Merge upstream master

Includes a lot of refactorings of the core SSL classes (especially
session code), some bug fixes, and AlgorithmParameters.GCM.  There
shouldn't be any large changes in behavior.

A number of classes have been renamed, but shims are left in place to
handle cases where users are using reflection to access unexposed
APIs (see, eg, OpenSSLSocketImpl.java).


Bug: 62852271
Bug: 62369410
Test: cts -m CtsLibcoreTestCases
Test: cts -m CtsLibcoreOkHttpTestCases
Test: cts -m CtsLibcoreWycheproofConscryptTestCases
Change-Id: Ib6eb0819f2b38d1b8e49b49a0eba769eb8afc4cf
tree: ad19a1b6724dfa8d10736ef0f9797b4f7eb9072b
  1. .clang-format
  2. .gitignore
  3. .travis.yml
  4. Android.bp
  5. Android.mk
  6. BUILDING.md
  7. CONTRIBUTING.md
  8. Dockerfile
  9. LICENSE
  10. MODULE_LICENSE_APACHE2
  11. NOTICE
  12. OWNERS
  13. PREUPLOAD.cfg
  14. README.md
  15. RELEASING.md
  16. android-stub/
  17. android/
  18. api-doclet/
  19. appveyor.yml
  20. benchmark-base/
  21. benchmark-graphs/
  22. benchmark-jmh/
  23. build.gradle
  24. common/
  25. constants/
  26. gradle/
  27. gradlew
  28. gradlew.bat
  29. jarjar-rules.txt
  30. libcore-stub/
  31. licenses/
  32. openjdk-integ-tests/
  33. openjdk-uber/
  34. openjdk/
  35. platform/
  36. settings.gradle
  37. testing/
README.md

Conscrypt - A Java Security Provider

Conscrypt is a Java Security Provider (JSP) that implements parts of the Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE). It uses BoringSSL to provide cryptographical primitives and Transport Layer Security (TLS) for Java applications on Android and OpenJDK.

The core SSL engine has borrowed liberally from the Netty project and their work on netty-tcnative, giving Conscrypt similar performance.

Download

NOTE: This section is under construction! Artifacts have not yet been published to the public Maven repositories.

Download JARs

You can download the JARs directly from the Maven repositories.

OpenJDK (i.e. non-Android)

Native Classifiers

The OpenJDK artifacts are platform-dependent since each embeds a native library for a particular platform. We publish artifacts to Maven Central for the following platforms:

ClassifierDescription
windows-x86_64Windows distribution
osx-x86_64Mac distribution
linux-x86_64Used for Linux
Maven

Use the os-maven-plugin to add the dependency:

<build>
  <extensions>
    <extension>
      <groupId>kr.motd.maven</groupId>
      <artifactId>os-maven-plugin</artifactId>
      <version>1.4.1.Final</version>
    </extension>
  </extensions>
</build>

<dependency>
  <groupId>org.conscrypt</groupId>
  <artifactId>conscrypt-openjdk</artifactId>
  <version>1.1.0-SNAPSHOT</version>
  <classifier>${os.detected.classifier}</classifier>
</dependency>
Gradle

Use the osdetector-gradle-plugin (which is a wrapper around the os-maven-plugin) to add the dependency:

buildscript {
  repositories {
    mavenCentral()
  }
  dependencies {
    classpath 'com.google.gradle:osdetector-gradle-plugin:1.4.0'
  }
}

// Use the osdetector-gradle-plugin
apply plugin: "com.google.osdetector"

dependencies {
  compile 'org.conscrypt:conscrypt-jdk:1.1.0-SNAPSHOT:' + osdetector.classifier
}
Uber JAR

For convenience, we also publish an Uber JAR to Maven Central that contains the shared libraries for all of the published platforms. While the overall size of the JAR is larger than depending on a platform-specific artifact, it greatly simplifies the task of dependency management for most platforms.

To depend on the uber jar, simply use the conscrypt-openjdk-uber artifacts.

Maven
<dependency>
  <groupId>org.conscrypt</groupId>
  <artifactId>conscrypt-openjdk-uber</artifactId>
  <version>1.1.0-SNAPSHOT</version>
</dependency>
Gradle
dependencies {
  compile 'org.conscrypt:conscrypt-jdk-uber:1.1.0-SNAPSHOT'
}

How to Build

If you are making changes to Conscrypt, see the building instructions.

Source Overview

Here‘s a quick readers’ guide to the code to help folks get started. The high-level modules are Common, Android, OpenJDK, and Platform.

Common

This contains the bulk of the code for both Java and C. This isn't an actual module and builds no artifacts. Rather, the other modules just point to this directory as source.

Android

This module provides the Platform class for Android and also adds compatibility classes for supporting various versions of Android. This generates an aar library artifact.

OpenJDK

These modules provide the Platform class for non-Android (OpenJDK-based) systems. It also provides a native library loader supports bundling the shared library with the JAR.

Platform

This is not an actual module and is not part of the default build. This is used for building Conscrypt as an embedded component of the Android platform.