Lines Matching refs:Certificate
110 type certificate struct {
460 // A Certificate represents an X.509 certificate.
461 type Certificate struct {
462 Raw []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature).
463 RawTBSCertificate []byte // Certificate part of raw ASN.1 DER content.
542 // a certificate. For example: checking a signature when the public key isn't a
543 // certificate signing key.
547 return "x509: invalid signature: parent certificate cannot sign this kind of certificate"
550 func (c *Certificate) Equal(other *Certificate) bool {
554 // Entrust have a broken root certificate (CN=Entrust.net Certification
555 // Authority (2048)) which isn't marked as a CA certificate and is thus invalid
557 // We recognise this certificate by its SubjectPublicKeyInfo and exempt it
605 func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err error) {
608 // certificate, or the extension is present but the cA boolean is not
610 // certificate signatures."
633 func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) (err error) {
699 func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) (err error) {
880 err = errors.New("x509: certificate contained IP address of length " + strconv.Itoa(len(v.Bytes)))
889 func parseCertificate(in *certificate) (*Certificate, error) {
890 out := new(Certificate)
1099 // RFC 5280 4.2.1.4: Certificate Policies
1104 return nil, errors.New("x509: trailing data after X.509 certificate policies")
1148 // ParseCertificate parses a single certificate from the given ASN.1 DER data.
1149 func ParseCertificate(asn1Data []byte) (*Certificate, error) {
1150 var cert certificate
1164 func ParseCertificates(asn1Data []byte) ([]*Certificate, error) {
1165 var v []*certificate
1168 cert := new(certificate)
1177 ret := make([]*Certificate, len(v))
1266 func buildExtensions(template *Certificate) (ret []pkix.Extension, err error) {
1442 func subjectBytes(cert *Certificate) ([]byte, error) {
1518 // CreateCertificate creates a new certificate based on a template. The
1524 // The certificate is signed by parent. If parent is equal to template then the
1525 // certificate is self-signed. The parameter pub is the public key of the
1528 // The returned slice is the certificate in DER encoding.
1532 func CreateCertificate(rand io.Reader, template, parent *Certificate, pub, priv interface{}) (cert []byte, err error) {
1535 return nil, errors.New("x509: certificate private key does not implement crypto.Signer")
1596 return asn1.Marshal(certificate{
1636 // CreateCRL returns a DER encoded CRL, signed by this Certificate, that
1638 func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts []pkix.RevokedCertificate, now, expiry time.Time) (crlBytes []byte, err error) {
1641 return nil, errors.New("x509: certificate private key does not implement crypto.Signer")
1691 // CertificateRequest represents a PKCS #10, certificate signature request.
1694 RawTBSCertificateRequest []byte // Certificate request info part of raw ASN.1 DER content.
1708 // additional information about the subject of the certificate.
1732 // These structures reflect the ASN.1 structure of X.509 certificate
1784 // CreateCertificateRequest creates a new certificate based on a template. The
1789 // The returned slice is the certificate request in DER encoding.
1796 return nil, errors.New("x509: certificate private key does not implement crypto.Signer")
1940 // ParseCertificateRequest parses a single certificate request from the
