Commits · affd45a413cf844dad797ad4972074efb9de43d8 · halo / external_conscrypt

17 Jul, 2014 5 commits

Merge "Improve the Javadoc of PSKKeyManager." into lmp-dev · affd45a4
Alex Klyubin authored 10 years ago

affd45a4

Improve the Javadoc of PSKKeyManager. · 0d62d5fd

Alex Klyubin authored 10 years ago

This clarifies several points and adds sample code.

(cherry picked from commit 7ac13e03)

Bug: 15073623
Change-Id: I6d8cf195cbc7eb4528760145f62f3e3e7b8507f5

0d62d5fd

Merge "Log CCS exceptions do not merge." into lmp-dev · af4fa685
rich cannings authored 10 years ago

af4fa685

Log CCS exceptions do not merge. · 2e1be9d8

rich cannings authored 11 years ago

Unlike the previous CL, this uses reflection for android.os.Process and
android.util.EventLog throughout.

(cherry picked from commit 35b1f354)

Bug: 15452942
Change-Id: I34b9eaedf1f1e450b1f8004887bb0482601d789e

2e1be9d8

Keep enough state to completely reset cipher instances · a749c0d3

Kenny Root authored 10 years ago

OpenSSL's RC4 mutates the given key. AES/CTR mutates the IV. We must
store these values locally to enable "doFinal" to cause the Cipher
instance to be reset to what it was right after "init".

Note that resetting and encrypting with the same key or IV breaks
semantic security.

(cherry picked from commit 084e3086)

Bug: 16298401
Bug: https://code.google.com/p/android/issues/detail?id=73339
Change-Id: Ie7e4dcb6cf6cc33ddad31d6b47066dc1b34e6894

a749c0d3

16 Jul, 2014 2 commits

OpenSSLEngine Impl: Fix bug where SSL Handshake never completes when using NPN. · 70fdb6d2
Koushik Dutta authored 10 years ago
```
(cherry picked from commit e08f2385)

Bug: 16352665
Change-Id: Idc78204b7077fb367b64e1867c807cd39f596f98
```
70fdb6d2

Various fixes in OpenSSLEngineImpl. · ded66f5f

Koushik Dutta authored 11 years ago

Fix "Buffers were not large enough" exception by directly using the
destination buffers.

Corrections around bytesProduced and bytesConsumed behavior.

Return BUFFER_OVERFLOW if a zero length destination is provided to
unwrap.

(cherry picked from commit bdfcc189)

Bug: 16352665
Change-Id: I1f1e9b72cd6968ed4f3c3c0edccbccebc33d6790

ded66f5f

15 Jul, 2014 2 commits

Enable PSK cipher suites when PSKKeyManager is provided. · fdb7d8c5

Alex Klyubin authored 11 years ago

This enables TLS-PSK cipher suites by default iff SSLContext is
initialized with a PSKKeyManager. For consistency, X.509 based
cipher suites are no longer enabled by default at all times -- they
are now only enabled by default iff SSLContext is initialized with a
X509KeyManager or a X509TrustManager.

When both X.509 and PSK cipher suites need to be enabled, PSK cipher
suites are given higher priority in the resulting list of cipher
suites. This is based on the assumption that in most cases users of
TLS/SSL who enable TLS-PSK would prefer TLS-PSK to be used when the
peer supports TLS-PSK.

Bug: 15073623

(cherry picked from commit 8f9ac1af)

Change-Id: Icd7fe066147a6b2fc64d807204cc99f6af821313

fdb7d8c5

reconcile aosp (e79c25bf) after branching. Please do not merge. · 6e2315fd
Ed Heyl authored 10 years ago
```
Change-Id: I39ab275cd9744ba442fee7db9038107b4603526f
```
6e2315fd

07 Jul, 2014 4 commits
- am fe4a6df5: (-s ours) am a3284927: Remove · a2404c99
  Brian Carlstrom authored 10 years ago
```
* commit 'fe4a6df5':
  Remove
```
  a2404c99
- am a3284927: Remove · fe4a6df5
  Brian Carlstrom authored 10 years ago
```
* commit 'a3284927':
  Remove
```
  fe4a6df5
- Remove · a3284927
  Brian Carlstrom authored 11 years ago
```
(cherry picked from commit b860016f)

Change-Id: I4302ea4e0200ac80a0b9f3b953d58270b65b3d0c
```
  a3284927
- Remove · b860016f
  Brian Carlstrom authored 11 years ago
```
Change-Id: Iea7c633eb68df576bf72314ff5ce31bc8094d9ce
```
  b860016f
27 Jun, 2014 1 commit

Revert "Log OpenSSL CCS errors" · 6456f02c

Rich Cannings authored 11 years ago

This reverts commit b1599520.

Some build targets (e.g. git_dalvik-dev) do not have API-1 Android APIs available, like android.os.Process and android.util.EventLog. Investigating.

Change-Id: Iddce3f445be0502d1afa4f8244a7b8867721613e

6456f02c

24 Jun, 2014 1 commit
- Log OpenSSL CCS errors · b1599520
  rich cannings authored 11 years ago
```
Bug: 15452942
Change-Id: I49e7bad6a65c70e113324c02fc23315cff168f5b
```
  b1599520
21 Jun, 2014 1 commit
- am dbc347b9: Merge "Remove direct reference to PROVIDER_NAME" · 8f471e15
  Kenny Root authored 11 years ago
```
* commit 'dbc347b9':
  Remove direct reference to PROVIDER_NAME
```
  8f471e15
20 Jun, 2014 3 commits
- am d704c478: Merge "Assert that the padding extension is enabled by default." · 4f59b745
  Alex Klyubin authored 11 years ago
```
* commit 'd704c478':
  Assert that the padding extension is enabled by default.
```
  4f59b745
- am 35f7742c: Make setEnabledProtocols/CipherSuites copy their inputs. · 13f0c44c
  Alex Klyubin authored 11 years ago
```
* commit '35f7742c':
  Make setEnabledProtocols/CipherSuites copy their inputs.
```
  13f0c44c
- Merge "Remove direct reference to PROVIDER_NAME" · dbc347b9
  Kenny Root authored 11 years ago
  
  dbc347b9
21 Jun, 2014 1 commit

Remove direct reference to PROVIDER_NAME · c59af1c1

Kenny Root authored 11 years ago

It's unnecessary and this is the only code that does it like this. It
casuses problems with unbundling since the PROVIDER_NAME can change when
used unbundled.

Bug: 15771893
Change-Id: I1450cf7033b0629e7b79616c3660ec12b8afb8d6

c59af1c1

20 Jun, 2014 2 commits
- Merge "Assert that the padding extension is enabled by default." · d704c478
  Alex Klyubin authored 11 years ago
  
  d704c478
- Merge "Remove direct reference to PROVIDER_NAME" · 507e0749
  Brian Carlstrom authored 11 years ago
  
  507e0749
21 Jun, 2014 2 commits

am 8f471e15: am dbc347b9: Merge "Remove direct reference to PROVIDER_NAME" · 00ee7cc9
Kenny Root authored 11 years ago
```
* commit '8f471e15':
  Remove direct reference to PROVIDER_NAME
```
00ee7cc9

Remove direct reference to PROVIDER_NAME · 95cf6d92

Kenny Root authored 11 years ago

It's unnecessary and this is the only code that does it like this. It
casuses problems with unbundling since the PROVIDER_NAME can change when
used unbundled.

(cherry-picked from commit c59af1c1)

Bug: 15771893
Change-Id: I1450cf7033b0629e7b79616c3660ec12b8afb8d6

95cf6d92

20 Jun, 2014 2 commits
- am 4f59b745: am d704c478: Merge "Assert that the padding extension is enabled by default." · dae700ae
  Alex Klyubin authored 11 years ago
```
* commit '4f59b745':
  Assert that the padding extension is enabled by default.
```
  dae700ae
- am 13f0c44c: am 35f7742c: Make setEnabledProtocols/CipherSuites copy their inputs. · dbe1cdad
  Alex Klyubin authored 11 years ago
```
* commit '13f0c44c':
  Make setEnabledProtocols/CipherSuites copy their inputs.
```
  dbe1cdad
19 Jun, 2014 13 commits
- Make setEnabledProtocols/CipherSuites copy their inputs. · 35f7742c
  Alex Klyubin authored 11 years ago
```
SSLSocket, SSLServerSocket, and SSLEngine offer setEnabledProtocols
and setEnabledCipherSuites methods which take an array of protocols
or cipher suites as input. If these methods store references to the
input arrays, then the internal state (lists of enabled protocols and
cipher suites) of SSLSocket, SSLServerSocket, and SSLEngine could be
modified without going through the setter methods of these classes.

Bug: 15753142
Change-Id: Ia5248050d81320ed1da99892278bd60872605f52
```
  35f7742c
- am c961c78c: am f17361e7: Remove unnecessary comments in SSLParametersImpl. · 53baf074
  Alex Klyubin authored 11 years ago
```
* commit 'c961c78c':
  Remove unnecessary comments in SSLParametersImpl.
```
  53baf074
- am f17361e7: Remove unnecessary comments in SSLParametersImpl. · c961c78c
  Alex Klyubin authored 11 years ago
```
* commit 'f17361e7':
  Remove unnecessary comments in SSLParametersImpl.
```
  c961c78c
- Remove unnecessary comments in SSLParametersImpl. · f17361e7
  Alex Klyubin authored 11 years ago
```
This is a follow-up cleanup requested during the code review of
ae2ecac0.

Change-Id: I6c8ac2392c5f88ee732f5aa204e20cc1ee7e32d8
```
  f17361e7
- am a906b5cc: am b2713e36: Merge "Adjust the list of supported ECDHE-PSK cipher suites." · cac0e43c
  Alex Klyubin authored 11 years ago
```
* commit 'a906b5cc':
  Adjust the list of supported ECDHE-PSK cipher suites.
```
  cac0e43c
- am b2713e36: Merge "Adjust the list of supported ECDHE-PSK cipher suites." · a906b5cc
  Alex Klyubin authored 11 years ago
```
* commit 'b2713e36':
  Adjust the list of supported ECDHE-PSK cipher suites.
```
  a906b5cc
- am 54e5afb0: am 8a624688: Merge "SSLParametersImpl is the source of enabled... · 4dc2f0b0
  Alex Klyubin authored 11 years ago
```
am 54e5afb0: am 8a624688: Merge "SSLParametersImpl is the source of enabled cipher suites and protocols."

* commit '54e5afb0':
  SSLParametersImpl is the source of enabled cipher suites and protocols.
```
  4dc2f0b0
- Assert that the padding extension is enabled by default. · 978e2e1e
  Alex Klyubin authored 11 years ago
```
Change-Id: I1c8aa589e3274bfd3a5fc66c3e948828903c1966
```
  978e2e1e
- am 8a624688: Merge "SSLParametersImpl is the source of enabled cipher suites and protocols." · 54e5afb0
  Alex Klyubin authored 11 years ago
```
* commit '8a624688':
  SSLParametersImpl is the source of enabled cipher suites and protocols.
```
  54e5afb0
- am bf877901: am ecd29abc: Switch from core to core-libart · 8f30a41d
  Brian Carlstrom authored 11 years ago
```
* commit 'bf877901':
  Switch from core to core-libart
```
  8f30a41d
- am ecd29abc: Switch from core to core-libart · bf877901
  Brian Carlstrom authored 11 years ago
```
* commit 'ecd29abc':
  Switch from core to core-libart
```
  bf877901
- Switch from core to core-libart · ecd29abc
  Brian Carlstrom authored 11 years ago
```
Bug: 14298175
Change-Id: I5035075f2453b692f86fff8fe852c954698e40ed
```
  ecd29abc
- Merge "SSLParametersImpl is the source of enabled cipher suites and protocols." · 8a624688
  Alex Klyubin authored 11 years ago
  
  8a624688
18 Jun, 2014 1 commit
- Merge "Adjust the list of supported ECDHE-PSK cipher suites." · b2713e36
  Alex Klyubin authored 11 years ago
  
  b2713e36