Lines Matching full:opts
146 func (c *Certificate) isValid(certType int, currentChain []*Certificate, opts *VerifyOptions) error {
147 now := opts.CurrentTime
158 if opts.DNSName == domain ||
159 (strings.HasSuffix(opts.DNSName, domain) &&
160 len(opts.DNSName) >= 1+len(domain) &&
161 opts.DNSName[len(opts.DNSName)-len(domain)-1] == '.') {
204 // certificate in opts.Roots, using certificates in opts.Intermediates if
206 // element of the chain is c and the last element is from opts.Roots.
208 // If opts.Roots is nil and system roots are unavailable the returned error
212 func (c *Certificate) Verify(opts VerifyOptions) (chains [][]*Certificate, err error) {
214 if opts.Roots == nil && runtime.GOOS == "windows" {
215 return c.systemVerify(&opts)
222 if opts.Roots == nil {
223 opts.Roots = systemRootsPool()
224 if opts.Roots == nil {
229 err = c.isValid(leafCertificate, nil, &opts)
234 if len(opts.DNSName) > 0 {
235 err = c.VerifyHostname(opts.DNSName)
241 candidateChains, err := c.buildChains(make(map[int][][]*Certificate), []*Certificate{c}, &opts)
246 keyUsages := opts.KeyUsages
279 func (c *Certificate) buildChains(cache map[int][][]*Certificate, currentChain []*Certificate, opts *VerifyOptions) (chains [][]*Certificate, err error) {
280 possibleRoots, failedRoot, rootErr := opts.Roots.findVerifiedParents(c)
282 root := opts.Roots.certs[rootNum]
283 err = root.isValid(rootCertificate, currentChain, opts)
290 possibleIntermediates, failedIntermediate, intermediateErr := opts.Intermediates.findVerifiedParents(c)
293 intermediate := opts.Intermediates.certs[intermediateNum]
299 err = intermediate.isValid(intermediateCertificate, currentChain, opts)
306 childChains, err = intermediate.buildChains(cache, appendToFreshChain(currentChain, intermediate), opts)
