summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge tag 'android-6.0.1_r72' into HEADHEADreplicant-6.0-0004-transitionreplicant-6.0-0004-rc6replicant-6.0-0004-rc5-transitionreplicant-6.0-0004-rc5replicant-6.0-0004-rc4replicant-6.0-0004-rc3replicant-6.0-0004-rc2replicant-6.0-0004-rc1replicant-6.0-0004replicant-6.0-0003replicant-6.0-0002replicant-6.0-0001cm-13.0Jessica Wagantall2016-10-060-0/+0
|\ | | | | | | | | | | | | Android 6.0.1 Release 72 (M4B30X) # gpg: Signature made Tue 04 Oct 2016 09:47:33 AM PDT using DSA key ID 9AB10E78 # gpg: Can't check signature: public key not found
| * GCMParameters: in ASN1 encoding, use 12 when no value is specifiedSergio Giro2016-08-161-12/+3
| | | | | | | | | | | | | | | | | | This reverts commit 4d0e19131da68053fe1a73d43052bedadb107c70 Bug: 26231099 Bug: 26234568 Bug: 29876633 Change-Id: I44c0c68f1e92caf6547c9e3b494ec5b82b8cff5f
* | Merge tag 'android-6.0.1_r66' into HEADJessica Wagantall2016-09-071-12/+3
|\ \ | | | | | | | | | | | | | | | | | | Android 6.0.1 release 66 # gpg: Signature made Tue 06 Sep 2016 09:26:12 AM PDT using DSA key ID 9AB10E78 # gpg: Can't check signature: public key not found
| * | GCMParameters: in ASN1 encoding, use 12 when no value is specifiedSergio Giro2016-07-211-12/+3
| |/ | | | | | | | | | | | | | | | | This reverts commit 4d0e19131da68053fe1a73d43052bedadb107c70 Bug: 26231099 Bug: 26234568 Bug: 29876633 Change-Id: I44c0c68f1e92caf6547c9e3b494ec5b82b8cff5f
* | Merge tag 'android-6.0.1_r30' into HEADJessica Wagantall2016-04-180-0/+0
|\| | | | | | | | | Ticket: RM-234 Android 6.0.1 release 30
| * GCMParameters: fix insecure tag sizeSergio Giro2016-02-261-3/+12
| | | | | | | | | | | | | | | | Note: port of cr/110497945 Bug: 26231099 Bug: 26234568 Change-Id: I3eef233b15ded9553c3cdfd1c51ffef306276f7d
* | Merge tag 'android-6.0.1_r24' into HEADJessica Wagantall2016-04-051-3/+12
|\ \ | | | | | | | | | | | | Ticket: CYNGNOS-2213 Android 6.0.1 release 24
| * \ merge in mnc-dr1.5-release history after reset to mnc-dr1.5-devThe Android Automerger2016-03-220-0/+0
| |\ \
| | * \ merge in mnc-dr1.5-release history after reset to mnc-dr1.5-devThe Android Automerger2016-03-170-0/+0
| | |\ \ | | |/ / | |/| |
| * | | GCMParameters: fix insecure tag sizeSergio Giro2016-03-011-3/+12
| |/ / | | | | | | | | | | | | | | | | | | | | | Note: port of cr/110497945 Bug: 26231099 Bug: 26234568 Change-Id: I3eef233b15ded9553c3cdfd1c51ffef306276f7d
* | | Merge tag 'android-6.0.1_r22' of ↵staging/cm-13.0+r22Steve Kondik2016-03-100-0/+0
|\| | | | | | | | | | | | | | | | | https://android.googlesource.com/platform/external/bouncycastle into cm-13.0 Android 6.0.1 release 22
| * | DO NOT MERGE bouncycastle: limit input length as specified by the NIST specSergio Giro2015-11-162-6/+117
| | | | | | | | | | | | | | | | | | | | | | | | Bug: 24106146 Adapted from commit 9462245630b2913830b63310aa0d40a0901ccae5 Change-Id: Ic3cb8d87ac86700cab15c553e9cc638b55d92df4
* | | Merge tag 'android-6.0.1_r10' into HEADJessica Wagantall2016-01-052-6/+117
|\ \ \ | | |/ | |/| | | | | | | Ticket: CYNGNOS-1404 Android 6.0.1 release 10
| * | DO NOT MERGE bouncycastle: limit input length as specified by the NIST specSergio Giro2015-12-012-6/+117
| |/ | | | | | | | | | | | | | | Bug: 24106146 Adapted from commit 9462245630b2913830b63310aa0d40a0901ccae5 Change-Id: Ic3cb8d87ac86700cab15c553e9cc638b55d92df4
* | merge in mnc-release history after reset to mnc-devThe Android Automerger2015-07-250-0/+0
|\ \ | |/ |/|
| * merge in mnc-release history after reset to mnc-devThe Android Automerger2015-06-110-0/+0
| |\
| | * Register DSA OID for KeyFactory not just SignatureKenny Root2015-06-023-18/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | X.509 certificates made with DSA signatures have the X9 DSA with SHA1 OID typically, so we need Bouncycastle to register this OID as an alias for the DSA KeyFactory. We also need to remove a manual OID alias added for Signatures which probably indicates how this slipped through the cracks. (cherry picked from commit 75fc34101f063fe3534de7340beb13c87786e6e1) Bug: 21209493 Change-Id: I12a88ead61c626343d96a9c335bdf40e615894bd
* | | GCM: fix mode and padding setKenny Root2015-07-232-11/+45
|/ / | | | | | | | | | | | | | | | | | | | | | | Since "GCM" was renamed to "AES/GCM/NoPadding" to correspond to the StandardNames document, the mode and padding weren't being set via the Cipher#init call since it assumed the CipherSpi already knew its mode and padding. (cherry picked from commit 65581d2bbf27de395c221f5f7f4fd93cbab091ff) Bug: 22611918 Change-Id: Ib85438a1c95ffda526dbbac8793b04ff02d40fcc
* | Do not blacklist serial numbers that are too shortKenny Root2015-06-102-12/+22
| | | | | | | | | | | | | | | | | | | | | | Baseline Requirements say the serial number must have 20-bits of entropy, but some certificates are issued not in compliance. This causes issues where they are falsely marked as blacklisted. Until there is issuer + serial number matching, we can just use the pubkey matching for the certificates that are blacklisted with non-compliant serial numbers. Bug: 21736046 Change-Id: I66b1e94f2c67ddd3b6fe690331f8fb12e16a8bc0
* | Register DSA OID for KeyFactory not just SignatureKenny Root2015-06-013-18/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | X.509 certificates made with DSA signatures have the X9 DSA with SHA1 OID typically, so we need Bouncycastle to register this OID as an alias for the DSA KeyFactory. We also need to remove a manual OID alias added for Signatures which probably indicates how this slipped through the cracks. (cherry picked from commit 75fc34101f063fe3534de7340beb13c87786e6e1) Bug: 21209493 Change-Id: I12a88ead61c626343d96a9c335bdf40e615894bd
* | Revert "Register DSAwithSHA1 OID for KeyFactory"Kenny Root2015-06-012-17/+1
| | | | | | | | | | | | This reverts commit f2ca73c07d072282905ed43d2b866278caabe12f. Change-Id: If6c261b71521f79582ca0a742a1aa02be31c70fe
* | Register DSAwithSHA1 OID for KeyFactoryKenny Root2015-06-012-1/+17
|/ | | | | | | | | | | X.509 certificates made with DSA signatures have the X9 DSA with SHA1 OID typically, so we need Bouncycastle to register this OID as an alias for the DSA KeyFactory. (cherry picked from commit 36995a1668ccfc521253ffae6f705d0af028ca3e) Bug: 21209493 Change-Id: I1c2fe6d7f638974ab54589bf757e66ff452ad395
* Set default EC key size to 256-bitsKenny Root2015-05-132-5/+18
| | | | | | | | | | | | | NIST SP800 131A recommends 112-bits as the lowest security level acceptable after December 31, 2013. Although the 239-bit EC group meets that bar, the P-256, P-384, and P-521 are the more widely supported options. Change the default to increase interoperability while maintaining the security level recommended. (cherry picked from commit c5a7ff00b9c78ce5e15de5b99dc78a7e8c83ecd3) Bug: 21085656 Change-Id: Idb71fdc801bafc5ad38f0b87dc3847f48854563f
* Change default GCM name to AES/GCM/NOPADDINGKenny Root2015-05-132-13/+22
| | | | | | | | | | This matches the RI and doesn't get late binding confused when you call Cipher.getInstance (cherry picked from commit 4046cd0249e7ffa820dcd4318f4e81f737d8634c) Bug: 21085702 Change-Id: I8f69e7b342fde4881f20e103240f0b289322ef4e
* Change Bouncycastle default AES key size to 128Kenny Root2015-05-132-7/+20
| | | | | | | | | | The default of 192 bit keys was the worst of all choices. 128-bit runs faster on mobile devices. (cherry picked from commit ac2a5751dc9578b1f2a8d99906e435993d36c8d6) Bug: 21085656 Change-Id: Ie4d15ea35e46a157f8c0d43a91e699135e2c58d1
* bouncycastle: throw exception in failure expecting PKIX parametersSergio Giro2015-05-062-5/+33
| | | | | | | | bug: 20545284 (cherry picked from commit fa0ac9cf9f44a17bb77070574674f2ef0ecc3498) Change-Id: Ie640314c35a5a98fac32e15144eaf776e4f861cb
* am fb93a769: Merge "bouncycastle: upgrade to version 1.52"Sergio Giro2015-04-21105-2648/+3941
|\ | | | | | | | | * commit 'fb93a7697b35e8a059d93e3d1776bc307981fc0e': bouncycastle: upgrade to version 1.52
| * Merge "bouncycastle: upgrade to version 1.52"Sergio Giro2015-04-21105-2648/+3941
| |\
| | * bouncycastle: upgrade to version 1.52Sergio Giro2015-04-20105-2648/+3941
| |/ | | | | | | Change-Id: I227db8e458e67af46ccb1c07bfca77a733f25979
* | am b44aff7a: Merge "Remove -encoding UTF-8, it is now the default"Colin Cross2015-03-311-6/+0
|\| | | | | | | | | * commit 'b44aff7a3b88138f0070630d467c7527cd90c2f3': Remove -encoding UTF-8, it is now the default
| * Merge "Remove -encoding UTF-8, it is now the default"Colin Cross2015-03-311-6/+0
| |\
| | * Remove -encoding UTF-8, it is now the defaultColin Cross2015-03-301-6/+0
| |/ | | | | | | Change-Id: I29b98f58280168eb4469c223fd12a4314cd6f852
* | am 75c09416: am 25324b6b: Merge "Build bouncycastle-hostdex only on linux ↵Narayan Kamath2015-01-071-2/+4
|\| | | | | | | | | | | | | hosts." * commit '75c094164ecc6ffaecd985b06edd60562fbf084b': Build bouncycastle-hostdex only on linux hosts.
| * am 25324b6b: Merge "Build bouncycastle-hostdex only on linux hosts."Narayan Kamath2015-01-071-2/+4
| |\ | | | | | | | | | | | | * commit '25324b6b2c70b3282cc11eef96b6cb33d5cfeee8': Build bouncycastle-hostdex only on linux hosts.
| | * Merge "Build bouncycastle-hostdex only on linux hosts."Narayan Kamath2015-01-071-2/+4
| | |\
| | | * Build bouncycastle-hostdex only on linux hosts.Narayan Kamath2015-01-061-2/+4
| | |/ | | | | | | | | | | | | | | | conscrypt is only buildable on linux and is a dependency. Change-Id: If383eeab3c6dab95772c9a0fc46da9eabed3cd68
* | | am 66020afc: am 2a64eecc: Avoid things that cause CertBlacklist to be ↵Kenny Root2014-11-060-0/+0
|\| | | | | | | | | | | | | | | | | | | | preinitialized * commit '66020afc08ec1a477d2efa133dcd59cde3978a1b': Avoid things that cause CertBlacklist to be preinitialized
| * | am 2a64eecc: Avoid things that cause CertBlacklist to be preinitializedKenny Root2014-11-060-0/+0
| |\ \ | | | | | | | | | | | | | | | | * commit '2a64eecc02ffb5b991fb5c367eab777b1325eef8': Avoid things that cause CertBlacklist to be preinitialized
| | * | Avoid things that cause CertBlacklist to be preinitializedKenny Root2014-11-053-25/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move the CertBlacklist instance to a NoPreloadHolder, then move the System.getenv call in CertBlacklist to a constructor so it's not called during class initialization. (cherry picked from commit 7a21b9a68f2c90bdde986a98a55816d0cf3ea73e) Bug: 18013422 Change-Id: I39d0f43f948dec243d2d7cb79726d0642638b77a
* | | | am 82a68225: am bd63be61: am 9454cc5f: Merge "Avoid things that cause ↵Kenny Root2014-10-260-0/+0
|\| | | | | | | | | | | | | | | | | | | | | | | CertBlacklist to be preinitialized" * commit '82a68225c2cff851803e189e14fba050d98e78f9':
| * | | am bd63be61: am 9454cc5f: Merge "Avoid things that cause CertBlacklist to be ↵Kenny Root2014-10-250-0/+0
| |\ \ \ | | | |/ | | |/| | | | | | | | | | | | | preinitialized" * commit 'bd63be61caf85120ee69cda508a35580a230d57c':
| | * | am 9454cc5f: Merge "Avoid things that cause CertBlacklist to be preinitialized"Kenny Root2014-10-173-26/+30
| | |\ \ | | | | | | | | | | | | | | | | | | | | * commit '9454cc5f373b734695c29d079d62003b7de763df': Avoid things that cause CertBlacklist to be preinitialized
* | | | | am c0144d74: am 4b898d5f: am 0ced44f2: Merge "Revert "Put the CertBlacklist ↵Kenny Root2014-10-260-0/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | in a NoPreloadHolder"" * commit 'c0144d74606fbaa25f4f5a9a3a66deaf232bd418':
| * | | | am 4b898d5f: am 0ced44f2: Merge "Revert "Put the CertBlacklist in a ↵Kenny Root2014-10-250-0/+0
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | NoPreloadHolder"" * commit '4b898d5f5daafae7f3eae2951da07a9c1c608887':
| | * | | am 0ced44f2: Merge "Revert "Put the CertBlacklist in a NoPreloadHolder""Kenny Root2014-10-172-14/+10
| | |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | * commit '0ced44f2869c61a7f2ba20c115416582b2740be5': Revert "Put the CertBlacklist in a NoPreloadHolder"
* | | | | | am 312be539: am b000361b: am 74e779b0: Merge "Put the CertBlacklist in a ↵Kenny Root2014-10-260-0/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NoPreloadHolder" * commit '312be53972dcae0167dabdd548bccfabe3ff1189':
| * | | | | am b000361b: am 74e779b0: Merge "Put the CertBlacklist in a NoPreloadHolder"Kenny Root2014-10-250-0/+0
| |\| | | | | | | | | | | | | | | | | | | | | | * commit 'b000361bb7f237a66450ed7eef49a2e8727b058e':
| | * | | | am 74e779b0: Merge "Put the CertBlacklist in a NoPreloadHolder"Kenny Root2014-10-172-10/+14
| | |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '74e779b0f5b26a0d31f08ad6ec0f8822501c4c16': Put the CertBlacklist in a NoPreloadHolder
* | | | | | | am 0fd6b0bb: am 9454cc5f: Merge "Avoid things that cause CertBlacklist to be ↵Kenny Root2014-10-173-26/+30
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | preinitialized" * commit '0fd6b0bbeca663abb584bc9883fd26a31cc1b113': Avoid things that cause CertBlacklist to be preinitialized
| * | | | | | am 9454cc5f: Merge "Avoid things that cause CertBlacklist to be preinitialized"Kenny Root2014-10-173-26/+30
| |\ \ \ \ \ \ | | | |_|_|/ / | | |/| | | | | | | | | | | | | | | | | | * commit '9454cc5f373b734695c29d079d62003b7de763df': Avoid things that cause CertBlacklist to be preinitialized
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 09:29:35 +0000