| commit | 5dc9cdaf41d6d15ab992ac27a79e556719b0f23e | [log] [tgz] |
|---|---|---|
| author | Pete Bentley <prb@google.com> | Mon Jul 03 12:36:59 2023 +0100 |
| committer | Miguel Aranda <miguelaranda@google.com> | Mon Jan 29 11:17:01 2024 +0000 |
| tree | 5ea9ff398a6afb850ebb09b95cbd23da45cbed3b | |
| parent | 7b8db415972894e0f8b0495113b7a544cf7a3fd7 [diff] |
Merge: Make tests agnostic about TLS v1.x. Merged from upstream commit #1150. Test only change. Ensures tests neither use nor assume anything about whether TLSv.1 are enabled or supported. As such it is suitable for backporting to historic Android test suites where vendors may have disabled TLS v1.x by editing the default arrays. However by being agnostic it does not enforce that TLS v1.x are available if expected. A further change will provide an API for that, but which is not suitable for backporting as it will require non-test changes. A lot of the tidy-up is around RenegotiationTest and its TestUtils methods, which are only tested on OpenJDK builds. Bug: 288058920 Bug: 288062754 Test: atest MtsLibcoreTestCases (with and without TLS v1.x enabled) (cherry picked from https://android-review.googlesource.com/q/commit:e0b07ec432c99892fbfb33c6a99666a5a83206a3) Merged-In: If8c48afcd1a6a417d1410ce4335f16cac3abd191 Change-Id: If8c48afcd1a6a417d1410ce4335f16cac3abd191
Conscrypt is a Java Security Provider (JSP) that implements parts of the Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE). It uses BoringSSL to provide cryptographic primitives and Transport Layer Security (TLS) for Java applications on Android and OpenJDK. See the capabilities documentation for detailed information on what is provided.
The core SSL engine has borrowed liberally from the Netty project and their work on netty-tcnative, giving Conscrypt similar performance.
Conscrypt supports Java 7 or later on OpenJDK and Gingerbread (API Level 9) or later on Android. The build artifacts are available on Maven Central.
You can download the JARs directly from the Maven repositories.
The OpenJDK artifacts are platform-dependent since each embeds a native library for a particular platform. We publish artifacts to Maven Central for the following platforms:
| Classifier | OS | Architecture |
|---|---|---|
| linux-x86_64 | Linux | x86_64 (64-bit) |
| osx-x86_64 | Mac | x86_64 (64-bit) |
| windows-x86 | Windows | x86 (32-bit) |
| windows-x86_64 | Windows | x86_64 (64-bit) |
Use the os-maven-plugin to add the dependency:
<build> <extensions> <extension> <groupId>kr.motd.maven</groupId> <artifactId>os-maven-plugin</artifactId> <version>1.4.1.Final</version> </extension> </extensions> </build> <dependency> <groupId>org.conscrypt</groupId> <artifactId>conscrypt-openjdk</artifactId> <version>2.4.0</version> <classifier>${os.detected.classifier}</classifier> </dependency>
Use the osdetector-gradle-plugin (which is a wrapper around the os-maven-plugin) to add the dependency:
buildscript { repositories { mavenCentral() } dependencies { classpath 'com.google.gradle:osdetector-gradle-plugin:1.4.0' } } // Use the osdetector-gradle-plugin apply plugin: "com.google.osdetector" dependencies { compile 'org.conscrypt:conscrypt-openjdk:2.4.0:' + osdetector.classifier }
For convenience, we also publish an Uber JAR to Maven Central that contains the shared libraries for all of the published platforms. While the overall size of the JAR is larger than depending on a platform-specific artifact, it greatly simplifies the task of dependency management for most platforms.
To depend on the uber jar, simply use the conscrypt-openjdk-uber artifacts.
<dependency> <groupId>org.conscrypt</groupId> <artifactId>conscrypt-openjdk-uber</artifactId> <version>2.4.0</version> </dependency>
dependencies { compile 'org.conscrypt:conscrypt-openjdk-uber:2.4.0' }
The Android AAR file contains native libraries for x86, x86_64, armeabi-v7a, and arm64-v8a.
dependencies { implementation 'org.conscrypt:conscrypt-android:2.4.0' }
If you are making changes to Conscrypt, see the building instructions.