summaryrefslogtreecommitdiffstats
path: root/luni/src/main/java/org/apache
Commit message (Collapse)AuthorAgeFilesLines
* Make sure the Services cache is refreshedKenny Root2015-06-221-0/+1
| | | | | | | | | | | During the class initialization, a special path is taken when all the built-in providers are initialized. This means that the "needsRefresh" flag is not set initially and the cache is not refreshed when the SecureRandom service is checked. Bug: 21970647 Change-Id: Idb796ec5e3ac04424e5fd3a90607666ae23817d5 (cherry picked from commit 10dced1155cb3689ca63383a3b0b794bc3735268)
* Get rid of old Harmony Services cacheKenny Root2015-05-192-63/+31
| | | | | | | | | | | | Each java.security.Provider.Service has its own cache, so there is not a lot of benefit to having another cache of the caches. In fact, this makes adding a new provider a huge hit. This change makes adding a new empty provider go from ~5080 microseconds to 73 microseconds. (cherry picked from commit cc4791ad77128039c93d4c03b582d4dc397e6a02) Bug: 21159204 Change-Id: Ib23032f8cb0def79367a321b48241b6cc94de6b0
* Refactor security classes for static initializationKenny Root2015-04-131-10/+26
| | | | | | | | | | | | | | | | Split out security.properties I/O to a separate method returning a Reader. This method can be intercepted at compile-time and provide a StringReader with the content of the file. A reader is necessary as Properties interally uses a reader and requires a Charset to translate from an input-stream. Refactor Services provider loading to first try the boot classpath loader instead of the system class-loader. The former is accessible during compile-time initialization and functionally equivalent. Bug: 19498458 Bug: 19542228 Change-Id: I853952b83ca99006907c070734f767259c975517
* Libcore: Fix infinite loopAndreas Gampe2015-03-151-1/+1
| | | | | | Correctly dispatch to wrapped object. Change-Id: Ia2789f92ddeb61f6b74789220f9a50dfdcf4fd3b
* am 657afa6c: Merge "JarUtils: stop trying to build chain past candidates ↵Kenny Root2014-11-141-0/+4
|\ | | | | | | | | | | | | length" into lmp-mr1-dev * commit '657afa6cd8da378f30afe7b491e6d9de6c7c23fd': JarUtils: stop trying to build chain past candidates length
| * JarUtils: stop trying to build chain past candidates lengthKenny Root2014-11-131-0/+4
| | | | | | | | | | | | | | | | | | If the certs in the PKCS#7 bag are in a loop, it will go on forever trying to build a chain. Instead just stop trying to build the chain when our chain exceeds the length of the candidates. Bug: 17972577 Change-Id: If4f92e3eeabe893612a618bab0068a0f8cf75ea9
| * Switch order of digest and digest encryption algorithmKenny Root2014-11-101-10/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sometimes "digest encryption algorithm" would be "RSA" which would match a Signature provider, but its default setup would be whatever the provider chose. This works fine with newer algorithms that have a specific OID for their signature format (e.g., ECDSA and SHA256), but not with algorithms that just have a generic OID for all possible uses (e.g., RSA). Stock Android never hits this problem, because nothing registers a "Signature.RSA" provider, but Spongycastle does so using JarURLClassLoader after inserting Spongycastle causes a problem. Flip the order of tries to make this work more uniformly with more JAR and provider combinations. (cherry picked from commit b1da6d3df5f9cce6e6d77c63599eba62edb465d6) Bug: 17790692 Bug: https://code.google.com/p/android/issues/detail?id=68562 Change-Id: I3bb07ea25d7bf1d55fa2466b204594179ac38932
* | am 10bebe99: Merge "JarUtils: fix reference to RFC"Kenny Root2014-11-131-2/+2
|\ \ | | | | | | | | | | | | * commit '10bebe9984b27254f46933b913f4cc6e22a12a60': JarUtils: fix reference to RFC
| * | JarUtils: fix reference to RFCKenny Root2014-11-131-2/+2
| | | | | | | | | | | | | | | | | | | | | This class was actually written to the RFC 2315 spec and not RFC 3852, but they say the same thing. Change-Id: I6caeb918015c7ac3d67f9e4a9677ac993d096904
* | | am 703031e5: Merge "Switch order of digest and digest encryption algorithm"Kenny Root2014-11-101-10/+9
|\ \ \ | |/ / | | / | |/ |/| * commit '703031e59e736db8c5f2397b4e8aab28279cd100': Switch order of digest and digest encryption algorithm
| * Switch order of digest and digest encryption algorithmKenny Root2014-11-071-10/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sometimes "digest encryption algorithm" would be "RSA" which would match a Signature provider, but its default setup would be whatever the provider chose. This works fine with newer algorithms that have a specific OID for their signature format (e.g., ECDSA and SHA256), but not with algorithms that just have a generic OID for all possible uses (e.g., RSA). Stock Android never hits this problem, because nothing registers a "Signature.RSA" provider, but Spongycastle does so using JarURLClassLoader after inserting Spongycastle causes a problem. Flip the order of tries to make this work more uniformly with more JAR and provider combinations. Bug: 17790692 Bug: https://code.google.com/p/android/issues/detail?id=68562 Change-Id: I3bb07ea25d7bf1d55fa2466b204594179ac38932
* | Preserve original encoded certificate bytes.Jeff Sharkey2014-11-042-2/+198
| | | | | | | | | | | | | | | | | | | | | | Sadly, the publicly visible android.content.pm.Signature object needs to return the untouched bytes from the parsed APK certificate. Since some CertificateFactory implementations may try re-encoding the certificate, we defensively keep around the original encoded bytes and return them when asked. Bug: 18206852, 18228011 Change-Id: I6016eaea23a7f43cf9249ec43cfde1f8ed4ff841
* | Improve support for non-BMP characters in XML.Elliott Hughes2014-10-181-4/+6
|/ | | | | | | | | | | This adds support for writing surrogate pairs out as entity references in KXmlSerializer and for parsing non-BMP entity references in DocumentBuilderImpl. Emoji and XML. Two of my least favorite things together at last. Bug: 17960630 Change-Id: If5e1001faf250e87e6eeebe3449a6ebc115789a1
* am 77bb39bb: am 2cbfef72: am 13bb5c1b: Merge "Add CRLReason and friends"Kenny Root2014-05-082-0/+16
|\ | | | | | | | | * commit '77bb39bb029f1a731c2ee34eeffebfa52bb8dfab': Add CRLReason and friends
| * am 2cbfef72: am 13bb5c1b: Merge "Add CRLReason and friends"Kenny Root2014-05-082-0/+16
| |\ | | | | | | | | | | | | * commit '2cbfef72ec2046d77d983bc106a3cfb3d69e9bf0': Add CRLReason and friends
| | * Add CRLReason and friendsKenny Root2014-05-082-0/+16
| | | | | | | | | | | | | | | | | | | | | New API for getting the revocation reason. Add tests and exceptions associated with it. Change-Id: Ifd6444ab966c984312f069a6ee330d255110ea85
* | | am 982fb068: am 14f4875c: am db3cbbc3: Merge "Add ↵Kenny Root2014-05-072-9/+18
|\ \ \ | |/ / | | | | | | | | | | | | | | | java.security.cert.Extension interface" * commit '982fb06853ed14a38dbf300f633b8a5c9ef6a722': Add java.security.cert.Extension interface
| * | am 14f4875c: am db3cbbc3: Merge "Add java.security.cert.Extension interface"Kenny Root2014-05-072-9/+18
| |\ \ | | |/ | | | | | | | | | * commit '14f4875cedd807a57aacad981ec083cfa3326f03': Add java.security.cert.Extension interface
| | * Add java.security.cert.Extension interfaceKenny Root2014-05-062-9/+18
| | | | | | | | | | | | | | | | | | Also convert our existing Extension class to implement this interface. Change-Id: I123ef6aa4f89897037e51f221c8c5a7994ac2a01
| * | am 721a363c: resolved conflicts for merge of a47fb6d2 to klp-modular-devKenny Root2014-04-301-5/+24
| |\ \ | | | | | | | | | | | | | | | | * commit '721a363c366af7b5472b3632efc33760dbb9c1a0': Add API to check certificate chain signatures
| | * \ resolved conflicts for merge of a47fb6d2 to klp-modular-devKenny Root2014-04-301-5/+24
| | |\ \ | | | | | | | | | | | | | | | Change-Id: Id6645384548e547ed10fedf67b50f769eec3f846
| | | * \ am f5efc79f: am 93868a24: am 5c5adbdb: am 87c8e6c1: am c81569dc: am ↵Kenny Root2014-04-301-5/+25
| | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 2b556603: am d3d58171: am 2bc5e811: Add API to check certificate chain signatures * commit 'f5efc79f4cdd3aab545718de6cdc6f6d95f48f37': Add API to check certificate chain signatures
| | | | * \ am 93868a24: am 5c5adbdb: am 87c8e6c1: am c81569dc: am 2b556603: am ↵Kenny Root2014-04-301-5/+25
| | | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | d3d58171: am 2bc5e811: Add API to check certificate chain signatures * commit '93868a24eab785cd24f43df7a67705c0421b64ea': Add API to check certificate chain signatures
| | | | | * \ am 5c5adbdb: am 87c8e6c1: am c81569dc: am 2b556603: am d3d58171: am ↵Kenny Root2014-04-301-5/+25
| | | | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 2bc5e811: Add API to check certificate chain signatures * commit '5c5adbdbd25f88190d83ad87a27596bb97f71551': Add API to check certificate chain signatures
| | | | | | * \ am 87c8e6c1: am c81569dc: am 2b556603: am d3d58171: am 2bc5e811: Add API to ↵Kenny Root2014-04-301-5/+25
| | | | | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | check certificate chain signatures * commit '87c8e6c1e0cce2a98931562df131f87c13434441': Add API to check certificate chain signatures
| | | | | | | * \ am d3d58171: am 2bc5e811: Add API to check certificate chain signaturesKenny Root2014-04-301-5/+25
| | | | | | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit 'd3d58171cc734f59faa5a03ce1cd5d5c00e9ffbd': Add API to check certificate chain signatures
| | | | | | | | * \ am 2bc5e811: Add API to check certificate chain signaturesKenny Root2014-04-301-5/+25
| | | | | | | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '2bc5e811a817a8c667bca4318ae98582b0ee6dc6': Add API to check certificate chain signatures
| | | | | | | | | * | Add API to check certificate chain signaturesKenny Root2014-04-301-5/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add hidden API to check certificate chain signatures when needed. The getCertificates implementation returns a list of all the certificates and chains and would expect any caller interested in verifying actual chains to call getCodeSigners instead. We add this hidden constructor as a stop-gap until we can switch callers over to getCodeSigners. Bug: 13678484 Change-Id: I01cddef287767422454de4c5fd266c812a04d570
| * | | | | | | | | | am d7ffdab9: resolved conflicts for merge of 45cd6f51 to klp-modular-devKenny Root2014-04-301-27/+7
| |\ \ \ \ \ \ \ \ \ \ | | |/ / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit 'd7ffdab9dbd6cb10cf45fa841c7f9e8e406133bb': Revert "Add API to check certificate chain signatures"
| | * | | | | | | | | resolved conflicts for merge of 45cd6f51 to klp-modular-devKenny Root2014-04-301-27/+7
| | |\ \ \ \ \ \ \ \ \ | | | |/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | Change-Id: Ic2f144d268c8b10eb9628b695ea95003cf40aac2
| | | * | | | | | | | am f437cb11: am 4bbd5d45: am ce07d1e8: am 45583d71: am f26ef9f9: am ↵Kenny Root2014-04-301-28/+7
| | | |\ \ \ \ \ \ \ \ | | | | |/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 50256449: am 9cd5caec: am 8c9ea691: Revert "Add API to check certificate chain signatures" * commit 'f437cb1175440de35bc775eb79a5774105d13780': Revert "Add API to check certificate chain signatures"
| | | | * | | | | | | am 4bbd5d45: am ce07d1e8: am 45583d71: am f26ef9f9: am 50256449: am ↵Kenny Root2014-04-301-28/+7
| | | | |\ \ \ \ \ \ \ | | | | | |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 9cd5caec: am 8c9ea691: Revert "Add API to check certificate chain signatures" * commit '4bbd5d45bffa91f41136709ed6ce45c56192711c': Revert "Add API to check certificate chain signatures"
| | | | | * | | | | | am ce07d1e8: am 45583d71: am f26ef9f9: am 50256449: am 9cd5caec: am ↵Kenny Root2014-04-301-28/+7
| | | | | |\ \ \ \ \ \ | | | | | | |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 8c9ea691: Revert "Add API to check certificate chain signatures" * commit 'ce07d1e8436d22dca6cf8a375f636680e3aca472': Revert "Add API to check certificate chain signatures"
| | | | | | * | | | | am 45583d71: am f26ef9f9: am 50256449: am 9cd5caec: am 8c9ea691: Revert "Add ↵Kenny Root2014-04-301-28/+7
| | | | | | |\ \ \ \ \ | | | | | | | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | API to check certificate chain signatures" * commit '45583d7167741140dba89ec3c8156d9f42313fcb': Revert "Add API to check certificate chain signatures"
| | | | | | | * | | | am 9cd5caec: am 8c9ea691: Revert "Add API to check certificate chain signatures"Kenny Root2014-04-301-28/+7
| | | | | | | |\ \ \ \ | | | | | | | | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '9cd5caece4cf5d64898e9241c79194c0a9f52d24': Revert "Add API to check certificate chain signatures"
| | | | | | | | * | | am 8c9ea691: Revert "Add API to check certificate chain signatures"Kenny Root2014-04-301-28/+7
| | | | | | | | |\ \ \ | | | | | | | | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '8c9ea6916a5bb232fe1bfd6d61194196685fe81c': Revert "Add API to check certificate chain signatures"
| | | | | | | | | * | Revert "Add API to check certificate chain signatures"Kenny Root2014-04-291-28/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit f8986a989759c43c155ae64f9a3b36f670602521. Bug: 13678484 Change-Id: Ie2e44c60cc025a8a1e54aa7a6fb4b251ad363aae
| * | | | | | | | | | am 5079856d: resolved conflicts for merge of e897e2dc to klp-modular-devKenny Root2014-04-191-7/+27
| |\ \ \ \ \ \ \ \ \ \ | | |/ / / / / / / / / | | | | | | | | | | / | | |_|_|_|_|_|_|_|/ | |/| | | | | | | | * commit '5079856d43c7202303632d12eba91149a11c2bfd': Add API to check certificate chain signatures
| | * | | | | | | | resolved conflicts for merge of e897e2dc to klp-modular-devKenny Root2014-04-181-7/+27
| | |\ \ \ \ \ \ \ \ | | | |/ / / / / / / | | | | | | | | | | | | | | | | | | | | Change-Id: Ic367fd179fd402eadb4f3c5c0585ad9c17370002
| | | * | | | | | | am 80eedbe2: am dafee327: am e09807c8: am c935abb8: am c79a75f3: am ↵Kenny Root2014-04-181-7/+28
| | | |\ \ \ \ \ \ \ | | | | |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 928d0707: am 6640b107: am f8986a98: Add API to check certificate chain signatures * commit '80eedbe289fa735193d2eeea58da7f9d1fcf2b2f': Add API to check certificate chain signatures
| | | | * | | | | | am dafee327: am e09807c8: am c935abb8: am c79a75f3: am 928d0707: am ↵Kenny Root2014-04-181-7/+28
| | | | |\ \ \ \ \ \ | | | | | |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 6640b107: am f8986a98: Add API to check certificate chain signatures * commit 'dafee327892728c3632f2fa959c2790f7ea3049f': Add API to check certificate chain signatures
| | | | | * | | | | am e09807c8: am c935abb8: am c79a75f3: am 928d0707: am 6640b107: am ↵Kenny Root2014-04-181-7/+28
| | | | | |\ \ \ \ \ | | | | | | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | f8986a98: Add API to check certificate chain signatures * commit 'e09807c800605d8b90d21fd8cfad72698c78e52d': Add API to check certificate chain signatures
| | | | | | * | | | am c935abb8: am c79a75f3: am 928d0707: am 6640b107: am f8986a98: Add API to ↵Kenny Root2014-04-181-7/+28
| | | | | | |\ \ \ \ | | | | | | | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | check certificate chain signatures * commit 'c935abb878175b2e9914235a182a96ab9bebe0c3': Add API to check certificate chain signatures
| | | | | | | * | | am 6640b107: am f8986a98: Add API to check certificate chain signaturesKenny Root2014-04-181-7/+28
| | | | | | | |\ \ \ | | | | | | | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '6640b107e33042d6c7445d88119c92bd020cdc22': Add API to check certificate chain signatures
| | | | | | | | * | am f8986a98: Add API to check certificate chain signaturesKenny Root2014-04-181-7/+28
| | | | | | | | |\ \ | | | | | | | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit 'f8986a989759c43c155ae64f9a3b36f670602521': Add API to check certificate chain signatures
| | | | | | | | | * Add API to check certificate chain signaturesKenny Root2014-04-171-7/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add hidden API to check certificate chain signatures when needed. The getCertificates implementation returns a list of all the certificates and chains and would expect any caller interested in verifying actual chains to call getCodeSigners instead. We add this hidden constructor as a stop-gap until we can switch callers over to getCodeSigners. Bug: 13678484 Change-Id: I6ad8a168adf6a33b9155f416ed22852ded221382
| | | | | * | | | | am 314c1f46: am 9c94365f: am 3a160bcf: am 7f1b2d5d: am 6da3c4a6: am ↵Alex Klyubin2013-11-141-0/+10
| | | | | |\ \ \ \ \ | | | | | | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ef6e14e8: SSLEngine: Verify server RSA params signature * commit '314c1f4630cc07691658aa2b0c7c71899b4a1eef': SSLEngine: Verify server RSA params signature
| | | | | | * | | | am 9c94365f: am 3a160bcf: am 7f1b2d5d: am 6da3c4a6: am ef6e14e8: SSLEngine: ↵Alex Klyubin2013-11-141-0/+10
| | | | | | |\ \ \ \ | | | | | | | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Verify server RSA params signature * commit '9c94365f8732636914f934163287907a3576413f': SSLEngine: Verify server RSA params signature
| | | | | | | * | | am 6da3c4a6: am ef6e14e8: SSLEngine: Verify server RSA params signatureAlex Klyubin2013-11-141-0/+10
| | | | | | | |\ \ \ | | | | | | | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '6da3c4a69850b3c043c04ff2d88d9727b84f1db1': SSLEngine: Verify server RSA params signature
| | | | | | | | * | am ef6e14e8: SSLEngine: Verify server RSA params signatureAlex Klyubin2013-11-141-0/+10
| | | | | | | | |\ \ | | | | | | | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit 'ef6e14e8527eab91e6266942f48b8bf08e762004': SSLEngine: Verify server RSA params signature
generated by cgit v1.1 at 2025-09-13 21:31:01 +0000