| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Semi-automated replacement of empty and non-conforming
NullPointerException reason messages.
Change-Id: Iedeb4b21949e973c4042ce5982dda315f2e785e1
|
| |
|
|
| |
Change-Id: I2de9c90823a369b9fcef595219fa68c4c61fd5b6
|
| |
|
|
|
|
|
| |
There's probably still more stuff lying around that isn't useful,
but this was all I had time for on this particular Friday afternoon...
Change-Id: I69593f6c9ab5534d581c703cc85a9766ba8e40e5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
TrustManager (2 of 6)
frameworks/base
Adding IKeyChainService APIs for CertInstaller and Settings use
keystore/java/android/security/IKeyChainService.aidl
libcore
Improve exceptions to include more information
luni/src/main/java/javax/security/auth/x500/X500Principal.java
Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods.
Added support for adding user CAs in a separate directory for system.
Added support for removing system CAs by placing a copy in a sytem directory
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java
Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash
to make sure the implementing algorithms doe not change since
TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL
changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to
1.0.0)
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Extensive test of new TrustedCertificateStore behavior
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java
TestKeyStore improvements
- Refactored TestKeyStore to provide simpler createCA method (and
internal createCertificate)
- Cleaned up to remove use of BouncyCastle specific X509Principal
in the TestKeyStore API when the public X500Principal would do.
- Cleaned up TestKeyStore support methods to not throw Exception
to remove need for static blocks for catch clauses in tests.
support/src/test/java/libcore/java/security/TestKeyStore.java
luni/src/test/java/libcore/java/security/KeyStoreTest.java
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Added private PKIXParameters contructor for use by
IndexedPKIXParameters to avoid wart of having to lookup and pass
a TrustAnchor to satisfy the super-class sanity check.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java
luni/src/main/java/java/security/cert/PKIXParameters.java
packages/apps/CertInstaller
Change CertInstaller to call IKeyChainService.installCertificate
for CA certs to pass them to the KeyChainServiceTest which will
make them available to all apps through the
TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask.
src/com/android/certinstaller/CertInstaller.java
Added installCaCertsToKeyChain and hasCaCerts accessor for use by
CertInstaller. Use hasUserCertificate() internally. Cleanup coding
style.
src/com/android/certinstaller/CredentialHelper.java
packages/apps/KeyChain
Added MANAGE_ACCOUNTS so that IKeyChainService.reset
implementation can remove KeyChain accounts.
AndroidManifest.xml
Implement new IKeyChainService methods:
- Added IKeyChainService.installCaCertificate to install certs
provided by CertInstaller using the TrustedCertificateStore.
- Added IKeyChainService.reset to allow Settings to remove the
KeyChain accounts so that any app granted access to keystore
credentials are revoked when the keystore is reset.
src/com/android/keychain/KeyChainService.java
packages/apps/Settings
Changed com.android.credentials.RESET credential reset action to
also call IKeyChainService.reset to remove any installed user CAs
and remove KeyChain accounts to have AccountManager revoke
credential granted to private keys removed during the RESET.
src/com/android/settings/CredentialStorage.java
Added toast text value for failure case
res/values/strings.xml
system/core
Have init create world readable /data/misc/keychain to allow apps
to access user added CA certificates installed by the CertInstaller.
rootdir/init.rc
Change-Id: Ief57672eea38b3eece23b14c94dedb9ea4713744
|
| |
|
|
|
|
|
|
|
| |
There's quite a large corresponding change to InetAddress, plus I've changed
the documentation for all the Permission classes to match the handful that
we'd already documented as legacy cruft.
Bug: http://b/3107501
Change-Id: Ia67aba79f0ab13e64085bd4a2df20ad0776bcc5b
|
| |
|
|
|
|
| |
I've left one in java.util.concurrent, since we have an upstream there.
Change-Id: I60945e48a41433fc7eaef6086433ec4bf434097f
|
| |
|
|
|
|
|
| |
"The equals(Object o) method shouldn't make any assumptions about the type
of o. It should simply return false if o is not the same type as this."
Change-Id: Ib16eb57e8876ec117634b4c9b069a4dccc61c657
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
problems in Turkey.
Some callers should be replaced with equalsIgnoreCase instead.
The one exception is StreamTokenizer, where the RI uses the default
locale, which is arguably the right thing to do. No-one cares because
that's legacy API, but I've added a test anyway.
I've left HttpCookie and GeneralName for my co-conspirators because the
appropriate resolutions aren't as obvious there...
Bug: 3325637
Change-Id: Ia37a1caaa91b11763ae43e61e445adb45c30f793
|
| |
|
|
|
|
|
|
|
|
| |
This change removes all the code that was calling getSecurityManager, and
removes all use of AccessController.doPrivileged. It also changes the
implementation of AccessController so it doesn't actually do anything; it's
only there for source-level compatibility.
Bug: 2585285
Change-Id: I1f0295a4f12bce0316d8073011d8593fee116f71
|
| |
|
|
|
|
| |
I've left xalan alone, because that's just one big steaming heap.
Change-Id: Ibf7b2b5e347196d4de857217b022003ccc409ac5
|
| |
|
|
|
|
|
| |
This addresses some problems with generic type signatures (missing <?>)
and new factory methods for XML factory classes.
Change-Id: I9cd886e38b8bc9d495ae4e5ed70f71f27ac3f0cc
|
| |
|
|
|
|
|
|
|
|
| |
Highlights:
code was moved from SSLContextImpl to its superclass.
took X500Principal code from Harmony
Tested with Harmony's tests.api.javax.security.auth.x500.X500PrincipalTest.
Change-Id: I89b46d4b47e692a5461916cca972e05de95f3280
|
| |
|
|
| |
Change-Id: I88eba4180e66d328c23a266f133b96d53cf62d40
|
| |
|
|
|
|
| |
Gentlemen, you may now set your editors to "strip trailing whitespace"...
Change-Id: I85b2f6c80e5fbef1af6cab11789790b078c11b1b
|
| |
|
|
|
|
|
|
| |
Mostly done by perl(1), with manual cleanup of the few misspelled instances.
This makes our trailing whitespace slightly worse, but I'll fix all that with
a follow-on change.
Change-Id: I0b4ca98819be6f9519c4ba980d759bd1ee1a0303
|
| |
|
