Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d539ea71 authored by Alex Klyubin's avatar Alex Klyubin Committed by Android Git Automerger
Browse files

am 6ef3d7d2: Merge "Document when self-signed certs have invalid signature." into mnc-dev

* commit '6ef3d7d2':
  Document when self-signed certs have invalid signature.
parents 27af6ada 6ef3d7d2
Loading
Loading
Loading
Loading
+8 −0
Original line number Original line Diff line number Diff line
@@ -59,6 +59,14 @@ import javax.security.auth.x500.X500Principal;
 * of the certificate can be customized in this spec. The self-signed certificate may be replaced at
 * of the certificate can be customized in this spec. The self-signed certificate may be replaced at
 * a later time by a certificate signed by a Certificate Authority (CA).
 * a later time by a certificate signed by a Certificate Authority (CA).
 *
 *
 * <p>NOTE: If a private key is not authorized to sign the self-signed certificate, then the
 * certificate will be created with an invalid signature which will not verify. Such a certificate
 * is still useful because it provides access to the public key. To generate a valid
 * signature for the certificate the key needs to be authorized for
 * {@link KeyProperties#PURPOSE_SIGN}, a suitable digest or {@link KeyProperties#DIGEST_NONE}, and
 * {@link KeyProperties#SIGNATURE_PADDING_RSA_PKCS1} or
 * {@link KeyProperties#ENCRYPTION_PADDING_NONE}.
 *
 * <p>NOTE: The key material of the generated symmetric and private keys is not accessible. The key
 * <p>NOTE: The key material of the generated symmetric and private keys is not accessible. The key
 * material of the public keys is accessible.
 * material of the public keys is accessible.
 *
 *
+1 −1
Original line number Original line Diff line number Diff line
@@ -370,7 +370,7 @@ public abstract class KeyProperties {
     * No encryption padding.
     * No encryption padding.
     *
     *
     * <p><b>NOTE</b>: If a key is authorized to be used with no padding, then it can be used with
     * <p><b>NOTE</b>: If a key is authorized to be used with no padding, then it can be used with
     * any padding scheme.
     * any padding scheme, both for encryption and signing.
     */
     */
    public static final String ENCRYPTION_PADDING_NONE = "NoPadding";
    public static final String ENCRYPTION_PADDING_NONE = "NoPadding";