Lines Matching full:certificate
59 resourceDir = flag.String("resource-dir", ".", "The directory in which to find certificate and key files.")
133 rsaCertificate Certificate
134 rsa1024Certificate Certificate
135 rsaChainCertificate Certificate
136 ecdsaP224Certificate Certificate
137 ecdsaP256Certificate Certificate
138 ecdsaP384Certificate Certificate
139 ecdsaP521Certificate Certificate
140 ed25519Certificate Certificate
146 cert *Certificate
241 func getRunnerCertificate(t testCert) Certificate {
247 panic("Unknown test certificate")
256 panic("Unknown test certificate")
265 panic("Unknown test certificate")
369 // certFile is the path to the certificate to use for the server.
453 // expectPeerCertificate, if not nil, is the certificate chain the peer
455 expectPeerCertificate *Certificate
517 config.Certificates = []Certificate{rsaCertificate}
676 if len(connState.PeerCertificates) != len(test.expectPeerCertificate.Certificate) {
677 return fmt.Errorf("expected peer to send %d certificates, but got %d", len(connState.PeerCertificates), len(test.expectPeerCertificate.Certificate))
680 if !bytes.Equal(cert.Raw, test.expectPeerCertificate.Certificate[i]) {
681 return fmt.Errorf("peer certificate %d did not match", i+1)
1414 "-expect-certificate-types",
2660 // Test the server so there is a large certificate as
2676 // Test the server so there is a large certificate as
2701 cert.Certificate = append(cert.Certificate, cert.Certificate[0])
2706 Certificates: []Certificate{cert},
2713 Certificates: []Certificate{cert},
2717 // They are rejected if the maximum certificate chain length is capped.
2721 Certificates: []Certificate{cert},
2731 Certificates: []Certificate{cert},
2751 var cert Certificate
2828 Certificates: []Certificate{cert},
2853 Certificates: []Certificate{cert},
2881 Certificates: []Certificate{cert},
2906 Certificates: []Certificate{cert},
3039 // Test that clients enforce that the server-sent certificate and cipher
3046 Certificates: []Certificate{rsaCertificate},
3059 Certificates: []Certificate{ecdsaP256Certificate},
3072 Certificates: []Certificate{ed25519Certificate},
3082 // inconsistent with their configured certificate.
3245 Certificates: []Certificate{ecdsaP256Certificate},
3258 Certificates: []Certificate{ecdsaP256Certificate},
3357 // Add a dummy cert pool to stress certificate authority parsing.
3359 for _, cert := range []Certificate{rsaCertificate, rsa1024Certificate} {
3360 cert, err := x509.ParseCertificate(cert.Certificate[0])
3390 Certificates: []Certificate{rsaCertificate},
3393 flags: []string{"-require-any-client-certificate"},
3402 Certificates: []Certificate{ecdsaP256Certificate},
3405 flags: []string{"-require-any-client-certificate"},
3433 expectedLocalError: "client didn't provide a certificate",
3437 // Even if not configured to expect a certificate, OpenSSL will
3453 // If a client certificate is not provided, OpenSSL will still
3469 certificateRequired := "remote error: certificate required"
3482 flags: []string{"-require-any-client-certificate"},
3547 Certificates: []Certificate{rsaCertificate},
3554 "-require-any-client-certificate",
3565 Certificates: []Certificate{rsaCertificate},
3578 // Client auth is only legal in certificate-based ciphers.
3621 Certificates: []Certificate{rsaCertificate},
3627 "-require-any-client-certificate",
4387 Certificates: []Certificate{rsaCertificate},
4389 flags: []string{"-require-any-client-certificate"},
4396 Certificates: []Certificate{rsaCertificate},
4398 flags: []string{"-require-any-client-certificate"},
4547 // Certificate verification tests.
4561 flag = "-require-any-client-certificate"
4569 Certificates: []Certificate{rsaCertificate},
4583 Certificates: []Certificate{rsaCertificate},
4596 // certificate is verified but failures are non-fatal.
4602 Certificates: []Certificate{rsaCertificate},
5898 // certificate selection callbacks run.
6118 Certificates: []Certificate{emptySCTListCert},
6137 Certificates: []Certificate{emptySCTCert},
6147 // Test that certificate-related extensions are not sent unsolicited.
6361 Certificates: []Certificate{rsaCertificate},
6368 "-require-any-client-certificate",
6391 Certificates: []Certificate{rsaChainCertificate},
7398 Certificates: []Certificate{rsaCertificate},
7412 Certificates: []Certificate{rsaCertificate},
7640 Certificates: []Certificate{getRunnerCertificate(alg.cert)},
7653 "-require-any-client-certificate",
7696 Certificates: []Certificate{getRunnerCertificate(alg.cert)},
7727 Certificates: []Certificate{getRunnerCertificate(alg.cert)},
7737 "-require-any-client-certificate",
7749 Certificates: []Certificate{getRunnerCertificate(alg.cert)},
7883 Certificates: []Certificate{rsaCertificate},
7892 "-require-any-client-certificate",
7903 Certificates: []Certificate{rsaCertificate},
7912 "-require-any-client-certificate",
8069 Certificates: []Certificate{rsaCertificate},
8077 flags: []string{"-require-any-client-certificate"},
8102 Certificates: []Certificate{rsaCertificate},
8111 flags: []string{"-require-any-client-certificate"},
8269 Certificates: []Certificate{ecdsaP256Certificate},
8281 Certificates: []Certificate{ecdsaP256Certificate},
8292 Certificates: []Certificate{ecdsaP256Certificate},
8304 Certificates: []Certificate{ecdsaP256Certificate},
8386 Certificates: []Certificate{ed25519Certificate},
8414 Certificates: []Certificate{ed25519Certificate},
8422 "-require-any-client-certificate",
8447 Certificates: []Certificate{ed25519Certificate},
8459 Certificates: []Certificate{ed25519Certificate},
8474 Certificates: []Certificate{rsaCertificate},
8492 Certificates: []Certificate{rsaCertificate},
8509 Certificates: []Certificate{rsaCertificate},
8531 Certificates: []Certificate{ed25519Certificate},
10216 Certificates: []Certificate{rsaCertificate},
10219 flags: []string{"-require-any-client-certificate"},
10230 Certificates: []Certificate{rsaCertificate},
10233 flags: []string{"-require-any-client-certificate"},
10396 Certificates: []Certificate{rsaCertificate},
10399 flags: []string{"-require-any-client-certificate"},
10409 Certificates: []Certificate{rsaCertificate},
10412 flags: []string{"-require-any-client-certificate"},
11140 Certificates: []Certificate{rsaCertificate},
11145 Certificates: []Certificate{ecdsaP256Certificate},
11815 // Test that a certificate chain with intermediate may be sent and
11824 Certificates: []Certificate{rsaChainCertificate},
11842 Certificates: []Certificate{rsaChainCertificate},
11849 "-require-any-client-certificate",
11860 // actually requesting a client certificate is a no-op.
11876 // Test that when retaining only a SHA-256 certificate is
11884 Certificates: []Certificate{rsaCertificate},
11899 // certificate chain.
11906 Certificates: []Certificate{rsaCertificate},
11927 Certificates: []Certificate{rsaCertificate},
11954 template := x509.Certificate{
11962 // An ECC certificate with only the keyAgreement key usgae may
11974 cert := Certificate{
11975 Certificate: [][]byte{derBytes},
11990 Certificates: []Certificate{cert},
