Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How To Identify the Conscrypt Source Used in Android N's Network Security Configuration Code?

Android N has a network security configuration system for certificate pinning, self-signed certificate support (including a debug-only variant), etc. It's pretty slick. I was poking around at trying to backport it, in case Google doesn't, as it would be nice to use some of this capability on Android 6.0 and older devices.

The source code for the network security configuration support was easy enough to find, where that link points to the android-n-preview-3 tag.

That source refers to conscrypt, described oh-so-helpfully as "a Java Security Provider that uses OpenSSL."

However, the android-n-preview-3-tagged edition of the conscrypt code does not line up with what the network security configuration code uses. Of note, the network security configuration code relies on TrustManagerImpl, and the android-n-preview-3-tagged edition of the conscrypt code does not have that class. Earlier versions do.

I am not expert enough on the AOSP code to grok where the network security configuration code is pulling in its conscrypt implementation, so I can ensure that I am referring to the same version of that code.

Any ideas?

like image 883
CommonsWare Avatar asked Jun 08 '16 00:06

CommonsWare


1 Answers

TrustManagerImpl is there, you can see it here.

The Network Security Config code in AOSP is mostly up to date, but there may be changes between what's there and the final code which will be published when N is published.

like image 146
Chad Brubaker Avatar answered Nov 20 '22 18:11

Chad Brubaker