Home | History | Annotate | Download | only in x509

Lines Matching refs:cert

431 		cert, err := ParseCertificate(derBytes)
437 		if len(cert.PolicyIdentifiers) != 1 || !cert.PolicyIdentifiers[0].Equal(template.PolicyIdentifiers[0]) {
438 			t.Errorf("%s: failed to parse policy identifiers: got:%#v want:%#v", test.name, cert.PolicyIdentifiers, template.PolicyIdentifiers)
441 		if len(cert.PermittedDNSDomains) != 2 || cert.PermittedDNSDomains[0] != ".example.com" || cert.PermittedDNSDomains[1] != "example.com" {
442 			t.Errorf("%s: failed to parse name constraints: %#v", test.name, cert.PermittedDNSDomains)
445 		if cert.Subject.CommonName != commonName {
446 			t.Errorf("%s: subject wasn't correctly copied from the template. Got %s, want %s", test.name, cert.Subject.CommonName, commonName)
449 		if len(cert.Subject.Country) != 1 || cert.Subject.Country[0] != "NL" {
454 		for _, atv := range cert.Subject.Names {
464 		if cert.Issuer.CommonName != commonName {
465 			t.Errorf("%s: issuer wasn't correctly copied from the template. Got %s, want %s", test.name, cert.Issuer.CommonName, commonName)
468 		if cert.SignatureAlgorithm != test.sigAlgo {
469 			t.Errorf("%s: SignatureAlgorithm wasn't copied from template. Got %v, want %v", test.name, cert.SignatureAlgorithm, test.sigAlgo)
472 		if !reflect.DeepEqual(cert.ExtKeyUsage, testExtKeyUsage) {
473 			t.Errorf("%s: extkeyusage wasn't correctly copied from the template. Got %v, want %v", test.name, cert.ExtKeyUsage, testExtKeyUsage)
476 		if !reflect.DeepEqual(cert.UnknownExtKeyUsage, testUnknownExtKeyUsage) {
477 			t.Errorf("%s: unknown extkeyusage wasn't correctly copied from the template. Got %v, want %v", test.name, cert.UnknownExtKeyUsage, testUnknownExtKeyUsage)
480 		if !reflect.DeepEqual(cert.OCSPServer, template.OCSPServer) {
481 			t.Errorf("%s: OCSP servers differ from template. Got %v, want %v", test.name, cert.OCSPServer, template.OCSPServer)
484 		if !reflect.DeepEqual(cert.IssuingCertificateURL, template.IssuingCertificateURL) {
485 			t.Errorf("%s: Issuing certificate URLs differ from template. Got %v, want %v", test.name, cert.IssuingCertificateURL, template.IssuingCertificateURL)
488 		if !reflect.DeepEqual(cert.DNSNames, template.DNSNames) {
489 			t.Errorf("%s: SAN DNS names differ from template. Got %v, want %v", test.name, cert.DNSNames, template.DNSNames)
492 		if !reflect.DeepEqual(cert.EmailAddresses, template.EmailAddresses) {
493 			t.Errorf("%s: SAN emails differ from template. Got %v, want %v", test.name, cert.EmailAddresses, template.EmailAddresses)
496 		if !reflect.DeepEqual(cert.IPAddresses, template.IPAddresses) {
497 			t.Errorf("%s: SAN IPs differ from template. Got %v, want %v", test.name, cert.IPAddresses, template.IPAddresses)
500 		if !reflect.DeepEqual(cert.CRLDistributionPoints, template.CRLDistributionPoints) {
501 			t.Errorf("%s: CRL distribution points differ from template. Got %v, want %v", test.name, cert.CRLDistributionPoints, template.CRLDistributionPoints)
504 		if !bytes.Equal(cert.SubjectKeyId, []byte{4, 3, 2, 1}) {
513 			err = cert.CheckSignatureFrom(cert)
563 		cert, err := ParseCertificate(derBytes)
569 		roots.AddCert(cert)
574 		_, err = cert.Verify(VerifyOptions{Roots: roots})
582 		cert.UnhandledCriticalExtensions = nil
583 		if _, err = cert.Verify(VerifyOptions{Roots: roots}); err != nil {
677 		cert, err := ParseCertificate(pemBlock.Bytes)
682 		if sa := cert.SignatureAlgorithm; sa != test.sigAlgo {
685 		if parsedKey, ok := cert.PublicKey.(*ecdsa.PublicKey); !ok {
688 		if pka := cert.PublicKeyAlgorithm; pka != ECDSA {
691 		if err = cert.CheckSignatureFrom(cert); err != nil {
734 	cert, err := ParseCertificate(pemBlock.Bytes)
738 	if cert.PublicKeyAlgorithm != DSA {
741 	parsedKey, ok := cert.PublicKey.(*dsa.PublicKey)
755 	cert, err := ParseCertificate(pemBlock.Bytes)
759 	if cert.SignatureAlgorithm != DSAWithSHA1 {
766 	cert, err := ParseCertificate(pemBlock.Bytes)
770 	// test cert is self-signed
771 	if err = cert.CheckSignatureFrom(cert); err != nil {
818 	cert, err := ParseCertificate(der.Bytes)
823 	if err = cert.CheckSignatureFrom(cert); err != nil {
852 	cert, _ := ParseCertificate(block.Bytes)
882 	crlBytes, err := cert.CreateCRL(rand.Reader, priv, revokedCerts, now, expiry)
1208 	cert, err := ParseCertificate(derBytes)
1214 	return cert
1272 	if cert := serialiseAndParse(t, template); len(cert.AuthorityKeyId) != 0 {
1277 	if cert := serialiseAndParse(t, template); len(cert.AuthorityKeyId) == 0 {
1363 	cert, err := ParseCertificate(pemBlock.Bytes)
1367 	if sa := cert.SignatureAlgorithm; sa != MD5WithRSA {
1370 	if err = cert.CheckSignatureFrom(cert); err == nil {
1421 	if cert, err := ParseCertificate(block.Bytes); err != nil {
1423 	} else if cert.SignatureAlgorithm == UnknownSignatureAlgorithm {
1466 	cert, err := ParseCertificate(block.Bytes)
1471 	if want := "eportal.mss.edus.si"; cert.Subject.CommonName != want {
1472 		t.Errorf("got common name of %q, but want %q", cert.Subject.CommonName, want)
1475 	if want := "1236484010010"; cert.Subject.SerialNumber != want {
1476 		t.Errorf("got serial number of %q, but want %q", cert.Subject.SerialNumber, want)