summaryrefslogtreecommitdiffstats
path: root/luni/src/main/java/javax
Commit message (Collapse)AuthorAgeFilesLines
...
* | Remove XML package.html files.Elliott Hughes2012-10-1110-892/+0
|/ | | | | Bug: http://code.google.com/p/android/issues/detail?id=7395 Change-Id: Id769856bdbdca864ccc2818e3609fe5ca00da2b2
* Fix typos from "beed" to "been"Brian Carlstrom2012-10-112-3/+3
| | | | | Bug: http://code.google.com/p/android/issues/detail?id=38366 Change-Id: I44c647843e66a57bcbeabad41ec3142faaa1848e
* Add consistent reasons for NullPointerExceptionKenny Root2012-09-1425-79/+97
| | | | | | | | | Semi-automated replacement of empty and non-conforming NullPointerException reason messages. (cherry-pick of 86acc043d3334651ee26c65467d78d6cefedd397.) Change-Id: I6d893979f5c20a50e841e32af9fd7b2d8bc9d54d
* Remove more cruft.Elliott Hughes2012-08-011-2/+0
| | | | | | | | Unused imports and bogus comments. (cherry-pick of 9af8c0318fac8bf03ee145da01b0c38a503791fc.) Change-Id: I2bddb32028b71964407e86c4dbef5516673c27eb
* Merge from AOSPJean-Baptiste Queru2012-07-091-12/+18
|\ | | | | | | Change-Id: Ic2651c490850fffa1efb2db9c51e0a45a4c02f7a
| * Fix SealedObject.readObject.Elliott Hughes2012-07-091-12/+18
| | | | | | | | | | | | | | | | Using readUnshared on the byte[]s seems like a reasonable security precaution. Using readUnshared on the algorithm Strings is just plain wrong. Bug: http://code.google.com/p/android/issues/detail?id=4834 Change-Id: I73d32a14521de62ce9e19871fd30b619cf3ff6eb
* | am 1f52ec62: Merge "Fix xpath documentation bug."Elliott Hughes2012-07-031-1/+1
|\ \ | |/ | | | | | | * commit '1f52ec627a9b45b83a094c14f75a58edd47e82a6': Fix xpath documentation bug.
| * Fix xpath documentation bug.Elliott Hughes2012-06-291-1/+1
| | | | | | | | | | Bug: http://code.google.com/p/android/issues/detail?id=26168 Change-Id: Ib6f8b84d174fa884b0eace0305331c7b58e6166a
* | Revert "Revert "Cut down on object allocation in CipherInputStream""Brian Carlstrom2012-05-212-32/+42
| | | | | | | | | | | | | | | | This reverts commit 6b3f9499cf6647263b51741e4187a26a54500072. Bug: 6523748 Bug: 6478569 Change-Id: Ic422e5fa320995600bdae7a42816652e16b8728b
* | Revert "Cut down on object allocation in CipherInputStream"Brian Carlstrom2012-05-202-38/+33
| | | | | | | | This reverts commit 4dda1fc15343339bd075860ce650bb744db3fbf2.
* | Cut down on object allocation in CipherInputStreamBrian Carlstrom2012-05-172-33/+38
| | | | | | | | | | Bug: 6478569 Change-Id: I214a9b701d9fbe71be3681298d8c49172bc2f85f
* | javax.net.ssl javadoc cleanupBrian Carlstrom2012-05-092-10/+14
| | | | | | | | Change-Id: I8b64831a5f0a160c167eaf3e4bf2dd81fe265f5f
* | Use lenient wildcard matching for *.clients.google.com.Brian Carlstrom2012-01-231-2/+2
| | | | | | | | | | | | | | | | This is an unfortunate workaround until we fix our hostname/cert misconfiguration. Bug: http://b/5426333 Change-Id: Ie855d55131412fa96d8b28eca469d1276d96a776
* | Use lenient wildcard matching for android.clients.google.com.Jesse Wilson2012-01-031-1/+4
| | | | | | | | | | | | | | | | This is an unfortunate workaround until we fix our hostname/cert misconfiguration. Bug: http://b/5426333 Change-Id: Id2eddeec5dfa5ef6d2a4125fadbcf7b0e982904f
* | Cleanup verifyHostName to use regionMatches instead of regex splits.Jesse Wilson2012-01-021-36/+21
| | | | | | | | Change-Id: Ic778ab99057d03676c39a2e2126d6f2db1a5747e
* | Move the frameworks/base hostname verifier into libcore. Part 1/2Jesse Wilson2011-12-272-131/+513
|/ | | | | | | | | | | | | | | | | | | | | | | This replaces our libcore's DefaultHostnameVerifier. The frameworks/base verifier is better exercised because it's used by the browser. The libcore one includes a few dubious behaviors: parsing toString() and non-standard TLD validation. Behavior changes in libcore: - A wildcard cert like *.co.uk would be honored. This would require a rogue CA. We had a comment documenting that other SSL clients don't do this. - Wildcards in substrings like "f*.android.com" are now supported. - Wildcards match without a child domain: "*.android.com" will match "android.com". - If an alt name is present, the CN is not used. - subject alt name IP addresses are supported. This also moves the tests into libcore. Bug: http://b/5619726 Change-Id: Ia952c33f8009ee3c5ed5935ae5f74b6093b1b8e0
* CipherSpi.engineUpdate should handle null engineUpdate resultBrian Carlstrom2011-08-231-0/+3
| | | | | Bug: 5205819 Change-Id: I06af9d59485126579266af062c3a81a8ac36b1f5
* Don't trigger a reverse DNS lookup from a log statement.Jesse Wilson2011-06-231-43/+36
| | | | | | | | | | Also nuke a bunch of redundant Javadoc and promote the shutdownInput/shutdownOutput methods that always throw to SSLSocket. Change-Id: I077f7413bb6cba66be6204c68f7911b51a191643 http://code.google.com/p/android/issues/detail?id=13117 http://b/3478027
* Merge "Kill more dead code and tests." into dalvik-devElliott Hughes2011-06-082-104/+4
|\
| * Kill more dead code and tests.Elliott Hughes2011-06-082-104/+4
| | | | | | | | Change-Id: I2de9c90823a369b9fcef595219fa68c4c61fd5b6
* | am f45c08ac: Merge "Test fixes validated on RI and device"Brian Carlstrom2011-06-081-1/+1
|\ \ | |/ |/| | | | | * commit 'f45c08ac9e7ef520fe6ec8080e136b0b4bee7084': Test fixes validated on RI and device
| * Test fixes validated on RI and deviceBrian Carlstrom2011-06-071-1/+1
| | | | | | | | Change-Id: I14290efc322406920b2de65924155ef18ee56bab
* | Remove some unnecessary cruft.Elliott Hughes2011-06-061-12/+3
| | | | | | | | Change-Id: I8d83954d42f3511a24a44a33c3b28f04af6d3b82
* | Remove more dead "security theater" cruft.Elliott Hughes2011-06-043-405/+18
|/ | | | | | | There's probably still more stuff lying around that isn't useful, but this was all I had time for on this particular Friday afternoon... Change-Id: I69593f6c9ab5534d581c703cc85a9766ba8e40e5
* OpenSSLSocketImpl should tolerate X509KeyManager returning null valuesBrian Carlstrom2011-05-242-6/+22
| | | | | | | | | | | While this started out as the small fix in OpenSSLSocketImpl.setCertificate and the corresponding test test_SSLSocket_clientAuth_bogusAlias, the need to test the behavior of the X509KeyManager returning null on the RI led to test maintenance to get libcore.javax.net.ssl tests working on RI 7 thanks to a test dependency that was added on the new InetAddress.getLoopbackAddress(). Change-Id: I3d8ed1ce453cc3a0b53e23e39c02e6a71413649c
* Make CertInstaller installed CA certs trusted by applications via default ↵Brian Carlstrom2011-05-161-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TrustManager (2 of 6) frameworks/base Adding IKeyChainService APIs for CertInstaller and Settings use keystore/java/android/security/IKeyChainService.aidl libcore Improve exceptions to include more information luni/src/main/java/javax/security/auth/x500/X500Principal.java Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods. Added support for adding user CAs in a separate directory for system. Added support for removing system CAs by placing a copy in a sytem directory luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash to make sure the implementing algorithms doe not change since TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to 1.0.0) luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Extensive test of new TrustedCertificateStore behavior luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java TestKeyStore improvements - Refactored TestKeyStore to provide simpler createCA method (and internal createCertificate) - Cleaned up to remove use of BouncyCastle specific X509Principal in the TestKeyStore API when the public X500Principal would do. - Cleaned up TestKeyStore support methods to not throw Exception to remove need for static blocks for catch clauses in tests. support/src/test/java/libcore/java/security/TestKeyStore.java luni/src/test/java/libcore/java/security/KeyStoreTest.java luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java Added private PKIXParameters contructor for use by IndexedPKIXParameters to avoid wart of having to lookup and pass a TrustAnchor to satisfy the super-class sanity check. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/IndexedPKIXParameters.java luni/src/main/java/java/security/cert/PKIXParameters.java packages/apps/CertInstaller Change CertInstaller to call IKeyChainService.installCertificate for CA certs to pass them to the KeyChainServiceTest which will make them available to all apps through the TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask. src/com/android/certinstaller/CertInstaller.java Added installCaCertsToKeyChain and hasCaCerts accessor for use by CertInstaller. Use hasUserCertificate() internally. Cleanup coding style. src/com/android/certinstaller/CredentialHelper.java packages/apps/KeyChain Added MANAGE_ACCOUNTS so that IKeyChainService.reset implementation can remove KeyChain accounts. AndroidManifest.xml Implement new IKeyChainService methods: - Added IKeyChainService.installCaCertificate to install certs provided by CertInstaller using the TrustedCertificateStore. - Added IKeyChainService.reset to allow Settings to remove the KeyChain accounts so that any app granted access to keystore credentials are revoked when the keystore is reset. src/com/android/keychain/KeyChainService.java packages/apps/Settings Changed com.android.credentials.RESET credential reset action to also call IKeyChainService.reset to remove any installed user CAs and remove KeyChain accounts to have AccountManager revoke credential granted to private keys removed during the RESET. src/com/android/settings/CredentialStorage.java Added toast text value for failure case res/values/strings.xml system/core Have init create world readable /data/misc/keychain to allow apps to access user added CA certificates installed by the CertInstaller. rootdir/init.rc Change-Id: Ief57672eea38b3eece23b14c94dedb9ea4713744
* am 347b2a60: Avoid loading all CA certs into Zygote memory, lazily load ↵Brian Carlstrom2011-04-291-1/+1
|\ | | | | | | | | | | | | instead (2 of 3) * commit '347b2a604114602da9bc4ae040278f74d11c2f51': Avoid loading all CA certs into Zygote memory, lazily load instead (2 of 3)
| * Avoid loading all CA certs into Zygote memory, lazily load instead (2 of 3)Brian Carlstrom2011-04-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously the CA certs stored in the BKS KeyStore at /system/etc/security/cacerts.bks was loaded in the Zygote. As the the number of CAs are started to increase, this is causing more and more memory to be used for rarely used CAs. The new AndroidCAStore KeyStore implementation reads the CAs as needed out of individual PEM certificate files. The files can be efficiently found because they are named based on a hash CA's subject name, similar to OpenSSL. Bug: 1109242 Details: build Removing old cacerts.bks from GRANDFATHERED_ALL_PREBUILT and adding new cacerts directory to core PRODUCT_PACKAGES core/legacy_prebuilts.mk target/product/core.mk libcore cacerts build changes. Move cacerts prebuilt logic to new CaCerts.mk from NativeCode.mk where it didn't make sense. Updated Android.mk's dalvik-host target to install new cacerts files. Android.mk CaCerts.mk NativeCode.mk Remove old cacerts.bks and add remove certimport.sh script used to generate it. Preserved the useful comments from certimport.sh in the new README.cacerts luni/src/main/files/cacerts.bks luni/src/main/files/certimport.sh luni/src/main/files/README.cacerts Recanonicalize cacerts files using updated vendor/google/tools/cacerts/certimport.py (See below discussion of certimport.py changes for details) luni/src/main/files/cacerts/00673b5b.0 luni/src/main/files/cacerts/03e16f6c.0 luni/src/main/files/cacerts/08aef7bb.0 luni/src/main/files/cacerts/0d188d89.0 luni/src/main/files/cacerts/10531352.0 luni/src/main/files/cacerts/111e6273.0 luni/src/main/files/cacerts/1155c94b.0 luni/src/main/files/cacerts/119afc2e.0 luni/src/main/files/cacerts/11a09b38.0 luni/src/main/files/cacerts/12d55845.0 luni/src/main/files/cacerts/17b51fe6.0 luni/src/main/files/cacerts/1920cacb.0 luni/src/main/files/cacerts/1dac3003.0 luni/src/main/files/cacerts/1dbdda5b.0 luni/src/main/files/cacerts/1dcd6f4c.0 luni/src/main/files/cacerts/1df5ec47.0 luni/src/main/files/cacerts/1e8e7201.0 luni/src/main/files/cacerts/1eb37bdf.0 luni/src/main/files/cacerts/219d9499.0 luni/src/main/files/cacerts/23f4c490.0 luni/src/main/files/cacerts/27af790d.0 luni/src/main/files/cacerts/2afc57aa.0 luni/src/main/files/cacerts/2e8714cb.0 luni/src/main/files/cacerts/2fa87019.0 luni/src/main/files/cacerts/2fb1850a.0 luni/src/main/files/cacerts/33815e15.0 luni/src/main/files/cacerts/343eb6cb.0 luni/src/main/files/cacerts/399e7759.0 luni/src/main/files/cacerts/3a3b02ce.0 luni/src/main/files/cacerts/3ad48a91.0 luni/src/main/files/cacerts/3c58f906.0 luni/src/main/files/cacerts/3c860d51.0 luni/src/main/files/cacerts/3d441de8.0 luni/src/main/files/cacerts/3e7271e8.0 luni/src/main/files/cacerts/418595b9.0 luni/src/main/files/cacerts/455f1b52.0 luni/src/main/files/cacerts/46b2fd3b.0 luni/src/main/files/cacerts/48478734.0 luni/src/main/files/cacerts/4d654d1d.0 luni/src/main/files/cacerts/4e18c148.0 luni/src/main/files/cacerts/4fbd6bfa.0 luni/src/main/files/cacerts/5021a0a2.0 luni/src/main/files/cacerts/5046c355.0 luni/src/main/files/cacerts/524d9b43.0 luni/src/main/files/cacerts/56b8a0b6.0 luni/src/main/files/cacerts/57692373.0 luni/src/main/files/cacerts/58a44af1.0 luni/src/main/files/cacerts/594f1775.0 luni/src/main/files/cacerts/5a3f0ff8.0 luni/src/main/files/cacerts/5a5372fc.0 luni/src/main/files/cacerts/5cf9d536.0 luni/src/main/files/cacerts/5e4e69e7.0 luni/src/main/files/cacerts/60afe812.0 luni/src/main/files/cacerts/635ccfd5.0 luni/src/main/files/cacerts/67495436.0 luni/src/main/files/cacerts/69105f4f.0 luni/src/main/files/cacerts/6adf0799.0 luni/src/main/files/cacerts/6e8bf996.0 luni/src/main/files/cacerts/6fcc125d.0 luni/src/main/files/cacerts/72f369af.0 luni/src/main/files/cacerts/72fa7371.0 luni/src/main/files/cacerts/74c26bd0.0 luni/src/main/files/cacerts/75680d2e.0 luni/src/main/files/cacerts/7651b327.0 luni/src/main/files/cacerts/76579174.0 luni/src/main/files/cacerts/7999be0d.0 luni/src/main/files/cacerts/7a481e66.0 luni/src/main/files/cacerts/7a819ef2.0 luni/src/main/files/cacerts/7d3cd826.0 luni/src/main/files/cacerts/7d453d8f.0 luni/src/main/files/cacerts/81b9768f.0 luni/src/main/files/cacerts/8470719d.0 luni/src/main/files/cacerts/84cba82f.0 luni/src/main/files/cacerts/85cde254.0 luni/src/main/files/cacerts/86212b19.0 luni/src/main/files/cacerts/87753b0d.0 luni/src/main/files/cacerts/882de061.0 luni/src/main/files/cacerts/895cad1a.0 luni/src/main/files/cacerts/89c02a45.0 luni/src/main/files/cacerts/8f7b96c4.0 luni/src/main/files/cacerts/9339512a.0 luni/src/main/files/cacerts/9685a493.0 luni/src/main/files/cacerts/9772ca32.0 luni/src/main/files/cacerts/9d6523ce.0 luni/src/main/files/cacerts/9dbefe7b.0 luni/src/main/files/cacerts/9f533518.0 luni/src/main/files/cacerts/a0bc6fbb.0 luni/src/main/files/cacerts/a15b3b6b.0 luni/src/main/files/cacerts/a3896b44.0 luni/src/main/files/cacerts/a7605362.0 luni/src/main/files/cacerts/a7d2cf64.0 luni/src/main/files/cacerts/ab5346f4.0 luni/src/main/files/cacerts/add67345.0 luni/src/main/files/cacerts/b0f3e76e.0 luni/src/main/files/cacerts/bc3f2570.0 luni/src/main/files/cacerts/bcdd5959.0 luni/src/main/files/cacerts/bda4cc84.0 luni/src/main/files/cacerts/bdacca6f.0 luni/src/main/files/cacerts/bf64f35b.0 luni/src/main/files/cacerts/c0cafbd2.0 luni/src/main/files/cacerts/c215bc69.0 luni/src/main/files/cacerts/c33a80d4.0 luni/src/main/files/cacerts/c527e4ab.0 luni/src/main/files/cacerts/c7e2a638.0 luni/src/main/files/cacerts/c8763593.0 luni/src/main/files/cacerts/ccc52f49.0 luni/src/main/files/cacerts/cdaebb72.0 luni/src/main/files/cacerts/cf701eeb.0 luni/src/main/files/cacerts/d16a5865.0 luni/src/main/files/cacerts/d537fba6.0 luni/src/main/files/cacerts/d64f06f3.0 luni/src/main/files/cacerts/d777342d.0 luni/src/main/files/cacerts/d8274e24.0 luni/src/main/files/cacerts/dbc54cab.0 luni/src/main/files/cacerts/ddc328ff.0 luni/src/main/files/cacerts/e48193cf.0 luni/src/main/files/cacerts/e60bf0c0.0 luni/src/main/files/cacerts/e775ed2d.0 luni/src/main/files/cacerts/e7b8d656.0 luni/src/main/files/cacerts/e8651083.0 luni/src/main/files/cacerts/ea169617.0 luni/src/main/files/cacerts/eb375c3e.0 luni/src/main/files/cacerts/ed049835.0 luni/src/main/files/cacerts/ed524cf5.0 luni/src/main/files/cacerts/ee7cd6fb.0 luni/src/main/files/cacerts/f4996e82.0 luni/src/main/files/cacerts/f58a60fe.0 luni/src/main/files/cacerts/f61bff45.0 luni/src/main/files/cacerts/f80cc7f6.0 luni/src/main/files/cacerts/fac084d7.0 luni/src/main/files/cacerts/facacbc6.0 luni/src/main/files/cacerts/fde84897.0 luni/src/main/files/cacerts/ff783690.0 Change IntegralToString.intToHexString to take width argument to allow for leading zero padding. Updated existing callers to specify 0 padding desired. Add testing of new padding functionality. luni/src/main/java/java/lang/Character.java luni/src/main/java/java/lang/Integer.java luni/src/main/java/java/lang/IntegralToString.java luni/src/test/java/libcore/java/lang/IntegralToStringTest.java Improved to throw Exceptions with proper causes luni/src/main/java/java/security/KeyStore.java luni/src/main/java/java/security/Policy.java luni/src/main/java/java/security/cert/CertificateFactory.java luni/src/main/java/javax/crypto/Cipher.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSignature.java Indentation fixes luni/src/main/java/java/security/SecureRandom.java Fix X509CRLSelector.getIssuerNames to clone result and added test to cover this. luni/src/main/java/java/security/cert/X509CRLSelector.java luni/src/test/java/libcore/java/security/cert/X509CRLSelectorTest.java Fixed bug where we created an X500Principal via a String representation instead of from its original encoded bytes. This led to a difficult to track down bug where CA 418595b9.0 where the NativeCode.X509_NAME_hash of a Harmony (but not BouncyCastle) X509Certificate would not hash to the expected value because the encoded form used an ASN.1 PrintableString instead of the UTF8String form found in the original certificate. luni/src/main/java/org/apache/harmony/security/x501/Name.java Add a new RootKeyStoreSpi and register it as the AndroidCAStore. This new read-only KeyStore implementation that looks for certificates in $ANDROID_ROOT/etc/security/cacerts/ directory, which is /system/etc/security/cacerts/ on devices. The files are stored in the directory based on the older md5 based OpenSSL X509_NAME_hash function (now referred to as X509_NAME_hash_old in OpenSSL 1.0) luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java Added OpenSSL compatible X509_NAME_hash and X509_NAME_hash_old functions for producting an int hash value from an X500Principal. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java Changed TrustManagerFactoryImpl to use AndroidCAStore for its default KeyStore luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerFactoryImpl.java Changed TrustManagerImpl to be AndroidCAStore aware. If it detects an AndroidCAStore, it avoids generating the acceptedIssuers array at constructions, since doing so would force us to parse all certificates in the store and the value is only typically used by SSLServerSockets when requesting a client certifcate. Because we don't load all the trusted CAs into the IndexedPKIXParameters at startup in the case of AndroidCAStore, we now check for new CAs when examining the cert chain for unnecessary TrustAnchors and for a newly discovered issuer at the end of the chain before validation. luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java Updated KeyStoreTest to cope with read only KeyStore. Update test_cacerts_bks (now renamed test_cacerts) to use the AndroidCAStore for validating system CA certificate validity. Register AndroidCAStore as an expected KeyStore type with StandardNames. luni/src/test/java/libcore/java/security/KeyStoreTest.java support/src/test/java/libcore/java/security/StandardNames.java Added test of X500Principal serialization while investigating Name encoding issue. However, the actual Name bug was found and verified by the new test_cacerts test. luni/src/test/java/libcore/javax/security/auth/x500/X500PrincipalTest.java vendor/google Change canonical format for checked in cacerts to have PEM certificate at the top, as required by Harmony's X.509 CertificateFactory. tools/cacerts/certimport.py Change-Id: If0c9de430f13babb07f96a1177897c536f3db08d
* | Add getnameinfo(3) (and gai_strerror(3)).Elliott Hughes2011-04-193-58/+3
| | | | | | | | | | | | | | | | | | There's quite a large corresponding change to InetAddress, plus I've changed the documentation for all the Permission classes to match the handful that we'd already documented as legacy cruft. Bug: http://b/3107501 Change-Id: Ia67aba79f0ab13e64085bd4a2df20ad0776bcc5b
* | Improve HttpsURLConnection documentation with examplesBrian Carlstrom2011-04-111-2/+76
|/ | | | | | http://code.google.com/p/android/issues/detail?id=16041 Change-Id: I2e596ef36306b70cdb071b91d8707f015d9b251b
* Remove bogus "super()" calls.Elliott Hughes2011-03-1724-28/+0
| | | | | | I've left one in java.util.concurrent, since we have an upstream there. Change-Id: I60945e48a41433fc7eaef6086433ec4bf434097f
* Drop SecuritySupport helpers from XML.Jesse Wilson2011-03-1410-943/+101
| | | | | | | We don't have a security manager; these classes don't provide any utility. Change-Id: I22a38820bde93286f5b840579ea2b575d6085640
* Factor out our single-byte InputStream.read/OutputStream.write implementations.Elliott Hughes2011-03-071-11/+4
| | | | Change-Id: I00106a51a32ea84a39256d5629369170b892a039
* Remove useless overrides of InputStream.read(byte[]) and ↵Elliott Hughes2011-03-072-30/+0
| | | | | | | | | | | | OutputStream.write(byte[]). For the particular stream in the bug, the useless override assumes that the implementation of read(byte[], int, int) or write(byte[], int, int) doesn't do anything special. A dangerous and non-local assumption. (In the bug, we need to change the three-argument write.) Bug: http://code.google.com/p/android/issues/detail?id=15304 Change-Id: I915d4a2e20c98f8e7f5775b555ae77d496a535d0
* Kill many of the stl_style_names in Java.Elliott Hughes2011-03-072-39/+33
| | | | Change-Id: I4473a6efc74a49dd3b480a48d4c697fc773e08f8
* Fix build.Elliott Hughes2011-02-241-1/+2
| | | | | | | The "new String" here was probably a deliberate attempt to avoid a public static final field being inlined as a constant. Revert and document. Change-Id: I864bbf82c8711e08016fd7f4f2e8a8508b95db0c
* Fix more FindBugs warnings: DM_STRING_CTOR.Elliott Hughes2011-02-241-1/+1
| | | | | | These are the cases where we don't actually want to avoid memory leaks. Change-Id: Icc6c5506e5d415ff4fb5ff1351efee572a2af3e9
* Fix more FindBugs warnings: BC_EQUALS_METHOD_SHOULD_WORK_FOR_ALL_OBJECTS.Elliott Hughes2011-02-241-3/+7
| | | | | | | "The equals(Object o) method shouldn't make any assumptions about the type of o. It should simply return false if o is not the same type as this." Change-Id: Ib16eb57e8876ec117634b4c9b069a4dccc61c657
* Simplify internal libcore logging.Elliott Hughes2011-02-222-12/+2
| | | | | | | | | | | | | | Expose LOGE and friends for use from Java. This is handy because it lets me use printf debugging even when I've broken String or CharsetEncoder or something equally critical. It also lets us remove internal use of java.util.logging, which is slow and ugly. I've also changed Thread.suspend/resume/stop to actually throw UnsupportedOperationException rather than just logging one and otherwise doing nothing. Bug: 3477960 Change-Id: I0c3f804b1a978bf9911cb4a9bfd90b2466f8798f
* Fix various FindBugs warnings.Elliott Hughes2011-02-172-3/+3
| | | | | | | | | | | | Only the ChunkHandler and ZoneInfo ones were real bugs. The former is only called with one input value that doesn't exercise the bug, and the latter would cause us to think that a time zone that stopped using daylight time before 1970 was still using daylight time (which would defeat various optimizations, but should otherwise be harmless). The other stuff is trivia not worth individual changes. Change-Id: Ib0752560cd16edc6538d1fc2b234451a66d48171
* resolved conflicts for merge of 6186821c to dalvik-devJesse Wilson2011-02-075-5/+5
|\ | | | | | | Change-Id: Ic6f0172767d6feedb188d3a5e7488a67702ef8c4
| * Move libcore.base classes to libcore.util and libcore.io.Jesse Wilson2011-02-075-5/+5
| | | | | | | | Change-Id: I2340a9dbad3561fa681a8ab47d4f406e72c913e3
* | Tolerate leading slash in Cipher transformationBrian Carlstrom2011-01-281-0/+5
| | | | | | | | | | Bug: 3387688 Change-Id: Icd551df2cafd256e49fb92d12d7cb381479d841d
* | am c9b49a59: am 4ed57b34: am 79dd7240: Merge "Cipher.init incorrectly ↵Brian Carlstrom2011-01-251-13/+18
|\ \ | |/ | | | | | | | | | | implements RFC 3280 key usage validation" into honeycomb * commit 'c9b49a596250a4c21871afcf623e59bd4049e175': Cipher.init incorrectly implements RFC 3280 key usage validation
| * am 4ed57b34: am 79dd7240: Merge "Cipher.init incorrectly implements RFC 3280 ↵Brian Carlstrom2011-01-241-13/+18
| |\ | | | | | | | | | | | | | | | | | | key usage validation" into honeycomb * commit '4ed57b346fd863a66c288c6869ed613f5d9a716c': Cipher.init incorrectly implements RFC 3280 key usage validation
| | * Cipher.init incorrectly implements RFC 3280 key usage validationBrian Carlstrom2011-01-231-13/+18
| | | | | | | | | | | | | | | | | | Issue: http://code.google.com/p/android/issues/detail?id=12955 Bug: 3381582 Change-Id: Ida63c1356634c8e287ce5b0234418a656dffedf0
* | | Remove useless android-changed comments.Elliott Hughes2011-01-133-12/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I've changed useful ones to regular comments or TODOs, as appropriate. I've left ones in code like java.util.concurrent where we really are tracking an upstream source, making the change markers useful. I've left a handful of others where I intend to actually investigate the implied TODOs before deciding how to resolve them. Change-Id: Iaf71059b818596351cf8ee5a3cf3c85586051fa6
* | | Kill most users of StringTokenizer.Elliott Hughes2011-01-132-26/+19
| | | | | | | | | | | | | | | | | | | | | I've left a handful that actually make some use of it, in classes we don't care about anyway (XML preferences and the like). Change-Id: I754262ee600d8a16046b537a6d6258db849db89b
* | | Most callers of toLowerCase/toUpperCase should pass Locale.US to avoid ↵Elliott Hughes2011-01-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | problems in Turkey. Some callers should be replaced with equalsIgnoreCase instead. The one exception is StreamTokenizer, where the RI uses the default locale, which is arguably the right thing to do. No-one cares because that's legacy API, but I've added a test anyway. I've left HttpCookie and GeneralName for my co-conspirators because the appropriate resolutions aren't as obvious there... Bug: 3325637 Change-Id: Ia37a1caaa91b11763ae43e61e445adb45c30f793
* | | Change all "final static"s to "static final".Elliott Hughes2011-01-111-2/+2
| | | | | | | | | | | | | | | | | | Just so we sound like native speakers. Change-Id: I4d98ec7519af8c1578609945ca9d480484b82874
generated by cgit v1.1 at 2025-09-14 11:38:08 +0000