Searched refs:certificate (Results 1 - 15 of 15) sorted by relevance

/system/keymaster/
H A Dasymmetric_key.cpp45 X509* certificate) {
104 if (!X509_add_ext(certificate, key_usage_extension.get() /* Don't release; copied */,
175 static bool add_public_key(EVP_PKEY* key, X509* certificate, keymaster_error_t* error) { argument
176 if (!X509_set_pubkey(certificate, key)) {
186 const KeymasterContext& context, X509* certificate,
194 if (!X509_add_ext(certificate, attest_extension.get() /* Don't release; copied */,
203 static keymaster_error_t get_certificate_blob(X509* certificate, keymaster_blob_t* blob) { argument
204 int len = i2d_X509(certificate, nullptr);
213 i2d_X509(certificate, &p);
239 // certificate
43 add_key_usage_extension(const AuthorizationSet& tee_enforced, const AuthorizationSet& sw_enforced, X509* certificate) argument
183 add_attestation_extension(const AuthorizationSet& attest_params, const AuthorizationSet& tee_enforced, const AuthorizationSet& sw_enforced, const KeymasterContext& context, X509* certificate, keymaster_error_t* error) argument
[all...]
H A Dandroid_keymaster_test.cpp3427 << "Verification of certificate " << i << " failed";
3435 static ASN1_OCTET_STRING* get_attestation_record(X509* certificate) { argument
3441 int location = X509_get_ext_by_OBJ(certificate, oid.get(), -1 /* search from beginning */);
3446 X509_EXTENSION* attest_rec_ext = X509_get_ext(certificate, location);
/system/tpm/attestation/server/
H A Dpkcs11_key_store.h67 const std::string& certificate) override;
69 const std::string& certificate) override;
105 // X.509 |certificate|. Returns false if the value cannot be determined.
106 bool GetCertificateFields(const std::string& certificate,
111 // Returns true iff the given certificate already exists in the token.
113 const std::string& certificate);
H A Dkey_store.h61 // If a non-empty |certificate| is provided it will be registered along with
69 const std::string& certificate) = 0;
71 // Registers a |certificate| that is not associated to a registered key. The
72 // certificate will be associated with |username|.
74 const std::string& certificate) = 0;
H A Dmock_key_store.h54 const std::string& certificate));
57 const std::string& certificate));
H A Dpkcs11_key_store.cc222 const std::string& certificate) {
322 if (!certificate.empty()) {
326 if (!GetCertificateFields(certificate, &subject, &issuer, &serial_number)) {
327 LOG(WARNING) << "Pkcs11KeyStore: Failed to find certificate fields.";
329 // Construct a PKCS #11 template for a certificate object.
330 std::string mutable_certificate = certificate;
350 LOG(ERROR) << "Pkcs11KeyStore: Failed to create certificate object.";
363 const std::string& certificate) {
375 if (DoesCertificateExist(session.handle(), certificate)) {
382 if (!GetCertificateFields(certificate,
216 Register(const std::string& username, const std::string& label, KeyType key_type, KeyUsage key_usage, const std::string& private_key_blob, const std::string& public_key_der, const std::string& certificate) argument
362 RegisterCertificate(const std::string& username, const std::string& certificate) argument
560 GetCertificateFields(const std::string& certificate, std::string* subject, std::string* issuer, std::string* serial_number) argument
602 DoesCertificateExist(CK_SESSION_HANDLE session_handle, const std::string& certificate) argument
[all...]
H A Dattestation_service.cc317 std::string certificate; local
323 request.encrypted_certificate().sym_ca_attestation(), &certificate)) {
331 ->set_identity_credential(certificate);
337 result->set_certificate(certificate);
791 const std::string& certificate) {
796 pem += brillo::data_encoding::Base64EncodeWrapLines(certificate);
790 CreatePEMCertificate( const std::string& certificate) argument
H A Ddbus_service_test.cc97 reply.set_certificate_chain("certificate");
110 EXPECT_EQ("certificate", reply.certificate_chain());
152 reply.set_certificate("certificate");
168 EXPECT_EQ("certificate", reply.certificate());
182 reply.set_ek_certificate("certificate");
195 EXPECT_EQ("certificate", reply.ek_certificate());
210 reply.set_certificate("certificate");
226 EXPECT_EQ("certificate", reply.certificate());
[all...]
H A Dattestation_service_test.cc66 // Setup a fake wrapped EK certificate by default.
465 EXPECT_EQ(GetFakeCertificateChain(), reply.certificate());
496 EXPECT_EQ(GetFakeCertificateChain(), reply.certificate());
540 database->mutable_credentials()->set_endorsement_credential("certificate");
545 EXPECT_EQ("certificate", reply.ek_certificate());
587 database->mutable_identity_key()->set_identity_credential("certificate");
596 EXPECT_EQ("certificate", reply.certificate());
626 database->mutable_identity_key()->set_identity_credential("certificate");
633 EXPECT_EQ("certificate", repl
[all...]
H A Dattestation_service.h116 kGetCertificate, // Issues a certificate for a TPM-backed key.
199 // Finishes a certificate request by decoding the |certificate_response| to
247 // Creates a PEM certificate chain from the credential fields of a |key|.
250 // Creates a certificate in PEM format from a DER encoded X.509 certificate.
251 std::string CreatePEMCertificate(const std::string& certificate);
254 // certificate. This decision factors in the currently signed-in |user| and
255 // the |origin| of the certificate request. The strategy is to find an index
/system/update_engine/
H A Dcertificate_checker.cc42 X509* certificate = X509_STORE_CTX_get_current_cert(x509_ctx); local
43 TEST_AND_RETURN_FALSE(certificate);
50 bool success = X509_digest(certificate, digest_function, out_digest, &len);
87 // which will be called after each server certificate is validated. However,
89 // callback, the certificate check will have to be done statically. Since we
91 // certificate, we hardcode Chrome OS's two known update servers here, and
140 // certificate. We store a report to UMA and just propagate the fail result.
154 LOG(WARNING) << "Failed to generate digest of X509 certificate "
168 // If there's no stored certificate, we just store the current one and return.
171 LOG(WARNING) << "Failed to store server certificate o
[all...]
/system/extras/verity/
H A DBootSignature.java51 * certificate ::= Certificate
67 private ASN1Encodable certificate; field in class:BootSignature
101 certificate = sequence.getObjectAt(1);
102 byte[] encoded = ((ASN1Object) certificate).getEncoded();
151 certificate = s.readObject();
182 v.add(certificate);
302 if (args.length >= 4 && "-certificate".equals(args[2])) {
303 /* args[3] is the path to a public key certificate */
313 args[3] is the path to the matching public key certificate
H A Dverify_boot_signature.c58 X509 *certificate;
66 ASN1_SIMPLE(BootSignature, certificate, X509),
309 * Verifies the RSA signature against the pubkey (certificate) in the
334 if ((pkey_bs = X509_get_pubkey(bs->certificate)) == NULL) {
/system/tpm/attestation/common/
H A Dprint_interface_proto.cc227 output += indent + " certificate: ";
230 base::HexEncode(value.certificate().data(), value.certificate().size())
354 output += indent + " certificate: ";
357 base::HexEncode(value.certificate().data(), value.certificate().size())
434 output += indent + " certificate: ";
437 base::HexEncode(value.certificate().data(), value.certificate().size())
/system/tpm/attestation/client/
H A Ddbus_proxy_test.cc67 reply_proto.set_certificate_chain("certificate");
80 EXPECT_EQ("certificate", reply.certificate_chain());
114 reply_proto.set_certificate("certificate");
131 EXPECT_EQ("certificate", reply.certificate());
155 reply_proto.set_ek_certificate("certificate");
168 EXPECT_EQ("certificate", reply.ek_certificate());
192 reply_proto.set_certificate("certificate");
208 EXPECT_EQ("certificate", reply.certificate());
[all...]

Completed in 111 milliseconds