| /external/bouncycastle/bcprov/src/main/java/org/bouncycastle/jce/provider/ |
| CertPathValidatorUtilities.java | 14 import java.security.cert.Certificate;
125 * issuer of the given X509 certificate. Uses the default provider
128 * @param cert the X509 certificate
133 * on the given certificate has thrown an exception.
145 * issuer of the given X509 certificate. Uses the specified
149 * @param cert the X509 certificate
155 * on the given certificate has thrown an exception.
236 throw new AnnotatedException("TrustAnchor found but certificate validation failed.", invalidKeyEx);
545 throw new AnnotatedException("Certificate policies cannot be decoded.", e);
686 "Problem while picking certificates from certificate store."
[all...] |
| /device/linaro/bootloader/edk2/CryptoPkg/Library/BaseCryptLib/Pk/ |
| CryptPkcs7Verify.c | 142 Pop single certificate from STACK_OF(X509).
147 @param[out] Cert Pointer to a X509 certificate.
148 @param[out] CertSize Length of output X509 certificate in bytes.
243 @param[out] TrustedCert Pointer to a trusted certificate from Signer's certificates.
245 @param[out] CertLength Length of the trusted certificate in bytes.
432 Cryptographic Message Syntax Standard", and outputs two certificate lists chained and
439 certificate. It's caller's responsiblity to free the buffer.
522 // Obtains Signer's Certificate from PKCS#7 data
524 // should include only one signer's certificate.
547 // Build certificates stack chained from Signer's certificate.
[all...] |
| /external/boringssl/src/ssl/test/runner/ |
| key_agreement.go | 40 func (ka *rsaKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
97 func (ka *rsaKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
135 func (ka *rsaKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
139 func (ka *rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
305 signParameters(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg, params []byte) (*serverKeyExchangeMsg, error)
306 verifyParameters(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, params []byte, sig []byte) error
313 func (ka *nilKeyAgreementAuthentication) signParameters(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg, params []byte) (*serverKeyExchangeMsg, error) {
319 func (ka *nilKeyAgreementAuthentication) verifyParameters(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, params []byte, sig []byte) error {
331 func (ka *signedKeyAgreement) signParameters(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg, params []byte) (*serverKeyExchangeMsg, error) {
379 func (ka *signedKeyAgreement) verifyParameters(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, params []byte, sig []byte) error
[all...] |
| /external/okhttp/okhttp-android-support/src/test/java/com/squareup/okhttp/internal/huc/ |
| JavaApiConverterTest.java | 39 import java.security.cert.Certificate;
70 private static final X509Certificate LOCAL_CERT = certificate(""
71 + "-----BEGIN CERTIFICATE-----\n"
80 + "-----END CERTIFICATE-----");
83 private static final X509Certificate SERVER_CERT = certificate(""
84 + "-----BEGIN CERTIFICATE-----\n"
94 + "-----END CERTIFICATE-----");
161 final List<Certificate> localCertificates = Arrays.<Certificate>asList(LOCAL_CERT);
163 final List<Certificate> serverCertificates = Arrays.<Certificate>asList(SERVER_CERT)
622 private static X509Certificate certificate(String certificate) { method in class:JavaApiConverterTest
[all...] |
| /frameworks/base/keystore/java/android/security/keystore/ |
| KeyGenParameterSpec.java | 30 import java.security.cert.Certificate;
61 * {@link Certificate#getPublicKey()}.
69 * <p>For asymmetric key pairs, a self-signed X.509 certificate will be also generated and stored in
71 * support storing key pairs without a certificate. The subject, serial number, and validity dates
72 * of the certificate can be customized in this spec. The self-signed certificate may be replaced at
73 * a later time by a certificate signed by a Certificate Authority (CA).
75 * <p>NOTE: If a private key is not authorized to sign the self-signed certificate, then the
76 * certificate will be created with an invalid signature which will not verify. Such a certificat
[all...] |
| /external/openssh/ |
| auth-options.c | 479 error("Unable to parse certificate options: %s",
483 debug3("found certificate option \"%.100s\" len %zu",
515 error("Certificate has multiple "
531 error("Certificate has multiple "
547 "with valid certificate but not "
553 "certificate for login.",
558 error("Certificate source-address "
568 error("Certificate critical option \"%s\" "
572 logit("Certificate extension \"%s\" "
576 error("Certificate option \"%s\" corrupt
[all...] |
| ssh-keygen.0 | 167 -h When signing a key, create a host certificate instead of a user
168 certificate. Please see the CERTIFICATES section for details.
196 every key or certificate presented on the command line.
225 included in a certificate when signing a key. Multiple
230 Specify a certificate option when signing a key. This option may
241 command specified by the user when the certificate is
275 Restrict the source addresses from which the certificate
335 Specify a validity interval when signing a certificate. A
337 the certificate is valid beginning now and expiring at that time,
366 Specifies a serial number to be embedded in the certificate t
[all...] |
| ssh-keygen.1 | 334 When signing a key, create a host certificate instead of a user
335 certificate.
378 flag that revokes every key or certificate presented on the command line.
418 a certificate when signing a key.
424 Specify a certificate option when signing a key.
439 the certificate is used for authentication.
472 Restrict the source addresses from which the certificate is considered valid.
551 Specify a validity interval when signing a certificate.
553 certificate is valid beginning now and expiring at that time, or may consist
588 Specifies a serial number to be embedded in the certificate to distinguis
[all...] |
| /libcore/luni/src/test/java/tests/security/cert/ |
| X509Certificate2Test.java | 42 * Test for X.509 Certificate provider
96 // Base64 encoded form of ASN.1 DER encoded X.509 Certificate
114 "-----BEGIN CERTIFICATE-----\n"
131 + "-----END CERTIFICATE-----";
133 private static String CERT_TAMPERED = "-----BEGIN CERTIFICATE-----\n"
150 + "-----END CERTIFICATE-----";
327 = ("-----BEGIN CERTIFICATE-----\n"
366 + "-----END CERTIFICATE-----\n");
369 = ("-----BEGIN CERTIFICATE-----\n"
407 + "-----END CERTIFICATE-----\n")
[all...] |
| CertStore2Test.java | 17 import java.security.cert.Certificate;
216 Collection<? extends Certificate> certificates = certStore.getCertificates(null);
223 Collection<? extends Certificate> certificates = certStore.getCertificates(new MyCertSelector());
317 public boolean match(Certificate cert) {
328 public boolean match(Certificate crl) {
366 public Collection<? extends Certificate> engineGetCertificates(
372 return new ArrayList<Certificate>();
|
| X509CRLTest.java | 38 import java.security.cert.Certificate;
57 String certificate = "-----BEGIN CERTIFICATE-----\n" field in class:X509CRLTest
71 + "-----END CERTIFICATE-----\n";
73 ByteArrayInputStream certArray = new ByteArrayInputStream(certificate
84 public boolean isRevoked(Certificate cert) {
267 * getRevokedCertificate(X509Certificate certificate) method testing.
|
| /libcore/ojluni/src/main/java/sun/security/x509/ |
| X509CRLEntryImpl.java | 41 * <p>Abstract class for a revoked certificate in a CRL.
83 * Constructs a revoked certificate entry using the given
86 * @param num the serial number of the revoked certificate.
95 * Constructs a revoked certificate entry using the given
99 * @param num the serial number of the revoked certificate.
111 * Unmarshals a revoked certificate from its encoded form.
126 * Unmarshals a revoked certificate from its encoded form.
128 * @param derVal the DER value containing the revoked certificate.
141 * Returns true if this revoked certificate entry has
152 * Encodes the revoked certificate to an output stream
[all...] |
| /packages/apps/KeyChain/src/com/android/keychain/ |
| KeyChainService.java | 155 * @param privateKey The private key associated with the client certificate
156 * @param userCertificate The client certificate to be installed
157 * @param userCertificateChain The rest of the chain for the client certificate
179 Log.e(TAG, "Failed to import user certificate " + userCertificate);
181 Log.e(TAG, "Failed to delete private key after certificate importing failed");
188 Log.e(TAG, "Failed to import certificate chain" + userCertificateChain);
190 Log.e(TAG, "Failed to clean up key chain after certificate chain"
255 Log.w(TAG, "Problem removing CA certificate " + alias, e);
258 Log.w(TAG, "Problem removing CA certificate " + alias, e);
320 X509Certificate certificate = (X509Certificate) mTrustedCertificateStor
[all...] |
| /external/conscrypt/common/src/main/java/org/conscrypt/ |
| OpenSSLX509CRL.java | 31 import java.security.cert.Certificate;
290 public X509CRLEntry getRevokedCertificate(X509Certificate certificate) {
291 if (certificate instanceof OpenSSLX509Certificate) {
292 OpenSSLX509Certificate osslCert = (OpenSSLX509Certificate) certificate;
303 return getRevokedCertificate(certificate.getSerialNumber());
352 public boolean isRevoked(Certificate cert) {
365 throw new RuntimeException("cannot convert certificate", e);
|
| OpenSSLX509CertificateFactory.java | 25 import java.security.cert.Certificate;
182 * there is an error during certificate generation.
276 public Certificate engineGenerateCertificate(InputStream inStream) throws CertificateException {
285 public Collection<? extends Certificate> engineGenerateCertificates(
333 public CertPath engineGenerateCertPath(List<? extends Certificate> certificates)
337 final Certificate c = certificates.get(i);
340 throw new CertificateException("Certificate not X.509 type at index " + i);
|
| /external/curl/lib/vtls/ |
| gtls.c | 505 /* use system ca certificate store as fallback */
557 /* Sets the priority on the certificate types supported by gnutls. Priority
723 failf(data, "error reading X.509 key or certificate file");
896 /* This function will return the peer's raw certificate (chain) as sent by
898 X.509). In case of a X.509 then a certificate list may be present. The
899 first certificate in the list is the peer's certificate, following the
900 issuer's certificate, then the issuer's issuer etc. */
944 /* This function will try to verify the peer's certificate and return its
948 regarding the certificate key size and chain size are set. To overrid
[all...] |
| /libcore/ojluni/src/main/java/java/security/cert/ |
| PKIXParameters.java | 56 * {@code KeyStore} instance containing trusted certificate entries, each
130 * certificate entries contained in the specified {@code KeyStore}.
132 * are considered; all other certificate types are ignored.
138 * not contain at least one trusted certificate entry
152 Certificate cert = keystore.getCertificate(alias);
216 * policies would be acceptable to the certificate user for the purposes of
234 * policies would be acceptable to the certificate user for the purposes of
360 * acceptable policy needs to be explicitly identified in every certificate.
372 * acceptable policy needs to be explicitly identified in every certificate.
407 * if it is included in a certificate. By default, the any policy OI
[all...] |
| /cts/tests/tests/keystore/src/android/keystore/cts/ |
| AndroidKeyStoreTest.java | 49 import java.security.cert.Certificate;
[all...] |
| /external/curl/lib/ |
| mk-ca-bundle.vbs | 39 Const myCaBakF = TRUE ' Flag: backup existing ca-bundle certificate
44 ' Also: we want our certificate output by default to be as similar as possible
47 Const myAskTiF = FALSE ' Flag: ask to include certificate text info
70 "certificate data." & _
93 MsgBox("OpenSSL was not found so the certificate bundle will not " & _
94 "include the SHA256 hash of the raw certificate data file " & _
97 "This does not have any effect on the certificate output, " & _
108 "each certificate?" & vbLf & _
135 ' Backup exitsing ca-bundle certificate file
164 "## Certificate data from Mozilla as of: " & _
[all...] |
| /external/wpa_supplicant_8/src/crypto/ |
| tls_openssl_ocsp.c | 160 * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
515 "OpenSSL: Searching OCSP response for peer certificate serialNumber: %s", txt);
581 "OpenSSL: Could not add certificate to the untrusted stack");
590 "OpenSSL: Could not add issuer to certificate store");
623 "OpenSSL: Could not find OCSP signer certificate");
643 "OpenSSL: Found OCSP signer certificate %s and verified BasicOCSPResponse signature",
654 "OpenSSL: Could not validate OCSP signer certificate");
668 "OpenSSL: OCSP signer certificate delegation OK");
674 "OpenSSL: OCSP signer certificate not trusted");
795 "OpenSSL: This response matches peer certificate");
[all...] |
| /frameworks/base/wifi/java/android/net/wifi/hotspot2/ |
| PasspointConfiguration.java | 47 * Number of bytes for certificate SHA-256 fingerprint byte array.
134 * List of HTTPS URL for retrieving trust root certificate and the corresponding SHA-256
135 * fingerprint of the certificate. The certificates are used for verifying AAA server's
507 Log.d(TAG, "Incorrect size of trust root certificate SHA-256 fingerprint: "
544 * Helper function for reading trust root certificate info list from a Parcel.
547 * @return The list of trust root certificate URL with the corresponding certificate
566 * Helper function for writing trust root certificate information list.
569 * @param trustRootCerts The list of trust root certificate URL with the corresponding
570 * certificate fingerprin
[all...] |
| /system/tpm/attestation/client/ |
| dbus_proxy_test.cc | 67 reply_proto.set_certificate_chain("certificate");
80 EXPECT_EQ("certificate", reply.certificate_chain());
114 reply_proto.set_certificate("certificate");
131 EXPECT_EQ("certificate", reply.certificate());
155 reply_proto.set_ek_certificate("certificate");
168 EXPECT_EQ("certificate", reply.ek_certificate());
192 reply_proto.set_certificate("certificate");
208 EXPECT_EQ("certificate", reply.certificate());
[all...] |
| /external/bouncycastle/bcprov/src/main/java/org/bouncycastle/x509/ |
| AttributeCertificateHolder.java | 8 import java.security.cert.Certificate;
40 * -- the holder's Public Key Certificate
110 * <li>1 - publicKeyCert - A hash of the public key certificate of the
116 * This cannot be used if a v1 attribute certificate is used.
139 * <li>1 - publicKeyCert - A hash of the public key certificate of the
274 * Return any principal objects inside the attribute certificate holder
309 * @return the certificate serial number, null if no BaseCertificateID is
328 public boolean match(Certificate cert)
418 return match((Certificate)obj);
|
| /frameworks/base/core/java/android/content/pm/ |
| Signature.java | 28 import java.security.cert.Certificate;
36 * Opaque, immutable representation of a signing certificate associated with an
46 private Certificate[] mCertificateChain;
57 * Create signature from a certificate chain. Used for backward
63 public Signature(Certificate[] certificateChain) throws CertificateEncodingException {
170 * certificate; shouldn't happen.
176 final Certificate cert = certFactory.generateCertificate(bais);
181 * Used for compatibility code that needs to check the certificate chain
196 for (Certificate c : mCertificateChain) {
|
| /frameworks/base/core/java/android/util/jar/ |
| StrictJarFile.java | 29 import java.security.cert.Certificate;
157 * Return all certificate chains for a given {@link ZipEntry} belonging to this jar.
164 public Certificate[][] getCertificateChains(ZipEntry ze) {
183 public Certificate[] getCertificates(ZipEntry ze) {
185 Certificate[][] certChains = verifier.getCertificateChains(ze.getName());
189 for (Certificate[] chain : certChains) {
194 Certificate[] certs = new Certificate[count];
196 for (Certificate[] chain : certChains) {
|
