| /system/keymaster/ |
| H A D | asymmetric_key.cpp | 45 X509* certificate) {
104 if (!X509_add_ext(certificate, key_usage_extension.get() /* Don't release; copied */,
175 static bool add_public_key(EVP_PKEY* key, X509* certificate, keymaster_error_t* error) { argument
176 if (!X509_set_pubkey(certificate, key)) {
186 const KeymasterContext& context, X509* certificate,
194 if (!X509_add_ext(certificate, attest_extension.get() /* Don't release; copied */,
203 static keymaster_error_t get_certificate_blob(X509* certificate, keymaster_blob_t* blob) { argument
204 int len = i2d_X509(certificate, nullptr);
213 i2d_X509(certificate, &p);
239 // certificate
43 add_key_usage_extension(const AuthorizationSet& tee_enforced, const AuthorizationSet& sw_enforced, X509* certificate) argument
183 add_attestation_extension(const AuthorizationSet& attest_params, const AuthorizationSet& tee_enforced, const AuthorizationSet& sw_enforced, const KeymasterContext& context, X509* certificate, keymaster_error_t* error) argument
[all...] |
| /system/tpm/attestation/server/ |
| H A D | pkcs11_key_store.h | 67 const std::string& certificate) override;
69 const std::string& certificate) override;
106 // X.509 |certificate|. Returns false if the value cannot be determined.
107 bool GetCertificateFields(const std::string& certificate,
112 // Returns true iff the given certificate already exists in the token.
114 const std::string& certificate);
|
| H A D | key_store.h | 61 // If a non-empty |certificate| is provided it will be registered along with
69 const std::string& certificate) = 0;
71 // Registers a |certificate| that is not associated to a registered key. The
72 // certificate will be associated with |username|.
74 const std::string& certificate) = 0;
|
| H A D | mock_key_store.h | 50 const std::string& certificate));
52 const std::string& certificate));
|
| H A D | pkcs11_key_store.cc | 244 const std::string& certificate) {
351 if (!certificate.empty()) {
355 if (!GetCertificateFields(certificate, &subject, &issuer, &serial_number)) {
356 LOG(WARNING) << "Pkcs11KeyStore: Failed to find certificate fields.";
358 // Construct a PKCS #11 template for a certificate object.
359 std::string mutable_certificate = certificate;
387 LOG(ERROR) << "Pkcs11KeyStore: Failed to create certificate object.";
400 const std::string& certificate) {
412 if (DoesCertificateExist(session.handle(), certificate)) {
419 if (!GetCertificateFields(certificate,
238 Register(const std::string& username, const std::string& label, KeyType key_type, KeyUsage key_usage, const std::string& private_key_blob, const std::string& public_key_der, const std::string& certificate) argument
399 RegisterCertificate(const std::string& username, const std::string& certificate) argument
614 GetCertificateFields(const std::string& certificate, std::string* subject, std::string* issuer, std::string* serial_number) argument
656 DoesCertificateExist( CK_SESSION_HANDLE session_handle, const std::string& certificate) argument
[all...] |
| H A D | attestation_service.cc | 350 std::string certificate; local
358 &certificate)) {
365 set_identity_credential(certificate);
371 result->set_certificate(certificate);
854 const std::string& certificate) {
859 pem += brillo::data_encoding::Base64EncodeWrapLines(certificate);
853 CreatePEMCertificate( const std::string& certificate) argument
|
| H A D | dbus_service_test.cc | 97 reply.set_certificate_chain("certificate");
110 EXPECT_EQ("certificate", reply.certificate_chain());
151 reply.set_certificate("certificate");
167 EXPECT_EQ("certificate", reply.certificate());
181 reply.set_ek_certificate("certificate");
194 EXPECT_EQ("certificate", reply.ek_certificate());
209 reply.set_certificate("certificate");
225 EXPECT_EQ("certificate", reply.certificate());
[all...] |
| H A D | attestation_service_test.cc | 66 // Setup a fake wrapped EK certificate by default.
474 EXPECT_EQ(GetFakeCertificateChain(), reply.certificate());
505 EXPECT_EQ(GetFakeCertificateChain(), reply.certificate());
549 database->mutable_credentials()->set_endorsement_credential("certificate");
554 EXPECT_EQ("certificate", reply.ek_certificate());
596 database->mutable_identity_key()->set_identity_credential("certificate");
605 EXPECT_EQ("certificate", reply.certificate());
635 database->mutable_identity_key()->set_identity_credential("certificate");
642 EXPECT_EQ("certificate", repl
[all...] |
| H A D | attestation_service.h | 124 kGetCertificate, // Issues a certificate for a TPM-backed key.
208 // Finishes a certificate request by decoding the |certificate_response| to
257 // Creates a PEM certificate chain from the credential fields of a |key|.
260 // Creates a certificate in PEM format from a DER encoded X.509 certificate.
261 std::string CreatePEMCertificate(const std::string& certificate);
264 // certificate. This decision factors in the currently signed-in |user| and
265 // the |origin| of the certificate request. The strategy is to find an index
|
| /system/connectivity/shill/ |
| H A D | mock_crypto_util_proxy.cc | 47 const std::string& certificate,
56 return CryptoUtilProxy::VerifyDestination(certificate, public_key,
46 RealVerifyDestination( const std::string& certificate, const std::string& public_key, const std::string& nonce, const std::string& signed_data, const std::string& destination_udn, const std::vector<uint8_t>& ssid, const std::string& bssid, const ResultBoolCallback& result_callback, Error* error) argument
|
| H A D | mock_crypto_util_proxy.h | 41 bool(const std::string& certificate,
55 bool RealVerifyDestination(const std::string& certificate,
|
| H A D | crypto_util_proxy.h | 57 // |certificate| should be a device certificate in PEM format.
64 virtual bool VerifyDestination(const std::string& certificate,
|
| H A D | crypto_util_proxy.cc | 77 const string& certificate,
102 message.set_certificate(certificate);
76 VerifyDestination( const string& certificate, const string& public_key, const string& nonce, const string& signed_data, const string& destination_udn, const vector<uint8_t>& ssid, const string& bssid, const ResultBoolCallback& result_callback, Error* error) argument
|
| /system/webservd/webservd/ |
| H A D | config.h | 49 brillo::Blob certificate; member in struct:webservd::final::final
|
| H A D | config_unittest.cc | 96 EXPECT_TRUE(it->certificate.empty());
117 EXPECT_TRUE(handler_config.certificate.empty());
125 EXPECT_TRUE(handler_config.certificate.empty());
|
| H A D | protocol_handler.cc | 161 // If using TLS, the certificate, private key and fingerprint must be
164 CHECK_EQ(config->use_tls, !config->certificate.empty());
248 // libmicrohttpd expects both the key and certificate to be zero-terminated
251 brillo::Blob certificate_copy = config->certificate;
|
| /system/update_engine/ |
| H A D | certificate_checker.cc | 42 X509* certificate = X509_STORE_CTX_get_current_cert(x509_ctx); local
43 TEST_AND_RETURN_FALSE(certificate);
50 bool success = X509_digest(certificate, digest_function, out_digest, &len);
87 // which will be called after each server certificate is validated. However,
89 // callback, the certificate check will have to be done statically. Since we
91 // certificate, we hardcode Chrome OS's two known update servers here, and
140 // certificate. We store a report to UMA and just propagate the fail result.
154 LOG(WARNING) << "Failed to generate digest of X509 certificate "
168 // If there's no stored certificate, we just store the current one and return.
171 LOG(WARNING) << "Failed to store server certificate o
[all...] |
| /system/extras/verity/ |
| H A D | BootSignature.java | 51 * certificate ::= Certificate
67 private ASN1Encodable certificate; field in class:BootSignature
101 certificate = sequence.getObjectAt(1);
102 byte[] encoded = ((ASN1Object) certificate).getEncoded();
151 certificate = s.readObject();
182 v.add(certificate);
302 if (args.length >= 4 && "-certificate".equals(args[2])) {
303 /* args[3] is the path to a public key certificate */
313 args[3] is the path to the matching public key certificate
|
| H A D | KeystoreSigner.java | 90 private X509Certificate certificate; field in class:BootKeystore
106 certificate = cert;
153 signature.setCertificate(certificate);
164 "<certificate.x509.pem> <outfile> <publickey0.der> " +
|
| H A D | verify_boot_signature.c | 57 X509 *certificate;
65 ASN1_SIMPLE(BootSignature, certificate, X509),
328 if ((pkey = X509_get_pubkey(bs->certificate)) == NULL) {
|
| /system/connectivity/shill/shims/ |
| H A D | crypto_util.cc | 147 // Verify that the destination described by |certificate| is valid.
149 // 1) The MAC address listed in the certificate matches |connected_mac|.
150 // 2) The certificate is a valid PEM encoded certificate signed by our
153 // the public key in |certificate|.
158 bool VerifyCredentialsImpl(const string& certificate, argument
201 const_cast<char*>(certificate.data()), certificate.length());
204 LOG(ERROR) << "Failed to allocate openssl certificate buffer.";
212 LOG(ERROR) << "Failed to parse certificate
[all...] |
| /system/connectivity/shill/dbus/ |
| H A D | chromeos_manager_dbus_adaptor.cc | 419 const string& certificate,
430 manager_->VerifyDestination(certificate, public_key, nonce,
447 const string& certificate,
460 manager_->VerifyAndEncryptCredentials(certificate, public_key, nonce,
479 const string& certificate,
492 manager_->VerifyAndEncryptData(certificate, public_key, nonce,
417 VerifyDestination( DBusMethodResponsePtr<bool> response, const string& certificate, const string& public_key, const string& nonce, const string& signed_data, const string& destination_udn, const string& hotspot_ssid, const string& hotspot_bssid) argument
445 VerifyAndEncryptCredentials( DBusMethodResponsePtr<string> response, const string& certificate, const string& public_key, const string& nonce, const string& signed_data, const string& destination_udn, const string& hotspot_ssid, const string& hotspot_bssid, const dbus::ObjectPath& network) argument
477 VerifyAndEncryptData( DBusMethodResponsePtr<string> response, const string& certificate, const string& public_key, const string& nonce, const string& signed_data, const string& destination_udn, const string& hotspot_ssid, const string& hotspot_bssid, const string& data) argument
|
| H A D | chromeos_manager_dbus_adaptor.h | 133 const std::string& certificate,
141 const std::string& certificate,
150 const std::string& certificate,
|
| /system/tpm/attestation/common/ |
| H A D | print_interface_proto.cc | 224 output += indent + " certificate: ";
226 base::HexEncode(value.certificate().data(),
227 value.certificate().size()).c_str());
347 output += indent + " certificate: ";
349 base::HexEncode(value.certificate().data(),
350 value.certificate().size()).c_str());
425 output += indent + " certificate: ";
427 base::HexEncode(value.certificate().data(),
428 value.certificate().size()).c_str());
|
| /system/tpm/attestation/client/ |
| H A D | dbus_proxy_test.cc | 66 reply_proto.set_certificate_chain("certificate");
79 EXPECT_EQ("certificate", reply.certificate_chain());
113 reply_proto.set_certificate("certificate");
130 EXPECT_EQ("certificate", reply.certificate());
154 reply_proto.set_ek_certificate("certificate");
167 EXPECT_EQ("certificate", reply.ek_certificate());
191 reply_proto.set_certificate("certificate");
207 EXPECT_EQ("certificate", reply.certificate());
[all...] |