Loading core/api/current.txt +2 −2 Original line number Diff line number Diff line Loading @@ -30454,7 +30454,7 @@ package android.net.http { public class X509TrustManagerExtensions { ctor public X509TrustManagerExtensions(javax.net.ssl.X509TrustManager) throws java.lang.IllegalArgumentException; method public java.util.List<java.security.cert.X509Certificate> checkServerTrusted(java.security.cert.X509Certificate[], String, String) throws java.security.cert.CertificateException; method @FlaggedApi("android.security.certificate_transparency_configuration") @NonNull public java.util.List<java.security.cert.X509Certificate> checkServerTrusted(@NonNull java.security.cert.X509Certificate[], @Nullable byte[], @Nullable byte[], @NonNull String, @NonNull String) throws java.security.cert.CertificateException; method @NonNull public java.util.List<java.security.cert.X509Certificate> checkServerTrusted(@NonNull java.security.cert.X509Certificate[], @Nullable byte[], @Nullable byte[], @NonNull String, @NonNull String) throws java.security.cert.CertificateException; method public boolean isSameTrustConfiguration(String, String); method public boolean isUserAddedCertificate(java.security.cert.X509Certificate); } Loading Loading @@ -40940,7 +40940,7 @@ package android.security { public class NetworkSecurityPolicy { method public static android.security.NetworkSecurityPolicy getInstance(); method @FlaggedApi("android.security.certificate_transparency_configuration") public boolean isCertificateTransparencyVerificationRequired(@NonNull String); method public boolean isCertificateTransparencyVerificationRequired(@NonNull String); method public boolean isCleartextTrafficPermitted(); method public boolean isCleartextTrafficPermitted(String); } core/java/android/net/http/X509TrustManagerExtensions.java +6 −8 Original line number Diff line number Diff line Loading @@ -18,7 +18,6 @@ package android.net.http; import static com.android.org.conscrypt.flags.Flags.certificateTransparencyCheckservertrustedApi; import android.annotation.FlaggedApi; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.SuppressLint; Loading Loading @@ -140,26 +139,25 @@ public class X509TrustManagerExtensions { * * <p>See {@link X509TrustManager#checkServerTrusted(X509Certificate[], String)} for a * description of the chain and authType parameters. The final parameter, host, should be the * hostname of the server.</p> * hostname of the server. * * <p>ocspData and tlsSctData may be provided to verify any Signed Certificate Timestamp (SCT) * attached to the connection. These are ASN.1 octet strings (SignedCertificateTimestampList) * as described in RFC 6962, Section 3.3. Note that SCTs embedded in the certificate chain * will automatically be processed. * </p> * attached to the connection. These are ASN.1 octet strings (SignedCertificateTimestampList) as * described in RFC 6962, Section 3.3. Note that SCTs embedded in the certificate chain will * automatically be processed. * * @throws CertificateException if the chain does not verify correctly. * @throws IllegalArgumentException if the TrustManager is not compatible. * @return the properly ordered chain used for verification as a list of X509Certificates. */ @FlaggedApi(Flags.FLAG_CERTIFICATE_TRANSPARENCY_CONFIGURATION) @NonNull public List<X509Certificate> checkServerTrusted( @SuppressLint("ArrayReturn") @NonNull X509Certificate[] chain, @Nullable byte[] ocspData, @Nullable byte[] tlsSctData, @NonNull String authType, @NonNull String host) throws CertificateException { @NonNull String host) throws CertificateException { List<X509Certificate> result; if (mDelegate != null) { if (certificateTransparencyCheckservertrustedApi()) { Loading core/java/android/security/NetworkSecurityPolicy.java +0 −2 Original line number Diff line number Diff line Loading @@ -16,7 +16,6 @@ package android.security; import android.annotation.FlaggedApi; import android.annotation.NonNull; import android.content.Context; import android.content.pm.PackageManager; Loading Loading @@ -105,7 +104,6 @@ public class NetworkSecurityPolicy { * @return {@code true} if certificate transparency verification is required and {@code false} * otherwise */ @FlaggedApi(Flags.FLAG_CERTIFICATE_TRANSPARENCY_CONFIGURATION) public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { return libcore.net.NetworkSecurityPolicy.getInstance() .isCertificateTransparencyVerificationRequired(hostname); Loading packages/NetworkSecurityConfig/platform/src/android/security/net/config/ApplicationConfig.java +1 −5 Original line number Diff line number Diff line Loading @@ -16,8 +16,6 @@ package android.security.net.config; import static android.security.Flags.certificateTransparencyConfiguration; import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_APP_OPT_IN; import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_DOMAIN_OPT_IN; import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_SDK_TARGET_DEFAULT_ENABLED; Loading Loading @@ -177,9 +175,7 @@ public final class ApplicationConfig { * otherwise */ public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { return certificateTransparencyConfiguration() ? getConfigForHostname(hostname).isCertificateTransparencyVerificationRequired() : NetworkSecurityConfig.certificateTransparencyVerificationRequiredDefault(); return getConfigForHostname(hostname).isCertificateTransparencyVerificationRequired(); } int getCertificateTransparencyVerificationReason(@NonNull String hostname) { Loading Loading
core/api/current.txt +2 −2 Original line number Diff line number Diff line Loading @@ -30454,7 +30454,7 @@ package android.net.http { public class X509TrustManagerExtensions { ctor public X509TrustManagerExtensions(javax.net.ssl.X509TrustManager) throws java.lang.IllegalArgumentException; method public java.util.List<java.security.cert.X509Certificate> checkServerTrusted(java.security.cert.X509Certificate[], String, String) throws java.security.cert.CertificateException; method @FlaggedApi("android.security.certificate_transparency_configuration") @NonNull public java.util.List<java.security.cert.X509Certificate> checkServerTrusted(@NonNull java.security.cert.X509Certificate[], @Nullable byte[], @Nullable byte[], @NonNull String, @NonNull String) throws java.security.cert.CertificateException; method @NonNull public java.util.List<java.security.cert.X509Certificate> checkServerTrusted(@NonNull java.security.cert.X509Certificate[], @Nullable byte[], @Nullable byte[], @NonNull String, @NonNull String) throws java.security.cert.CertificateException; method public boolean isSameTrustConfiguration(String, String); method public boolean isUserAddedCertificate(java.security.cert.X509Certificate); } Loading Loading @@ -40940,7 +40940,7 @@ package android.security { public class NetworkSecurityPolicy { method public static android.security.NetworkSecurityPolicy getInstance(); method @FlaggedApi("android.security.certificate_transparency_configuration") public boolean isCertificateTransparencyVerificationRequired(@NonNull String); method public boolean isCertificateTransparencyVerificationRequired(@NonNull String); method public boolean isCleartextTrafficPermitted(); method public boolean isCleartextTrafficPermitted(String); }
core/java/android/net/http/X509TrustManagerExtensions.java +6 −8 Original line number Diff line number Diff line Loading @@ -18,7 +18,6 @@ package android.net.http; import static com.android.org.conscrypt.flags.Flags.certificateTransparencyCheckservertrustedApi; import android.annotation.FlaggedApi; import android.annotation.NonNull; import android.annotation.Nullable; import android.annotation.SuppressLint; Loading Loading @@ -140,26 +139,25 @@ public class X509TrustManagerExtensions { * * <p>See {@link X509TrustManager#checkServerTrusted(X509Certificate[], String)} for a * description of the chain and authType parameters. The final parameter, host, should be the * hostname of the server.</p> * hostname of the server. * * <p>ocspData and tlsSctData may be provided to verify any Signed Certificate Timestamp (SCT) * attached to the connection. These are ASN.1 octet strings (SignedCertificateTimestampList) * as described in RFC 6962, Section 3.3. Note that SCTs embedded in the certificate chain * will automatically be processed. * </p> * attached to the connection. These are ASN.1 octet strings (SignedCertificateTimestampList) as * described in RFC 6962, Section 3.3. Note that SCTs embedded in the certificate chain will * automatically be processed. * * @throws CertificateException if the chain does not verify correctly. * @throws IllegalArgumentException if the TrustManager is not compatible. * @return the properly ordered chain used for verification as a list of X509Certificates. */ @FlaggedApi(Flags.FLAG_CERTIFICATE_TRANSPARENCY_CONFIGURATION) @NonNull public List<X509Certificate> checkServerTrusted( @SuppressLint("ArrayReturn") @NonNull X509Certificate[] chain, @Nullable byte[] ocspData, @Nullable byte[] tlsSctData, @NonNull String authType, @NonNull String host) throws CertificateException { @NonNull String host) throws CertificateException { List<X509Certificate> result; if (mDelegate != null) { if (certificateTransparencyCheckservertrustedApi()) { Loading
core/java/android/security/NetworkSecurityPolicy.java +0 −2 Original line number Diff line number Diff line Loading @@ -16,7 +16,6 @@ package android.security; import android.annotation.FlaggedApi; import android.annotation.NonNull; import android.content.Context; import android.content.pm.PackageManager; Loading Loading @@ -105,7 +104,6 @@ public class NetworkSecurityPolicy { * @return {@code true} if certificate transparency verification is required and {@code false} * otherwise */ @FlaggedApi(Flags.FLAG_CERTIFICATE_TRANSPARENCY_CONFIGURATION) public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { return libcore.net.NetworkSecurityPolicy.getInstance() .isCertificateTransparencyVerificationRequired(hostname); Loading
packages/NetworkSecurityConfig/platform/src/android/security/net/config/ApplicationConfig.java +1 −5 Original line number Diff line number Diff line Loading @@ -16,8 +16,6 @@ package android.security.net.config; import static android.security.Flags.certificateTransparencyConfiguration; import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_APP_OPT_IN; import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_DOMAIN_OPT_IN; import static libcore.net.NetworkSecurityPolicy.CERTIFICATE_TRANSPARENCY_REASON_SDK_TARGET_DEFAULT_ENABLED; Loading Loading @@ -177,9 +175,7 @@ public final class ApplicationConfig { * otherwise */ public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { return certificateTransparencyConfiguration() ? getConfigForHostname(hostname).isCertificateTransparencyVerificationRequired() : NetworkSecurityConfig.certificateTransparencyVerificationRequiredDefault(); return getConfigForHostname(hostname).isCertificateTransparencyVerificationRequired(); } int getCertificateTransparencyVerificationReason(@NonNull String hostname) { Loading
