-
Kenny Root authored
A significant amount of code was dedicated to maintaining backward compatibility with OpenSSL. However, compatibility will no longer be maintained for several reasons: * BoringSSL does not have ENGINE functionality and testing it is difficult because another version must be compiled against OpenSSL. Moreover, AndroidKeyStore Provider has taken over keystore functionality since M release resulting in dead code. * Secure defaults such as deterministic EC signatures are part of BoringSSL so extra JNI calls do not need to be made for them. * A not insignificant number of lines of code were dedicated to maintaining compatibility with OpenSSL resulting in empty JNI functions. Removing these functions results in a speed-up because there will be fewer JNI transitions to call these useless functions when using BoringSSL. Since AndroidKeyStore functionality has been moved, this change also removes all references to keystore functionality even for BoringSSL (i.e., EVP_PKEY_from_keystore). Test: vogar --mode host libcore/luni/src/test/java/libcore/java/security/*Test.java libcore/luni/src/test/java/libcore/javax/crypto/*Test.java libcore/luni/src/test/java/libcore/javax/net/ssl/*Test.javIa Change-Id: I304e0f2c882c313753b0e9327c6293385fd6794b597fd4e4
