Merge "Install SDK annotations as platform-tools/api/annotations.zip" into mnc-dev
diff --git a/ndk/platforms/android-M/include/android/multinetwork.h b/ndk/platforms/android-M/include/android/multinetwork.h
new file mode 100644
index 0000000..6c718c9
--- /dev/null
+++ b/ndk/platforms/android-M/include/android/multinetwork.h
@@ -0,0 +1,109 @@
+/*
+ * Copyright (C) 2015 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef ANDROID_MULTINETWORK_H
+#define ANDROID_MULTINETWORK_H
+
+#include <netdb.h>
+#include <stdlib.h>
+#include <sys/cdefs.h>
+
+__BEGIN_DECLS
+
+/**
+ * The corresponding C type for android.net.Network#getNetworkHandle() return
+ * values. The Java signed long value can be safely cast to a net_handle_t:
+ *
+ * [C] ((net_handle_t) java_long_network_handle)
+ * [C++] static_cast<net_handle_t>(java_long_network_handle)
+ *
+ * as appropriate.
+ */
+typedef uint64_t net_handle_t;
+
+/**
+ * The value NETWORK_UNSPECIFIED indicates no specific network.
+ *
+ * For some functions (documented below), a previous binding may be cleared
+ * by an invocation with NETWORK_UNSPECIFIED.
+ *
+ * Depending on the context it may indicate an error. It is expressly
+ * not used to indicate some notion of the "current default network".
+ */
+#define NETWORK_UNSPECIFIED ((net_handle_t)0)
+
+
+/**
+ * All functions below that return an int return 0 on success or -1
+ * on failure with an appropriate errno value set.
+ */
+
+
+/**
+ * Set the network to be used by the given socket file descriptor.
+ *
+ * To clear a previous socket binding invoke with NETWORK_UNSPECIFIED.
+ *
+ * This is the equivalent of:
+ *
+ * [ android.net.Network#bindSocket() ]
+ * https://developer.android.com/reference/android/net/Network.html#bindSocket(java.net.Socket)
+ */
+int android_setsocknetwork(net_handle_t network, int fd);
+
+
+/**
+ * Binds the current process to |network|. All sockets created in the future
+ * (and not explicitly bound via android_setsocknetwork()) will be bound to
+ * |network|. All host name resolutions will be limited to |network| as well.
+ * Note that if the network identified by |network| ever disconnects, all
+ * sockets created in this way will cease to work and all host name
+ * resolutions will fail. This is by design so an application doesn't
+ * accidentally use sockets it thinks are still bound to a particular network.
+ *
+ * To clear a previous process binding invoke with NETWORK_UNSPECIFIED.
+ *
+ * This is the equivalent of:
+ *
+ * [ android.net.ConnectivityManager#setProcessDefaultNetwork() ]
+ * https://developer.android.com/reference/android/net/ConnectivityManager.html#setProcessDefaultNetwork(android.net.Network)
+ */
+int android_setprocnetwork(net_handle_t network);
+
+
+/**
+ * Perform hostname resolution via the DNS servers associated with |network|.
+ *
+ * All arguments (apart from |network|) are used identically as those passed
+ * to getaddrinfo(3). Return and error values are identical to those of
+ * getaddrinfo(3), and in particular gai_strerror(3) can be used as expected.
+ * Similar to getaddrinfo(3):
+ * - |hints| may be NULL (in which case man page documented defaults apply)
+ * - either |node| or |service| may be NULL, but not both
+ * - |res| must not be NULL
+ *
+ * This is the equivalent of:
+ *
+ * [ android.net.Network#getAllByName() ]
+ * https://developer.android.com/reference/android/net/Network.html#getAllByName(java.lang.String)
+ */
+int android_getaddrinfofornetwork(net_handle_t network,
+ const char *node, const char *service,
+ const struct addrinfo *hints, struct addrinfo **res);
+
+__END_DECLS
+
+#endif // ANDROID_MULTINETWORK_H
diff --git a/samples/ApiDemos/src/com/example/android/apis/security/KeyStoreUsage.java b/samples/ApiDemos/src/com/example/android/apis/security/KeyStoreUsage.java
index 885bf4d..cde68b0 100644
--- a/samples/ApiDemos/src/com/example/android/apis/security/KeyStoreUsage.java
+++ b/samples/ApiDemos/src/com/example/android/apis/security/KeyStoreUsage.java
@@ -23,7 +23,8 @@
import android.database.DataSetObserver;
import android.os.AsyncTask;
import android.os.Bundle;
-import android.security.KeyPairGeneratorSpec;
+import android.security.keystore.KeyGenParameterSpec;
+import android.security.keystore.KeyProperties;
import android.util.Base64;
import android.util.Log;
import android.view.View;
@@ -55,8 +56,6 @@
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
-import java.util.Calendar;
-import java.util.Date;
import java.util.Enumeration;
import java.util.List;
@@ -305,24 +304,18 @@
try {
// BEGIN_INCLUDE(generate)
/*
- * Generate a new entry in the KeyStore by using the
- * KeyPairGenerator API. We have to specify the attributes for a
- * self-signed X.509 certificate here so the KeyStore can attach
- * the public key part to it. It can be replaced later with a
- * certificate signed by a Certificate Authority (CA) if needed.
+ * Generate a new EC key pair entry in the Android Keystore by
+ * using the KeyPairGenerator API. The private key can only be
+ * used for signing or verification and only with SHA-256 or
+ * SHA-512 as the message digest.
*/
- Calendar cal = Calendar.getInstance();
- Date now = cal.getTime();
- cal.add(Calendar.YEAR, 1);
- Date end = cal.getTime();
-
- KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
- kpg.initialize(new KeyPairGeneratorSpec.Builder(getApplicationContext())
- .setAlias(alias)
- .setStartDate(now)
- .setEndDate(end)
- .setSerialNumber(BigInteger.valueOf(1))
- .setSubject(new X500Principal("CN=test1"))
+ KeyPairGenerator kpg = KeyPairGenerator.getInstance(
+ KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore");
+ kpg.initialize(new KeyGenParameterSpec.Builder(
+ alias,
+ KeyProperties.PURPOSE_SIGN | KeyProperties.PURPOSE_VERIFY)
+ .setDigests(KeyProperties.DIGEST_SHA256,
+ KeyProperties.DIGEST_SHA512)
.build());
KeyPair kp = kpg.generateKeyPair();
@@ -371,7 +364,7 @@
Log.w(TAG, "Not an instance of a PrivateKeyEntry");
return null;
}
- Signature s = Signature.getInstance("SHA256withRSA");
+ Signature s = Signature.getInstance("SHA256withECDSA");
s.initSign(((PrivateKeyEntry) entry).getPrivateKey());
s.update(data);
byte[] signature = s.sign();
@@ -442,7 +435,7 @@
Log.w(TAG, "Not an instance of a PrivateKeyEntry");
return false;
}
- Signature s = Signature.getInstance("SHA256withRSA");
+ Signature s = Signature.getInstance("SHA256withECDSA");
s.initVerify(((PrivateKeyEntry) entry).getCertificate());
s.update(data);
boolean valid = s.verify(signature);