1
0
mirror of https://github.com/moparisthebest/k-9 synced 2024-11-27 11:42:16 -05:00
k-9/src/com/fsck/k9
Joe Steele 6f14294164 Remove SslHelper. Don't use SecureRandom.
SslHelper has been removed, and its functionality has been transferred
into TrustedSocketFactory.  The added layer of indirection wasn't really
simplifying anything.  It's now easier to see what happens when
createSocket() is invoked.

A new instance of SecureRandom is no longer passed to SSLContext.init().
Instead, null is passed.

The (default) provider of the TLS SSLContext used is OpenSSLProvider,
which provides an SSLSocket instance of type OpenSSLSocketImpl.  The only
use of SecureRandom is in OpenSSLSocketImpl.startHandshake(), where it is
used to seed the OpenSSL PRNG with additional random data.  But if
SecureRandom is null, then /dev/urandom is used for seeding instead.

Meanwhile, the default provider for the SecureRandom service is
OpenSSLRandom, which uses the OpenSSL PRNG as its data source.  So we were
effectively seeding the OpenSSL PRNG with itself.  That's probably okay
(we trust that the OpenSSL PRNG was properly initialized with random data
before first use), but using /dev/urandom would seem like a better source
(or at least as good a source) for the additional seed data added with
each new connection.

Note that our PRNGFixes class replaces the default SecureRandom service
with one whose data source is /dev/urandom for certain vulnerable API
levels anyway.  (It also makes sure that the OpenSSL PRNG is properly
seeded before first use for certain vulnerable API levels.)
2014-09-06 18:15:25 -04:00
..
activity Merge pull request #485 from haselwarter 2014-09-04 23:55:30 +02:00
cache Avoid CursorIndexOutOfBoundsException when deleting a message 2013-08-23 04:16:00 +02:00
controller Merge pull request #485 from haselwarter 2014-09-04 23:55:30 +02:00
crypto Remove ActionBarSherlock 2014-06-21 17:09:45 +02:00
fragment Merge pull request #474 from k9mail/tls-client-cert-auth 2014-08-30 01:06:28 +02:00
helper Remove code for unsupported API levels 2014-08-19 17:17:55 -04:00
mail Remove SslHelper. Don't use SecureRandom. 2014-09-06 18:15:25 -04:00
net/ssl Remove SslHelper. Don't use SecureRandom. 2014-09-06 18:15:25 -04:00
preferences Merge pull request #485 from haselwarter 2014-09-04 23:55:30 +02:00
provider Remove code for unsupported API levels 2014-08-19 17:17:55 -04:00
remotecontrol Eliminate obsolete background data sync option 2014-08-19 17:14:44 -04:00
search use Set instead of implementation type 2014-02-15 23:59:24 +01:00
security Move KeyChainKeyManager 2014-08-11 11:08:24 -04:00
service Eliminate obsolete background data sync option 2014-08-19 17:14:44 -04:00
view Merge pull request #474 from k9mail/tls-client-cert-auth 2014-08-30 01:06:28 +02:00
Account.java Merge pull request #485 from haselwarter 2014-09-04 23:55:30 +02:00
AccountStats.java Grey out unavailable accounts. 2011-03-19 12:36:58 -05:00
BaseAccount.java astyle-d 2011-02-26 18:39:06 -06:00
Clock.java Move AOSP files. 2013-11-05 16:26:27 -05:00
EmailAddressAdapter.java Don't use EmailAddressAdapter as singleton 2012-04-11 03:26:45 +02:00
EmailAddressValidator.java astyle-d 2011-02-26 18:39:06 -06:00
FontSizes.java Remove old setting for message content font size 2014-02-13 04:22:45 +01:00
Identity.java astyle-d 2011-02-26 18:39:06 -06:00
K9.java Remove the obsolete "Condensed layout" preference 2014-08-19 17:17:45 -04:00
NotificationSetting.java astyle-d 2011-02-26 18:39:06 -06:00
Preferences.java Eliminate the need to pass a context to LocalKeyStore.getInstance 2013-12-03 19:24:37 -05:00
PRNGFixes.java Some assorted warning fixes. 2013-09-25 15:20:43 +02:00
Throttle.java Move AOSP files. 2013-11-05 16:26:27 -05:00