| /frameworks/base/core/java/android/net/http/ |
| D | SslError.java | 90 public SslError(int error, SslCertificate certificate) { in SslError() argument
91 this(error, certificate, ""); in SslError()
102 public SslError(int error, X509Certificate certificate) { in SslError() argument
103 this(error, certificate, ""); in SslError()
113 public SslError(int error, SslCertificate certificate, String url) { in SslError() argument
114 assert certificate != null; in SslError()
117 mCertificate = certificate; in SslError()
128 public SslError(int error, X509Certificate certificate, String url) { in SslError() argument
129 this(error, new SslCertificate(certificate), url); in SslError()
|
| D | SslCertificate.java | 97 public static Bundle saveState(SslCertificate certificate) { in saveState() argument
98 if (certificate == null) { in saveState()
102 bundle.putString(ISSUED_TO, certificate.getIssuedTo().getDName()); in saveState()
103 bundle.putString(ISSUED_BY, certificate.getIssuedBy().getDName()); in saveState()
104 bundle.putString(VALID_NOT_BEFORE, certificate.getValidNotBefore()); in saveState()
105 bundle.putString(VALID_NOT_AFTER, certificate.getValidNotAfter()); in saveState()
106 X509Certificate x509Certificate = certificate.mX509Certificate; in saveState()
179 public SslCertificate(X509Certificate certificate) { in SslCertificate() argument
180 this(certificate.getSubjectDN().getName(), in SslCertificate()
181 certificate.getIssuerDN().getName(), in SslCertificate()
[all …]
|
| /frameworks/base/core/java/android/security/net/config/ |
| D | TrustAnchor.java | 23 public final X509Certificate certificate; field in TrustAnchor
26 public TrustAnchor(X509Certificate certificate, boolean overridesPins) { in TrustAnchor() argument
27 if (certificate == null) { in TrustAnchor()
30 this.certificate = certificate; in TrustAnchor()
|
| D | TrustedCertificateStoreAdapter.java | 41 return anchor.certificate; in findIssuer()
55 return anchor.certificate; in getTrustAnchor()
|
| /frameworks/base/docs/html/training/articles/ |
| D | security-ssl.jd | 15 <li><a href="#UnknownCa">Unknown certificate authority</a></li>
16 <li><a href="#SelfSigned">Self-signed server certificate</a></li>
17 <li><a href="#MissingCa">Missing intermediate certificate authority</a></li>
51 <p>In a typical SSL usage scenario, a server is configured with a certificate containing a
53 and server, the server proves it has the private key by signing its certificate with <a
56 <p>However, anyone can generate their own certificate and private key, so a simple handshake
58 matches the public key of the certificate. One way to solve this problem is to have the client
59 have a set of one or more certificates it trusts. If the certificate is not in the set, the
64 certificate with a new one. Unfortunately, now the client app has to be updated due to what
75 in each release. Similar to a server, a CA has a certificate and a private key. When issuing
[all …]
|
| /frameworks/opt/net/wifi/service/java/com/android/server/wifi/configparse/ |
| D | ConfigBuilder.java | 147 for (Certificate certificate : chain) { in parse()
148 if (!(certificate instanceof X509Certificate)) { in parse()
150 certificate.getClass()); in parse()
152 clientChain.add((X509Certificate) certificate); in parse()
281 for (X509Certificate certificate : clientChain) { in buildTLSConfig()
283 byte[] fingerprint = digester.digest(certificate.getEncoded()); in buildTLSConfig()
285 clientCertificate = certificate; in buildTLSConfig()
|
| /frameworks/base/docs/html/preview/features/ |
| D | key-attestation.jd | 3 page.keywords="android N", "security", "TEE", "hardware-backed", "keystore", "certificate", "key at…
21 interpret the schema of the attestation certificate's extension data.
30 tool, in return, provides a certificate chain, which you can use to verify
35 The root certificate within this chain is signed using an attestation key,
42 services, the root certificate is issued by Google. You should verify that
43 this root certificate appears within Google’s list of root certificates.
60 Check each certificate’s validity using a
75 the certificate chain as an argument:</p>
78 // "certificates" contains the certificate chain associated with a specific key
85 An attestation object extracts the extension data within this certificate
[all …]
|
| D | security-config.jd | 90 <li>Connecting to a host with a custom certificate authority(self-signed,
116 certificate or to a host whose SSL certificate is issued by a non-public CA
136 Add the self-signed or non-public CA certificate, in PEM or DER format, to
188 app can do this by specifying multiple certificate sources for a
212 certificate for your production server. In order to support this without any
277 to issue a fradulent certificate the app would be at risk from a MiTM
279 by either limiting the set of CAs they trust or by certificate pinning.
284 public key (SubjectPublicKeyInfo of the X.509 certificate). A certificate
285 chain is then only valid if the certificate chain contains at least one of
290 Note that when using certificate pinning you should always include a backup
[all …]
|
| /frameworks/base/media/lib/signer/java/com/android/mediadrm/signer/ |
| D | MediaDrmSigner.java | 69 Certificate(MediaDrm.Certificate certificate) { in Certificate() argument
70 mCertificate = certificate; in Certificate()
|
| /frameworks/base/packages/Osu/src/com/android/hotspot2/osu/ |
| D | ClientKeyManager.java | 89 for (Certificate certificate : in getCertificateChain()
91 if (certificate instanceof X509Certificate) { in getCertificateChain()
92 certs.add((X509Certificate) certificate); in getCertificateChain()
|
| D | WiFiKeyManager.java | 151 for (Certificate certificate : mKeyStore.getCertificateChain(alias)) { in getCertificateChain()
152 if (certificate instanceof X509Certificate) { in getCertificateChain()
153 certs.add((X509Certificate) certificate); in getCertificateChain()
|
| D | OSUSocketFactory.java | 170 for (X509Certificate certificate : mTrustManager.getTrustChain()) { in getOSUCertificate()
171 for (List<?> name : certificate.getSubjectAlternativeNames()) { in getOSUCertificate()
175 return certificate; in getOSUCertificate()
|
| D | SPVerifier.java | 315 private static Asn1Object getExtension(X509Certificate certificate, String extension) in getExtension() argument
317 byte[] data = certificate.getExtensionValue(extension); in getExtension()
|
| /frameworks/base/packages/Osu/src/com/android/configparse/ |
| D | ConfigBuilder.java | 143 for (X509Certificate certificate : clientChain) { in buildTLSConfig()
145 byte[] fingerprint = digester.digest(certificate.getEncoded()); in buildTLSConfig()
147 clientCertificate = certificate; in buildTLSConfig()
|
| /frameworks/base/tests/CoreTests/android/core/ |
| D | TestEventHandler.java | 448 public void certificate(SslCertificate certificate) {} in certificate() method in TestEventHandler
730 public void expectSSLCertificateError(SslCertificate certificate) { in expectSSLCertificateError() argument
732 expectCertificate = certificate; in expectSSLCertificateError()
|
| /frameworks/base/docs/html/guide/topics/manifest/ |
| D | permission-element.jd | 67 same certificate. If a package declares a permission, the system does not permit
69 those packages are signed with the same certificate as the first package. To
116 application is signed with the same certificate as the application
124 certificate as the application that declared the permission. Please avoid using this
|
| /frameworks/av/drm/mediadrm/plugins/clearkey/ |
| D | DrmPlugin.h | 100 Vector<uint8_t>& certificate, in provideProvisionResponse() argument
103 UNUSED(certificate); in provideProvisionResponse()
|
| /frameworks/base/media/jni/ |
| D | android_media_MediaDrm.cpp | 143 CertificateFields certificate; member
644 GET_FIELD_ID(gFields.certificate.wrappedPrivateKey, clazz, "mWrappedKey", "[B"); in android_media_MediaDrm_native_init()
645 GET_FIELD_ID(gFields.certificate.certificateData, clazz, "mCertificateData", "[B"); in android_media_MediaDrm_native_init()
1025 Vector<uint8_t> certificate, wrappedKey; in android_media_MediaDrm_provideProvisionResponseNative() local
1027 status_t err = drm->provideProvisionResponse(response, certificate, wrappedKey); in android_media_MediaDrm_provideProvisionResponseNative()
1034 if (clazz && certificate.size() && wrappedKey.size()) { in android_media_MediaDrm_provideProvisionResponseNative()
1036 jbyteArray jcertificate = VectorToJByteArray(env, certificate); in android_media_MediaDrm_provideProvisionResponseNative()
1037 env->SetObjectField(certificateObj, gFields.certificate.certificateData, jcertificate); in android_media_MediaDrm_provideProvisionResponseNative()
1040 env->SetObjectField(certificateObj, gFields.certificate.wrappedPrivateKey, jwrappedKey); in android_media_MediaDrm_provideProvisionResponseNative()
|
| /frameworks/base/core/java/android/util/apk/ |
| D | ApkSignatureSchemeV2Verifier.java | 364 X509Certificate certificate; in verifySigner() local
366 certificate = (X509Certificate) in verifySigner()
371 certificate = new VerbatimX509Certificate(certificate, encodedCert); in verifySigner()
372 certs.add(certificate); in verifySigner()
|
| /frameworks/base/tests/NetworkSecurityConfigTest/src/android/security/net/config/ |
| D | NetworkSecurityConfigTests.java | 278 preNCerts.add(anchor.certificate); in testUserAddedCaOptIn()
282 nCerts.add(anchor.certificate); in testUserAddedCaOptIn()
|
| /frameworks/av/media/libmedia/ |
| D | IDrm.cpp | 262 Vector<uint8_t> &certificate, in provideProvisionResponse()
273 readVector(reply, certificate); in provideProvisionResponse()
729 Vector<uint8_t> certificate; in onTransact() local
732 status_t result = provideProvisionResponse(response, certificate, wrappedKey); in onTransact()
733 writeVector(reply, certificate); in onTransact()
|
| /frameworks/base/media/lib/signer/ |
| D | README.txt | 23 This library will eventually be replaced when the provisioned certificate-
|
| /frameworks/base/docs/html/about/versions/ |
| D | android-5.1.jd | 114 that use these functions must be signed by a certificate that matches the certificate in the
|
| /frameworks/base/docs/html/training/safetynet/ |
| D | index.jd | 248 certificate used to sign requesting app"],
276 <li>Extract the SSL certificate chain from the JWS message.
279 <li>Validate the SSL certificate chain and use SSL hostname matching to verify that the leaf
280 certificate was issued to the hostname {@code attest.android.com}.
283 <li>Use the certificate to verify the signature of the JWS message.
|
| /frameworks/base/docs/html/training/in-app-billing/ |
| D | test-iab-app.jd | 42 …n for Release</a>. Make sure that you are using your final (not debug) certificate and private key…
49 …<li>Your application is signed with the same certificate that you used for the APK that you upload…
|