| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| | |
Android 6.0.1 Release 72 (M4B30X)
# gpg: Signature made Tue 04 Oct 2016 09:47:33 AM PDT using DSA key ID 9AB10E78
# gpg: Can't check signature: public key not found
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 4d0e19131da68053fe1a73d43052bedadb107c70
Bug: 26231099
Bug: 26234568
Bug: 29876633
Change-Id: I44c0c68f1e92caf6547c9e3b494ec5b82b8cff5f
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Android 6.0.1 release 66
# gpg: Signature made Tue 06 Sep 2016 09:26:12 AM PDT using DSA key ID 9AB10E78
# gpg: Can't check signature: public key not found
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 4d0e19131da68053fe1a73d43052bedadb107c70
Bug: 26231099
Bug: 26234568
Bug: 29876633
Change-Id: I44c0c68f1e92caf6547c9e3b494ec5b82b8cff5f
|
|\|
| |
| |
| |
| | |
Ticket: RM-234
Android 6.0.1 release 30
|
| |
| |
| |
| |
| |
| |
| |
| | |
Note: port of cr/110497945
Bug: 26231099
Bug: 26234568
Change-Id: I3eef233b15ded9553c3cdfd1c51ffef306276f7d
|
|\ \
| | |
| | |
| | |
| | | |
Ticket: CYNGNOS-2213
Android 6.0.1 release 24
|
| |\ \ |
|
| | |\ \
| | |/ /
| |/| | |
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Note: port of cr/110497945
Bug: 26231099
Bug: 26234568
Change-Id: I3eef233b15ded9553c3cdfd1c51ffef306276f7d
|
|\| |
| | |
| | |
| | |
| | |
| | | |
https://android.googlesource.com/platform/external/bouncycastle into cm-13.0
Android 6.0.1 release 22
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bug: 24106146
Adapted from commit 9462245630b2913830b63310aa0d40a0901ccae5
Change-Id: Ic3cb8d87ac86700cab15c553e9cc638b55d92df4
|
|\ \ \
| | |/
| |/|
| | |
| | | |
Ticket: CYNGNOS-1404
Android 6.0.1 release 10
|
| |/
| |
| |
| |
| |
| |
| |
| | |
Bug: 24106146
Adapted from commit 9462245630b2913830b63310aa0d40a0901ccae5
Change-Id: Ic3cb8d87ac86700cab15c553e9cc638b55d92df4
|
|\ \
| |/
|/| |
|
| |\ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
X.509 certificates made with DSA signatures have the X9 DSA with SHA1
OID typically, so we need Bouncycastle to register this OID as an alias
for the DSA KeyFactory.
We also need to remove a manual OID alias added for Signatures which
probably indicates how this slipped through the cracks.
(cherry picked from commit 75fc34101f063fe3534de7340beb13c87786e6e1)
Bug: 21209493
Change-Id: I12a88ead61c626343d96a9c335bdf40e615894bd
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since "GCM" was renamed to "AES/GCM/NoPadding" to correspond to the
StandardNames document, the mode and padding weren't being set via the
Cipher#init call since it assumed the CipherSpi already knew its mode
and padding.
(cherry picked from commit 65581d2bbf27de395c221f5f7f4fd93cbab091ff)
Bug: 22611918
Change-Id: Ib85438a1c95ffda526dbbac8793b04ff02d40fcc
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Baseline Requirements say the serial number must have 20-bits of
entropy, but some certificates are issued not in compliance. This causes
issues where they are falsely marked as blacklisted. Until there is
issuer + serial number matching, we can just use the pubkey matching for
the certificates that are blacklisted with non-compliant serial numbers.
Bug: 21736046
Change-Id: I66b1e94f2c67ddd3b6fe690331f8fb12e16a8bc0
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
X.509 certificates made with DSA signatures have the X9 DSA with SHA1
OID typically, so we need Bouncycastle to register this OID as an alias
for the DSA KeyFactory.
We also need to remove a manual OID alias added for Signatures which
probably indicates how this slipped through the cracks.
(cherry picked from commit 75fc34101f063fe3534de7340beb13c87786e6e1)
Bug: 21209493
Change-Id: I12a88ead61c626343d96a9c335bdf40e615894bd
|
| |
| |
| |
| |
| |
| | |
This reverts commit f2ca73c07d072282905ed43d2b866278caabe12f.
Change-Id: If6c261b71521f79582ca0a742a1aa02be31c70fe
|
|/
|
|
|
|
|
|
|
|
|
| |
X.509 certificates made with DSA signatures have the X9 DSA with SHA1
OID typically, so we need Bouncycastle to register this OID as an alias
for the DSA KeyFactory.
(cherry picked from commit 36995a1668ccfc521253ffae6f705d0af028ca3e)
Bug: 21209493
Change-Id: I1c2fe6d7f638974ab54589bf757e66ff452ad395
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NIST SP800 131A recommends 112-bits as the lowest security level
acceptable after December 31, 2013. Although the 239-bit EC group
meets that bar, the P-256, P-384, and P-521 are the more widely
supported options. Change the default to increase interoperability
while maintaining the security level recommended.
(cherry picked from commit c5a7ff00b9c78ce5e15de5b99dc78a7e8c83ecd3)
Bug: 21085656
Change-Id: Idb71fdc801bafc5ad38f0b87dc3847f48854563f
|
|
|
|
|
|
|
|
|
|
| |
This matches the RI and doesn't get late binding confused when you call
Cipher.getInstance
(cherry picked from commit 4046cd0249e7ffa820dcd4318f4e81f737d8634c)
Bug: 21085702
Change-Id: I8f69e7b342fde4881f20e103240f0b289322ef4e
|
|
|
|
|
|
|
|
|
|
| |
The default of 192 bit keys was the worst of all choices. 128-bit
runs faster on mobile devices.
(cherry picked from commit ac2a5751dc9578b1f2a8d99906e435993d36c8d6)
Bug: 21085656
Change-Id: Ie4d15ea35e46a157f8c0d43a91e699135e2c58d1
|
|
|
|
|
|
|
|
| |
bug: 20545284
(cherry picked from commit fa0ac9cf9f44a17bb77070574674f2ef0ecc3498)
Change-Id: Ie640314c35a5a98fac32e15144eaf776e4f861cb
|
|\
| |
| |
| |
| | |
* commit 'fb93a7697b35e8a059d93e3d1776bc307981fc0e':
bouncycastle: upgrade to version 1.52
|
| |\ |
|
| |/
| |
| |
| | |
Change-Id: I227db8e458e67af46ccb1c07bfca77a733f25979
|
|\|
| |
| |
| |
| | |
* commit 'b44aff7a3b88138f0070630d467c7527cd90c2f3':
Remove -encoding UTF-8, it is now the default
|
| |\ |
|
| |/
| |
| |
| | |
Change-Id: I29b98f58280168eb4469c223fd12a4314cd6f852
|
|\|
| |
| |
| |
| |
| |
| | |
hosts."
* commit '75c094164ecc6ffaecd985b06edd60562fbf084b':
Build bouncycastle-hostdex only on linux hosts.
|
| |\
| | |
| | |
| | |
| | | |
* commit '25324b6b2c70b3282cc11eef96b6cb33d5cfeee8':
Build bouncycastle-hostdex only on linux hosts.
|
| | |\ |
|
| | |/
| | |
| | |
| | |
| | |
| | | |
conscrypt is only buildable on linux and is a dependency.
Change-Id: If383eeab3c6dab95772c9a0fc46da9eabed3cd68
|
|\| |
| | |
| | |
| | |
| | |
| | |
| | | |
preinitialized
* commit '66020afc08ec1a477d2efa133dcd59cde3978a1b':
Avoid things that cause CertBlacklist to be preinitialized
|
| |\ \
| | | |
| | | |
| | | |
| | | | |
* commit '2a64eecc02ffb5b991fb5c367eab777b1325eef8':
Avoid things that cause CertBlacklist to be preinitialized
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Move the CertBlacklist instance to a NoPreloadHolder, then move the
System.getenv call in CertBlacklist to a constructor so it's not called
during class initialization.
(cherry picked from commit 7a21b9a68f2c90bdde986a98a55816d0cf3ea73e)
Bug: 18013422
Change-Id: I39d0f43f948dec243d2d7cb79726d0642638b77a
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | | |
CertBlacklist to be preinitialized"
* commit '82a68225c2cff851803e189e14fba050d98e78f9':
|
| |\ \ \
| | | |/
| | |/|
| | | |
| | | |
| | | | |
preinitialized"
* commit 'bd63be61caf85120ee69cda508a35580a230d57c':
|
| | |\ \
| | | | |
| | | | |
| | | | |
| | | | | |
* commit '9454cc5f373b734695c29d079d62003b7de763df':
Avoid things that cause CertBlacklist to be preinitialized
|
|\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
in a NoPreloadHolder""
* commit 'c0144d74606fbaa25f4f5a9a3a66deaf232bd418':
|
| |\| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
NoPreloadHolder""
* commit '4b898d5f5daafae7f3eae2951da07a9c1c608887':
|
| | |\ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* commit '0ced44f2869c61a7f2ba20c115416582b2740be5':
Revert "Put the CertBlacklist in a NoPreloadHolder"
|
|\| | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
NoPreloadHolder"
* commit '312be53972dcae0167dabdd548bccfabe3ff1189':
|
| |\| | | |
| | | | | |
| | | | | |
| | | | | | |
* commit 'b000361bb7f237a66450ed7eef49a2e8727b058e':
|
| | |\ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* commit '74e779b0f5b26a0d31f08ad6ec0f8822501c4c16':
Put the CertBlacklist in a NoPreloadHolder
|
|\| | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
preinitialized"
* commit '0fd6b0bbeca663abb584bc9883fd26a31cc1b113':
Avoid things that cause CertBlacklist to be preinitialized
|
| |\ \ \ \ \ \
| | | |_|_|/ /
| | |/| | | |
| | | | | | |
| | | | | | | |
* commit '9454cc5f373b734695c29d079d62003b7de763df':
Avoid things that cause CertBlacklist to be preinitialized
|