| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cipher should check that the chosen CipherSpi actually supports
initalization with the given parameters. If not, it should return the
first exception that it ran into so that the developer can have an idea
of why the initialization failed. This is most likely do to unsupported
key or algorithm parameters.
Collapse some functions into one so it's easier to keep track of the
exception that should be thrown should all else fail. Also since we try
to initialize during the CipherSpi selection, there is no need to
initialize the returned CipherSpi again.
Also remove an instanceof check to be in line with other implementations
that just throw a ClassCastException since we now will try other
providers before falling back to throwing the unchecked exception. This
might actually provide better debug messages for a developer working on
a CipherSpi provider.
(cherry picked from commit f591462f7901011b2bce61c3cbbdc54840e5b4bc)
Bug: 22573249
Change-Id: Ieec97a8f00e9c0c3889520a3ec9f8bc4e514b35a
|
| |
|
|
|
|
|
|
|
|
|
| |
before throwing InvalidKeyException
Also, return saved spi in getSpi instead of recomputing a new one
Bug: 22208820
(cherry picked from commit 8157603ccf1ff124c5bebc8755404a9a825f47d3)
Change-Id: I30a06ef7d9234769b5592a0c7d665c8afa2a8ff8
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In java.security javax.crypto and java.security classes with
late binding, when guessing the provider and none of the
available ones supports the specified key
Bug: 18987633
(cherry pick from e38b83dd96281d178b01476b67d354655bf2de62)
Change-Id: I5931046e9044984baf724157138bf3a7c7ef5e90
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 050e672aaaaa8f8c57788e8d551f43c5fbffe339.
The users of public getSpi have been migrated to getCurrentSpi
introduced in 5d15925a79b8beddfafa8de2ede7fff360a386cb.
(cherry-picked from commit c52bf74f7e53b9f58bbeb29f4d248e7dba7d15ce)
Bug: 18088752
Change-Id: Ied72c8a62a49d9fba8b7bc2d3ef2e30da7daa6e4
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
050e672aaaaa8f8c57788e8d551f43c5fbffe339 exposed the existing getSpi
method of Cipher, Signature, Mac, and KeyAgreement as hidden API.
Unfortunately, the getSpi method creates an SPI instance if one is
not yet set. This changes the state of the crypto operation and does
does not lend itself well to being used for read-only querying of
the SPI from a crypto operation.
This CL addresses the issue by adding a getCurrentSpi hidden API to
these crypto operations. getCurrentSpi simply returns the current SPI
instance, if any, and does not modify the state of the crypto
operation.
A follow-up CL will revert 050e672aaaaa8f8c57788e8d551f43c5fbffe339
which will no longer be needed. This is not reverted here to avoid
breaking the build.
(cherry-picked from commit 5d15925a79b8beddfafa8de2ede7fff360a386cb)
Bug: 18088752
Change-Id: I8de4c121c9a395b3687b173d0bba4e1931ebf958
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes it possible for platform code to obtain the current SPI
implementation of Cipher, Signature, Mac, and KeyAgreement instances.
The current use case is to access additional information about these
crypto operations when they are backed by Android KeyStore.
NOTE: The getSpi API will not and cannot become public framework API.
Bug: 18088752
Change-Id: If575726d288eebc73ffa3209c316fad071a087fd
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| | |
Change-Id: I7a5c8095e98f1449fb4efc98061c488fd0b573e2
|
| |/
|
|
|
|
|
|
|
|
| |
If a Provider is specified in a call to Signature#getInstance,
Cipher#getInstance, KeyAgreement#getInstance, or Mac#getInstance,
it should return that provider no matter if the properties on that
provider say it should support it.
Bug: 19730263
Change-Id: I56045e4cb470a0e1aa0e108a443e04043467c475
|
| |
|
|
|
|
|
|
|
| |
Cipher.update(byte[], int, int inputLen) is supposed to return null
when inputLen is zero. This CL makes it so. Prior to this CL, this
method returned an empty byte array.
Bug: 19100173
Change-Id: I5698f11f76a17dd8fc2509be5d8ec9369a888eaf
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Thanks to apphelia@ for the report.
The readObject() implementation had hardcoded the
field order incorrectly leading to a couple of
fields being swapped on each serialization:
paramsAlg and sealAlg. This was wrong as far back
as 2009 so the class has likely never worked for
its intended purpose. Field order during
Serialization is primitives first, then fields.
Secondary ordering is alphabetical.
The purpose of overriding readObject() at all is for
safety in the event of compromised stream data.
It would be more appropriate to clone() rather than
readUnshared(). readUnshared() assumes a
corresponding writeUnshared(), which is not present.
The readUnshared() probably only works here because
the byte[] arrays typically are not shared anyway.
From reading latest guidelines on safe serialization
the code need not be order-specific: it can use
readFields(). s.defaultReadObject() could have been
used instead but the guidelines recommend against.
Performance is probably not a concern.
Until now nobody could have been using SealedObject
for its intended purpose otherwise they would have
noticed this bug (or they were always serializing /
deserializing an even number of times!).
Anybody attempting to use SealedObject on earlier
versions of Android will need to serialize /
deserialize twice to avoid the bug. After this fix
the class will work as intended.
Additional:
Some duplicated code has been extracted into methods,
and streams are now closed when they are finished
with. In reality this will have no effect
given the stream implementations involved.
Bug: https://code.google.com/p/android/issues/detail?id=73235
Change-Id: If745d6556437ae7839543e66dd15f912afd4ec98
|
| |
|
|
|
|
|
| |
NullCipher is a special case that needs to never reset its spiImpl
Bug: 12971024
Change-Id: I0e1e4a6525808959e068810c3a8c239baacf8a95
|
| |
|
|
|
|
|
|
| |
This adds support for late binding (or delayed selection) to the
Signature class. This allows the selection of the KeyAgreementSpi based
on what kind of Key class is used to init(...)
Change-Id: I8a14ac138e09d5bf2b925b5fa288c9adab540b76
|
| |
|
|
|
|
|
|
| |
This adds support for late binding (or delayed selection) to the
Signature class. This allows the selection of the KeyAgreementSpi based
on what kind of Key class is used to init(...)
Change-Id: I7012e188cf1daf3e7e74b424de80e3ea44cb9ab4
|
| |
|
|
|
|
|
|
| |
The Sun PKCS#11 document says that calling initialization with different
keys causes a new provider and service will be chosen. Currently the RI
fails these tests, but it seems like the correct thing to do.
Change-Id: Ie40d8ef5f0996477e157ffbc0d9f145448df3df1
|
| |
|
|
|
|
|
| |
Refactoring led to the tool changing "continue;" into "return sap;"
which will give you an invalid configuration.
Change-Id: I4b1a3b3fc9ffdf489739b4a1ef65276ca021f1f6
|
| |
|
|
|
|
|
| |
If a Provider instance is supplied, it will be asked directly to satisfy
the request. Make that clear in the documentation.
Change-Id: I06b945a540b99db970b96a37e312f1e0fae93bf9
|
| |
|
|
|
|
|
|
| |
If a program supplies a Provider object, it should be used instead of
looking at the registered providers.
Bug: 12890254
Change-Id: Ia4d1ac88a1ed20ab6ad6a11d2d5f53ee51310544
|
| |
|
|
|
|
|
| |
This increases speed of CipherInputStreamBenchmark from 606ms to 28.5ms.
Bug: 12246774
Change-Id: If61c0a055fe1b8e87909711b15d0441fcdbe46c7
|
| |
|
|
|
|
|
|
|
| |
This enables late binding support for Cipher algorithms. It will now pay
attention to SupportedKeyClasses and SupportedKeyFormats after the
Cipher#init(...) is called on the instance instead of selecting the
provider when Cipher#getInstance(...) creates the instance.
Change-Id: I27802f1f8b96d81dd2a269741d080dbe68232c9f
|
| |
|
|
|
|
|
| |
Duplicated words in the doc.
Change-Id: Ic400197781f1dea114e3755dc630c8dc58696fc2
Signed-off-by: Xizhi Zhu <xizhi.zhu@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
EVP_DecryptFinal_ex can have an error on the wrong block length at the
end of a decrypted block, so throw IllegalBlockSizeException when that
happens instead of a RuntimeException.
Bug: 10610957
Bug: https://code.google.com/p/android/issues/detail?id=58396
Change-Id: I70ea040c3b52fc30591963270850871a8cc581d3
|
| |
|
|
|
|
|
| |
This allows the tests to pass on the RI and Dalvik by ordering the
exceptions in the same way.
Change-Id: Icb5a313f86c90ed8f1d703b5cb996783ca3a214b
|
| |
|
|
|
|
|
|
|
| |
New classes in Java 7 for Authenicated Encryption with Additional Data
(AEAD). This allows the use of encryption modes such as Galois/Counter
Mode with performs the equivalent of MAC and encryption simultaneously
and consequently makes encryption safer to use for implementors.
Change-Id: I6302826b096044ade5f62a667dc240e3ab07b351
|
| |
|
|
| |
Change-Id: I51667af9b054afe202d98474e219f04eb5267370
|
| |
|
|
|
|
|
| |
Semi-automated replacement of empty and non-conforming
NullPointerException reason messages.
Change-Id: Iedeb4b21949e973c4042ce5982dda315f2e785e1
|
| |\
| |
| |
| | |
Change-Id: Ic2651c490850fffa1efb2db9c51e0a45a4c02f7a
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Using readUnshared on the byte[]s seems like a reasonable security precaution.
Using readUnshared on the algorithm Strings is just plain wrong.
Bug: http://code.google.com/p/android/issues/detail?id=4834
Change-Id: I73d32a14521de62ce9e19871fd30b619cf3ff6eb
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 6b3f9499cf6647263b51741e4187a26a54500072.
Bug: 6523748
Bug: 6478569
Change-Id: Ic422e5fa320995600bdae7a42816652e16b8728b
|
| | |
| |
| |
| | |
This reverts commit 4dda1fc15343339bd075860ce650bb744db3fbf2.
|
| |/
|
|
|
| |
Bug: 6478569
Change-Id: I214a9b701d9fbe71be3681298d8c49172bc2f85f
|
| |
|
|
|
| |
Bug: 5205819
Change-Id: I06af9d59485126579266af062c3a81a8ac36b1f5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the CA certs stored in the BKS KeyStore at
/system/etc/security/cacerts.bks was loaded in the Zygote. As the the
number of CAs are started to increase, this is causing more and more
memory to be used for rarely used CAs. The new AndroidCAStore KeyStore
implementation reads the CAs as needed out of individual PEM
certificate files. The files can be efficiently found because they are
named based on a hash CA's subject name, similar to OpenSSL.
Bug: 1109242
Details:
build
Removing old cacerts.bks from GRANDFATHERED_ALL_PREBUILT and
adding new cacerts directory to core PRODUCT_PACKAGES
core/legacy_prebuilts.mk
target/product/core.mk
libcore
cacerts build changes. Move cacerts prebuilt logic to new
CaCerts.mk from NativeCode.mk where it didn't make sense. Updated
Android.mk's dalvik-host target to install new cacerts files.
Android.mk
CaCerts.mk
NativeCode.mk
Remove old cacerts.bks and add remove certimport.sh script used to
generate it. Preserved the useful comments from certimport.sh in
the new README.cacerts
luni/src/main/files/cacerts.bks
luni/src/main/files/certimport.sh
luni/src/main/files/README.cacerts
Recanonicalize cacerts files using updated vendor/google/tools/cacerts/certimport.py
(See below discussion of certimport.py changes for details)
luni/src/main/files/cacerts/00673b5b.0
luni/src/main/files/cacerts/03e16f6c.0
luni/src/main/files/cacerts/08aef7bb.0
luni/src/main/files/cacerts/0d188d89.0
luni/src/main/files/cacerts/10531352.0
luni/src/main/files/cacerts/111e6273.0
luni/src/main/files/cacerts/1155c94b.0
luni/src/main/files/cacerts/119afc2e.0
luni/src/main/files/cacerts/11a09b38.0
luni/src/main/files/cacerts/12d55845.0
luni/src/main/files/cacerts/17b51fe6.0
luni/src/main/files/cacerts/1920cacb.0
luni/src/main/files/cacerts/1dac3003.0
luni/src/main/files/cacerts/1dbdda5b.0
luni/src/main/files/cacerts/1dcd6f4c.0
luni/src/main/files/cacerts/1df5ec47.0
luni/src/main/files/cacerts/1e8e7201.0
luni/src/main/files/cacerts/1eb37bdf.0
luni/src/main/files/cacerts/219d9499.0
luni/src/main/files/cacerts/23f4c490.0
luni/src/main/files/cacerts/27af790d.0
luni/src/main/files/cacerts/2afc57aa.0
luni/src/main/files/cacerts/2e8714cb.0
luni/src/main/files/cacerts/2fa87019.0
luni/src/main/files/cacerts/2fb1850a.0
luni/src/main/files/cacerts/33815e15.0
luni/src/main/files/cacerts/343eb6cb.0
luni/src/main/files/cacerts/399e7759.0
luni/src/main/files/cacerts/3a3b02ce.0
luni/src/main/files/cacerts/3ad48a91.0
luni/src/main/files/cacerts/3c58f906.0
luni/src/main/files/cacerts/3c860d51.0
luni/src/main/files/cacerts/3d441de8.0
luni/src/main/files/cacerts/3e7271e8.0
luni/src/main/files/cacerts/418595b9.0
luni/src/main/files/cacerts/455f1b52.0
luni/src/main/files/cacerts/46b2fd3b.0
luni/src/main/files/cacerts/48478734.0
luni/src/main/files/cacerts/4d654d1d.0
luni/src/main/files/cacerts/4e18c148.0
luni/src/main/files/cacerts/4fbd6bfa.0
luni/src/main/files/cacerts/5021a0a2.0
luni/src/main/files/cacerts/5046c355.0
luni/src/main/files/cacerts/524d9b43.0
luni/src/main/files/cacerts/56b8a0b6.0
luni/src/main/files/cacerts/57692373.0
luni/src/main/files/cacerts/58a44af1.0
luni/src/main/files/cacerts/594f1775.0
luni/src/main/files/cacerts/5a3f0ff8.0
luni/src/main/files/cacerts/5a5372fc.0
luni/src/main/files/cacerts/5cf9d536.0
luni/src/main/files/cacerts/5e4e69e7.0
luni/src/main/files/cacerts/60afe812.0
luni/src/main/files/cacerts/635ccfd5.0
luni/src/main/files/cacerts/67495436.0
luni/src/main/files/cacerts/69105f4f.0
luni/src/main/files/cacerts/6adf0799.0
luni/src/main/files/cacerts/6e8bf996.0
luni/src/main/files/cacerts/6fcc125d.0
luni/src/main/files/cacerts/72f369af.0
luni/src/main/files/cacerts/72fa7371.0
luni/src/main/files/cacerts/74c26bd0.0
luni/src/main/files/cacerts/75680d2e.0
luni/src/main/files/cacerts/7651b327.0
luni/src/main/files/cacerts/76579174.0
luni/src/main/files/cacerts/7999be0d.0
luni/src/main/files/cacerts/7a481e66.0
luni/src/main/files/cacerts/7a819ef2.0
luni/src/main/files/cacerts/7d3cd826.0
luni/src/main/files/cacerts/7d453d8f.0
luni/src/main/files/cacerts/81b9768f.0
luni/src/main/files/cacerts/8470719d.0
luni/src/main/files/cacerts/84cba82f.0
luni/src/main/files/cacerts/85cde254.0
luni/src/main/files/cacerts/86212b19.0
luni/src/main/files/cacerts/87753b0d.0
luni/src/main/files/cacerts/882de061.0
luni/src/main/files/cacerts/895cad1a.0
luni/src/main/files/cacerts/89c02a45.0
luni/src/main/files/cacerts/8f7b96c4.0
luni/src/main/files/cacerts/9339512a.0
luni/src/main/files/cacerts/9685a493.0
luni/src/main/files/cacerts/9772ca32.0
luni/src/main/files/cacerts/9d6523ce.0
luni/src/main/files/cacerts/9dbefe7b.0
luni/src/main/files/cacerts/9f533518.0
luni/src/main/files/cacerts/a0bc6fbb.0
luni/src/main/files/cacerts/a15b3b6b.0
luni/src/main/files/cacerts/a3896b44.0
luni/src/main/files/cacerts/a7605362.0
luni/src/main/files/cacerts/a7d2cf64.0
luni/src/main/files/cacerts/ab5346f4.0
luni/src/main/files/cacerts/add67345.0
luni/src/main/files/cacerts/b0f3e76e.0
luni/src/main/files/cacerts/bc3f2570.0
luni/src/main/files/cacerts/bcdd5959.0
luni/src/main/files/cacerts/bda4cc84.0
luni/src/main/files/cacerts/bdacca6f.0
luni/src/main/files/cacerts/bf64f35b.0
luni/src/main/files/cacerts/c0cafbd2.0
luni/src/main/files/cacerts/c215bc69.0
luni/src/main/files/cacerts/c33a80d4.0
luni/src/main/files/cacerts/c527e4ab.0
luni/src/main/files/cacerts/c7e2a638.0
luni/src/main/files/cacerts/c8763593.0
luni/src/main/files/cacerts/ccc52f49.0
luni/src/main/files/cacerts/cdaebb72.0
luni/src/main/files/cacerts/cf701eeb.0
luni/src/main/files/cacerts/d16a5865.0
luni/src/main/files/cacerts/d537fba6.0
luni/src/main/files/cacerts/d64f06f3.0
luni/src/main/files/cacerts/d777342d.0
luni/src/main/files/cacerts/d8274e24.0
luni/src/main/files/cacerts/dbc54cab.0
luni/src/main/files/cacerts/ddc328ff.0
luni/src/main/files/cacerts/e48193cf.0
luni/src/main/files/cacerts/e60bf0c0.0
luni/src/main/files/cacerts/e775ed2d.0
luni/src/main/files/cacerts/e7b8d656.0
luni/src/main/files/cacerts/e8651083.0
luni/src/main/files/cacerts/ea169617.0
luni/src/main/files/cacerts/eb375c3e.0
luni/src/main/files/cacerts/ed049835.0
luni/src/main/files/cacerts/ed524cf5.0
luni/src/main/files/cacerts/ee7cd6fb.0
luni/src/main/files/cacerts/f4996e82.0
luni/src/main/files/cacerts/f58a60fe.0
luni/src/main/files/cacerts/f61bff45.0
luni/src/main/files/cacerts/f80cc7f6.0
luni/src/main/files/cacerts/fac084d7.0
luni/src/main/files/cacerts/facacbc6.0
luni/src/main/files/cacerts/fde84897.0
luni/src/main/files/cacerts/ff783690.0
Change IntegralToString.intToHexString to take width argument to
allow for leading zero padding. Updated existing callers to
specify 0 padding desired. Add testing of new padding
functionality.
luni/src/main/java/java/lang/Character.java
luni/src/main/java/java/lang/Integer.java
luni/src/main/java/java/lang/IntegralToString.java
luni/src/test/java/libcore/java/lang/IntegralToStringTest.java
Improved to throw Exceptions with proper causes
luni/src/main/java/java/security/KeyStore.java
luni/src/main/java/java/security/Policy.java
luni/src/main/java/java/security/cert/CertificateFactory.java
luni/src/main/java/javax/crypto/Cipher.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java
Indentation fixes
luni/src/main/java/java/security/SecureRandom.java
Fix X509CRLSelector.getIssuerNames to clone result and added test to cover this.
luni/src/main/java/java/security/cert/X509CRLSelector.java
luni/src/test/java/libcore/java/security/cert/X509CRLSelectorTest.java
Fixed bug where we created an X500Principal via a String
representation instead of from its original encoded bytes. This
led to a difficult to track down bug where CA 418595b9.0 where the
NativeCode.X509_NAME_hash of a Harmony (but not BouncyCastle)
X509Certificate would not hash to the expected value because the
encoded form used an ASN.1 PrintableString instead of the
UTF8String form found in the original certificate.
luni/src/main/java/org/apache/harmony/security/x501/Name.java
Add a new RootKeyStoreSpi and register it as the
AndroidCAStore. This new read-only KeyStore implementation that
looks for certificates in $ANDROID_ROOT/etc/security/cacerts/
directory, which is /system/etc/security/cacerts/ on devices. The
files are stored in the directory based on the older md5 based
OpenSSL X509_NAME_hash function (now referred to as
X509_NAME_hash_old in OpenSSL 1.0)
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java
Added OpenSSL compatible X509_NAME_hash and X509_NAME_hash_old
functions for producting an int hash value from an X500Principal.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
Changed TrustManagerFactoryImpl to use AndroidCAStore for its default KeyStore
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerFactoryImpl.java
Changed TrustManagerImpl to be AndroidCAStore aware. If it detects
an AndroidCAStore, it avoids generating the acceptedIssuers array
at constructions, since doing so would force us to parse all
certificates in the store and the value is only typically used by
SSLServerSockets when requesting a client certifcate. Because we
don't load all the trusted CAs into the IndexedPKIXParameters at
startup in the case of AndroidCAStore, we now check for new CAs
when examining the cert chain for unnecessary TrustAnchors and for
a newly discovered issuer at the end of the chain before
validation.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
Updated KeyStoreTest to cope with read only KeyStore. Update
test_cacerts_bks (now renamed test_cacerts) to use the
AndroidCAStore for validating system CA certificate
validity. Register AndroidCAStore as an expected KeyStore type
with StandardNames.
luni/src/test/java/libcore/java/security/KeyStoreTest.java
support/src/test/java/libcore/java/security/StandardNames.java
Added test of X500Principal serialization while investigating Name
encoding issue. However, the actual Name bug was found and
verified by the new test_cacerts test.
luni/src/test/java/libcore/javax/security/auth/x500/X500PrincipalTest.java
vendor/google
Change canonical format for checked in cacerts to have PEM
certificate at the top, as required by Harmony's X.509
CertificateFactory.
tools/cacerts/certimport.py
Change-Id: If0c9de430f13babb07f96a1177897c536f3db08d
|
| |
|
|
| |
Change-Id: I00106a51a32ea84a39256d5629369170b892a039
|
| |
|
|
|
|
|
|
|
|
|
|
| |
OutputStream.write(byte[]).
For the particular stream in the bug, the useless override assumes that the
implementation of read(byte[], int, int) or write(byte[], int, int) doesn't
do anything special. A dangerous and non-local assumption. (In the bug, we
need to change the three-argument write.)
Bug: http://code.google.com/p/android/issues/detail?id=15304
Change-Id: I915d4a2e20c98f8e7f5775b555ae77d496a535d0
|
| |
|
|
| |
Change-Id: I4473a6efc74a49dd3b480a48d4c697fc773e08f8
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Only the ChunkHandler and ZoneInfo ones were real bugs. The former is only
called with one input value that doesn't exercise the bug, and the latter
would cause us to think that a time zone that stopped using daylight time
before 1970 was still using daylight time (which would defeat various
optimizations, but should otherwise be harmless).
The other stuff is trivia not worth individual changes.
Change-Id: Ib0752560cd16edc6538d1fc2b234451a66d48171
|
| |\
| |
| |
| | |
Change-Id: Ic6f0172767d6feedb188d3a5e7488a67702ef8c4
|
| | |
| |
| |
| | |
Change-Id: I2340a9dbad3561fa681a8ab47d4f406e72c913e3
|
| | |
| |
| |
| |
| | |
Bug: 3387688
Change-Id: Icd551df2cafd256e49fb92d12d7cb381479d841d
|
| |\ \
| |/
| |
| |
| |
| |
| | |
implements RFC 3280 key usage validation" into honeycomb
* commit 'c9b49a596250a4c21871afcf623e59bd4049e175':
Cipher.init incorrectly implements RFC 3280 key usage validation
|
| | |
| |
| |
| |
| |
| | |
Issue: http://code.google.com/p/android/issues/detail?id=12955
Bug: 3381582
Change-Id: Ida63c1356634c8e287ce5b0234418a656dffedf0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I've changed useful ones to regular comments or TODOs, as appropriate.
I've left ones in code like java.util.concurrent where we really are
tracking an upstream source, making the change markers useful.
I've left a handful of others where I intend to actually investigate
the implied TODOs before deciding how to resolve them.
Change-Id: Iaf71059b818596351cf8ee5a3cf3c85586051fa6
|
| |/
|
|
|
|
|
| |
I've left a handful that actually make some use of it, in classes we
don't care about anyway (XML preferences and the like).
Change-Id: I754262ee600d8a16046b537a6d6258db849db89b
|
| |
|
|
|
|
|
|
| |
There are a handful of manual range-checkers left, thanks to specified
API that throws IllegalArgumentException instead, and a few other weird
cases.
Change-Id: I80914c2257288fc184100545aff4fd6f57bf32c9
|
| |
|
|
|
| |
Bug: 3166662
Change-Id: I151de373b2bf53786d19824336fa434c02b0b0e8
|
| |\
| |
| |
| |
| |
| |
| |
| |
| | |
error prone"
Merge commit '8ae047f5329f8bc216e3fe377c068fd8457966f4' into dalvik-dev
* commit '8ae047f5329f8bc216e3fe377c068fd8457966f4':
Change Engine.getInstance interfaces to make usage less error prone
|
| | |
| |
| |
| | |
Change-Id: I4c58c95ab4216b52aa8af4fbce7a8d7f4860c2b7
|
| |\ \
| |/
| |
| |
| |
| |
| | |
Merge commit '0a480846a9798c763b088a122ab0dcd3dc3a17b6' into dalvik-dev
* commit '0a480846a9798c763b088a122ab0dcd3dc3a17b6':
Remove Engine.spi memory leak by clearing after access
|
