| /external/ipsec-tools/src/racoon/ |
| isakmp.h | 82 #define ISAKMP_NPTYPE_CERT 6 /* Certificate */
83 #define ISAKMP_NPTYPE_CR 7 /* Certificate Request */
250 /* 3.9 Certificate Payload */
259 /* Certificate Type */
273 /* the method to get peers certificate */
278 /* 3.10 Certificate Request Payload */
283 Certificate Types (variable length)
285 sorted in order of preference. Each individual certificate
288 /* # Certificate Authorities (1 octet) */
289 /* Certificate Authorities (variable length) *
[all...] |
| /frameworks/base/core/java/org/apache/http/conn/ssl/ |
| SSLSocketFactory.java | 72 * authenticate itself with a non-trusted certificate.
76 * Use JDK keytool utility to import a trusted certificate and generate a truststore file:
84 * a {@link KeyStore keystore} file containg a private key/public certificate
88 * The target HTTPS server will in its turn verify the certificate presented
105 * Issue a certificate signing request (CSR)
111 * Send the certificate request to the trusted Certificate Authority for signature.
112 * One may choose to act as her own CA and sign the certificate request using a PKI
118 * Import the trusted CA root certificate
124 * Import the PKCS#7 file containg the complete certificate chai
[all...] |
| /libcore/harmony-tests/src/test/java/org/apache/harmony/tests/javax/net/ssl/ |
| HostnameVerifierTest.java | 78 // The certificate has this name in the altnames section, but Conscrypt drops
126 // The certificate has this name in the altnames section, but Conscrypt drops
160 String cert = "-----BEGIN CERTIFICATE-----\n"
170 + "-----END CERTIFICATE-----";
188 String cert = "-----BEGIN CERTIFICATE-----\n"
198 + "-----END CERTIFICATE-----";
223 String cert = "-----BEGIN CERTIFICATE-----\n"
231 + "-----END CERTIFICATE-----";
260 String cert = "-----BEGIN CERTIFICATE-----\n"
268 + "-----END CERTIFICATE-----"
[all...] |
| /libcore/luni/src/test/java/tests/security/cert/ |
| CertPathValidatorExceptionTest.java | 33 import java.security.cert.Certificate;
393 * Test for <code>getIndex()</code>. Returns the index of the certificate
443 Certificate cert1 = mock(Certificate.class);
444 Certificate cert2 = mock(Certificate.class);
445 List<Certificate> certList = new ArrayList<Certificate>();
464 public List<Certificate> getCertificates() {
465 return new Vector<Certificate>();
[all...] |
| /packages/apps/Email/emailcommon/src/com/android/emailcommon/utility/ |
| SSLSocketFactory.java | 78 * authenticate itself with a non-trusted certificate.
82 * Use JDK keytool utility to import a trusted certificate and generate a truststore file:
90 * a {@link KeyStore keystore} file containg a private key/public certificate
94 * The target HTTPS server will in its turn verify the certificate presented
111 * Issue a certificate signing request (CSR)
117 * Send the certificate request to the trusted Certificate Authority for signature.
118 * One may choose to act as her own CA and sign the certificate request using a PKI
124 * Import the trusted CA root certificate
130 * Import the PKCS#7 file containg the complete certificate chai
[all...] |
| /prebuilts/go/darwin-x86/src/crypto/tls/ |
| key_agreement.go | 30 func (ka rsaKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
34 func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
49 return nil, errors.New("tls: certificate private key does not implement crypto.Decrypter")
65 func (ka rsaKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
69 func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
192 func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
259 return nil, errors.New("tls: certificate private key does not implement crypto.Signer")
301 func (ka *ecdheKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
337 func (ka *ecdheKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
431 func (ka *ecdheKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error)
[all...] |
| /prebuilts/go/linux-x86/src/crypto/tls/ |
| key_agreement.go | 30 func (ka rsaKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
34 func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
49 return nil, errors.New("tls: certificate private key does not implement crypto.Decrypter")
65 func (ka rsaKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
69 func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
192 func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
259 return nil, errors.New("tls: certificate private key does not implement crypto.Signer")
301 func (ka *ecdheKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
337 func (ka *ecdheKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
431 func (ka *ecdheKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error)
[all...] |
| /external/boringssl/src/tool/ |
| server.cc | 52 "certificate is generated at runtime if this argument is not provided.",
56 "PEM-encoded file containing the leaf certificate and optional "
57 "certificate chain. This is taken from the -key argument if this "
139 fprintf(stderr, "Failed to sign certificate.\n");
188 fprintf(stderr, "Failed to set certificate.\n");
|
| /external/bouncycastle/bcprov/src/main/java/org/bouncycastle/x509/ |
| X509CRLStoreSelector.java | 16 * This class is a Selector implementation for X.509 certificate revocation
66 * Sets the attribute certificate being checked. This is not a criterion.
69 * attribute certificate. If <code>null</code> is specified, then no such
82 * Returns the attribute certificate being checked.
84 * @return Returns the attribute certificate being checked.
|
| /external/conscrypt/openjdk-integ-tests/src/test/java/libcore/javax/net/ssl/ |
| KeyManagerFactoryTest.java | 32 import java.security.cert.Certificate;
243 X509Certificate certificate = certificateChain[0]; local
244 assertEquals(keyType, keyAlgName, certificate.getPublicKey().getAlgorithm());
246 String sigAlgName = certificate.getSigAlgName();
251 Arrays.<Certificate>asList(certificateChain));
|
| /external/webrtc/webrtc/p2p/base/ |
| transportcontroller.h | 56 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate);
59 rtc::scoped_refptr<rtc::RTCCertificate>* certificate);
60 // Caller owns returned certificate
161 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate);
164 rtc::scoped_refptr<rtc::RTCCertificate>* certificate);
|
| /libcore/ojluni/src/main/java/sun/security/provider/certpath/ |
| ForwardState.java | 50 * certificate is added to the current path.
157 * Update the state with the next certificate added to the path.
159 * @param cert the certificate which is used to update the state
170 /* see if certificate key has null parameters */
175 /* update certificate */
|
| OCSPResponse.java | 79 * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
383 throw new IOException("Bad encoding in X509 Certificate", ce);
418 "certificate supplied in the OCSP request");
421 debug.println("Status of certificate (with serial number " +
437 "Invalid issuer or trusted responder certificate", ce);
457 // The certificate does not have a SKID or may have
504 "Responder's certificate not valid for signing " +
510 "Responder's certificate not valid for signing " +
530 "Responder's certificate not within the " +
538 // certificate. The CA does so by including th
[all...] |
| RevocationChecker.java | 280 Collection<? extends Certificate> certs =
294 "Cannot find the responder's certificate " +
334 public void check(Certificate cert, Collection<String> unresolvedCritExts)
542 // the certificate in question and all reasons are covered
678 // The algorithm constraints of the OCSP trusted responder certificate
680 // checked when the responder's certificate is validated.
718 "Certificate does not specify OCSP responder", null,
747 "Certificate's revocation status is unknown", null,
791 * @param cert the certificate whose revocation status is being checked
[all...] |
| /libcore/ojluni/src/main/java/sun/security/x509/ |
| SubjectInfoAccessExtension.java | 41 * information and services for the subject of the certificate in which
43 * services may include certificate validation services and CA policy
52 * Internet X.509 PKI Certificate and Certificate Revocation List
76 * get, set, delete methods of Certificate, x509 type.
|
| /prebuilts/jdk/jdk8/darwin-x86/jre/lib/security/ |
| java.security | 322 # Properties to configure OCSP for certificate revocation checking
327 # By default, OCSP is not used for certificate revocation checking.
339 # from the certificate being validated. This property explicitly specifies
342 # from the certificate or when it requires overriding.
348 # Subject name of the OCSP responder's certificate
350 # By default, the certificate of the OCSP responder is that of the issuer
351 # of the certificate being validated. This property identifies the certificate
353 # distinguished name (defined in RFC 2253) which identifies a certificate in
355 # the subject name alone is not sufficient to uniquely identify the certificate
[all...] |
| /prebuilts/jdk/jdk8/linux-x86/jre/lib/security/ |
| java.security | 319 # Properties to configure OCSP for certificate revocation checking
324 # By default, OCSP is not used for certificate revocation checking.
336 # from the certificate being validated. This property explicitly specifies
339 # from the certificate or when it requires overriding.
345 # Subject name of the OCSP responder's certificate
347 # By default, the certificate of the OCSP responder is that of the issuer
348 # of the certificate being validated. This property identifies the certificate
350 # distinguished name (defined in RFC 2253) which identifies a certificate in
352 # the subject name alone is not sufficient to uniquely identify the certificate
[all...] |
| /external/boringssl/src/ssl/ |
| ssl_cert.cc | 247 /* check_leaf_cert_and_privkey checks whether the certificate in |leaf_buffer|
250 * found. If the certificate and private key are valid, but incoherent, it
270 /* An ECC certificate may be usable for ECDH or ECDSA. We only support ECDSA
279 /* Sanity-check that the private key and the certificate match. */
447 CBS certificate; local
448 if (!CBS_get_u24_length_prefixed(&certificate_list, &certificate) ||
449 CBS_len(&certificate) == 0) {
456 *out_pubkey = ssl_cert_parse_pubkey(&certificate);
462 /* Retain the hash of the leaf certificate if requested. */
464 SHA256(CBS_data(&certificate), CBS_len(&certificate), out_leaf_sha256)
[all...] |
| /external/wpa_supplicant_8/src/crypto/ |
| tls_openssl.c | 134 wpa_printf(MSG_WARNING, "TLS: Failed to parse certificate: %s",
285 /* Windows CryptoAPI and access to certificate stores */
513 wpa_printf(MSG_INFO, "CryptoAPI: Could not find certificate "
533 "certificate");
630 wpa_printf(MSG_DEBUG, "OpenSSL: Loaded CA certificate for "
631 "system certificate store: subject='%s'", buf);
637 "certificate store");
977 * auto chaining the local certificate is in use. BoringSSL removed this
1181 /* handle a certificate and/or CA certificate */
[all...] |
| /frameworks/opt/net/wifi/service/java/com/android/server/wifi/hotspot2/ |
| PasspointProvider.java | 73 * is a suffix of the actual certificate or key name installed in the keystore. The
74 * certificate or key name in the keystore is consist of |Type|_|alias|.
173 // Install CA certificate.
178 Log.e(TAG, "Failed to install CA Certificate");
197 // Install the client certificate.
203 Log.e(TAG, "Failed to locate client certificate");
209 Log.e(TAG, "Failed to install client certificate");
422 * Retrieve the client certificate from the certificates chain. The certificate
423 * with the matching SHA256 digest is the client certificate
[all...] |
| /device/linaro/bootloader/edk2/NetworkPkg/IpSecDxe/Ikev2/ |
| Utility.h | 481 @param[in] InCert Pointer to the Certificate which distinguished name
483 @param[in] CertSize Size of the Certificate.
630 Generate a Authentication Payload for Certificate Auth method.
716 Generate the Certificate payload or Certificate Request Payload.
718 Since the Certificate Payload structure is same with Certificate Request Payload,
719 the only difference is that one contains the Certificate Data, other contains
720 the acceptable certificateion CA. This function generate Certificate payload
721 or Certificate Request Payload defined in RFC 4306, but all the fields
[all...] |
| /system/tpm/attestation/server/ |
| attestation_service_test.cc | 66 // Setup a fake wrapped EK certificate by default.
95 const std::string kBeginCertificate = "-----BEGIN CERTIFICATE-----\n";
96 const std::string kEndCertificate = "-----END CERTIFICATE-----";
465 EXPECT_EQ(GetFakeCertificateChain(), reply.certificate());
496 EXPECT_EQ(GetFakeCertificateChain(), reply.certificate());
540 database->mutable_credentials()->set_endorsement_credential("certificate");
545 EXPECT_EQ("certificate", reply.ek_certificate());
587 database->mutable_identity_key()->set_identity_credential("certificate");
596 EXPECT_EQ("certificate", reply.certificate());
[all...] |
| /external/conscrypt/testing/src/main/java/libcore/javax/net/ssl/ |
| TestSSLContext.java | 33 import java.security.cert.Certificate;
347 * SSLContext with certificate and key as well as SSLServerSocket
362 * certificate chain from the given KeyStore and a TrustManager
391 public static void assertCertificateInKeyStore(Certificate certificate, KeyStore keyStore)
398 Certificate keyStoreCertificate = keyStore.getCertificate(alias);
399 if (certificate.equals(keyStoreCertificate)) {
407 X509TrustManager trustManager, Certificate[] serverChain) throws CertificateException {
412 X509TrustManager trustManager, Certificate[] clientChain) throws CertificateException {
|
| /external/curl/packages/OS400/ |
| README.OS400 | 43 implementations, GSKit is based on "certificate stores" or keyrings
44 rather than individual certificate/key files. Certificate stores, as well as
45 "certificate labels" are managed by external IBM-defined applications.
48 - By a keyring file pathname and (optionally) certificate label.
51 To address an SSL context by keyring and certificate label, use CURLOPT_CAINFO
52 to set-up the keyring pathname, CURLOPT_SSLCERT to define the certificate label
53 (omitting it will cause the default certificate in keyring to be used) and
56 server certificate validation.
|
| /external/libmtp/logs/ |
| mtp-detect-zune.txt | 88 0xd102: Device Certificate
540 Device Certificate:
541 <DEVCERT version="1.0"><CERTIFICATE type="DEVICE"><DATA><UNIQUEID
551 vnK/5Q=</SYMSIGNATURE></CERTIFICATE><FALLBACK><SECURITYVERSION>2.4.105.187</
553 RITYVERSION><CERTIFICATE
557 TE></FALLBACK><CERTIFICATE
585 H812eSH/Vd8oH5ZAlem9Qw7YTxKd12Bg==</MSDRM_SIGNATURE_VALUE></CERTIFICATE><CER
593 rMv7K1ZJDdMiQ==</MSDRM_SIGNATURE_VALUE></CERTIFICATE><CERTIFICATE
|
