddress[] getaddrinfo(String node, StructAddrinfo hints) throws GaiException; public int getegid(); public int geteuid(); public int getgid(); diff --git a/luni/src/main/java/libcore/io/Posix.java b/luni/src/main/java/libcore/io/Posix.java index 7551190..f5eaaa3 100644 --- a/luni/src/main/java/libcore/io/Posix.java +++ b/luni/src/main/java/libcore/io/Posix.java @@ -46,6 +46,7 @@ public final class Posix implements Os { public native FileDescriptor accept(FileDescriptor fd, InetSocketAddress peerAddress) throws ErrnoException, SocketException; public native boolean access(String path, int mode) throws ErrnoException; + public native InetAddress[] android_getaddrinfo(String node, StructAddrinfo hints, int netId) throws GaiException; public native void bind(FileDescriptor fd, InetAddress address, int port) throws ErrnoException, SocketException; public native void chmod(String path, int mode) throws ErrnoException; public native void chown(String path, int uid, int gid) throws ErrnoException; @@ -67,7 +68,6 @@ public final class Posix implements Os { public native void fsync(FileDescriptor fd) throws ErrnoException; public native void ftruncate(FileDescriptor fd, long length) throws ErrnoException; public native String gai_strerror(int error); - public native InetAddress[] getaddrinfo(String node, StructAddrinfo hints) throws GaiException; public native int getegid(); public native int geteuid(); public native int getgid(); diff --git a/luni/src/main/native/Portability.h b/luni/src/main/native/Portability.h index fb60ed4..1520311 100644 --- a/luni/src/main/native/Portability.h +++ b/luni/src/main/native/Portability.h @@ -65,7 +65,7 @@ static inline int mincore(void* addr, size_t length, unsigned char* vec) { #include <sys/param.h> #include <sys/mount.h> -#else +#else // defined(__APPLE__) // Bionic or glibc. @@ -73,6 +73,15 @@ static inline int mincore(void* addr, size_t length, unsigned char* vec) { #include <sys/sendfile.h> #include <sys/statvfs.h> -#endif +#endif // defined(__APPLE__) + +#if !defined(__BIONIC__) +#include <netdb.h> +#include "../../bionic/libc/dns/include/resolv_netid.h" +inline int android_getaddrinfofornet(const char *hostname, const char *servname, + const struct addrinfo *hints, unsigned /*netid*/, unsigned /*mark*/, struct addrinfo **res) { + return getaddrinfo(hostname, servname, hints, res); +} +#endif // !defined(__BIONIC__) #endif // PORTABILITY_H_included diff --git a/luni/src/main/native/libcore_io_Posix.cpp b/luni/src/main/native/libcore_io_Posix.cpp index ffeabf7..6808dd6 100644 --- a/luni/src/main/native/libcore_io_Posix.cpp +++ b/luni/src/main/native/libcore_io_Posix.cpp @@ -25,6 +25,7 @@ #include "NetworkUtilities.h" #include "Portability.h" #include "readlink.h" +#include "../../bionic/libc/dns/include/resolv_netid.h" // For android_getaddrinfofornet. #include "ScopedBytes.h" #include "ScopedLocalRef.h" #include "ScopedPrimitiveArray.h" @@ -661,7 +662,8 @@ static jstring Posix_gai_strerror(JNIEnv* env, jobject, jint error) { return env->NewStringUTF(gai_strerror(error)); } -static jobjectArray Posix_getaddrinfo(JNIEnv* env, jobject, jstring javaNode, jobject javaHints) { +static jobjectArray Posix_android_getaddrinfo(JNIEnv* env, jobject, jstring javaNode, + jobject javaHints, jint netId) { ScopedUtfChars node(env, javaNode); if (node.c_str() == NULL) { return NULL; @@ -681,10 +683,10 @@ static jobjectArray Posix_getaddrinfo(JNIEnv* env, jobject, jstring javaNode, jo addrinfo* addressList = NULL; errno = 0; - int rc = getaddrinfo(node.c_str(), NULL, &hints, &addressList); + int rc = android_getaddrinfofornet(node.c_str(), NULL, &hints, netId, 0, &addressList); UniquePtr<addrinfo, addrinfo_deleter> addressListDeleter(addressList); if (rc != 0) { - throwGaiException(env, "getaddrinfo", rc); + throwGaiException(env, "android_getaddrinfo", rc); return NULL; } @@ -694,7 +696,7 @@ static jobjectArray Posix_getaddrinfo(JNIEnv* env, jobject, jstring javaNode, jo if (ai->ai_family == AF_INET || ai->ai_family == AF_INET6) { ++addressCount; } else { - ALOGE("getaddrinfo unexpected ai_family %i", ai->ai_family); + ALOGE("android_getaddrinfo unexpected ai_family %i", ai->ai_family); } } if (addressCount == 0) { @@ -712,7 +714,7 @@ static jobjectArray Posix_getaddrinfo(JNIEnv* env, jobject, jstring javaNode, jo for (addrinfo* ai = addressList; ai != NULL; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) { // Unknown address family. Skip this address. - ALOGE("getaddrinfo unexpected ai_family %i", ai->ai_family); + ALOGE("android_getaddrinfo unexpected ai_family %i", ai->ai_family); continue; } @@ -1538,6 +1540,7 @@ static jint Posix_writev(JNIEnv* env, jobject, jobject javaFd, jobjectArray buff static JNINativeMethod gMethods[] = { NATIVE_METHOD(Posix, accept, "(Ljava/io/FileDescriptor;Ljava/net/InetSocketAddress;)Ljava/io/FileDescriptor;"), NATIVE_METHOD(Posix, access, "(Ljava/lang/String;I)Z"), + NATIVE_METHOD(Posix, android_getaddrinfo, "(Ljava/lang/String;Landroid/system/StructAddrinfo;I)[Ljava/net/InetAddress;"), NATIVE_METHOD(Posix, bind, "(Ljava/io/FileDescriptor;Ljava/net/InetAddress;I)V"), NATIVE_METHOD(Posix, chmod, "(Ljava/lang/String;I)V"), NATIVE_METHOD(Posix, chown, "(Ljava/lang/String;II)V"), @@ -1559,7 +1562,6 @@ static JNINativeMethod gMethods[] = { NATIVE_METHOD(Posix, fsync, "(Ljava/io/FileDescriptor;)V"), NATIVE_METHOD(Posix, ftruncate, "(Ljava/io/FileDescriptor;J)V"), NATIVE_METHOD(Posix, gai_strerror, "(I)Ljava/lang/String;"), - NATIVE_METHOD(Posix, getaddrinfo, "(Ljava/lang/String;Landroid/system/StructAddrinfo;)[Ljava/net/InetAddress;"), NATIVE_METHOD(Posix, getegid, "()I"), NATIVE_METHOD(Posix, geteuid, "()I"), NATIVE_METHOD(Posix, getgid, "()I"), diff --git a/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java b/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java index 6d033d3..1475a63 100644 --- a/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java +++ b/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java @@ -109,6 +109,24 @@ public class CertBlacklistTest extends TestCase { "3xQAyMuOHm72exJljYFqIsiNvGE0KufCqCuH1PD97IXMrLlwGmKKg5jP349lySBpJjm6RDqCTT+6" + "dUl2jkVbeNmco99Y7AOdtLsOdXBMCo5x8lK8zwQWFrzEms0joHXCpWfGWA=="; + public static final String ANSSI = "" + + "MIIDbDCCAlSgAwIBAgIDAx2nMA0GCSqGSIb3DQEBBQUAMEsxCzAJBgNVBAYTAkZSMQ4wDAYDVQQK" + + "EwVER1RQRTEsMCoGA1UEAxMjQUMgREdUUEUgU2lnbmF0dXJlIEF1dGhlbnRpZmljYXRpb24wHhcN" + + "MTMwNzE4MTAwNTI4WhcNMTQwNzE4MTAwNTI4WjA+MQswCQYDVQQGEwJGUjETMBEGA1UECgwKREcg" + + "VHLDqXNvcjEaMBgGA1UEAwwRQUMgREcgVHLDqXNvciBTU0wwggEiMA0GCSqGSIb3DQEBAQUAA4IB" + + "DwAwggEKAoIBAQDI0WFSUyY+MmtFkqFjTefoFyDgh9b1C/2YvSIvT8oCH62JWT5rpeTCZwaXbqWc" + + "jaNfzggqaFsokqfhBif43HNHNtNJmvKE32VcuLB0SpsLR/1VeTd9F99C1JeHVa+nelumOHEfouX8" + + "rRFrxNXNIYTVeiENT8Y2YqRb/XAril9g7i674uFzLiNR/t/N/F8Exujv9U8m8rmgud/+tG9WDRaD" + + "Jwoj3ZFCOnL5qLnSUEcS6TzWpozLmC2JVO5GZKGGd7qC9FjdBkVilkbVIEGSrYvz2Uz2v5IGqMBI" + + "QaFL/kSYWxGTaedTOk2drFEApp9AEPTfv1NwCWBfegsGQrHUROM3AgMBAAGjZjBkMBIGA1UdEwEB" + + "/wQIMAYBAf8CAQQwHQYDVR0OBBYEFAAMW8lJqJW0DtAv5p3Mjogxvh9lMB8GA1UdIwQYMBaAFOnb" + + "kI/9W5nkFTvwYlyn5A1Y6IeZMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAtDfG" + + "HkHOLW2d9fiMtwtkEwDauISJLJyCjoRmawzmQbIZXq7HaLliVfE0sdfKUm0iQ0im1/CpnJLPoTeK" + + "yBHvNu1ubLc2m+9dabAYhF3pVdKC+gNaAzBXZ9Gt0p1CLk1lf8Hg+R10HN2IPCv7V/crz2Ga+c23" + + "4P3pfwYW8+Nd7alGCuvqot6UYXOlheF7zWUkHn6z6tvY+9oMDHKSUAthhA/FB50JgJU89zyTv1eg" + + "Y3ldKwvYBW3W3yNZdTHbPyNsPJdhqA55mDNsteE5YTp1PyySDb1MSVrbxDEruoH6ZE99Hob4Ih8A" + + "mn7MHZatGClECgjXWFZ2Gxa7OUCaQpcH8g=="; + public CertBlacklistTest() throws IOException { tmpFile = File.createTempFile("test", ""); DEFAULT_PUBKEYS = getDefaultPubkeys(); @@ -415,6 +433,20 @@ public class CertBlacklistTest extends TestCase { assertEquals(bl.isPublicKeyBlackListed(pk), true); } + public void testANSSISerialBlacklist() throws Exception { + CertBlacklist bl = new CertBlacklist(); + assertEquals(bl.isSerialNumberBlackListed(createSerialNumber(ANSSI)), true); + } + + public void testANSSIIntermediatePubkeyBlacklist() throws Exception { + // build the public key + PublicKey pk = createPublicKey(ANSSI); + // set our blacklist path + CertBlacklist bl = new CertBlacklist(); + // check to make sure it isn't blacklisted + assertEquals(bl.isPublicKeyBlackListed(pk), true); + } + private static void printHash(String cert) throws Exception { System.out.println("CERTIFICATE PUBLIC KEY HASH: " + getHash(createPublicKey(cert))); } diff --git a/luni/src/test/java/libcore/java/io/SerializationTest.java b/luni/src/test/java/libcore/java/io/SerializationTest.java index d452c11..32bc402 100644 --- a/luni/src/test/java/libcore/java/io/SerializationTest.java +++ b/luni/src/test/java/libcore/java/io/SerializationTest.java @@ -16,12 +16,16 @@ package libcore.java.io; -import java.io.IOException; +import junit.framework.TestCase; + import java.io.InvalidClassException; +import java.io.InvalidObjectException; +import java.io.NotSerializableException; import java.io.ObjectStreamClass; import java.io.ObjectStreamField; import java.io.Serializable; -import junit.framework.TestCase; +import java.lang.reflect.InvocationHandler; +import java.lang.reflect.Method; import libcore.util.SerializationTester; public final class SerializationTest extends TestCase { @@ -49,6 +53,97 @@ public final class SerializationTest extends TestCase { private int nonTransientInt; } + public void testSerializeFieldMadeStatic() throws Exception { + // Does ObjectStreamClass have the right idea? + ObjectStreamClass osc = ObjectStreamClass.lookup(FieldMadeStatic.class); + ObjectStreamField[] fields = osc.getFields(); + assertEquals(0, fields.length); + + // This was created by serializing a FieldMadeStatic with a non-static staticInt + String s = "aced0005737200316c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6e54657" + + "374244669656c644d6164655374617469630000000000000000020001490009737461746963496e7" + + "47870000022b8"; + FieldMadeStatic deserialized = (FieldMadeStatic) SerializationTester.deserializeHex(s); + // The field data is simply ignored if it is static. + assertEquals(9999, deserialized.staticInt); + } + + static class FieldMadeStatic implements Serializable { + private static final long serialVersionUID = 0L; + // private int staticInt = 8888; + private static int staticInt = 9999; + } + + // We can serialize an object that has an unserializable field providing it is null. + public void testDeserializeNullUnserializableField() throws Exception { + // This was created by creating a new SerializableContainer and not setting the + // unserializable field. A canned serialized form is used so we can tell if the static + // initializers were executed during deserialization. + // SerializationTester.serializeHex(new SerializableContainer()); + String s = "aced0005737200376c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6e54657" + + "3742453657269616c697a61626c65436f6e7461696e657200000000000000000200014c000e756e7" + + "3657269616c697a61626c657400334c6c6962636f72652f6a6176612f696f2f53657269616c697a6" + + "174696f6e546573742457617353657269616c697a61626c653b787070"; + + serializableContainerInitializedFlag = false; + wasSerializableInitializedFlag = false; + + SerializableContainer sc = (SerializableContainer) SerializationTester.deserializeHex(s); + assertNull(sc.unserializable); + + // Confirm the container was initialized, but the class for the null field was not. + assertTrue(serializableContainerInitializedFlag); + assertFalse(wasSerializableInitializedFlag); + } + + public static boolean serializableContainerInitializedFlag = false; + + static class SerializableContainer implements Serializable { + private static final long serialVersionUID = 0L; + private Object unserializable = null; + + static { + serializableContainerInitializedFlag = true; + } + } + + // We must not serialize an object that has a non-null unserializable field. + public void testSerializeUnserializableField() throws Exception { + SerializableContainer sc = new SerializableContainer(); + sc.unserializable = new WasSerializable(); + try { + SerializationTester.serializeHex(sc); + fail(); + } catch (NotSerializableException expected) { + } + } + + // It must not be possible to deserialize an object if a field is no longer serializable. + public void testDeserializeUnserializableField() throws Exception { + // This was generated by creating a SerializableContainer and setting the unserializable + // field to a WasSerializable when it was still Serializable. A canned serialized form is + // used so we can tell if the static initializers were executed during deserialization. + // SerializableContainer sc = new SerializableContainer(); + // sc.unserializable = new WasSerializable(); + // SerializationTester.serializeHex(sc); + String s = "aced0005737200376c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6e54657" + + "3742453657269616c697a61626c65436f6e7461696e657200000000000000000200014c000e756e7" + + "3657269616c697a61626c657400124c6a6176612f6c616e672f4f626a6563743b7870737200316c6" + + "962636f72652e6a6176612e696f2e53657269616c697a6174696f6e5465737424576173536572696" + + "16c697a61626c65000000000000000002000149000169787000000000"; + + serializableContainerInitializedFlag = false; + wasSerializableInitializedFlag = false; + try { + SerializationTester.deserializeHex(s); + fail(); + } catch (InvalidClassException expected) { + } + // Confirm neither the container nor the contained class was initialized. + assertFalse(serializableContainerInitializedFlag); + assertFalse(wasSerializableInitializedFlag); + } + public void testSerialVersionUidChange() throws Exception { // this was created by serializing a SerialVersionUidChanged with serialVersionUID = 0L String s = "aced0005737200396c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6e54657" @@ -61,6 +156,7 @@ public final class SerializationTest extends TestCase { } } + @SuppressWarnings("unused") // Required for deserialization test static class SerialVersionUidChanged implements Serializable { private static final long serialVersionUID = 1L; // was 0L private int a; @@ -77,7 +173,259 @@ public final class SerializationTest extends TestCase { } } + @SuppressWarnings("unused") // Required for deserialization test static class FieldsChanged implements Serializable { private int b; // was 'a' } + + public static boolean wasSerializableInitializedFlag = false; + + @SuppressWarnings("unused") // Required for deserialization test. + public static class WasSerializable /* implements java.io.Serializable */ { + static final long serialVersionUID = 0L; + static { + SerializationTest.wasSerializableInitializedFlag = true; + } + private int i; + } + + public void testDeserializeWasSerializableClass() throws Exception { + // This was created by serializing a WasSerializable when it was serializable. + // String s = SerializationTester.serializeHex(new WasSerializable()); + final String s = "aced0005737200316c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6" + + "e546573742457617353657269616c697a61626c65000000000000000002000149000169787000000" + + "000"; + + wasSerializableInitializedFlag = false; + try { + SerializationTester.deserializeHex(s); + fail(); + } catch (InvalidClassException expected) { + } + assertFalse(wasSerializableInitializedFlag); + } + + // The WasExternalizable class before it was modified. + /* + public static class WasExternalizable implements Externalizable { + static final long serialVersionUID = 0L; + + @Override + public void readExternal(ObjectInput input) throws IOException, ClassNotFoundException { + + } + + @Override + public void writeExternal(ObjectOutput output) throws IOException { + + } + } + */ + + public static boolean wasExternalizableInitializedFlag = false; + + @SuppressWarnings("unused") // Required for deserialization test + public static class WasExternalizable implements Serializable { + static final long serialVersionUID = 0L; + static { + SerializationTest.wasExternalizableInitializedFlag = true; + } + + } + + public void testDeserializeWasExternalizableClass() throws Exception { + // This was created by serializing a WasExternalizable when it was externalizable. + // String s = SerializationTester.serializeHex(new WasExternalizable()); + final String s = "aced0005737200336c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6" + + "e546573742457617345787465726e616c697a61626c6500000000000000000c0000787078"; + + wasExternalizableInitializedFlag = false; + try { + SerializationTester.deserializeHex(s); + fail(); + } catch (InvalidClassException expected) { + } + // Unlike other similar tests static initialization will take place if the local class is + // Serializable or Externalizable because serialVersionUID field is accessed. + // The RI appears to do the same. + assertTrue(wasExternalizableInitializedFlag); + } + + // The WasEnum class before it was modified. + /* + public enum WasEnum { + VALUE + } + */ + + public static boolean wasEnumInitializedFlag = false; + + @SuppressWarnings("unused") // Required for deserialization test + public static class WasEnum { + static final long serialVersionUID = 0L; + static { + SerializationTest.wasEnumInitializedFlag = true; + } + } + + public void testDeserializeWasEnum() throws Exception { + // This was created by serializing a WasEnum when it was an enum. + // String s = SerializationTester.serializeHex(WasEnum.VALUE); + final String s = "aced00057e7200296c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6" + + "e5465737424576173456e756d00000000000000001200007872000e6a6176612e6c616e672e456e7" + + "56d0000000000000000120000787074000556414c5545"; + + wasEnumInitializedFlag = false; + try { + SerializationTester.deserializeHex(s); + fail(); + } catch (InvalidClassException expected) { + } + assertFalse(wasEnumInitializedFlag); + } + + // The WasObject class before it was modified. + /* + public static class WasObject implements java.io.Serializable { + static final long serialVersionUID = 0L; + private int i; + } + */ + + public static boolean wasObjectInitializedFlag; + + @SuppressWarnings("unused") // Required for deserialization test + public enum WasObject { + VALUE; + + static { + SerializationTest.wasObjectInitializedFlag = true; + } + } + + public void testDeserializeWasObject() throws Exception { + // This was created by serializing a WasObject when it wasn't yet an enum. + // String s = SerializationTester.serializeHex(new WasObject()); + final String s = "aced00057372002b6c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6" + + "e54657374245761734f626a656374000000000000000002000149000169787000000000"; + + wasObjectInitializedFlag = false; + try { + SerializationTester.deserializeHex(s); + fail(); + } catch (InvalidClassException expected) { + } + assertFalse(wasObjectInitializedFlag); + } + + @SuppressWarnings("unused") // Required for deserialization test + public enum EnumMissingValue { + /*MISSING_VALUE*/ + } + + public void testDeserializeEnumMissingValue() throws Exception { + // This was created by serializing a EnumMissingValue when it had MISSING_VALUE. + // String s = SerializationTester.serializeHex(EnumMissingValue.MISSING_VALUE); + final String s = "aced00057e7200326c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6" + + "e5465737424456e756d4d697373696e6756616c756500000000000000001200007872000e6a61766" + + "12e6c616e672e456e756d0000000000000000120000787074000d4d495353494e475f56414c5545"; + + try { + SerializationTester.deserializeHex(s); + fail(); + } catch (InvalidObjectException expected) { + } + } + + + public static Object hasStaticInitializerObject; + + public static class HasStaticInitializer implements Serializable { + static { + SerializationTest.hasStaticInitializerObject = new Object(); + } + } + + public void testDeserializeStaticInitializerIsRunEventually() throws Exception { + // This was created by serializing a HasStaticInitializer + // String s = SerializationTester.serializeHex(new HasStaticInitializer()); + final String s = "aced0005737200366c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6" + + "e5465737424486173537461746963496e697469616c697a6572138aa8ed9e9b660a0200007870"; + + // Confirm the ClassLoader behaves as it should. + Class.forName( + HasStaticInitializer.class.getName(), + false /* shouldInitialize */, + Thread.currentThread().getContextClassLoader()); + assertNull(hasStaticInitializerObject); + + SerializationTester.deserializeHex(s); + + assertNotNull(hasStaticInitializerObject); + } + + @SuppressWarnings("unused") // Required for deserialization test + public static /*interface*/ class WasInterface { + } + + @SuppressWarnings("unused") // Required for deserialization test + public static class SerializableInvocationHandler implements InvocationHandler, Serializable { + @Override + public Object invoke(Object proxy, Method method, Object[] args) { + return null; + } + } + + public void testDeserializeProxyWasInterface() throws Exception { + // This was created by serializing a proxy referencing WasInterface when it was an + // interface. + // Object o = Proxy.newProxyInstance( + // Thread.currentThread().getContextClassLoader(), + // new Class[] { WasInterface.class }, + // new SerializableInvocationHandler()); + // String s = SerializationTester.serializeHex(o); + final String s = "aced0005737d00000001002e6c6962636f72652e6a6176612e696f2e53657269616c697a6" + + "174696f6e5465737424576173496e74657266616365787200176a6176612e6c616e672e7265666c6" + + "563742e50726f7879e127da20cc1043cb0200014c0001687400254c6a6176612f6c616e672f72656" + + "66c6563742f496e766f636174696f6e48616e646c65723b78707372003f6c6962636f72652e6a617" + + "6612e696f2e53657269616c697a6174696f6e546573742453657269616c697a61626c65496e766f6" + + "36174696f6e48616e646c6572e6ceffa2941ee3210200007870"; + try { + SerializationTester.deserializeHex(s); + fail(); + } catch (ClassNotFoundException expected) { + } + } + + @SuppressWarnings("unused") // Required for deserialization test + public static class WasSerializableInvocationHandler + implements InvocationHandler /*, Serializable*/ { + static final long serialVersionUID = 0L; + + @Override + public Object invoke(Object proxy, Method method, Object[] args) { + return null; + } + } + + public void testDeserializeProxyInvocationHandlerWasSerializable() throws Exception { + // This was created by serializing a proxy referencing WasSerializableInvocationHandler when + // it was Serializable. + // Object o = Proxy.newProxyInstance( + // Thread.currentThread().getContextClassLoader(), + // new Class[] { Comparable.class }, + // new WasSerializableInvocationHandler()); + // String s = SerializationTester.serializeHex(o); + final String s = "aced0005737d0000000100146a6176612e6c616e672e436f6d70617261626c65787200176" + + "a6176612e6c616e672e7265666c6563742e50726f7879e127da20cc1043cb0200014c00016874002" + + "54c6a6176612f6c616e672f7265666c6563742f496e766f636174696f6e48616e646c65723b78707" + + "37200426c6962636f72652e6a6176612e696f2e53657269616c697a6174696f6e546573742457617" + + "353657269616c697a61626c65496e766f636174696f6e48616e646c6572000000000000000002000" + + "07870"; + try { + SerializationTester.deserializeHex(s); + fail(); + } catch (InvalidClassException expected) { + } + } } diff --git a/luni/src/test/java/libcore/java/util/jar/StrictJarFileTest.java b/luni/src/test/java/libcore/java/util/jar/StrictJarFileTest.java index 0b194f5..e5a6cd8 100644 --- a/luni/src/test/java/libcore/java/util/jar/StrictJarFileTest.java +++ b/luni/src/test/java/libcore/java/util/jar/StrictJarFileTest.java @@ -122,6 +122,7 @@ public class StrictJarFileTest extends TestCase { jarFile.getInputStream(zipEntry).skip(Long.MAX_VALUE); if ("Test.class".equals(zipEntry.getName())) { assertNotNull(jarFile.getCertificates(zipEntry)); + assertNotNull(jarFile.getCertificateChains(zipEntry)); } } } diff --git a/luni/src/test/java/libcore/javax/net/ssl/DistinguishedNameParserTest.java b/luni/src/test/java/libcore/javax/net/ssl/DistinguishedNameParserTest.java index 723c697..91c596f 100644 --- a/luni/src/test/java/libcore/javax/net/ssl/DistinguishedNameParserTest.java +++ b/luni/src/test/java/libcore/javax/net/ssl/DistinguishedNameParserTest.java @@ -19,38 +19,50 @@ package libcore.javax.net.ssl; import javax.net.ssl.DistinguishedNameParser; import javax.security.auth.x500.X500Principal; import junit.framework.TestCase; +import java.util.Arrays; public final class DistinguishedNameParserTest extends TestCase { - public void testGetFirstCn() { - assertFirstCn("", null); - assertFirstCn("ou=xxx", null); - assertFirstCn("ou=xxx,cn=xxx", "xxx"); - assertFirstCn("ou=xxx+cn=yyy,cn=zzz+cn=abc", "yyy"); - assertFirstCn("cn=a,cn=b", "a"); - assertFirstCn("cn=Cc,cn=Bb,cn=Aa", "Cc"); - assertFirstCn("cn=imap.gmail.com", "imap.gmail.com"); + public void testGetCns() { + assertCns(""); + assertCns("ou=xxx"); + assertCns("ou=xxx,cn=xxx", "xxx"); + assertCns("ou=xxx+cn=yyy,cn=zzz+cn=abc", "yyy", "zzz", "abc"); + assertCns("cn=a,cn=b", "a", "b"); + assertCns("cn=Cc,cn=Bb,cn=Aa", "Cc", "Bb", "Aa"); + assertCns("cn=imap.gmail.com", "imap.gmail.com"); + assertCns("l=\"abcn=a,b\", cn=c", "c"); } - public void testGetFirstCnWithOid() { - assertFirstCn("2.5.4.3=a,ou=xxx", "a"); + public void testGetCnsWithOid() { + assertCns("2.5.4.3=a,ou=xxx", "a"); } - public void testGetFirstCnWithQuotedStrings() { - assertFirstCn("cn=\"\\\" a ,=<>#;\"", "\" a ,=<>#;"); - assertFirstCn("cn=abc\\,def", "abc,def"); + public void testGetCnsWithQuotedStrings() { + assertCns("cn=\"\\\" a ,=<>#;\"", "\" a ,=<>#;"); + assertCns("cn=abc\\,def", "abc,def"); } - public void testGetFirstCnWithUtf8() { - assertFirstCn("cn=Lu\\C4\\8Di\\C4\\87", "\u004c\u0075\u010d\u0069\u0107"); + public void testGetCnsWithUtf8() { + assertCns("cn=Lu\\C4\\8Di\\C4\\87", "\u004c\u0075\u010d\u0069\u0107"); } - public void testGetFirstCnWithWhitespace() { - assertFirstCn("ou=a, cn= a b ,o=x", "a b"); - assertFirstCn("cn=\" a b \" ,o=x", " a b "); + public void testGetCnsWithWhitespace() { + assertCns("ou=a, cn= a b ,o=x", "a b"); + assertCns("cn=\" a b \" ,o=x", " a b "); } - private void assertFirstCn(String dn, String expected) { + private void assertCns(String dn, String... expected) { X500Principal principal = new X500Principal(dn); - assertEquals(dn, expected, new DistinguishedNameParser(principal).findMostSpecific("cn")); + DistinguishedNameParser parser = new DistinguishedNameParser(principal); + + // Test getAllMostSpecificFirst + assertEquals(dn, Arrays.asList(expected), parser.getAllMostSpecificFirst("cn")); + + // Test findMostSpecific + if (expected.length > 0) { + assertEquals(dn, expected[0], parser.findMostSpecific("cn")); + } else { + assertNull(dn, parser.findMostSpecific("cn")); + } } } diff --git a/luni/src/test/java/tests/security/cert/CertificateRevocationExceptionTest.java b/luni/src/test/java/tests/security/cert/CertificateRevocationExceptionTest.java index ba7af7c..c3894f8 100644 --- a/luni/src/test/java/tests/security/cert/CertificateRevocationExceptionTest.java +++ b/luni/src/test/java/tests/security/cert/CertificateRevocationExceptionTest.java @@ -41,7 +41,7 @@ public class CertificateRevocationExceptionTest extends TestCase implements Seri extensions.put("2.5.29.21", getReasonExtension()); extensions.put("2.5.29.24", getInvalidityExtension()); return new CertificateRevokedException( - new Date(108, 0, 1, 14, 34, 11), + new Date(1199226851000L), CRLReason.CESSATION_OF_OPERATION, new X500Principal("CN=test1"), extensions); diff --git a/support/src/test/java/tests/resources/hyts_signed_ambiguousSignerArray.jar b/support/src/test/java/tests/resources/hyts_signed_ambiguousSignerArray.jar Binary files differnew file mode 100644 index 0000000..7da4b59 --- /dev/null +++ b/support/src/test/java/tests/resources/hyts_signed_ambiguousSignerArray.jar diff --git a/support/src/test/java/tests/resources/hyts_signed_invalidChain.jar b/support/src/test/java/tests/resources/hyts_signed_invalidChain.jar Binary files differnew file mode 100644 index 0000000..23d7ae8 --- /dev/null +++ b/support/src/test/java/tests/resources/hyts_signed_invalidChain.jar diff --git a/support/src/test/java/tests/resources/hyts_signed_validChain.jar b/support/src/test/java/tests/resources/hyts_signed_validChain.jar Binary files differnew file mode 100644 index 0000000..d1f4c56 --- /dev/null +++ b/support/src/test/java/tests/resources/hyts_signed_validChain.jar |