/system/keymaster/ |
H A D | asymmetric_key.cpp | 45 X509* certificate) { 104 if (!X509_add_ext(certificate, key_usage_extension.get() /* Don't release; copied */, 175 static bool add_public_key(EVP_PKEY* key, X509* certificate, keymaster_error_t* error) { argument 176 if (!X509_set_pubkey(certificate, key)) { 186 const KeymasterContext& context, X509* certificate, 194 if (!X509_add_ext(certificate, attest_extension.get() /* Don't release; copied */, 203 static keymaster_error_t get_certificate_blob(X509* certificate, keymaster_blob_t* blob) { argument 204 int len = i2d_X509(certificate, nullptr); 213 i2d_X509(certificate, &p); 239 // certificate 43 add_key_usage_extension(const AuthorizationSet& tee_enforced, const AuthorizationSet& sw_enforced, X509* certificate) argument 183 add_attestation_extension(const AuthorizationSet& attest_params, const AuthorizationSet& tee_enforced, const AuthorizationSet& sw_enforced, const KeymasterContext& context, X509* certificate, keymaster_error_t* error) argument [all...] |
/system/tpm/attestation/server/ |
H A D | pkcs11_key_store.h | 67 const std::string& certificate) override; 69 const std::string& certificate) override; 106 // X.509 |certificate|. Returns false if the value cannot be determined. 107 bool GetCertificateFields(const std::string& certificate, 112 // Returns true iff the given certificate already exists in the token. 114 const std::string& certificate);
|
H A D | key_store.h | 61 // If a non-empty |certificate| is provided it will be registered along with 69 const std::string& certificate) = 0; 71 // Registers a |certificate| that is not associated to a registered key. The 72 // certificate will be associated with |username|. 74 const std::string& certificate) = 0;
|
H A D | mock_key_store.h | 50 const std::string& certificate)); 52 const std::string& certificate));
|
H A D | pkcs11_key_store.cc | 244 const std::string& certificate) { 351 if (!certificate.empty()) { 355 if (!GetCertificateFields(certificate, &subject, &issuer, &serial_number)) { 356 LOG(WARNING) << "Pkcs11KeyStore: Failed to find certificate fields."; 358 // Construct a PKCS #11 template for a certificate object. 359 std::string mutable_certificate = certificate; 387 LOG(ERROR) << "Pkcs11KeyStore: Failed to create certificate object."; 400 const std::string& certificate) { 412 if (DoesCertificateExist(session.handle(), certificate)) { 419 if (!GetCertificateFields(certificate, 238 Register(const std::string& username, const std::string& label, KeyType key_type, KeyUsage key_usage, const std::string& private_key_blob, const std::string& public_key_der, const std::string& certificate) argument 399 RegisterCertificate(const std::string& username, const std::string& certificate) argument 614 GetCertificateFields(const std::string& certificate, std::string* subject, std::string* issuer, std::string* serial_number) argument 656 DoesCertificateExist( CK_SESSION_HANDLE session_handle, const std::string& certificate) argument [all...] |
H A D | attestation_service.cc | 350 std::string certificate; local 358 &certificate)) { 365 set_identity_credential(certificate); 371 result->set_certificate(certificate); 854 const std::string& certificate) { 859 pem += brillo::data_encoding::Base64EncodeWrapLines(certificate); 853 CreatePEMCertificate( const std::string& certificate) argument
|
H A D | dbus_service_test.cc | 97 reply.set_certificate_chain("certificate"); 110 EXPECT_EQ("certificate", reply.certificate_chain()); 151 reply.set_certificate("certificate"); 167 EXPECT_EQ("certificate", reply.certificate()); 181 reply.set_ek_certificate("certificate"); 194 EXPECT_EQ("certificate", reply.ek_certificate()); 209 reply.set_certificate("certificate"); 225 EXPECT_EQ("certificate", reply.certificate()); [all...] |
H A D | attestation_service_test.cc | 66 // Setup a fake wrapped EK certificate by default. 474 EXPECT_EQ(GetFakeCertificateChain(), reply.certificate()); 505 EXPECT_EQ(GetFakeCertificateChain(), reply.certificate()); 549 database->mutable_credentials()->set_endorsement_credential("certificate"); 554 EXPECT_EQ("certificate", reply.ek_certificate()); 596 database->mutable_identity_key()->set_identity_credential("certificate"); 605 EXPECT_EQ("certificate", reply.certificate()); 635 database->mutable_identity_key()->set_identity_credential("certificate"); 642 EXPECT_EQ("certificate", repl [all...] |
H A D | attestation_service.h | 124 kGetCertificate, // Issues a certificate for a TPM-backed key. 208 // Finishes a certificate request by decoding the |certificate_response| to 257 // Creates a PEM certificate chain from the credential fields of a |key|. 260 // Creates a certificate in PEM format from a DER encoded X.509 certificate. 261 std::string CreatePEMCertificate(const std::string& certificate); 264 // certificate. This decision factors in the currently signed-in |user| and 265 // the |origin| of the certificate request. The strategy is to find an index
|
/system/connectivity/shill/ |
H A D | mock_crypto_util_proxy.cc | 47 const std::string& certificate, 56 return CryptoUtilProxy::VerifyDestination(certificate, public_key, 46 RealVerifyDestination( const std::string& certificate, const std::string& public_key, const std::string& nonce, const std::string& signed_data, const std::string& destination_udn, const std::vector<uint8_t>& ssid, const std::string& bssid, const ResultBoolCallback& result_callback, Error* error) argument
|
H A D | mock_crypto_util_proxy.h | 41 bool(const std::string& certificate, 55 bool RealVerifyDestination(const std::string& certificate,
|
H A D | crypto_util_proxy.h | 57 // |certificate| should be a device certificate in PEM format. 64 virtual bool VerifyDestination(const std::string& certificate,
|
H A D | crypto_util_proxy.cc | 77 const string& certificate, 102 message.set_certificate(certificate); 76 VerifyDestination( const string& certificate, const string& public_key, const string& nonce, const string& signed_data, const string& destination_udn, const vector<uint8_t>& ssid, const string& bssid, const ResultBoolCallback& result_callback, Error* error) argument
|
/system/webservd/webservd/ |
H A D | config.h | 49 brillo::Blob certificate; member in struct:webservd::final::final
|
H A D | config_unittest.cc | 96 EXPECT_TRUE(it->certificate.empty()); 117 EXPECT_TRUE(handler_config.certificate.empty()); 125 EXPECT_TRUE(handler_config.certificate.empty());
|
H A D | protocol_handler.cc | 161 // If using TLS, the certificate, private key and fingerprint must be 164 CHECK_EQ(config->use_tls, !config->certificate.empty()); 248 // libmicrohttpd expects both the key and certificate to be zero-terminated 251 brillo::Blob certificate_copy = config->certificate;
|
/system/update_engine/ |
H A D | certificate_checker.cc | 42 X509* certificate = X509_STORE_CTX_get_current_cert(x509_ctx); local 43 TEST_AND_RETURN_FALSE(certificate); 50 bool success = X509_digest(certificate, digest_function, out_digest, &len); 87 // which will be called after each server certificate is validated. However, 89 // callback, the certificate check will have to be done statically. Since we 91 // certificate, we hardcode Chrome OS's two known update servers here, and 140 // certificate. We store a report to UMA and just propagate the fail result. 154 LOG(WARNING) << "Failed to generate digest of X509 certificate " 168 // If there's no stored certificate, we just store the current one and return. 171 LOG(WARNING) << "Failed to store server certificate o [all...] |
/system/extras/verity/ |
H A D | BootSignature.java | 51 * certificate ::= Certificate 67 private ASN1Encodable certificate; field in class:BootSignature 101 certificate = sequence.getObjectAt(1); 102 byte[] encoded = ((ASN1Object) certificate).getEncoded(); 151 certificate = s.readObject(); 182 v.add(certificate); 302 if (args.length >= 4 && "-certificate".equals(args[2])) { 303 /* args[3] is the path to a public key certificate */ 313 args[3] is the path to the matching public key certificate
|
H A D | KeystoreSigner.java | 90 private X509Certificate certificate; field in class:BootKeystore 106 certificate = cert; 153 signature.setCertificate(certificate); 164 "<certificate.x509.pem> <outfile> <publickey0.der> " +
|
H A D | verify_boot_signature.c | 57 X509 *certificate; 65 ASN1_SIMPLE(BootSignature, certificate, X509), 328 if ((pkey = X509_get_pubkey(bs->certificate)) == NULL) {
|
/system/connectivity/shill/shims/ |
H A D | crypto_util.cc | 147 // Verify that the destination described by |certificate| is valid. 149 // 1) The MAC address listed in the certificate matches |connected_mac|. 150 // 2) The certificate is a valid PEM encoded certificate signed by our 153 // the public key in |certificate|. 158 bool VerifyCredentialsImpl(const string& certificate, argument 201 const_cast<char*>(certificate.data()), certificate.length()); 204 LOG(ERROR) << "Failed to allocate openssl certificate buffer."; 212 LOG(ERROR) << "Failed to parse certificate [all...] |
/system/connectivity/shill/dbus/ |
H A D | chromeos_manager_dbus_adaptor.cc | 419 const string& certificate, 430 manager_->VerifyDestination(certificate, public_key, nonce, 447 const string& certificate, 460 manager_->VerifyAndEncryptCredentials(certificate, public_key, nonce, 479 const string& certificate, 492 manager_->VerifyAndEncryptData(certificate, public_key, nonce, 417 VerifyDestination( DBusMethodResponsePtr<bool> response, const string& certificate, const string& public_key, const string& nonce, const string& signed_data, const string& destination_udn, const string& hotspot_ssid, const string& hotspot_bssid) argument 445 VerifyAndEncryptCredentials( DBusMethodResponsePtr<string> response, const string& certificate, const string& public_key, const string& nonce, const string& signed_data, const string& destination_udn, const string& hotspot_ssid, const string& hotspot_bssid, const dbus::ObjectPath& network) argument 477 VerifyAndEncryptData( DBusMethodResponsePtr<string> response, const string& certificate, const string& public_key, const string& nonce, const string& signed_data, const string& destination_udn, const string& hotspot_ssid, const string& hotspot_bssid, const string& data) argument
|
H A D | chromeos_manager_dbus_adaptor.h | 133 const std::string& certificate, 141 const std::string& certificate, 150 const std::string& certificate,
|
/system/tpm/attestation/common/ |
H A D | print_interface_proto.cc | 224 output += indent + " certificate: "; 226 base::HexEncode(value.certificate().data(), 227 value.certificate().size()).c_str()); 347 output += indent + " certificate: "; 349 base::HexEncode(value.certificate().data(), 350 value.certificate().size()).c_str()); 425 output += indent + " certificate: "; 427 base::HexEncode(value.certificate().data(), 428 value.certificate().size()).c_str());
|
/system/tpm/attestation/client/ |
H A D | dbus_proxy_test.cc | 66 reply_proto.set_certificate_chain("certificate"); 79 EXPECT_EQ("certificate", reply.certificate_chain()); 113 reply_proto.set_certificate("certificate"); 130 EXPECT_EQ("certificate", reply.certificate()); 154 reply_proto.set_ek_certificate("certificate"); 167 EXPECT_EQ("certificate", reply.ek_certificate()); 191 reply_proto.set_certificate("certificate"); 207 EXPECT_EQ("certificate", reply.certificate()); [all...] |