Home | History | Annotate | Download | only in x509

Lines Matching full:certificate

119 type certificate struct {
625 // A Certificate represents an X.509 certificate.
626 type Certificate struct {
627 	Raw                     []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature).
628 	RawTBSCertificate       []byte // Certificate part of raw ASN.1 DER content.
714 // a certificate. For example: checking a signature when the public key isn't a
715 // certificate signing key.
719 	return "x509: invalid signature: parent certificate cannot sign this kind of certificate"
722 func (c *Certificate) Equal(other *Certificate) bool {
726 // Entrust have a broken root certificate (CN=Entrust.net Certification
727 // Authority (2048)) which isn't marked as a CA certificate and is thus invalid
729 // We recognise this certificate by its SubjectPublicKeyInfo and exempt it
777 func (c *Certificate) CheckSignatureFrom(parent *Certificate) error {
780 	// certificate, or the extension is present but the cA boolean is not
782 	// certificate signatures."
805 func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) error {
877 func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) error {
1067 				err = errors.New("x509: certificate contained IP address of length " + strconv.Itoa(len(v.Bytes)))
1076 func parseCertificate(in *certificate) (*Certificate, error) {
1077 	out := new(Certificate)
1287 				// RFC 5280 4.2.1.4: Certificate Policies
1292 					return nil, errors.New("x509: trailing data after X.509 certificate policies")
1336 // ParseCertificate parses a single certificate from the given ASN.1 DER data.
1337 func ParseCertificate(asn1Data []byte) (*Certificate, error) {
1338 	var cert certificate
1352 func ParseCertificates(asn1Data []byte) ([]*Certificate, error) {
1353 	var v []*certificate
1356 		cert := new(certificate)
1365 	ret := make([]*Certificate, len(v))
1454 func buildExtensions(template *Certificate) (ret []pkix.Extension, err error) {
1630 func subjectBytes(cert *Certificate) ([]byte, error) {
1709 // CreateCertificate creates a new certificate based on a template. The
1715 // The certificate is signed by parent. If parent is equal to template then the
1716 // certificate is self-signed. The parameter pub is the public key of the
1719 // The returned slice is the certificate in DER encoding.
1723 func CreateCertificate(rand io.Reader, template, parent *Certificate, pub, priv interface{}) (cert []byte, err error) {
1726 		return nil, errors.New("x509: certificate private key does not implement crypto.Signer")
1800 	return asn1.Marshal(certificate{
1840 // CreateCRL returns a DER encoded CRL, signed by this Certificate, that
1842 func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts []pkix.RevokedCertificate, now, expiry time.Time) (crlBytes []byte, err error) {
1845 		return nil, errors.New("x509: certificate private key does not implement crypto.Signer")
1902 // CertificateRequest represents a PKCS #10, certificate signature request.
1905 	RawTBSCertificateRequest []byte // Certificate request info part of raw ASN.1 DER content.
1941 // These structures reflect the ASN.1 structure of X.509 certificate
2028 // CreateCertificateRequest creates a new certificate request based on a template.
2033 // The returned slice is the certificate request in DER encoding.
2040 		return nil, errors.New("x509: certificate private key does not implement crypto.Signer")
2184 // ParseCertificateRequest parses a single certificate request from the