GitLab

am: 1a86d309

* commit '1a86d309':
  Prevent duplicate certificates in TrustedCertificateIndex

am: 2138a380

* commit '2138a380':
  Cache intermediate CA separately

am: 4c9f9c22

* commit '4c9f9c22':
  Prevent duplicate certificates in TrustedCertificateIndex

am: c4ab1b95

* commit 'c4ab1b95':
  Cache intermediate CA separately

With the separate caching of intermediate certificates in
TrustManagerImpl a given intermediate may be passed into .index multiple
times. Avoid adding the certificate to the list each time.

(cherry-picked from commit d080e064)
Bug: 26232830
Change-Id: I6bed2c65d9e42e052b9b1b129200a997e7dca745

Intermediate CAs are cached in order to support servers that fail to
sent a complete chain to a root. These certificates should be cached to
support these servers but these certificates must not be trusted as
trust anchors. Store them separately to prevent confusion between
trusted roots and cached intermediates.

(cherry-picked from commit 198aca1f)
Bug: 26232830
Change-Id: I520f50729b55fc7412c7d133335bc9e3c190bbf6

* commit 'fae34604':
  OpenSSLX509Certificate: mark mContext as transient

* commit 'de55e62f':
  OpenSSLX509Certificate: mark mContext as transient

Since mContext should not participate in the serialization process,
hide it with the transient qualifier. This will prevent the field from
initialization during the unserialization of this class. Then of course
the instance will be in a valid state.

(cherry picked from commit 8d57b9db)

Bug: 21437603
Change-Id: Ie9453c16d11820a91caff92c3f7b326d12f8a8f4

This wraps the conscrypt OpenSSLSocketImpl with an adapter that is a
subclass of the platform's OpenSSLSocketImpl in order to support old
code that does casts to the platform OpenSSLSocketImpl in order to set
things like SNI.

Until KK the platform OpenSSLSocketImpl was
org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl, in KK it became
com.android.org.conscrypt.OpenSSLSocketImpl. As of L MR1 the platform
HTTP stack no longer casts to the platform OpenSSLSocketImpl and this
work around is not needed on those devices.

Change-Id: I196ad957eabfc70246d9c01aa12855a8eab036f0

Change-Id: Iaec7f66305c3a5cef706593f84a7a075924ec89b

When RSA/ECB/PKCS1Padding is not supported,
CryptoUpcalls.rawCipherWithPrivateKey throws a NullPointerException
instead of returning null. This CL fixes the issue.

Change-Id: I46a389f22e40084950b80b9825644f2e1ffcff90

These are minor code structure clean ups based on comments from
https://android-review.googlesource.com/#/c/130311/.

Change-Id: I66c2cbdb489db47167ae6cfb4df7b82b3f621e2d

OpenSSL flavor of Conscrypt still uses the dynamic engine, so don't
directly depend on the library since it will be in the SSL ENGINE
directory in /system/lib{64,}/ssl/engines

Bug: 19698929
Change-Id: Id7e3f6ffaca2073a016db546e1014d50ef4ad0db

To help with testing, make some of the methods public so we can call
them from tests in a different ClassLoader.

Bug: 19657440
Change-Id: Ib5cb0629ffb52ac57ff24d9d5c4df1509897bd05

* commit '811e7ae4':
  BoringSSL PKCS#7 PEM and CRL support.

Based on recent additions to BoringSSL itself, this change adds PKCS#7
PEM and CRL support for conscrypt with BoringSSL.

Change-Id: Icef9d017dce54c3070b605a70773c60bb1b8cfa2

* commit '2e68e229':
  Add back d2i_PKCS7_bio and PEM_read_bio_PKCS7.

For the moment, the BoringSSL version is going to be broken until I get
the needed changes into BoringSSL to support this.

Change-Id: Id2c3f179c6f9fc4f4385d2274884e69530fabff0

* commit '0ccc17a0':
  external/conscrypt: a couple more BoringSSL build fixes.

* commit '76986208':
  EC_GROUP_cmp in BoringSSL now matches OpenSSL.

I had these in my local client and didn't notice until now.

Change-Id: I9c61447691d358acbaadb9b9a2f068b4106d266c

I had removed the final argument because it was superfluous, but that
was actually a mistake because EC_GROUP_cmp is used in more places than
I expected. https://android-review.googlesource.com/#/c/135661 puts the
argument back in BoringSSL and this change unforks the conscrypt code.

Change-Id: I6f4f57f59378d081a3f166291fcd280ab769f09e

* commit 'a770db2d':
  change NativeCrypto_X509_CRL_get_ext return data type from int to long

root cause: NativeCrypto_X509_CRL_get_ext return the wrong data type.
NativeCrypto_X509_CRL_get_ext return int data type will cut return value
from 8 bytes to 4 bytes in 64 bit system. So change int to long.
NativeCrypto_X509_REVOKED_get_ext may has the same problem.

Change-Id: I97be716f82e846a5dfe3cef77b68faff79235d9b
Signed-off-by: Yong Yao <yong.yao@intel.com>

This declares constraints on which keys Cipher, KeyAgreement, Mac,
and Signature instances provided by Conscrypt accept. Constraints are
expressed using JCA's SupportedKeyClasses and SupportedKeyFormats
attributes.

Declaring these contraints will make JCA use other providers for keys
not supported by Conscrypt. This in turn removes the need of users
of JCA to explicitly specify which provider to use.

This looks messy mostly because of how the JCA's constraining
mechanism works. Some of the weirdness and messiness also comes from
the inconsistencies in how Conscrypt handles different key types in
different primitives. Once these inconsistencies are fixed, this
change will become smaller and a bit nicer.

See https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/HowToImplAProvider.html

Bug: 19284418
Change-Id: I7e862a620d7279e4eaf6e42acd9072e7be665024

* commit '24144a80':
  Support external/boringssl for reading flavor.mk.

Change-Id: I96a0ee6b51736aa842055dc17750c1d565f19174

* commit 'dd546216':
  Use an empty BIO memory buffer with BoringSSL.

* commit '0a4895dc':
  Time out TLS/SSL sessions after 8 hours by default.

* commit '4314dcb6':
  Time out TLS/SSL sessions after 8 hours by default.

Prior to this change TLS/SSL sessions did not time out.

(cherry picked from commit e5992c84)

Bug: 18369043
Bug: 18370076
Change-Id: I596423b9c56bfc5f337a17aba02fbb9a9f2ded36

de5225d1 mistakenly switched a BIO_s_null to an empty mem-BIO in order
to allow BoringSSL to work. That worked for BoringSSL, but OpenSSL
treats an empty mem-BIO as an error and so that was switched back in
2fe55c8f.

This change uses an empty mem-BIO with BoringSSL again for the same
reasons, but guards the change with the preprocessor so that it doesn't
break OpenSSL.

Change-Id: If90b7a151bf124722d91f150b441e0c9f5b96b03

* commit 'b908a622':
  Treat SSL_ERROR_ZERO_RETURN correctly.

* commit '4497fdc7':
  Treat SSL_ERROR_ZERO_RETURN correctly.

According to ssl_lib.c, this is returned whenever the socket
is being closed (s->shutdown && SSL_RECEIVED_SHUTDOWN &&
s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY).

(cherry picked from commit f6c8f8b4)

Bug: 18758595
Change-Id: Ied7b3e18f11786351d42a770f4cad11ddae29ff3

* commit 'f6bbb424':
  OpenSSLEngineImpl: return bytes consumed for unwrap

am c8644769: (-s ours) am cc638d86: Merge "Call EVP_CIPHER_CTX_free instead of EVP_CIPHER_CTX_cleanup." into lmp-mr1-dev

* commit 'c8644769':
  Call EVP_CIPHER_CTX_free instead of EVP_CIPHER_CTX_cleanup.