Lines Matching refs:Certificate
59 resourceDir = flag.String("resource-dir", ".", "The directory in which to find certificate and key files.")
133 rsaCertificate Certificate
134 rsa1024Certificate Certificate
135 rsaChainCertificate Certificate
136 ecdsaP224Certificate Certificate
137 ecdsaP256Certificate Certificate
138 ecdsaP384Certificate Certificate
139 ecdsaP521Certificate Certificate
140 ed25519Certificate Certificate
141 garbageCertificate Certificate
147 cert *Certificate
241 garbageCertificate.Certificate = [][]byte{[]byte("GARBAGE")}
245 func getRunnerCertificate(t testCert) Certificate {
251 panic("Unknown test certificate")
260 panic("Unknown test certificate")
269 panic("Unknown test certificate")
379 // certFile is the path to the certificate to use for the server.
466 // expectPeerCertificate, if not nil, is the certificate chain the peer
468 expectPeerCertificate *Certificate
537 config.Certificates = []Certificate{rsaCertificate}
710 if len(connState.PeerCertificates) != len(test.expectPeerCertificate.Certificate) {
711 return fmt.Errorf("expected peer to send %d certificates, but got %d", len(connState.PeerCertificates), len(test.expectPeerCertificate.Certificate))
714 if !bytes.Equal(cert.Raw, test.expectPeerCertificate.Certificate[i]) {
715 return fmt.Errorf("peer certificate %d did not match", i+1)
1521 "-expect-certificate-types",
1619 Certificates: []Certificate{rsaChainCertificate},
1626 "-require-any-client-certificate",
2935 // unencrypted certificate as well as application data.
2952 // unencrypted certificate as well as application data.
2973 // certificate as well as application data.
2990 // certificate as well as application data.
3036 cert.Certificate = append(cert.Certificate, cert.Certificate[0])
3041 Certificates: []Certificate{cert},
3048 Certificates: []Certificate{cert},
3052 // They are rejected if the maximum certificate chain length is capped.
3056 Certificates: []Certificate{cert},
3066 Certificates: []Certificate{cert},
3101 var cert Certificate
3174 Certificates: []Certificate{cert},
3199 Certificates: []Certificate{cert},
3227 Certificates: []Certificate{cert},
3252 Certificates: []Certificate{cert},
3385 // Test that clients enforce that the server-sent certificate and cipher
3392 Certificates: []Certificate{rsaCertificate},
3405 Certificates: []Certificate{ecdsaP256Certificate},
3418 Certificates: []Certificate{ed25519Certificate},
3428 // inconsistent with their configured certificate.
3591 Certificates: []Certificate{ecdsaP256Certificate},
3604 Certificates: []Certificate{ecdsaP256Certificate},
3709 // Add a dummy cert pool to stress certificate authority parsing.
3711 for _, cert := range []Certificate{rsaCertificate, rsa1024Certificate} {
3712 cert, err := x509.ParseCertificate(cert.Certificate[0])
3742 Certificates: []Certificate{rsaCertificate},
3745 flags: []string{"-require-any-client-certificate"},
3754 Certificates: []Certificate{ecdsaP256Certificate},
3757 flags: []string{"-require-any-client-certificate"},
3785 expectedLocalError: "client didn't provide a certificate",
3789 // Even if not configured to expect a certificate, OpenSSL will
3805 // If a client certificate is not provided, OpenSSL will still
3821 certificateRequired := "remote error: certificate required"
3834 flags: []string{"-require-any-client-certificate"},
3899 Certificates: []Certificate{rsaCertificate},
3906 "-require-any-client-certificate",
3917 Certificates: []Certificate{rsaCertificate},
3930 // Client auth is only legal in certificate-based ciphers.
3973 Certificates: []Certificate{rsaCertificate},
3979 "-require-any-client-certificate",
3990 Certificates: []Certificate{rsaCertificate},
3997 "-require-any-client-certificate",
4642 Certificates: []Certificate{rsaCertificate},
4644 flags: []string{"-require-any-client-certificate"},
4651 Certificates: []Certificate{rsaCertificate},
4653 flags: []string{"-require-any-client-certificate"},
4802 // Certificate verification tests.
4820 flags = append(flags, "-require-any-client-certificate")
4831 Certificates: []Certificate{rsaCertificate},
4842 Certificates: []Certificate{rsaCertificate},
4853 // certificate is verified but failures are non-fatal.
4859 Certificates: []Certificate{rsaCertificate},
6762 // certificate selection callbacks run.
6982 Certificates: []Certificate{emptySCTListCert},
7001 Certificates: []Certificate{emptySCTCert},
7011 // Test that certificate-related extensions are not sent unsolicited.
7225 Certificates: []Certificate{rsaCertificate},
7232 "-require-any-client-certificate",
7255 Certificates: []Certificate{rsaChainCertificate},
8315 Certificates: []Certificate{rsaCertificate},
8329 Certificates: []Certificate{rsaCertificate},
8557 Certificates: []Certificate{getRunnerCertificate(alg.cert)},
8570 "-require-any-client-certificate",
8613 Certificates: []Certificate{getRunnerCertificate(alg.cert)},
8644 Certificates: []Certificate{getRunnerCertificate(alg.cert)},
8654 "-require-any-client-certificate",
8666 Certificates: []Certificate{getRunnerCertificate(alg.cert)},
8800 Certificates: []Certificate{rsaCertificate},
8809 "-require-any-client-certificate",
8820 Certificates: []Certificate{rsaCertificate},
8829 "-require-any-client-certificate",
8986 Certificates: []Certificate{rsaCertificate},
8994 flags: []string{"-require-any-client-certificate"},
9019 Certificates: []Certificate{rsaCertificate},
9028 flags: []string{"-require-any-client-certificate"},
9171 Certificates: []Certificate{ecdsaP256Certificate},
9183 Certificates: []Certificate{ecdsaP256Certificate},
9194 Certificates: []Certificate{ecdsaP256Certificate},
9206 Certificates: []Certificate{ecdsaP256Certificate},
9288 Certificates: []Certificate{ed25519Certificate},
9316 Certificates: []Certificate{ed25519Certificate},
9324 "-require-any-client-certificate",
9349 Certificates: []Certificate{ed25519Certificate},
9361 Certificates: []Certificate{ed25519Certificate},
9376 Certificates: []Certificate{rsaCertificate},
9394 Certificates: []Certificate{rsaCertificate},
9411 Certificates: []Certificate{rsaCertificate},
9433 Certificates: []Certificate{ed25519Certificate},
11521 Certificates: []Certificate{rsaCertificate},
11524 flags: []string{"-require-any-client-certificate"},
11535 Certificates: []Certificate{rsaCertificate},
11538 flags: []string{"-require-any-client-certificate"},
11701 Certificates: []Certificate{rsaCertificate},
11704 flags: []string{"-require-any-client-certificate"},
11714 Certificates: []Certificate{rsaCertificate},
11717 flags: []string{"-require-any-client-certificate"},
12687 Certificates: []Certificate{rsaCertificate},
12692 Certificates: []Certificate{ecdsaP256Certificate},
13383 Certificates: []Certificate{rsaChainCertificate},
13393 "-require-any-client-certificate",
13405 Certificates: []Certificate{rsaChainCertificate},
13597 // Test that a certificate chain with intermediate may be sent
13605 Certificates: []Certificate{rsaChainCertificate},
13623 Certificates: []Certificate{rsaChainCertificate},
13630 "-require-any-client-certificate",
13642 Certificates: []Certificate{garbageCertificate},
13656 Certificates: []Certificate{garbageCertificate},
13659 flags: []string{"-require-any-client-certificate"},
13671 // actually requesting a client certificate is a no-op.
13687 // Test that when retaining only a SHA-256 certificate is
13695 Certificates: []Certificate{rsaCertificate},
13710 // certificate chain.
13717 Certificates: []Certificate{rsaCertificate},
13738 Certificates: []Certificate{rsaCertificate},
13765 template := x509.Certificate{
13773 // An ECC certificate with only the keyAgreement key usgae may
13785 cert := Certificate{
13786 Certificate: [][]byte{derBytes},
13801 Certificates: []Certificate{cert},
