Home
last modified time | relevance | path

Searched +full:- +full:- +full:no +full:- +full:check +full:- +full:certificate (Results 1 – 25 of 361) sorted by relevance

12345678910>>...15

/external/bouncycastle/bcprov/src/main/java/org/bouncycastle/x509/
DCertPathReviewerMessages.properties14 CertPathReviewer.notPermittedDN.title = Name constraint error: certificate DN is not permitted
15 CertPathReviewer.notPermittedDN.text = Name constraint error: the certificate DN {0} is not permitt…
16 CertPathReviewer.notPermittedDN.summary = Name constraint error: certificate DN is not permitted.
17 CertPathReviewer.notPermittedDN.details = Name constraint checking error. The certificate DN {0} is…
21 CertPathReviewer.excludedDN.title = Name constraint error: certificate DN is excluded
22 CertPathReviewer.excludedDN.text = Name constraint error: The certificate DN {0} is excluded.
23 CertPathReviewer.excludedDN.summary = Name constraint error: certificate DN is excluded.
24 CertPathReviewer.excludedDN.details = Name constraint checking error. The certificate DN {0} is ins…
29 CertPathReviewer.notPermittedEmail.text = Name constraint error: certificate contains the not permi…
31 CertPathReviewer.notPermittedEmail.details = Name constraint checking error. The certificate contai…
[all …]
/external/conscrypt/repackaged/common/src/main/java/com/android/org/conscrypt/
DTrustManagerImpl.java9 * http://www.apache.org/licenses/LICENSE-2.0
27 * http://www.apache.org/licenses/LICENSE-2.0
47 import java.security.cert.Certificate;
94 * Comparator used for ordering trust anchors during certificate path building.
102 * The AndroidCAStore if non-null, null otherwise.
107 * The CertPinManager, which validates the chain against a host-to-pin mapping
112 * The backing store for the AndroidCAStore if non-null. This will
134 * non-AndroidCAStore, we initialize this as part of the
292 throw new CertificateException("Not in handshake; no session available"); in getHandshakeSessionOrThrow()
317 throw new CertificateException("Not in handshake; no session available"); in checkClientTrusted()
[all …]
/external/conscrypt/common/src/main/java/org/conscrypt/
DTrustManagerImpl.java8 * http://www.apache.org/licenses/LICENSE-2.0
26 * http://www.apache.org/licenses/LICENSE-2.0
46 import java.security.cert.Certificate;
91 * Comparator used for ordering trust anchors during certificate path building.
99 * The AndroidCAStore if non-null, null otherwise.
104 * The CertPinManager, which validates the chain against a host-to-pin mapping
109 * The backing store for the AndroidCAStore if non-null. This will
131 * non-AndroidCAStore, we initialize this as part of the
285 throw new CertificateException("Not in handshake; no session available"); in getHandshakeSessionOrThrow()
308 throw new CertificateException("Not in handshake; no session available"); in checkClientTrusted()
[all …]
/external/python/cpython2/Doc/library/
Dssl.rst1 :mod:`ssl` --- TLS/SSL wrapper for socket objects
19 --------------
23 sockets, both client-side and server-side. This module uses the OpenSSL
38 Don't use this module without reading the :ref:`ssl-security`. Doing so
48 :class:`socket.socket` type, and provides a socket-like wrapper that also
51 certificate of the other side of the connection, and :meth:`cipher`,which
60 ------------------------------------
66 higher-level encryption and authentication layer that's superimposed on the
98 A subclass of :exc:`SSLError` raised by a :ref:`non-blocking SSL socket
99 <ssl-nonblocking>` when trying to read or write data, but more data needs
[all …]
/external/parameter-framework/upstream/
Dappveyor.yml1 version: 3.0.0-{build}
13 # See: https://msdn.microsoft.com/en-us/library/bb513638%28VS.85%29.aspx
14 - reg add "HKLM\SYSTEM\CurrentControlSet\Control\Windows" /f /v ErrorMode /d 2
17 # | Windows can check online for a solution to the problem|
18 # | - Check online for a solution and close the program |
19 # | - Close the program |
20 # See: https://msdn.microsoft.com/en-us/library/bb513638%28VS.85%29.aspx
21 - reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /f /v DontShowUI /d 1
24 - set PREFIX_PATH=%APPVEYOR_BUILD_FOLDER%\asio-1.10.6;%APPVEYOR_BUILD_FOLDER%\catch
26 - set INSTALL=%HOMEPATH%\install
[all …]
/external/libevent/sample/
Dopenssl_hostname_validation.c1 /* Obtained from: https://github.com/iSECPartners/ssl-conservatory */
18 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
28 * Please read "everything-you-wanted-to-know-about-openssl.pdf" before
39 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
56 * Tries to find a match for hostname in the certificate's Common Name field.
59 * Returns MatchNotFound if no matches were found.
64 int common_name_loc = -1; in matches_common_name()
69 // Find the position of the CN field in the Subject field of the certificate in matches_common_name()
70 …_loc = X509_NAME_get_index_by_NID(X509_get_subject_name((X509 *) server_cert), NID_commonName, -1); in matches_common_name()
104 * Tries to find a match for hostname in the certificate's Subject Alternative Name extension.
[all …]
/external/bouncycastle/bcprov/src/main/java/org/bouncycastle/jce/provider/
DPKIXCertPathBuilderSpi.java102 "Error finding target certificate.", e); in engineBuild()
109 "No certificate found matching targetContraints."); in engineBuild()
114 // check all potential target certificates in engineBuild()
129 "Possible certificate chain could not be validated.", in engineBuild()
136 "Unable to find certificate chain."); in engineBuild()
154 // step out, the certificate is not allowed to appear in a certification in build()
160 // test if certificate path exceeds maximum length in build()
161 if (pkixParams.getMaxPathLength() != -1) in build()
163 if (tbvPath.size() - 1 > pkixParams.getMaxPathLength()) in build()
188 // check whether the issuer of <tbvCert> is a TrustAnchor in build()
[all …]
DRFC3280CertPathUtilities.java71 * extension check the following:
83 * extension, verify that the certificate does not include the basic
88 * extension, verify that the certificate includes the basic constraints
96 * @param cert The certificate.
179 … throw new AnnotatedException("Could not read certificate issuer.", e); in processCRLB2()
208 …"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.… in processCRLB2()
233 …"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.… in processCRLB2()
276 * certificate issuer.
279 * @param cert The certificate ot attribute certificate.
351 throw new AnnotatedException("Cannot find matching CRL issuer for certificate."); in processCRLB1()
[all …]
/external/python/cpython3/Doc/library/
Dssl.rst1 :mod:`ssl` --- TLS/SSL wrapper for socket objects
16 --------------
20 sockets, both client-side and server-side. This module uses the OpenSSL
32 Don't use this module without reading the :ref:`ssl-security`. Doing so
42 :class:`socket.socket` type, and provides a socket-like wrapper that also
45 certificate of the other side of the connection, and :meth:`cipher`,which
57 OpenSSL 0.9.8, 1.0.0 and 1.0.1 are deprecated and no longer supported.
63 ------------------------------------
74 both inefficient and has no support for server name indication (SNI) and
129 trust for certificate verification, as in
[all …]
/external/bouncycastle/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/
DPKIXCertPathBuilderSpi.java104 "Error finding target certificate.", e); in engineBuild()
111 "No certificate found matching targetContraints."); in engineBuild()
116 // check all potential target certificates in engineBuild()
131 "Possible certificate chain could not be validated.", in engineBuild()
138 "Unable to find certificate chain."); in engineBuild()
156 // step out, the certificate is not allowed to appear in a certification in build()
162 // test if certificate path exceeds maximum length in build()
163 if (pkixParams.getMaxPathLength() != -1) in build()
165 if (tbvPath.size() - 1 > pkixParams.getMaxPathLength()) in build()
190 // check whether the issuer of <tbvCert> is a TrustAnchor in build()
[all …]
DRFC3280CertPathUtilities.java72 * extension check the following:
84 * extension, verify that the certificate does not include the basic
89 * extension, verify that the certificate includes the basic constraints
97 * @param cert The certificate.
180 … throw new AnnotatedException("Could not read certificate issuer.", e); in processCRLB2()
209 …"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.… in processCRLB2()
234 …"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.… in processCRLB2()
277 * certificate issuer.
280 * @param cert The certificate ot attribute certificate.
352 throw new AnnotatedException("Cannot find matching CRL issuer for certificate."); in processCRLB1()
[all …]
/external/conscrypt/repackaged/common/src/test/java/com/android/org/conscrypt/
DChainStrengthAnalyzerTest.java9 * http://www.apache.org/licenses/LICENSE-2.0
38 //openssl req -x509 -nodes -days 365 -subj '/C=US/ST=Testsota/L=Testville/CN=test.com' \
39 //-newkey rsa:2048 -sha256 -keyout k.pem -out good.pem
41 "-----BEGIN CERTIFICATE-----\n" +
61 "-----END CERTIFICATE-----";
63 //openssl ecparam -genkey -name prime256v1 -out eckey.pem && \
64 //openssl req -x509 -nodes -days 365 -subj '/C=US/ST=Testsota/L=Testville/CN=test.com' \
65 //-newkey ec:eckey.pem -sha256 -keyout k.pem -out good.pem
67 "-----BEGIN CERTIFICATE-----\n" +
78 "-----END CERTIFICATE-----\n";
[all …]
/external/conscrypt/common/src/test/java/org/conscrypt/
DChainStrengthAnalyzerTest.java8 * http://www.apache.org/licenses/LICENSE-2.0
34 //openssl req -x509 -nodes -days 365 -subj '/C=US/ST=Testsota/L=Testville/CN=test.com' \
35 //-newkey rsa:2048 -sha256 -keyout k.pem -out good.pem
37 "-----BEGIN CERTIFICATE-----\n" +
57 "-----END CERTIFICATE-----";
59 //openssl ecparam -genkey -name prime256v1 -out eckey.pem && \
60 //openssl req -x509 -nodes -days 365 -subj '/C=US/ST=Testsota/L=Testville/CN=test.com' \
61 //-newkey ec:eckey.pem -sha256 -keyout k.pem -out good.pem
63 "-----BEGIN CERTIFICATE-----\n" +
74 "-----END CERTIFICATE-----\n";
[all …]
/external/okhttp/okhttp/src/main/java/com/squareup/okhttp/
DCertificatePinner.java8 * http://www.apache.org/licenses/LICENSE-2.0
19 import java.security.cert.Certificate;
34 * against attacks on certificate authorities. It also prevents connections
35 * through man-in-the-middle certificate authorities either known or unknown to
38 * <p>This class currently pins a certificate's Subject Public Key Info as
40 * are base-64 SHA-1 hashes, consistent with the format Chromium uses for <a
45 * <h3>Setting up Certificate Pinning</h3>
48 * do this on a trusted network, and without man-in-the-middle tools like <a
68 * As expected, this fails with a certificate pinning exception: <pre> {@code
70 * javax.net.ssl.SSLPeerUnverifiedException: Certificate pinning failure!
[all …]
/external/okhttp/repackaged/okhttp/src/main/java/com/android/okhttp/
DCertificatePinner.java9 * http://www.apache.org/licenses/LICENSE-2.0
20 import java.security.cert.Certificate;
35 * against attacks on certificate authorities. It also prevents connections
36 * through man-in-the-middle certificate authorities either known or unknown to
39 * <p>This class currently pins a certificate's Subject Public Key Info as
41 * are base-64 SHA-1 hashes, consistent with the format Chromium uses for <a
46 * <h3>Setting up Certificate Pinning</h3>
49 * do this on a trusted network, and without man-in-the-middle tools like <a
69 * As expected, this fails with a certificate pinning exception: <pre> {@code
71 * javax.net.ssl.SSLPeerUnverifiedException: Certificate pinning failure!
[all …]
/external/boringssl/src/crypto/x509/
Dx509_vfy.c1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
8 * This library is free for commercial and non-commercial use as long as
35 * being used are not cryptographic related :-).
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
79 /* No unhandled critical extensions */
83 /* certificate is within CRL scope */
91 /* Issuer name matches certificate */
99 /* CRL issuer is certificate issuer */
103 /* CRL issuer is on certificate path */
149 /* Return 1 is a certificate is self signed */
[all …]
/external/avb/tools/
Dat_auth_unlock.py10 # http://www.apache.org/licenses/LICENSE-2.0
23 challenge-response unlock protocol.
28 '--pik_cert', '--puk_cert', and '--puk' command line swtiches, or
32 - Product Intermediate Key (PIK) certificate: 'pik_certificate.*\.bin'
33 - Product Unlock Key (PUK) certificate: 'puk_certificate.*\.bin'
34 - PUK private key: 'puk.*\.pem'
42 - Python 2.7.x, 3.2.x, or newer (for argparse)
43 - PyCrypto 2.5 or newer (for PKCS1_v1_5 and RSA PKCS#8 PEM key import)
44 - Android SDK Platform Tools (for fastboot), in PATH
45 - https://developer.android.com/studio/releases/platform-tools
[all …]
/external/curl/lib/vtls/
Dsectransp.c8 * Copyright (C) 2012 - 2017, Nick Zitzmann, <nickzman@gmail.com>.
9 * Copyright (C) 2012 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
25 * Source file for all iOS and macOS SecureTransport-specific code for the
26 * TLS/SSL layer. No code but vtls.c should ever call or use these functions.
39 #pragma clang diagnostic ignored "-Wtautological-pointer-compare"
53 Leopard and iOS 5) by using macros and weak-linking.
62 #error "The Secure Transport back-end requires Leopard or later."
80 (You set this at build-time using the compiler command line option
81 "-mmacos-version-min.") */
108 #error "The Secure Transport back-end requires iOS or macOS."
[all …]
Dgtls.c8 * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
24 * Source file for all GnuTLS-specific code for the TLS/SSL layer. No code
113 #define BACKEND connssl->backend
125 * session-specific error variable, and when not set also its own global
128 * Windows builds these callbacks should ideally set the session-specific
192 * are not thread-safe and thus this function itself is not thread-safe and
234 Curl_wkday[tm->tm_wday?tm->tm_wday-1:6], in showtime()
235 tm->tm_mday, in showtime()
236 Curl_month[tm->tm_mon], in showtime()
237 tm->tm_year + 1900, in showtime()
[all …]
Dopenssl.c8 * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
24 * Source file for all OpenSSL-specific code for the TLS/SSL layer. No code
29 * The original SSLeay-using code for curl was written by Linas Vepstas and
42 #include "url.h" /* for the ssl config check function */
83 #include "non-ascii.h" /* for Curl_convert_from_utf8 prototype */
90 renegotiations when built with BoringSSL. Renegotiating is non-compliant
115 OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0+ has no SSLv2 */
124 #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
125 #define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
126 #define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
[all …]
/external/bouncycastle/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/
DBcKeyStoreSpi.java19 import java.security.cert.Certificate;
51 // Android-changed: Use default provider for JCA algorithms instead of BC
68 private static final String STORE_CIPHER = "PBEWithSHAAndTwofish-CBC";
73 private static final String KEY_CIPHER = "PBEWithSHAAnd3-KeyTripleDES-CBC";
79 static final int CERTIFICATE = 1; field in BcKeyStoreSpi
97 // Android-changed: Use default provider for JCA algorithms instead of BC
111 Certificate[] certChain;
116 Certificate obj) in StoreEntry()
118 this.type = CERTIFICATE; in StoreEntry()
127 Certificate[] certChain) in StoreEntry()
[all …]
/external/curl/docs/libcurl/opts/
DCURLOPT_SSL_VERIFYHOST.38 .\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
26 CURLOPT_SSL_VERIFYHOST \- verify the certificate's name against host
37 When negotiating TLS and SSL connections, the server sends a certificate
40 When \fICURLOPT_SSL_VERIFYHOST(3)\fP is 2, that certificate must indicate that
42 fails. Simply put, it means it has to have the same name in the certificate as
46 Subject Alternate Name field in the certificate matches the host name in the
51 earlier) a debug option of some sorts, but it is no longer supported due to
56 names in the certificate. Use that ability with caution!
60 This option controls checking the server's certificate's claimed identity.
66 information to do such things as sending back a specific certificate for the
[all …]
/external/wpa_supplicant_8/src/eap_peer/
Deap_config.h3 * Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi>
13 * struct eap_peer_config - EAP peer configuration/credentials
17 * identity - EAP Identity
20 * EAP-PSK/PAX/SAKE/GPSK).
25 * identity_len - EAP Identity length
30 * anonymous_identity - Anonymous EAP Identity
33 * different tunnelled identity, e.g., EAP-TTLS, in order to reveal the
39 * This field can also be used with EAP-SIM/AKA/AKA' to store the
45 * anonymous_identity_len - Length of anonymous_identity
53 * password - Password string for EAP
[all …]
/external/curl/tests/data/
Dtest153810 # Server-side
14 # Client-side
35 e0: No error
39 e4: A requested feature, protocol or option was not found built-in in this libcurl due to a build-t…
87 e52: Server returned nothing (no headers, no data)
93 e58: Problem with the local SSL certificate
95 e60: SSL peer certificate or SSH remote key was not OK
96 e61: Unrecognized or bad HTTP Content or Transfer-Encoding
109 e74: TFTP: No such user
118 e83: Issuer check against peer certificate failed
[all …]
/external/scapy/scapy/layers/tls/
Dcert.py8 High-level methods for PKI objects (X.509 certificates, CRLs, asymmetric keys).
13 there is no direct method for exporting a new full DER-encoded version
24 No need for obnoxious openssl tweaking anymore. :)
56 # Maximum allowed size in bytes for a certificate file, to avoid
71 pem_string = ("-----BEGIN %s-----\n" % obj).encode()
75 pem_string += ("\n-----END %s-----\n" % obj).encode()
81 # Encode all lines between the first '-----\n' and the 2nd-to-last '-----'.
83 first_idx = pem_string.find(b"-----\n") + 6
84 if pem_string.find(b"-----BEGIN", first_idx) != -1:
85 raise Exception("pem2der() expects only one PEM-encoded object")
[all …]

12345678910>>...15