| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Bug: 24106146
Adapted from commit 9462245630b2913830b63310aa0d40a0901ccae5
Change-Id: Ic3cb8d87ac86700cab15c553e9cc638b55d92df4
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since "GCM" was renamed to "AES/GCM/NoPadding" to correspond to the
StandardNames document, the mode and padding weren't being set via the
Cipher#init call since it assumed the CipherSpi already knew its mode
and padding.
(cherry picked from commit 65581d2bbf27de395c221f5f7f4fd93cbab091ff)
Bug: 22611918
Change-Id: Ib85438a1c95ffda526dbbac8793b04ff02d40fcc
|
|
|
|
|
|
|
|
|
|
|
| |
Baseline Requirements say the serial number must have 20-bits of
entropy, but some certificates are issued not in compliance. This causes
issues where they are falsely marked as blacklisted. Until there is
issuer + serial number matching, we can just use the pubkey matching for
the certificates that are blacklisted with non-compliant serial numbers.
Bug: 21736046
Change-Id: I66b1e94f2c67ddd3b6fe690331f8fb12e16a8bc0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
X.509 certificates made with DSA signatures have the X9 DSA with SHA1
OID typically, so we need Bouncycastle to register this OID as an alias
for the DSA KeyFactory.
We also need to remove a manual OID alias added for Signatures which
probably indicates how this slipped through the cracks.
(cherry picked from commit 75fc34101f063fe3534de7340beb13c87786e6e1)
Bug: 21209493
Change-Id: I12a88ead61c626343d96a9c335bdf40e615894bd
|
|
|
|
|
|
| |
This reverts commit f2ca73c07d072282905ed43d2b866278caabe12f.
Change-Id: If6c261b71521f79582ca0a742a1aa02be31c70fe
|
|
|
|
|
|
|
|
|
|
|
| |
X.509 certificates made with DSA signatures have the X9 DSA with SHA1
OID typically, so we need Bouncycastle to register this OID as an alias
for the DSA KeyFactory.
(cherry picked from commit 36995a1668ccfc521253ffae6f705d0af028ca3e)
Bug: 21209493
Change-Id: I1c2fe6d7f638974ab54589bf757e66ff452ad395
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NIST SP800 131A recommends 112-bits as the lowest security level
acceptable after December 31, 2013. Although the 239-bit EC group
meets that bar, the P-256, P-384, and P-521 are the more widely
supported options. Change the default to increase interoperability
while maintaining the security level recommended.
(cherry picked from commit c5a7ff00b9c78ce5e15de5b99dc78a7e8c83ecd3)
Bug: 21085656
Change-Id: Idb71fdc801bafc5ad38f0b87dc3847f48854563f
|
|
|
|
|
|
|
|
|
|
| |
This matches the RI and doesn't get late binding confused when you call
Cipher.getInstance
(cherry picked from commit 4046cd0249e7ffa820dcd4318f4e81f737d8634c)
Bug: 21085702
Change-Id: I8f69e7b342fde4881f20e103240f0b289322ef4e
|
|
|
|
|
|
|
|
|
|
| |
The default of 192 bit keys was the worst of all choices. 128-bit
runs faster on mobile devices.
(cherry picked from commit ac2a5751dc9578b1f2a8d99906e435993d36c8d6)
Bug: 21085656
Change-Id: Ie4d15ea35e46a157f8c0d43a91e699135e2c58d1
|
|
|
|
|
|
|
|
| |
bug: 20545284
(cherry picked from commit fa0ac9cf9f44a17bb77070574674f2ef0ecc3498)
Change-Id: Ie640314c35a5a98fac32e15144eaf776e4f861cb
|
|
|
|
| |
Change-Id: I227db8e458e67af46ccb1c07bfca77a733f25979
|
|
|
|
|
|
|
|
|
| |
Move the CertBlacklist instance to a NoPreloadHolder, then move the
System.getenv call in CertBlacklist to a constructor so it's not called
during class initialization.
Bug: 18013422
Change-Id: I39d0f43f948dec243d2d7cb79726d0642638b77a
|
|
|
|
|
|
|
|
| |
f98b02ab394044a3c237d2c7a2ee5ef65793e8e9 bcpkix-jdk15on-151.tar.gz
95e59ad2492598d729cfc559b480c3f172de5dc3 bcprov-jdk15on-151.tar.gz
Bug: 16578237
Change-Id: Ie4a3cd01b52b504a1098b00b413f1418273a6ef2
|
|
|
|
|
|
|
| |
Without this, decoding X.509 certificates doesn't get a valid DH public
key since this OID is not registered by any other provider.
Change-Id: I82a5e4cfc3b63c3928299523725d24b838ca939c
|
|
|
|
|
|
| |
This causes class preinitialization to fail unnecessarily.
Change-Id: I48d55fd2ef4864fb02768ca804c1f2f3c9a84b12
|
|
|
|
|
|
|
| |
doFinal(...) length was being passed in incorrectly.
Bug: 13224655
Change-Id: Ie738446910532a67940fbcd06c5cc961cf7ef9cc
|
|
|
|
|
|
|
| |
BcKeyStoreSpi requires an ExtendedDigest to be able to see what byte
length the output is before calling it.
Change-Id: Ibcade36a96d222d48b933883f9f1d653aca627f0
|
|
|
|
|
|
|
| |
Instead of invoking NativeCrypto directly, delegate to the JCE subsystem
to select the AndroidOpenSSL provider.
Change-Id: I91c01fc5c21c6d674203226a89a9f4fb2f30426f
|
|
|
|
|
|
| |
Accidentally added during the upgrade to Bouncycastle 1.50.
Change-Id: I91439c1a53f7d46e56d966b551f06b120003a2a8
|
|
|
|
| |
Change-Id: I80cb9e09d75fdb690721c07f54701e6d043cf7b1
|
|
|
|
|
|
|
|
| |
SHA256 sums of source packages:
0be5bb948ec481b3d1f30ee80ef593b298b3782697f9eeee5c74cf270689b520 bcpkix-jdk15on-150.tar.gz
468259c9166fbcf87ad284ae46fae45408cb7cfc9c406862ea75d5b8696f4f2a bcprov-jdk15on-150.tar.gz
Change-Id: Id566e9137f85d8328e9f0cb0472ff2f6ae7a71d3
|
|
|
|
| |
Change-Id: I0ab409f39d0ca5712c75bd5b2ffed041bba3521d
|
|
|
|
|
|
| |
In the StandardNames 8 document, SHA-224 has made a comeback.
Change-Id: I2cfd04df026502efa3ccbae17eb509588f43292f
|
|
|
|
|
|
|
|
| |
Bug: 8769295
(cherry picked from commit 0f9937b494fc6dd31fd04956963a3e258aece11b)
Change-Id: I8c8f1572c79adc48b0dbd44e5c889c4432dce56a
|
|
|
|
|
|
| |
(cherry picked from commit ee1cdde4bcea1635a6af99c2ada1e155cf1b7a3b)
Change-Id: Idc2bbd24722f6f2ca046f8dff197c63cf9dfa03b
|
|
|
|
| |
Change-Id: Icbf5a147409c810060a5acc884834fb2a778e860
|
|
|
|
|
|
|
|
|
| |
Bug: 8312059
Bug: https://code.google.com/p/android/issues/detail?id=40578
Cherry picked from commit a2ab0a62bc1ca3978e3ab3a3c1f8288f29a30e7e
Change-Id: I749380979671709d63cc87f798b77ed5d8eaef6e
|
|\ |
|
| |
| |
| |
| | |
Change-Id: Iaef3e3f325e43736fa19c701f6609e5ffd1535fa
|
|/
|
|
|
| |
Bug: 8685209
Change-Id: I72865d6db1ff567da4b24566fa3878053819f826
|
|
|
|
|
|
|
| |
This makes the BouncyCastle JCA Provider pass
libcore.javax.crypto.ECDHKeyAgreementTest.
Change-Id: I462c93a19c5dfc00733deb76351631ab4b4601da
|
|
|
|
|
|
| |
OpenSSL binding
Change-Id: Ibe48a3e6a5356dad5832eac90d23418d89ad7486
|
|
|
|
|
|
|
| |
There was a missing getCertPathEncodings() implementation and the "PEM"
encoding wasn't fully removed.
Change-Id: I514910eec34ad39e0a2d56677ffdd400b38c6bc9
|
|
|
|
| |
Change-Id: Idb04baf42de07b18ddb162e5cd1f98cdadf366f4
|
|\
| |
| |
| | |
Change-Id: I9988ca591a8632df0f67008a79942c8a8e4174ba
|
| |
| |
| |
| | |
Change-Id: I34040b2fe12f81dc0e40653c635f061c499f815b
|
| |
| |
| |
| |
| | |
Bug: https://code.google.com/p/android/issues/detail?id=41405
Change-Id: I9bf90613c510f753032110724b074d31ae76a1fb
|
| |
| |
| |
| |
| |
| | |
Also make sure the Collection returned is an unmodifiableCollection
Change-Id: I9b91a36bd9f5c6264519510c1ac6ac86d4043e34
|
| |
| |
| |
| | |
Change-Id: Ibb096f239e0e4a6c0dda05e249786432babfcc8a
|
| |
| |
| |
| | |
Change-Id: I4a486878447111fa53d0d78ae9c2bf9365e154ed
|
|\|
| |
| |
| |
| | |
* commit '036093e8793923cf6b6bd920d7a2254ab0afa8a1':
Fix registration of MD5withRSA Signatures
|
| |
| |
| |
| |
| | |
Bug: 7453821
Change-Id: Ibcd0f02376bd7a56761597e20096d75ced9c56a5
|
|/
|
|
|
|
| |
This is a port of the previous patch to BC 1.47
Change-Id: I67d95635e05379fdbd09560c5be622de08f6018f
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Move existing provider source to bcprov
- Added bcpkix host build to support built/tooks/signapk
sha1sum of sources:
- 10bfea344842fe8e065c80e399c93f8651dc87d8 bcprov-jdk15on-147.tar.gz
- 913828c7ae36e030508e97e07b3c213fb1db1e9c bcpkix-jdk15on-147.tar.gz
Bug: 7056297
Change-Id: Id4f957f300a39aa34b4c3c679b2312631d3f1639
|
|
|
|
| |
Change-Id: I54d724c11840444c08c2e584700245e41d6ef948
|
|
|
|
| |
Change-Id: I601cc0dd434897d48c79abb67e9f833159135cce
|
|
|
|
|
|
|
| |
(cherry picked from commit 089355c44e80af84267f0ab3e5369416bfd2d4cf)
Bug: http://code.google.com/p/android/issues/detail?id=35547
Change-Id: I58b9e8c258256194ab848c52a29fd270f8f9ad97
|
|
|
|
|
|
| |
This allows us to augment the blacklists with data from other sources.
Change-Id: I05e4f1f65b12346847d7064d2be311c5dc6c0ec2
|
|
|
|
|
|
|
|
|
| |
Based on Chrome CL:
http://src.chromium.org/viewvc/chrome?view=rev&revision=108479
Bug: 5566566
Change-Id: I1b8bd10221eda14fcf15fd2f1a5a23087dab0c50
|
|\
| |
| |
| | |
Change-Id: I5e37b50e0f6ed6cd61fa1310c15799442d702b61
|