Home
last modified time | relevance | path

Searched +full:- +full:- +full:no +full:- +full:check +full:- +full:certificate (Results 1 – 25 of 1214) sorted by relevance

12345678910>>...49

/aosp_15_r20/external/openthread/third_party/mbedtls/repo/tests/
H A Dssl-opt.sh3 # ssl-opt.sh
6 # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
21 set -u
25 ulimit -f 20971520
38 : ${GNUTLS_CLI:=gnutls-cli}
39 : ${GNUTLS_SERV:=gnutls-serv}
46 # the variable is set, we can now check its value
54 if git diff --quiet ../include/mbedtls/mbedtls_config.h 2>/dev/null; then
62 : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
65 O_SRV="$OPENSSL s_server -www -cert data_files/server5.crt -key data_files/server5.key"
[all …]
/aosp_15_r20/external/mbedtls/tests/
H A Dssl-opt.sh3 # ssl-opt.sh
6 # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
21 set -u
25 ulimit -f 20971520
38 : ${GNUTLS_CLI:=gnutls-cli}
39 : ${GNUTLS_SERV:=gnutls-serv}
46 # the variable is set, we can now check its value
54 if git diff --quiet ../include/mbedtls/mbedtls_config.h 2>/dev/null; then
62 : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
64 O_SRV="$OPENSSL s_server -www -cert data_files/server5.crt -key data_files/server5.key"
[all …]
/aosp_15_r20/external/tpm2-tss/src/tss2-fapi/api/
H A DFapi_Provision.c1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
32 /** One-Call function for the initial FAPI provisioning.
35 * and policy settings as well as the readout of the EK and its certificate and
36 * the initialization of the system-wide keystore.
50 * @retval TSS2_FAPI_RC_NO_CERT: if no certificate was found for the computed EK.
52 * configured certificate or the configured fingerprint does not match
57 * @retval TSS2_FAPI_RC_NO_TPM if FAPI was initialized in no-TPM-mode via its
85 /* Check for NULL parameters */ in Fapi_Provision()
88 /* Check whether TCTI and ESYS are initialized */ in Fapi_Provision()
[all …]
/aosp_15_r20/external/conscrypt/common/src/main/java/org/conscrypt/
H A DTrustManagerImpl.java8 * http://www.apache.org/licenses/LICENSE-2.0
26 * http://www.apache.org/licenses/LICENSE-2.0
52 import java.security.cert.Certificate;
93 * Comparator used for ordering trust anchors during certificate path building.
104 * The AndroidCAStore if non-null, null otherwise.
109 * The CertPinManager, which validates the chain against a host-to-pin mapping
114 * The backing store for the AndroidCAStore if non-null. This will
136 * non-AndroidCAStore, we initialize this as part of the
290 throw new CertificateException("Not in handshake; no session available"); in getHandshakeSessionOrThrow()
313 throw new CertificateException("Not in handshake; no session available"); in checkClientTrusted()
[all …]
/aosp_15_r20/external/conscrypt/repackaged/common/src/main/java/com/android/org/conscrypt/
H A DTrustManagerImpl.java9 * http://www.apache.org/licenses/LICENSE-2.0
27 * http://www.apache.org/licenses/LICENSE-2.0
53 import java.security.cert.Certificate;
95 * Comparator used for ordering trust anchors during certificate path building.
105 * The AndroidCAStore if non-null, null otherwise.
110 * The CertPinManager, which validates the chain against a host-to-pin mapping
115 * The backing store for the AndroidCAStore if non-null. This will
137 * non-AndroidCAStore, we initialize this as part of the
295 throw new CertificateException("Not in handshake; no session available"); in getHandshakeSessionOrThrow()
320 throw new CertificateException("Not in handshake; no session available"); in checkClientTrusted()
[all …]
/aosp_15_r20/external/coreboot/src/vendorcode/intel/edk2/edk2-stable202005/MdePkg/Include/Protocol/
H A DBis.h2 The EFI_BIS_PROTOCOL is used to check a digital signature of a data block
3 against a digital certificate for the purpose of an integrity and authorization check.
5 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
22 // X-Intel-BIS-ParameterSet
24 // Binary Value of X-Intel-BIS-ParameterSet Attribute.
25 // (Value is Base-64 encoded in actual signed manifest).
61 // ----------------------------------------------------//
64 // ----------------------------------------------------//
92 /// platform Boot Object Authorization Certificate to create the certificateID.
[all …]
/aosp_15_r20/external/coreboot/src/vendorcode/intel/edk2/edk2-stable202302/MdePkg/Include/Protocol/
H A DBis.h2 The EFI_BIS_PROTOCOL is used to check a digital signature of a data block
3 against a digital certificate for the purpose of an integrity and authorization check.
5 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
22 // X-Intel-BIS-ParameterSet
24 // Binary Value of X-Intel-BIS-ParameterSet Attribute.
25 // (Value is Base-64 encoded in actual signed manifest).
58 // ----------------------------------------------------//
61 // ----------------------------------------------------//
89 /// platform Boot Object Authorization Certificate to create the certificateID.
[all …]
/aosp_15_r20/external/coreboot/src/vendorcode/intel/edk2/edk2-stable202111/MdePkg/Include/Protocol/
H A DBis.h2 The EFI_BIS_PROTOCOL is used to check a digital signature of a data block
3 against a digital certificate for the purpose of an integrity and authorization check.
5 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
22 // X-Intel-BIS-ParameterSet
24 // Binary Value of X-Intel-BIS-ParameterSet Attribute.
25 // (Value is Base-64 encoded in actual signed manifest).
61 // ----------------------------------------------------//
64 // ----------------------------------------------------//
92 /// platform Boot Object Authorization Certificate to create the certificateID.
[all …]
/aosp_15_r20/external/coreboot/src/vendorcode/intel/edk2/UDK2017/MdePkg/Include/Protocol/
H A DBis.h2 The EFI_BIS_PROTOCOL is used to check a digital signature of a data block
3 against a digital certificate for the purpose of an integrity and authorization check.
5 Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
9 http://opensource.org/licenses/bsd-license.php.
28 // X-Intel-BIS-ParameterSet
30 // Binary Value of X-Intel-BIS-ParameterSet Attribute.
31 // (Value is Base-64 encoded in actual signed manifest).
67 // ----------------------------------------------------//
70 // ----------------------------------------------------//
98 /// platform Boot Object Authorization Certificate to create the certificateID.
[all …]
/aosp_15_r20/external/google-cloud-java/java-compute/proto-google-cloud-compute-v1/src/main/java/com/google/cloud/compute/v1/
H A DSecuritySettings.java8 * https://www.apache.org/licenses/LICENSE-2.0
80 …MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
95 …MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
118 …MANAGED. If left blank, communications are not encrypted. Note: This field currently has no impact.
146certificate to the client, the client inspects the certificate's subjectAltName field. If the fiel…
160certificate to the client, the client inspects the certificate's subjectAltName field. If the fiel…
174certificate to the client, the client inspects the certificate's subjectAltName field. If the fiel…
189certificate to the client, the client inspects the certificate's subjectAltName field. If the fiel…
201 private byte memoizedIsInitialized = -1;
228 if (size != -1) return size; in getSerializedSize()
[all …]
/aosp_15_r20/out/soong/.intermediates/libcore/core_oj_api_files/gen/gensrcs/libcore/ojluni/src/main/java/java/security/cert/
DX509CertSelector.java19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
45 * PKIX-compliant certification path.
47 * When first constructed, an {@code X509CertSelector} has no criteria
49 * ({@code null}, or {@code -1} for the {@link #getBasicConstraints
64 * distinguished name and each issue a certificate with the same serial
69 * Internet X.509 Public Key Infrastructure Certificate and CRL Profile</a> for
70 * definitions of the X.509 certificate extensions mentioned below.
75 * thread-safe. Multiple threads that need to access a single
118 private int basicConstraints = -1;
152 * Creates an {@code X509CertSelector}. Initially, no criteria are set
[all …]
/aosp_15_r20/out/soong/.intermediates/libcore/core_oj_api_files/gen/12/libcore/ojluni/src/main/java/java/security/cert/
DX509CertSelector.java19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
45 * PKIX-compliant certification path.
47 * When first constructed, an {@code X509CertSelector} has no criteria
49 * ({@code null}, or {@code -1} for the {@link #getBasicConstraints
64 * distinguished name and each issue a certificate with the same serial
69 * Internet X.509 Public Key Infrastructure Certificate and CRL Profile</a> for
70 * definitions of the X.509 certificate extensions mentioned below.
75 * thread-safe. Multiple threads that need to access a single
118 private int basicConstraints = -1;
152 * Creates an {@code X509CertSelector}. Initially, no criteria are set
[all …]
/aosp_15_r20/libcore/ojluni/src/main/java/java/security/cert/
H A DX509CertSelector.java19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
45 * PKIX-compliant certification path.
47 * When first constructed, an {@code X509CertSelector} has no criteria
49 * ({@code null}, or {@code -1} for the {@link #getBasicConstraints
64 * distinguished name and each issue a certificate with the same serial
69 * Internet X.509 Public Key Infrastructure Certificate and CRL Profile</a> for
70 * definitions of the X.509 certificate extensions mentioned below.
75 * thread-safe. Multiple threads that need to access a single
118 private int basicConstraints = -1;
152 * Creates an {@code X509CertSelector}. Initially, no criteria are set
[all …]
/aosp_15_r20/libcore/ojluni/src/main/java/java/security/
H A DKeyStoreSpi.java20 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
33 import java.security.cert.Certificate;
68 * or does not identify a key-related entry.
79 * Returns the certificate chain associated with the given alias.
80 * The certificate chain must have been associated with the alias
87 * @return the certificate chain (ordered with the user's certificate first
88 * and the root certificate authority last), or null if the given alias
89 * does not exist or does not contain a certificate chain
91 public abstract Certificate[] engineGetCertificateChain(String alias); in engineGetCertificateChain()
94 * Returns the certificate associated with the given alias.
[all …]
/aosp_15_r20/out/soong/.intermediates/libcore/core_oj_api_files/gen/13/libcore/ojluni/src/main/java/java/security/
DKeyStoreSpi.java20 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
33 import java.security.cert.Certificate;
68 * or does not identify a key-related entry.
79 * Returns the certificate chain associated with the given alias.
80 * The certificate chain must have been associated with the alias
87 * @return the certificate chain (ordered with the user's certificate first
88 * and the root certificate authority last), or null if the given alias
89 * does not exist or does not contain a certificate chain
91 public abstract Certificate[] engineGetCertificateChain(String alias); in engineGetCertificateChain()
94 * Returns the certificate associated with the given alias.
[all …]
/aosp_15_r20/out/soong/.intermediates/libcore/core_oj_api_files/gen/gensrcs/libcore/ojluni/src/main/java/java/security/
DKeyStoreSpi.java20 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
33 import java.security.cert.Certificate;
68 * or does not identify a key-related entry.
79 * Returns the certificate chain associated with the given alias.
80 * The certificate chain must have been associated with the alias
87 * @return the certificate chain (ordered with the user's certificate first
88 * and the root certificate authority last), or null if the given alias
89 * does not exist or does not contain a certificate chain
91 public abstract Certificate[] engineGetCertificateChain(String alias); in engineGetCertificateChain()
94 * Returns the certificate associated with the given alias.
[all …]
/aosp_15_r20/external/tpm2-tss/src/tss2-fapi/
H A Dfapi_crypto.c1 /* SPDX-License-Identifier: BSD-2-Clause */
3 * Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
62 /* Check for NULL parameters */ in ifapi_get_profile_sig_scheme()
69 if (tpmPublic->type == TPM2_ALG_RSA) { in ifapi_get_profile_sig_scheme()
70 *signatureScheme = profile->rsa_signing_scheme; in ifapi_get_profile_sig_scheme()
72 } else if (tpmPublic->type == TPM2_ALG_ECC) { in ifapi_get_profile_sig_scheme()
73 *signatureScheme = profile->ecc_signing_scheme; in ifapi_get_profile_sig_scheme()
168 /* Check for NULL parameters */ in ifapi_initialize_sign_public()
180 LOG_ERROR("No suitable template found"); in ifapi_initialize_sign_public()
199 /* Check for NULL parameters */ in ifapi_bn2binpad()
[all …]
/aosp_15_r20/external/mbedtls/
H A DChangeLog3 = Mbed TLS 3.5.2 branch released 2024-01-26
14 could result in an integer overflow, causing a zero-length buffer to be
18 = Mbed TLS 3.5.1 branch released 2023-11-06
21 * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later
28 = Mbed TLS 3.5.0 branch released 2023-10-05
31 * Mbed TLS 3.4 introduced support for omitting the built-in implementation
32 of ECDSA and/or EC J-PAKE when those are provided by a driver. However,
33 there was a flaw in the logic checking if the built-in implementation, in
34 that it failed to check if all the relevant curves were supported by the
35 accelerator. As a result, it was possible to declare no curves as
[all …]
/aosp_15_r20/libcore/ojluni/src/main/java/sun/security/provider/certpath/
H A DForwardBuilder.java19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
56 * matching certificates from CertStores and verify a particular certificate
140 * Retrieves all end-entity certificates which satisfy constraints
152 * Compose a certificate matching rule to filter out in getMatchingEECerts()
163 * Match on certificate validity date in getMatchingEECerts()
176 eeSelector.setBasicConstraints(-2); in getMatchingEECerts()
204 if (targetCertConstraints.getBasicConstraints() == -2) { in getMatchingCACerts()
205 // no need to continue: this means we never can match a CA cert in getMatchingCACerts()
222 * Since we don't check the validity period of trusted in getMatchingCACerts()
223 * certificates, please don't set the certificate valid in getMatchingCACerts()
[all …]
/aosp_15_r20/external/cronet/net/cert/internal/
H A Drevocation_checker.cc2 // Use of this source code is governed by a BSD-style license that can be
29 errors->AddError(bssl::cert_errors::kCertificateRevoked); in MarkCertificateRevoked()
52 // Check using stapled OCSP, if available. in CheckCertRevocation()
59 stapled_ocsp_verify_result->response_status = response_details; in CheckCertRevocation()
60 stapled_ocsp_verify_result->revocation_status = ocsp_status; in CheckCertRevocation()
78 // TODO(eroman): Should still check CRL/OCSP caches. in CheckCertRevocation()
84 // Check OCSP. in CheckCertRevocation()
85 if (cert->has_authority_info_access()) { in CheckCertRevocation()
87 for (const auto& ocsp_uri : cert->ocsp_uris()) { in CheckCertRevocation()
98 // Check the deadline after setting found_revocation_info, to not give a in CheckCertRevocation()
[all …]
/aosp_15_r20/external/openthread/third_party/mbedtls/repo/
H A DChangeLog3 = Mbed TLS 3.6.0 branch released 2024-03-28
24 * In the PSA API, domain parameters are no longer used for anything.
32 an RSA key as a domain parameter is no longer supported. Use
42 * Support Armv8-A Crypto Extension acceleration for SHA-256
43 when compiling for Thumb (T32) or 32-bit Arm (A32).
44 * AES-NI is now supported in Windows builds with clang and clang-cl.
47 parsing unsupported certificate extensions via user provided callback.
50 This affects both the low-level modules and the high-level APIs
53 * Support use of Armv8-A Cryptographic Extensions for hardware acclerated
54 AES when compiling for Thumb (T32) or 32-bit Arm (A32).
[all …]
/aosp_15_r20/external/bouncycastle/bcprov/src/main/java/org/bouncycastle/x509/
H A DCertPathReviewerMessages.properties14 CertPathReviewer.notPermittedDN.title = Name constraint error: certificate DN is not permitted
15 CertPathReviewer.notPermittedDN.text = Name constraint error: the certificate DN {0} is not permitt…
16 CertPathReviewer.notPermittedDN.summary = Name constraint error: certificate DN is not permitted.
17 CertPathReviewer.notPermittedDN.details = Name constraint checking error. The certificate DN {0} is…
21 CertPathReviewer.excludedDN.title = Name constraint error: certificate DN is excluded
22 CertPathReviewer.excludedDN.text = Name constraint error: The certificate DN {0} is excluded.
23 CertPathReviewer.excludedDN.summary = Name constraint error: certificate DN is excluded.
24 CertPathReviewer.excludedDN.details = Name constraint checking error. The certificate DN {0} is ins…
29 CertPathReviewer.notPermittedEmail.text = Name constraint error: certificate contains the not permi…
31 CertPathReviewer.notPermittedEmail.details = Name constraint checking error. The certificate contai…
[all …]
/aosp_15_r20/external/rust/crates/quiche/deps/boringssl/src/crypto/x509/
Dx509_vfy.c1 /* Copyright (C) 1995-1998 Eric Young ([email protected])
8 * This library is free for commercial and non-commercial use as long as
35 * being used are not cryptographic related :-).
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
79 /* No unhandled critical extensions */
83 /* certificate is within CRL scope */
91 /* Issuer name matches certificate */
99 /* CRL issuer is certificate issuer */
103 /* CRL issuer is on certificate path */
149 /* cert_self_signed checks if |x| is self-signed. If |x| is valid, it returns
[all …]
/aosp_15_r20/external/rust/android-crates-io/crates/quiche/deps/boringssl/src/crypto/x509/
Dx509_vfy.c1 /* Copyright (C) 1995-1998 Eric Young ([email protected])
8 * This library is free for commercial and non-commercial use as long as
35 * being used are not cryptographic related :-).
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
79 /* No unhandled critical extensions */
83 /* certificate is within CRL scope */
91 /* Issuer name matches certificate */
99 /* CRL issuer is certificate issuer */
103 /* CRL issuer is on certificate path */
149 /* cert_self_signed checks if |x| is self-signed. If |x| is valid, it returns
[all …]
/aosp_15_r20/packages/modules/Wifi/framework/java/android/net/wifi/
DWifiEnterpriseConfig.java8 * http://www.apache.org/licenses/LICENSE-2.0
48 * Enterprise configuration details for Wi-Fi. Stores details about the EAP method
124 * Unlike #KEYSTORE_URI, this supports a list of space-delimited aliases
130 * String representing a SHA-256 certificate hash used for wpa_supplicant.
188 * Do not use OCSP stapling (TLS certificate status extension)
209 * Require valid OCSP stapling response for all not-trusted certificates in the server
210 * certificate chain.
229 * Whether to use/require OCSP (Online Certificate Status Protocol) to check server certificate.
251 * Maximum length of a certificate.
261 * Maximum number of elements in a client certificate chain.
[all …]

12345678910>>...49