Home
last modified time | relevance | path

Searched +full:- +full:- +full:no +full:- +full:check +full:- +full:certificate (Results 1 – 25 of 234) sorted by relevance

12345678910

/external/conscrypt/src/platform/java/org/conscrypt/
DTrustManagerImpl.java9 * http://www.apache.org/licenses/LICENSE-2.0
27 import java.security.cert.Certificate;
65 * Comparator used for ordering trust anchors during certificate path building.
71 * The AndroidCAStore if non-null, null otherwise.
76 * The CertPinManager, which validates the chain against a host-to-pin mapping
81 * The backing store for the AndroidCAStore if non-null. This will
103 * non-AndroidCAStore, we initialize this as part of the
248 throw new CertificateException("Not in handshake; no session available"); in getHandshakeSessionOrThrow()
271 throw new CertificateException("Not in handshake; no session available"); in checkClientTrusted()
291 * Returns the full trusted certificate chain found from {@code certs}.
[all …]
/external/bouncycastle/bcprov/src/main/java/org/bouncycastle/x509/
DCertPathReviewerMessages.properties14 CertPathReviewer.notPermittedDN.title = Name constraint error: certificate DN is not permitted
15 CertPathReviewer.notPermittedDN.text = Name constraint error: the certificate DN {0} is not permitt…
16 CertPathReviewer.notPermittedDN.summary = Name constraint error: certificate DN is not permitted.
17 CertPathReviewer.notPermittedDN.details = Name constraint checking error. The certificate DN {0} is…
21 CertPathReviewer.excludedDN.title = Name constraint error: certificate DN is excluded
22 CertPathReviewer.excludedDN.text = Name constraint error: The certificate DN {0} is excluded.
23 CertPathReviewer.excludedDN.summary = Name constraint error: certificate DN is excluded.
24 CertPathReviewer.excludedDN.details = Name constraint checking error. The certificate DN {0} is ins…
29 CertPathReviewer.notPermittedEmail.text = Name constraint error: certificate contains the not permi…
31 CertPathReviewer.notPermittedEmail.details = Name constraint checking error. The certificate contai…
[all …]
/external/conscrypt/src/test/java/org/conscrypt/
DChainStrengthAnalyzerTest.java8 * http://www.apache.org/licenses/LICENSE-2.0
29 //openssl req -x509 -nodes -days 365 -subj '/C=US/ST=Testsota/L=Testville/CN=test.com' \
30 //-newkey rsa:2048 -sha256 -keyout k.pem -out good.pem
32 "-----BEGIN CERTIFICATE-----\n" +
52 "-----END CERTIFICATE-----";
54 //openssl ecparam -genkey -name prime256v1 -out eckey.pem && \
55 //openssl req -x509 -nodes -days 365 -subj '/C=US/ST=Testsota/L=Testville/CN=test.com' \
56 //-newkey ec:eckey.pem -sha256 -keyout k.pem -out good.pem
58 "-----BEGIN CERTIFICATE-----\n" +
69 "-----END CERTIFICATE-----\n";
[all …]
/external/parameter-framework/upstream/
Dappveyor.yml1 version: 3.0.0-{build}
13 # See: https://msdn.microsoft.com/en-us/library/bb513638%28VS.85%29.aspx
14 - reg add "HKLM\SYSTEM\CurrentControlSet\Control\Windows" /f /v ErrorMode /d 2
17 # | Windows can check online for a solution to the problem|
18 # | - Check online for a solution and close the program |
19 # | - Close the program |
20 # See: https://msdn.microsoft.com/en-us/library/bb513638%28VS.85%29.aspx
21 - reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /f /v DontShowUI /d 1
24 - set PREFIX_PATH=%APPVEYOR_BUILD_FOLDER%\asio-1.10.6;%APPVEYOR_BUILD_FOLDER%\catch
26 - set INSTALL=%HOMEPATH%\install
[all …]
/external/bouncycastle/bcprov/src/main/java/org/bouncycastle/jce/provider/
DPKIXCertPathBuilderSpi.java103 "Error finding target certificate.", e); in engineBuild()
110 "No certificate found matching targetContraints."); in engineBuild()
115 // check all potential target certificates in engineBuild()
130 "Possible certificate chain could not be validated.", in engineBuild()
137 "Unable to find certificate chain."); in engineBuild()
155 // step out, the certificate is not allowed to appear in a certification in build()
161 // test if certificate path exceeds maximum length in build()
162 if (pkixParams.getMaxPathLength() != -1) in build()
164 if (tbvPath.size() - 1 > pkixParams.getMaxPathLength()) in build()
189 // check whether the issuer of <tbvCert> is a TrustAnchor in build()
[all …]
DRFC3280CertPathUtilities.java72 * extension check the following:
84 * extension, verify that the certificate does not include the basic
89 * extension, verify that the certificate includes the basic constraints
97 * @param cert The certificate.
180 … throw new AnnotatedException("Could not read certificate issuer.", e); in processCRLB2()
209 …"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.… in processCRLB2()
234 …"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.… in processCRLB2()
277 * certificate issuer.
280 * @param cert The certificate ot attribute certificate.
352 throw new AnnotatedException("Cannot find matching CRL issuer for certificate."); in processCRLB1()
[all …]
/external/okhttp/okhttp/src/main/java/com/squareup/okhttp/
DCertificatePinner.java8 * http://www.apache.org/licenses/LICENSE-2.0
19 import java.security.cert.Certificate;
34 * against attacks on certificate authorities. It also prevents connections
35 * through man-in-the-middle certificate authorities either known or unknown to
38 * <p>This class currently pins a certificate's Subject Public Key Info as
40 * are base-64 SHA-1 hashes, consistent with the format Chromium uses for <a
45 * <h3>Setting up Certificate Pinning</h3>
48 * do this on a trusted network, and without man-in-the-middle tools like <a
68 * As expected, this fails with a certificate pinning exception: <pre> {@code
70 * javax.net.ssl.SSLPeerUnverifiedException: Certificate pinning failure!
[all …]
/external/curl/lib/vtls/
Ddarwinssl.c8 * Copyright (C) 2012 - 2014, Nick Zitzmann, <nickzman@gmail.com>.
9 * Copyright (C) 2012 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
25 * Source file for all iOS and Mac OS X SecureTransport-specific code for the
26 * TLS/SSL layer. No code but vtls.c should ever call or use these functions.
48 Leopard and iOS 5) by using macros and weak-linking.
55 #error "The darwinssl back-end requires Leopard or later."
69 (You set this at build-time by setting the MACOSX_DEPLOYMENT_TARGET
92 #error "The darwinssl back-end requires iOS or OS X."
113 #define ioErr -36
114 #define paramErr -50
[all …]
Dopenssl.c8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
24 * Source file for all OpenSSL-specific code for the TLS/SSL layer. No code
29 * The original SSLeay-using code for curl was written by Linas Vepstas and
44 #include "url.h" /* for the ssl config check function */
76 #include "non-ascii.h" /* for Curl_convert_from_utf8 prototype */
106 OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0+ has no SSLv2 */
115 #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
116 #define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
117 #define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
191 char *buf = data->state.buffer; /* point to the big buffer */ in ossl_seed()
[all …]
Dgtls.c8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
24 * Source file for all GnuTLS-specific code for the TLS/SSL layer. No code
65 https://developer.gnome.org/glib/unstable/glib-Type-Conversion-Macros.html
122 * session-specific error variable, and when not set also its own global
125 * Windows builds these callbacks should ideally set the session-specific
177 * are not thread-safe and thus this function itself is not thread-safe and
214 snprintf(data->state.buffer, in showtime()
218 Curl_wkday[tm->tm_wday?tm->tm_wday-1:6], in showtime()
219 tm->tm_mday, in showtime()
220 Curl_month[tm->tm_mon], in showtime()
[all …]
Dcyassl.c8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
24 * Source file for all CyaSSL-specific code for the TLS/SSL layer. No code
36 aka options.h. https://curl.haxx.se/mail/lib-2015-04/0069.html */
64 #include <cyassl/error-ssl.h>
82 - the user's options.h generated by CyaSSL/wolfSSL
83 - the symbols detected by curl's configure
125 return -1; in do_file_type()
137 struct Curl_easy *data = conn->data; in cyassl_connect_step1()
138 struct ssl_connect_data* conssl = &conn->ssl[sockindex]; in cyassl_connect_step1()
140 curl_socket_t sockfd = conn->sock[sockindex]; in cyassl_connect_step1()
[all …]
Daxtls.c9 * Copyright (C) 2010 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
25 * Source file for all axTLS-specific code for the TLS/SSL layer. No code
54 /* axTLS has no global init. Everything is done through SSL and SSL_CTX in Curl_axtls_init()
62 /* axTLS has no global cleanup. Perhaps can move this to axtls.h. */ in Curl_axtls_cleanup()
71 case -70: /* protocol version alert from server */ in map_error_to_curl()
79 case -42: /* bad certificate alert from server */ in map_error_to_curl()
80 case -43: /* unsupported cert alert from server */ in map_error_to_curl()
81 case -44: /* cert revoked alert from server */ in map_error_to_curl()
82 case -45: /* cert expired alert from server */ in map_error_to_curl()
83 case -46: /* cert unknown alert from server */ in map_error_to_curl()
[all …]
/external/boringssl/src/crypto/x509/
Dx509_vfy.c1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
8 * This library is free for commercial and non-commercial use as long as
35 * being used are not cryptographic related :-).
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
80 /* No unhandled critical extensions */
84 /* certificate is within CRL scope */
92 /* Issuer name matches certificate */
100 /* CRL issuer is certificate issuer */
104 /* CRL issuer is on certificate path */
157 /* Return 1 is a certificate is self signed */
[all …]
/external/conscrypt/src/main/java/org/conscrypt/
DOpenSSLSessionImpl.java8 * http://www.apache.org/licenses/LICENSE-2.0
21 import java.security.cert.Certificate;
49 private int peerPort = -1;
101 * therefore have computed no id based on the SHA of the ticket.
162 * @return a X509 certificate or null if no principal was defined
174 * Returns the certificate(s) of the principal (subject) of this concrete SSL
178 * that of the certification authority) or null if no certificate
182 public Certificate[] getLocalCertificates() { in getLocalCertificates()
187 * Returns the certificate(s) of the peer in this SSL session
192 * eventually that of the certification authority) or null if no
[all …]
DOpenSSLX509CRL.java8 * http://www.apache.org/licenses/LICENSE-2.0
32 import java.security.cert.Certificate;
138 * This API has a special case that if there are no extensions, we in getCriticalExtensionOIDs()
139 * should return null. So if we have no critical extensions, we'll check in getCriticalExtensionOIDs()
140 * non-critical extensions. in getCriticalExtensionOIDs()
163 * This API has a special case that if there are no extensions, we in getNonCriticalExtensionOIDs()
164 * should return null. So if we have no non-critical extensions, we'll in getNonCriticalExtensionOIDs()
165 * check critical extensions. in getNonCriticalExtensionOIDs()
287 public X509CRLEntry getRevokedCertificate(X509Certificate certificate) { in getRevokedCertificate() argument
288 if (certificate instanceof OpenSSLX509Certificate) { in getRevokedCertificate()
[all …]
/external/libvncserver/webclients/java-applet/ssl/
Dtightvnc-1.3dev7_javasrc-vncviewer-ssl.patch1 diff -Naur vnc_javasrc.orig/Makefile vnc_javasrc/Makefile
2 --- vnc_javasrc.orig/Makefile 2004-03-04 08:34:25.000000000 -0500
3 +++ vnc_javasrc/Makefile 2010-05-18 20:56:26.000000000 -0400
4 @@ -4,6 +4,7 @@
8 +JC_ARGS = -target 1.4 -source 1.4
12 @@ -15,25 +16,29 @@
16 - HTTPConnectSocket.class ReloginPanel.class
27 - HTTPConnectSocket.java ReloginPanel.java
34 - $(JC) -target 1.1 -O $(SOURCES)
35 + $(JC) $(JC_ARGS) -O $(SOURCES)
[all …]
/external/curl/docs/libcurl/opts/
DCURLOPT_SSL_VERIFYHOST.38 .\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
25 CURLOPT_SSL_VERIFYHOST \- verify the certificate's name against host
36 When negotiating TLS and SSL connections, the server sends a certificate
39 When \fICURLOPT_SSL_VERIFYHOST(3)\fP is 2, that certificate must indicate that
41 fails. Simply put, it means it has to have the same name in the certificate as
45 Subject Alternate Name field in the certificate matches the host name in the
50 earlier) a debug option of some sorts, but it is no longer supported due to
55 names in the certificate. Use that ability with caution!
59 This option controls checking the server's certificate's claimed identity.
74 /* Set the default value: strict name check please */
DCURLOPT_CRLFILE.38 .\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
25 CURLOPT_CRLFILE \- specify a Certificate Revocation List file
32 concatenation of CRL (in PEM format) to use in the certificate validation that
35 When curl is built to use NSS or GnuTLS, there is no way to influence the use
38 set, requiring CRL check against all the elements of the certificate chain if
46 be loaded. A failure in certificate verification due to a revocation
51 All TLS-based protocols
/external/bouncycastle/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/
DBcKeyStoreSpi.java22 import java.security.cert.Certificate;
66 private static final String STORE_CIPHER = "PBEWithSHAAndTwofish-CBC";
71 private static final String KEY_CIPHER = "PBEWithSHAAnd3-KeyTripleDES-CBC";
77 static final int CERTIFICATE = 1; field in BcKeyStoreSpi
107 Certificate[] certChain;
112 Certificate obj) in StoreEntry()
114 this.type = CERTIFICATE; in StoreEntry()
123 Certificate[] certChain) in StoreEntry()
135 Certificate[] certChain) in StoreEntry()
186 Certificate[] certChain) in StoreEntry()
[all …]
/external/apache-harmony/security/src/test/api/java.injected/java/security/
DIdentityTest.java9 * http://www.apache.org/licenses/LICENSE-2.0
64 // check other cases in testEquals()
111 * verify addCertificate(Certificate certificate) adds a certificate for this identity.
112 * If the identity has a public key, the public key in the certificate must be the same
122 // try Certificate with different key in testAddCertificate1()
131 * verify addCertificate(Certificate certificate) adds a certificate for this identity.
132 …es not have a public key, the identity's public key is set to be that specified in the certificate.
145 …* verify addCertificate(Certificate certificate) throws KeyManagementException if certificate is n…
157 // Commented out since there will no be fix for the test failure
159 // * verify removeCertificate(Certificate certificate) removes certificate
[all …]
/external/curl/docs/
DSSLCERTS1 SSL Certificate Verification
5 ----------
11 ----------
15 you. Scroll down for details on how the OS-native engines handle SSL
16 certificates. If you're not sure, then run "curl -V" and read the results. If
21 -----------------
23 This system is about trust. In your local CA certificate store you have certs
24 from *trusted* Certificate Authorities that you then can use to verify that the
34 Certificate Verification
35 ------------------------
[all …]
/external/wpa_supplicant_8/src/eap_peer/
Deap_config.h3 * Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi>
13 * struct eap_peer_config - EAP peer configuration/credentials
17 * identity - EAP Identity
20 * EAP-PSK/PAX/SAKE/GPSK).
25 * identity_len - EAP Identity length
30 * anonymous_identity - Anonymous EAP Identity
33 * different tunnelled identity, e.g., EAP-TTLS, in order to reveal the
39 * This field can also be used with EAP-SIM/AKA/AKA' to store the
45 * anonymous_identity_len - Length of anonymous_identity
50 * password - Password string for EAP
[all …]
/external/webrtc/webrtc/base/
Dsslidentity.h4 * Use of this source code is governed by a BSD-style license
32 // A somewhat opaque type used to encapsulate a certificate.
33 // Wraps the SSL library's notion of a certificate, with reference counting.
39 // Parses and build a certificate from a PEM encoded string.
41 // The length of the string representation of the certificate is
42 // stored in *pem_length if it is non-NULL, and only if
49 // underlying certificate, including its chain if present.
54 // The chain includes a copy of each certificate, excluding the leaf.
57 // Returns a PEM encoded string representation of the certificate.
60 // Provides a DER encoded binary representation of the certificate.
[all …]
/external/boringssl/src/ssl/test/runner/
Dtls.go2 // Use of this source code is governed by a BSD-style
23 // The configuration config must be non-nil and must have
24 // at least one certificate.
60 // The configuration config must be non-nil and must have
61 // at least one certificate.
71 // The configuration config must be non-nil and must have
72 // at least one certificate.
75 return nil, errors.New("tls.Listen: no certificates in configuration")
115 errChannel <- timeoutError{}
125 if colonPos == -1 {
[all …]
/external/boringssl/src/include/openssl/
Dx509_vfy.h1 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
8 * This library is free for commercial and non-commercial use as long as
35 * being used are not cryptographic related :-).
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
60 /* openssl/x509.h ends up #include-ing this file at about the only
96 SSL_CTX -> X509_STORE
97 -> X509_LOOKUP
98 ->X509_LOOKUP_METHOD
99 -> X509_LOOKUP
100 ->X509_LOOKUP_METHOD
[all …]

12345678910