GitLab

* commit '64a1e90e':
  Fix breakage in CipherSuiteTest due to TLSv1.2 cipher suites.

The test was accidentally broken when support for TLSv1.2 cipher
suites was added. The CipherSuite class is only used by the SSLEngine
implementation which does not support TLSv1.2 cipher suites (or
TLSv1.2 for that matter).

Bug: 11220570
Change-Id: I8f5571ea76279161d25a6525a71cf49bfe7e6079

* commit '19b7c5fe':
  Lazily read CertPin data

This delays reading the CertPin data until it is needed. This also
avoids touching the disk until necessary since CertPinManager may be
loaded by any number of actions such as instantiating an
SSLSocketFactory as in this chain of dependencies:

  SSLSocketFactory -> HttpsURLConnection -> OpenSSLSocketFactoryImpl ->
      SSLParametersImpl -> TrustManagerImpl -> CertPingManager

Bug: https://code.google.com/p/android/issues/detail?id=64654
Change-Id: I11e1b44c7a7e001b33bc591efefe35653829a472

* commit '7dd8d0b4':
  AArch64: Use long for pointers in Java sources.

Fixing some mistakes in the JNI signatures: some pointers were passed
via jint rather than jlong.

Change-Id: I6120cc5742c8429a9e0fddda715b5169d820d31a
Signed-off-by: Marcus Oakland <marcus.oakland@arm.com>

* commit '42bd279c':
  Disable MD5 cipher suites in SSLSocket and SSLEngine.

Although HMAC-MD5 is not yet broken, the foundations are shaky --
see http://tools.ietf.org/html/rfc6151.

Scans show that disabling these TLS/SSL cipher suites currently
causes handshake issues with 0.4% of the ecosystem.

Bug: 11220570
Change-Id: I1970d2ecbdf3c0d26e45d439047b1d3884ade2ec

* commit '5aa3d431':
  Actually prefer Forward Secrecy cipher suites.

The documentation for the list of TLS/SSL cipher suites used by
default states that cipher suites offering Forward Secrecy are
preferred. This CL adjusts the list to conform: FS cipher suites
that use RC4_128 bulk encryption algorithm were not preferred
over non-FS cipher suites that use AES.

Bug: 11220570
Change-Id: Ic9019306898600086920874474764186b710c3ef

* commit 'c1cc669c':
  Disable 3DES cipher suites in SSLSocket.

The effective key length for 3DES_EDE bulk encryption algorithm
is only 112 bits. We're now aiming for 128 and higher.

Scans show that removing these cipher suites from the default list
causes handshake issues only with 0.15% of the ecosystem.

Bug: 11220570
Change-Id: Ie01ebe8134d08a36b276295b804540157963be8f

* commit '30695d65':
  Disable static server key ECDH cipher suites in SSLSocket.

* commit '5add959a':
  Enable AES-GCM cipher suites by default in SSLSocket.

These cipher suites use a static key for ECDH on the server side.
When client certificates are used, a static key is also used on the
client side, leading to the same premaster secret for all connections
between a particular client and server. Also, these cipher suites do
not provide forward secrecy.

Scans show that removing these cipher suites from the default list
does not affect connectivity to servers and is thus safe.

Bug: 11220570
Change-Id: If34f4a3888ed9972c39d171656a85c61dfa98ea1

AES-GCM is preferred to AES-CBC whose MAC-pad-then-encrypt approach
has issues (e.g., Lucky 13 attack).

Bug: 11220570
Change-Id: Ib007bc89ccf08358ed3f093f630350fa859e7c35

* commit '336e8eb9':
  Enable support for TLSv1.2 cipher suites in SSLSocket.

This adds support for AES-GCM and AES-CBC with MACs based on SHA256
and SHA384.

Bug: 11220570
Change-Id: I56e7e25c5cd65a4c7662da6d4bbe5720f427e677

* commit '1f63d2c2':
  Enable TLSv1.1 and TLSv1.2 by default for SSLSocket.

TLSv1.1 and TLSv1.2 offer built-in protection against BEAST attack
and support for GCM cipher suites.

This change causes TLS/SSL handshake failures with a small fraction
of servers, load balancers and TLS/SSL accelerators with broken
TLS/SSL implementations.

Scans demonstrate that the number is around 0.6%. Breaking
connectivity (using platform default settings) to a tiny minority of
the ecosystem is acceptable because this inconvenience is outweighed
by the added safety for the overwheling majority of the ecosystem.

App developers affected by this issue should consider asking such
servers to be fixed or explicitly disabling TLSv1.1 and TLSv1.2 in
their apps.

Bug: 11220570
Change-Id: Ice9e8ce550401ba5e3385fd369c40f01c06ac7fd

* commit 'e1da091a':
  Remove HarmonyJSSE SSLContext, SSLSocket and SSLServerSocket.

HarmonyJSSE SSLEngine implementation is still in use and thus cannot be
removed.

Change-Id: I3c939e9275ba8f1d00342d1f83c6fdaf110f2317

* commit 'bf957a05':
  Make some methods public for CTS

* commit 'caceea78':
  Add const modifier to evp_md

Some methods are called from CTS. The ClassLoaders are different, so we
need to make these public so we don't get any IllegalAccessError during
CTS tests.

Change-Id: I5ac7931694fb1eceb86ae306fca07fb314643fa9

Dogmatic adherence to types.

Change-Id: Iab635a9963de086f7f4d1cc5678c1a7bcef5b0c4

* commit '02db5a18':

* commit 'ba5b30af':
  Stop depending on SSLContextImpl in OpenSSLContextImpl.

* commit 'f7f723e8':
  Stop depending on CipherSuite in OpenSSL-backed sockets.

SSLContextImpl is the HarmonyJSSE provider's SSLContext SPI.
OpenSSLContextImpl is the AndroidOpenSSL provider's SSLContext SPI.
This CL adjusts the class hierarchy to match.

This is achieved by:
1. copying all of the functionality from SSLContextImpl into
  OpenSSLContextImpl, and
2. removing from SSLContextImpl the functionality used only by the
  default instance of AndroidOpenSSL provider's SSLContext.

Change-Id: I9e380be04e6a9a1660c3e6c0738ca026c171f4bd

This is in preparation for removing Harmony-backed TLS/SSL
implementations.

Change-Id: Ic108e16d086fb99b69f0a4e4faeb816dc50a7643

* commit 'd322c550':
  OpenSSLKey: tolerate null encoding during conversion

Since we could have a situation where we have an opaque key backed by
some hardware device that we don't know how to handle, just throw an
InvalidKeyException instead of NullPointerException.

Change-Id: I33588d1654b6b33f11640b2d65e7213c864e6e1a

* commit 'b32d679b':
  Remove uses of LOCAL_BUILD_HOST_DEX

Use the new BUILD_HOST_DALVIK_JAVA_LIBRARY rule instead.

(cherry picked from commit 44419837)

Change-Id: Ib126703f927c0f6e7f8c3746ff7348864aa49a39