| /frameworks/base/core/java/org/apache/http/conn/ssl/ |
| AbstractVerifier.java | 37 import java.security.cert.Certificate;
75 * that CA's would never foolishly allow such a certificate to happen?
99 Certificate[] certs = session.getPeerCertificates();
106 Certificate[] certs = session.getPeerCertificates();
145 String msg = "Certificate for <" + host + "> doesn't contain CN or DNS subjectAlt";
153 // establish the socket to the hostname in the certificate.
191 throw new SSLException("hostname in certificate didn't match: <" + host + "> !=" + buf);
237 * @return Array of SubjectALT DNS names stored in the certificate.
247 .log(Level.FINE, "Error parsing certificate.", cpe);
|
| /libcore/ojluni/src/main/java/sun/security/x509/ |
| ExtendedKeyUsageExtension.java | 58 * This extension may, at the option of the certificate issuer, be
61 * If the extension is flagged critical, then the certificate MUST be
66 * the correct key/certificate of an entity that has multiple
69 * the purpose indicated. Certificate using applications may
71 * order for the certificate to be acceptable to that application.<p>
73 * If a certificate contains both a critical key usage field and a
75 * processed independently and the certificate MUST only be used for a
77 * consistent with both fields, then the certificate MUST NOT be used
87 * get, set, delete methods of Certificate, x509 type.
|
| PrivateKeyUsageExtension.java | 43 * <p>The Private Key Usage Period extension allows the certificate issuer
45 * certificate. This extension is intended for use with digital
48 * certificate should not be used to sign objects before or after the
66 * get, set, delete methods of Certificate, x509 type.
132 * @exception CertificateException on certificate parsing errors.
189 * @exception CertificateExpiredException if the certificate has expired.
190 * @exception CertificateNotYetValidException if the certificate is not
202 * @exception CertificateExpiredException if the certificate has expired
204 * @exception CertificateNotYetValidException if the certificate is not
|
| CertificateVersion.java | 36 * This class defines the version of the X509 Certificate.
57 * get, set, delete methods of Certificate, x509 type.
96 * @param version the version for the certificate.
105 throw new IOException("X.509 Certificate version " +
149 * Return the version number of the certificate.
|
| OCSPNoCheckExtension.java | 38 * lifetime of the responder's certificate. The CA does so by including
41 * such a certificate should realized that a compromise of the
43 * sign CRLs, at least for the validity period of this certificate. CA's
44 * may choose to issue this type of certificate with a very short
59 * get, set, delete methods of Certificate, x509 type.
|
| /libcore/support/src/test/java/libcore/javax/net/ssl/ |
| TestSSLContext.java | 33 import java.security.cert.Certificate;
241 * SSLContext with certificate and key as well as SSLServerSocket
314 * certificate chain from the given KeyStore and a TrustManager
347 public static void assertCertificateInKeyStore(Certificate certificate,
354 Certificate keyStoreCertificate = keyStore.getCertificate(alias);
355 if (certificate.equals(keyStoreCertificate)) {
364 Certificate[] serverChain)
371 Certificate[] clientChain)
|
| /sdk/eclipse/plugins/com.android.ide.eclipse.adt/src/com/android/ide/eclipse/adt/internal/preferences/ |
| BuildPreferencePage.java | 41 import java.security.cert.Certificate;
301 X509Certificate certificate = (X509Certificate)provider.getCertificate(); local
303 if (key == null || certificate == null) {
310 FingerprintUtils.getFingerprint(certificate, "MD5"));
315 FingerprintUtils.getFingerprint(certificate, "SHA1"));
319 if (certificate.getNotAfter().compareTo(today) < 0) {
320 showErrorMessage("Certificate is expired!");
324 if (certificate.getNotBefore().compareTo(today) > 0) {
325 showErrorMessage("Certificate validity is in the future!");
|
| /tools/apksig/src/apksigner/java/com/android/apksigner/ |
| help_sign.txt | 5 pair and a corresponding certificate. Typically, an APK is signed by just one
7 certificate.
55 PER-SIGNER SIGNING KEY & CERTIFICATE OPTIONS
56 There are two ways to provide the signer's private key and certificate: (1) Java
57 KeyStore (see --ks), or (2) private key file in PKCS #8 format and certificate
60 --ks Load private key and certificate chain from the Java
65 --ks-key-alias Alias under which the private key and certificate are
148 --cert Load certificate chain from the specified file. The file
180 3. Sign an APK using a private key and certificate stored as individual files:
|
| /device/linaro/bootloader/arm-trusted-firmware/tools/cert_create/src/ |
| cert.c | 110 /* Create the certificate structure */
116 /* If we do not have a key, use the issuer key (the certificate will
122 /* If we do not have an issuer certificate, use our own (the certificate
172 /* Sign the certificate with the issuer key */
|
| /device/linaro/bootloader/edk2/EdkCompatibilityPkg/Foundation/Efi/Protocol/Bis/ |
| Bis.h | 66 // authorization certificate.
84 // platform Boot Object Authorization Certificate to create the certificateID.
156 OUT EFI_BIS_DATA **Certificate // Pointer to certificate.
197 IN EFI_BIS_DATA * AuthorityCertificate, // Certificate for credentials.
|
| /device/linaro/bootloader/edk2/NetworkPkg/IpSecDxe/ |
| IpSecCryptIo.c | 800 Authenticate data with the certificate.
865 Verify the singed data with the public key which is contained in a certificate.
867 @param[in] InCert Pointer to the Certificate which contains the
869 @param[in] CertLen The size of Certificate in bytes.
870 @param[in] InCa Pointer to the CA certificate
871 @param[in] CaLen The size of CA certificate in bytes.
905 // Verify the validity of X509 Certificate
912 // Retrieve the RSA public Key from Certificate
929 Retrieves the RSA Public Key from one X509 certificate (DER format only).
931 @param[in] InCert Pointer to the certificate.
[all...] |
| /device/linaro/bootloader/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/ |
| SecureBootConfigStrings.uni | 41 #string STR_DBX_CERTIFICATE_FORMAT_HELP #language en-US "Select the certificate format used to enroll certificate into database."
48 #string STR_CERTIFICATE_REVOCATION_TIME_HELP #language en-US "Input the revocation time of the certificate"
50 #string STR_CERTIFICATE_REVOCATION_DATE_HELP #language en-US "Input the revocation date of the certificate"
53 #string STR_ALWAYS_CERTIFICATE_REVOCATION_HELP #language en-US "Indicate whether the certificate is always revoked."
|
| /docs/source.android.com/en/security/enhancements/ |
| enhancements42.html | 46 <li><strong>Certificate Pinning</strong> - The Android core libraries now support
47 <a href="https://developer.android.com/reference/android/net/http/X509TrustManagerExtensions.html">certificate pinning</a>.
48 Pinned domains will receive a certificate validation
49 failure if the certificate does not chain to a set of expected certificates.
50 This protects against possible compromise of Certificate Authorities.</li>
|
| /external/apache-http/android/src/android/net/http/ |
| EventHandler.java | 24 * there is an SSL certificate error. error() can occur anywhere
107 * SSL certificate callback called before resource request is
110 public void certificate(SslCertificate certificate); method in interface:EventHandler
120 * SSL certificate error callback. Handles SSL error(s) on the way
|
| /external/autotest/client/site_tests/security_OpenSSLRegressions/src/ |
| cert.pem | 0 Certificate:
11 Subject: C=US, ST=California, L=Mountain View, O=Google, OU=Chrome OS, CN=OpenSSL Test Certificate/emailAddress=security@chromium.org
30 OpenSSL Generated Certificate
45 -----BEGIN CERTIFICATE-----
63 -----END CERTIFICATE-----
|
| /external/bouncycastle/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/ |
| JcaContentVerifierProviderBuilder.java | 56 public ContentVerifierProvider build(final X509Certificate certificate)
63 certHolder = new JcaX509CertificateHolder(certificate);
67 throw new OperatorCreationException("cannot process certificate: " + e.getMessage(), e);
91 sig.initVerify(certificate.getPublicKey());
100 Signature rawSig = createRawSig(algorithm, certificate.getPublicKey());
|
| /external/curl/docs/examples/ |
| smtp-tls.c | 114 /* If your server doesn't have a valid certificate, then you can disable
121 * the issuer certificate (or the host certificate if the certificate is
125 curl_easy_setopt(curl, CURLOPT_CAINFO, "/path/to/certificate.pem");
|
| /external/libmicrohttpd/src/examples/ |
| https_fileserver_example.c | 27 * The certificate & key are required by the server to operate, Omitting the
28 * path arguments will cause the server to use the hard coded example certificate & key.
50 /* Test Certificate */
52 "-----BEGIN CERTIFICATE-----\n"
67 "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
|
| /frameworks/base/core/java/android/net/http/ |
| X509TrustManagerExtensions.java | 37 * verification of certificate chains after they have been successfully verified
88 * Verifies the given certificate chain.
120 * Checks whether a CA certificate is added by an user.
126 * @return {@code true} to indicate that the certificate authority exists in the user added
127 * certificate store, {@code false} otherwise.
|
| /frameworks/opt/telephony/src/java/com/google/android/mms/pdu/ |
| PduContentTypes.java | 50 "application/vnd.wap.wtls-ca-certificate", /* 0x18 */
51 "application/vnd.wap.wtls-user-certificate", /* 0x19 */
82 "application/vnd.wap.hashed-certificate", /* 0x38 */
83 "application/vnd.wap.signed-certificate", /* 0x39 */
89 "application/vnd.wap.rollover-certificate", /* 0x3F */
|
| /packages/apps/Messaging/src/android/support/v7/mms/pdu/ |
| PduContentTypes.java | 50 "application/vnd.wap.wtls-ca-certificate", /* 0x18 */
51 "application/vnd.wap.wtls-user-certificate", /* 0x19 */
82 "application/vnd.wap.hashed-certificate", /* 0x38 */
83 "application/vnd.wap.signed-certificate", /* 0x39 */
89 "application/vnd.wap.rollover-certificate", /* 0x3F */
|
| /packages/apps/Messaging/src/com/android/messaging/mmslib/pdu/ |
| PduContentTypes.java | 50 "application/vnd.wap.wtls-ca-certificate", /* 0x18 */
51 "application/vnd.wap.wtls-user-certificate", /* 0x19 */
82 "application/vnd.wap.hashed-certificate", /* 0x38 */
83 "application/vnd.wap.signed-certificate", /* 0x39 */
89 "application/vnd.wap.rollover-certificate", /* 0x3F */
|
| /prebuilts/go/darwin-x86/src/crypto/tls/ |
| handshake_server.go | 34 cert *Certificate
387 certMsg.certificates = hs.cert.Certificate
417 // Request a client certificate
429 // the client that it may send any certificate in response
432 // an appropriate certificate to give to us.
460 // If we requested a client certificate, then the client must send a
461 // certificate message, even if it's empty.
470 // The client didn't actually send a certificate
474 return errors.New("tls: client didn't provide a certificate")
508 // If we received a client cert in response to our certificate request message
[all...] |
| /prebuilts/go/linux-x86/src/crypto/tls/ |
| handshake_server.go | 34 cert *Certificate
387 certMsg.certificates = hs.cert.Certificate
417 // Request a client certificate
429 // the client that it may send any certificate in response
432 // an appropriate certificate to give to us.
460 // If we requested a client certificate, then the client must send a
461 // certificate message, even if it's empty.
470 // The client didn't actually send a certificate
474 return errors.New("tls: client didn't provide a certificate")
508 // If we received a client cert in response to our certificate request message
[all...] |
| /external/boringssl/src/ssl/test/runner/ |
| common.go | 165 // Certificate types (for certificateRequestMsg)
167 CertTypeRSASign = 1 // A certificate containing an RSA key
168 CertTypeDSSSign = 2 // A certificate containing a DSA key
169 CertTypeRSAFixedDH = 3 // A certificate containing a static DH key
170 CertTypeDSSFixedDH = 4 // A certificate containing a static DH key
173 CertTypeECDSASign = 64 // A certificate containing an ECDSA-capable public key, signed with ECDSA.
174 CertTypeRSAFixedECDH = 65 // A certificate containing an ECDH-capable public key, signed with RSA.
175 CertTypeECDSAFixedECDH = 66 // A certificate containing an ECDH-capable public key, signed with ECDSA.
249 PeerCertificates []*x509.Certificate // certificate chain presented by remote pee
[all...] |
