Correct feedback from downstream.

common/src/main/java/org/conscrypt/NativeCrypto.java

@@ -1223,7 +1223,7 @@ static String[] checkEnabledCipherSuites(String[] cipherSuites) {
             }
             // Not sure if we need to do this for SPAKE, but the SPAKE cipher suite
             // not registered at the moment.
-            if (DEFAULT_SPAKE_CIPHER_SUITES[0] == cipherSuites[i]) {
+            if (DEFAULT_SPAKE_CIPHER_SUITES[0].equals(cipherSuites[i])) {
                 continue;
             }
 

common/src/main/java/org/conscrypt/Spake2PlusKeyManager.java

@@ -23,7 +23,7 @@
 import javax.net.ssl.SSLEngine;
 
 /**
- * @hide This class is not part of the Android public SDK API
+ * Provider of key material for Spake2Plus
  */
 @Internal
 public class Spake2PlusKeyManager implements KeyManager {

common/src/main/java/org/conscrypt/Spake2PlusTrustManager.java

@@ -19,7 +19,7 @@
 import javax.net.ssl.TrustManager;
 
 /**
- * @hide This class is not part of the Android public SDK API
+ * Noop TrustManager for Spake2Plus
  */
 @Internal
 public class Spake2PlusTrustManager implements TrustManager {
@@ -28,4 +28,4 @@ public class Spake2PlusTrustManager implements TrustManager {
     public void checkClientTrusted() {}
 
     public void checkServerTrusted() {}
-}
+}

common/src/test/java/org/conscrypt/javax/net/ssl/TrustManagerFactoryTest.java

@@ -243,25 +243,23 @@ public void test_TrustManagerFactory_intermediate() throws Exception {
         keyStore.setCertificateEntry("alias", chain[1]);
 
         ServiceTester.test("TrustManagerFactory")
-            .run(new ServiceTester.Test() {
-                @Override
-                public void test(Provider p, String algorithm) throws Exception {
-                    TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
-                    if (tmf.getAlgorithm() == "PAKE") {
-                        return;
-                    }
-                    tmf.init(keyStore);
-                    TrustManager[] trustManagers = tmf.getTrustManagers();
-                    for (TrustManager trustManager : trustManagers) {
-                        if (!(trustManager instanceof X509TrustManager)) {
-                            continue;
+                .skipAlgorithm("PAKE")
+                .run(new ServiceTester.Test() {
+                    @Override
+                    public void test(Provider p, String algorithm) throws Exception {
+                        TrustManagerFactory tmf = TrustManagerFactory.getInstance(algorithm);
+                        tmf.init(keyStore);
+                        TrustManager[] trustManagers = tmf.getTrustManagers();
+                        for (TrustManager trustManager : trustManagers) {
+                            if (!(trustManager instanceof X509TrustManager)) {
+                                continue;
+                            }
+                            X509TrustManager tm = (X509TrustManager) trustManager;
+                            tm.checkClientTrusted(chain, "RSA");
+                            tm.checkServerTrusted(chain, "RSA");
                         }
-                        X509TrustManager tm = (X509TrustManager) trustManager;
-                        tm.checkClientTrusted(chain, "RSA");
-                        tm.checkServerTrusted(chain, "RSA");
                     }
-                }
-            });
+                });
     }
 
     @Test

platform/src/main/java/org/conscrypt/PakeKeyManagerFactory.java

@@ -45,7 +45,6 @@
 /**
  * PakeKeyManagerFactory implementation.
  * @see KeyManagerFactorySpi
- * @hide This class is not part of the Android public SDK API
  */
 @Internal
 public class PakeKeyManagerFactory extends KeyManagerFactorySpi {