Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 20 for VerifiedChains (0.52 sec)

  2. github.com/istio/istio

    security/pkg/server/ca/authenticate/cert_authenticator.go 

    // with proper TLS configuration.
func (cca *ClientCertAuthenticator) authenticateHTTP(req *http.Request) (*security.Caller, error) {
	if req.TLS == nil || req.TLS.VerifiedChains == nil {
		return nil, fmt.Errorf("no client certificate is presented")
	}

	chains := req.TLS.VerifiedChains
	if len(chains) == 0 || len(chains[0]) == 0 {
		return nil, fmt.Errorf("no verified chain is found")
	}

	ids, err := util.ExtractIDs(chains[0][0].Extensions)
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Jul 19 02:12:12 UTC 2022
    - 3.1K bytes
    - Viewed (0)
  3. github.com/golang/go

    src/crypto/tls/ticket.go 

    			c, err := globalCertCache.newCert(cert)
			if err != nil {
				return nil, err
			}
			ss.activeCertHandles = append(ss.activeCertHandles, c)
			chain = append(chain, c.cert)
		}
		ss.verifiedChains = append(ss.verifiedChains, chain)
	}
	if ss.EarlyData {
		var alpn []byte
		if !readUint8LengthPrefixed(&s, &alpn) {
			return nil, errors.New("tls: invalid session encoding")
		}
		ss.alpnProtocol = string(alpn)
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Wed May 22 17:23:54 UTC 2024
    - 12.6K bytes
    - Viewed (0)
  4. github.com/istio/istio

    tests/fuzz/security_fuzzer.go 

    	ctx := context.Background()

	certChain, err := fuzzedCertChain(f)
	if err != nil {
		return 0
	}
	tlsInfo := credentials.TLSInfo{
		State: tls.ConnectionState{VerifiedChains: certChain},
	}

	mockIPAddr := &net.IPAddr{IP: net.IPv4(192, 168, 1, 1)}
	p := &peer.Peer{Addr: mockIPAddr, AuthInfo: tlsInfo}

	ctx = peer.NewContext(ctx, p)
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Feb 28 16:41:38 UTC 2024
    - 3.2K bytes
    - Viewed (0)
  5. github.com/golang/go

    src/crypto/tls/handshake_messages_test.go 

    		}
	}
	if len(s.peerCertificates) > 0 {
		for i := 0; i < rand.Intn(3); i++ {
			if rand.Intn(10) > 5 {
				s.verifiedChains = append(s.verifiedChains, s.peerCertificates)
			} else {
				s.verifiedChains = append(s.verifiedChains, s.peerCertificates[:1])
			}
		}
	}
	if rand.Intn(10) > 5 && s.EarlyData {
		s.alpnProtocol = string(randomBytes(rand.Intn(10), rand))
	}
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Thu May 23 03:10:12 UTC 2024
    - 15.7K bytes
    - Viewed (0)
  6. github.com/golang/go

    src/crypto/tls/tls_test.go 

    			}

			if len(ss.VerifiedChains) != 1 || len(cs.VerifiedChains) != 1 {
				t.Errorf("Got %d (server) and %d (client) verified chains, expected %d", len(ss.VerifiedChains), len(cs.VerifiedChains), 1)
			} else if len(ss.VerifiedChains[0]) != 2 || len(cs.VerifiedChains[0]) != 2 {
				t.Errorf("Got %d (server) and %d (client) long verified chain, expected %d", len(ss.VerifiedChains[0]), len(cs.VerifiedChains[0]), 2)
			}
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Thu May 23 03:10:12 UTC 2024
    - 60.5K bytes
    - Viewed (0)
  7. github.com/golang/go

    src/crypto/tls/handshake_client.go 

    	hs.masterSecret = hs.session.secret
	c.extMasterSecret = hs.session.extMasterSecret
	c.peerCertificates = hs.session.peerCertificates
	c.activeCertHandles = hs.c.activeCertHandles
	c.verifiedChains = hs.session.verifiedChains
	c.ocspResponse = hs.session.ocspResponse
	// Let the ServerHello SCTs override the session SCTs from the original
	// connection, if any are provided
	if len(c.scts) == 0 && len(hs.session.scts) != 0 {
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Thu May 23 03:10:12 UTC 2024
    - 38.6K bytes
    - Viewed (0)
  8. github.com/golang/go

    src/crypto/tls/handshake_client_test.go 

    			t.Fatalf("%s resumed: %v, expected: %v", test, hs.DidResume, didResume)
		}
		if didResume && (hs.PeerCertificates == nil || hs.VerifiedChains == nil) {
			t.Fatalf("expected non-nil certificates after resumption. Got peerCertificates: %#v, verifiedCertificates: %#v", hs.PeerCertificates, hs.VerifiedChains)
		}
		if got, want := hs.ServerName, clientConfig.ServerName; got != want {
			t.Errorf("%s: server name %s, want %s", test, got, want)
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Thu May 23 03:10:12 UTC 2024
    - 88.7K bytes
    - Viewed (0)
  9. github.com/istio/istio

    security/pkg/server/ca/authenticate/cert_authenticator_test.go 

    		},
	}

	auth := &ClientCertAuthenticator{}

	for id, tc := range testCases {
		ctx := context.Background()
		if tc.certChain != nil {
			tlsInfo := credentials.TLSInfo{
				State: tls.ConnectionState{VerifiedChains: tc.certChain},
			}
			p := &peer.Peer{AuthInfo: tlsInfo}
			ctx = peer.NewContext(ctx, p)
		}
		if tc.fakeAuthInfo != nil {
			ctx = peer.NewContext(ctx, &peer.Peer{AuthInfo: tc.fakeAuthInfo})
		}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Jan 05 01:20:59 UTC 2024
    - 3.2K bytes
    - Viewed (0)
  10. github.com/golang/go

    src/crypto/tls/handshake_server.go 

    	}

	c.peerCertificates = sessionState.peerCertificates
	c.ocspResponse = sessionState.ocspResponse
	c.scts = sessionState.scts
	c.verifiedChains = sessionState.verifiedChains
	c.extMasterSecret = sessionState.extMasterSecret
	hs.sessionState = sessionState
	hs.suite = suite
	c.didResume = true
	return nil
}
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Wed May 22 21:30:50 UTC 2024
    - 27.6K bytes
    - Viewed (0)
  11. github.com/istio/istio

    pkg/security/mock.go 

    	}

	if authType := p.AuthInfo.AuthType(); authType != "tls" {
		return fmt.Errorf("unsupported auth type: %q", authType)
	}

	tlsInfo := p.AuthInfo.(credentials.TLSInfo)
	chains := tlsInfo.State.VerifiedChains
	if len(chains) == 0 || len(chains[0]) == 0 {
		return fmt.Errorf("no verified chain is found")
	}

	ids, err := util.ExtractIDs(chains[0][0].Extensions)
	if err != nil {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue May 23 17:08:31 UTC 2023
    - 4.5K bytes
    - Viewed (0)
Back to top