Loading core/api/current.txt +0 −1 Original line number Diff line number Diff line Loading @@ -39342,7 +39342,6 @@ package android.security { public class NetworkSecurityPolicy { method public static android.security.NetworkSecurityPolicy getInstance(); method @FlaggedApi("android.security.certificate_transparency_configuration") public boolean isCertificateTransparencyVerificationRequired(@NonNull String); method public boolean isCleartextTrafficPermitted(); method public boolean isCleartextTrafficPermitted(String); } core/java/android/security/NetworkSecurityPolicy.java +3 −18 Original line number Diff line number Diff line Loading @@ -16,8 +16,6 @@ package android.security; import android.annotation.FlaggedApi; import android.annotation.NonNull; import android.content.Context; import android.content.pm.PackageManager; import android.security.net.config.ApplicationConfig; Loading @@ -28,6 +26,9 @@ import android.security.net.config.ManifestConfigSource; * * <p>Network stacks/components should honor this policy to make it possible to centrally control * the relevant aspects of network security behavior. * * <p>The policy currently consists of a single flag: whether cleartext network traffic is * permitted. See {@link #isCleartextTrafficPermitted()}. */ public class NetworkSecurityPolicy { Loading Loading @@ -92,22 +93,6 @@ public class NetworkSecurityPolicy { libcore.net.NetworkSecurityPolicy.setInstance(policy); } /** * Returns {@code true} if Certificate Transparency information is required to be verified by * the client in TLS connections to {@code hostname}. * * <p>See RFC6962 section 3.3 for more details. * * @param hostname hostname to check whether certificate transparency verification is required * @return {@code true} if certificate transparency verification is required and {@code false} * otherwise */ @FlaggedApi(Flags.FLAG_CERTIFICATE_TRANSPARENCY_CONFIGURATION) public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { return libcore.net.NetworkSecurityPolicy.getInstance() .isCertificateTransparencyVerificationRequired(hostname); } /** * Handle an update to the system or user certificate stores. * @hide Loading core/java/android/security/flags.aconfig +0 −7 Original line number Diff line number Diff line package: "android.security" flag { name: "certificate_transparency_configuration" namespace: "network_security" description: "Enable certificate transparency setting in the network security config" bug: "28746284" } flag { name: "fsverity_api" namespace: "hardware_backed_security" Loading core/java/android/security/net/config/ApplicationConfig.java +0 −21 Original line number Diff line number Diff line Loading @@ -16,15 +16,10 @@ package android.security.net.config; import static android.security.Flags.certificateTransparencyConfiguration; import android.annotation.NonNull; import android.util.Pair; import java.util.HashSet; import java.util.Locale; import java.util.Set; import javax.net.ssl.X509TrustManager; /** Loading Loading @@ -152,22 +147,6 @@ public final class ApplicationConfig { return getConfigForHostname(hostname).isCleartextTrafficPermitted(); } /** * Returns {@code true} if Certificate Transparency information is required to be verified by * the client in TLS connections to {@code hostname}. * * <p>See RFC6962 section 3.3 for more details. * * @param hostname hostname to check whether certificate transparency verification is required * @return {@code true} if certificate transparency verification is required and {@code false} * otherwise */ public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { return certificateTransparencyConfiguration() ? getConfigForHostname(hostname).isCertificateTransparencyVerificationRequired() : NetworkSecurityConfig.DEFAULT_CERTIFICATE_TRANSPARENCY_VERIFICATION_REQUIRED; } public void handleTrustStorageUpdate() { synchronized(mLock) { // If the config is uninitialized then there is no work to be done to handle an update, Loading core/java/android/security/net/config/ConfigNetworkSecurityPolicy.java +1 −1 Original line number Diff line number Diff line Loading @@ -40,6 +40,6 @@ public class ConfigNetworkSecurityPolicy extends libcore.net.NetworkSecurityPoli @Override public boolean isCertificateTransparencyVerificationRequired(String hostname) { return mConfig.isCertificateTransparencyVerificationRequired(hostname); return false; } } Loading
core/api/current.txt +0 −1 Original line number Diff line number Diff line Loading @@ -39342,7 +39342,6 @@ package android.security { public class NetworkSecurityPolicy { method public static android.security.NetworkSecurityPolicy getInstance(); method @FlaggedApi("android.security.certificate_transparency_configuration") public boolean isCertificateTransparencyVerificationRequired(@NonNull String); method public boolean isCleartextTrafficPermitted(); method public boolean isCleartextTrafficPermitted(String); }
core/java/android/security/NetworkSecurityPolicy.java +3 −18 Original line number Diff line number Diff line Loading @@ -16,8 +16,6 @@ package android.security; import android.annotation.FlaggedApi; import android.annotation.NonNull; import android.content.Context; import android.content.pm.PackageManager; import android.security.net.config.ApplicationConfig; Loading @@ -28,6 +26,9 @@ import android.security.net.config.ManifestConfigSource; * * <p>Network stacks/components should honor this policy to make it possible to centrally control * the relevant aspects of network security behavior. * * <p>The policy currently consists of a single flag: whether cleartext network traffic is * permitted. See {@link #isCleartextTrafficPermitted()}. */ public class NetworkSecurityPolicy { Loading Loading @@ -92,22 +93,6 @@ public class NetworkSecurityPolicy { libcore.net.NetworkSecurityPolicy.setInstance(policy); } /** * Returns {@code true} if Certificate Transparency information is required to be verified by * the client in TLS connections to {@code hostname}. * * <p>See RFC6962 section 3.3 for more details. * * @param hostname hostname to check whether certificate transparency verification is required * @return {@code true} if certificate transparency verification is required and {@code false} * otherwise */ @FlaggedApi(Flags.FLAG_CERTIFICATE_TRANSPARENCY_CONFIGURATION) public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { return libcore.net.NetworkSecurityPolicy.getInstance() .isCertificateTransparencyVerificationRequired(hostname); } /** * Handle an update to the system or user certificate stores. * @hide Loading
core/java/android/security/flags.aconfig +0 −7 Original line number Diff line number Diff line package: "android.security" flag { name: "certificate_transparency_configuration" namespace: "network_security" description: "Enable certificate transparency setting in the network security config" bug: "28746284" } flag { name: "fsverity_api" namespace: "hardware_backed_security" Loading
core/java/android/security/net/config/ApplicationConfig.java +0 −21 Original line number Diff line number Diff line Loading @@ -16,15 +16,10 @@ package android.security.net.config; import static android.security.Flags.certificateTransparencyConfiguration; import android.annotation.NonNull; import android.util.Pair; import java.util.HashSet; import java.util.Locale; import java.util.Set; import javax.net.ssl.X509TrustManager; /** Loading Loading @@ -152,22 +147,6 @@ public final class ApplicationConfig { return getConfigForHostname(hostname).isCleartextTrafficPermitted(); } /** * Returns {@code true} if Certificate Transparency information is required to be verified by * the client in TLS connections to {@code hostname}. * * <p>See RFC6962 section 3.3 for more details. * * @param hostname hostname to check whether certificate transparency verification is required * @return {@code true} if certificate transparency verification is required and {@code false} * otherwise */ public boolean isCertificateTransparencyVerificationRequired(@NonNull String hostname) { return certificateTransparencyConfiguration() ? getConfigForHostname(hostname).isCertificateTransparencyVerificationRequired() : NetworkSecurityConfig.DEFAULT_CERTIFICATE_TRANSPARENCY_VERIFICATION_REQUIRED; } public void handleTrustStorageUpdate() { synchronized(mLock) { // If the config is uninitialized then there is no work to be done to handle an update, Loading
core/java/android/security/net/config/ConfigNetworkSecurityPolicy.java +1 −1 Original line number Diff line number Diff line Loading @@ -40,6 +40,6 @@ public class ConfigNetworkSecurityPolicy extends libcore.net.NetworkSecurityPoli @Override public boolean isCertificateTransparencyVerificationRequired(String hostname) { return mConfig.isCertificateTransparencyVerificationRequired(hostname); return false; } }
