Search Options

Results per page
Sort
Preferred Languages
Advance

Results 11 - 20 of 32 for AddCert (0.23 sec)

  2. github.com/golang/go

    src/crypto/x509/hybrid_pool_test.go 

    	}
	opts := x509.VerifyOptions{Roots: pool}

	_, err = googChain[0].Verify(opts)
	if err != nil {
		t.Fatalf("verification failed for google.com chain (system only pool): %s", err)
	}

	pool.AddCert(root)

	_, err = googChain[0].Verify(opts)
	if err != nil {
		t.Fatalf("verification failed for google.com chain (hybrid pool): %s", err)
	}

	certTmpl := &x509.Certificate{
		SerialNumber: big.NewInt(1),
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Mon Feb 26 20:48:11 UTC 2024
    - 3.7K bytes
    - Viewed (0)
  3. github.com/istio/istio

    security/pkg/k8s/chiron/utils.go 

    		return nil, nil, fmt.Errorf("failed to append CA certificate")
	}
	intermediates := x509.NewCertPool()
	if len(certsParsed) > 1 {
		for _, cert := range certsParsed[1:] {
			intermediates.AddCert(cert)
		}
	}
	_, err = certsParsed[0].Verify(x509.VerifyOptions{
		Roots:         roots,
		Intermediates: intermediates,
	})
	if err != nil {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Apr 05 18:11:22 UTC 2024
    - 9.2K bytes
    - Viewed (0)
  4. github.com/golang/go

    src/crypto/tls/boring_test.go 

    				t.Errorf("%s: BAD accept", desc)
			}
		}
	}

	// Run simple basic test with known answers before proceeding to
	// exhaustive test with computed answers.
	r1pool := x509.NewCertPool()
	r1pool.AddCert(R1.cert)
	testServerCert(t, "basic", r1pool, L2_I.key, [][]byte{L2_I.der, I_R1.der}, true)
	testClientCert(t, "basic (client cert)", r1pool, L2_I.key, [][]byte{L2_I.der, I_R1.der}, true)
	fipstls.Force()
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Wed May 22 21:45:37 UTC 2024
    - 19.4K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/phases/certs/certlist_test.go 

    		t.Fatal(err)
	}

	caCert, _ := parseCertAndKey(filepath.Join(dir, "test-ca"), t)
	daughterCert, _ := parseCertAndKey(filepath.Join(dir, "test-daughter"), t)

	pool := x509.NewCertPool()
	pool.AddCert(caCert)

	_, err = daughterCert.Verify(x509.VerifyOptions{
		DNSName:   "test-domain.space",
		Roots:     pool,
		KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
	})
	if err != nil {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 01 16:01:49 UTC 2024
    - 8.8K bytes
    - Viewed (0)
  6. github.com/golang/go

    src/crypto/tls/handshake_client_test.go 

    // works.
func TestHandshakeClientCertRSAPSS(t *testing.T) {
	cert, err := x509.ParseCertificate(testRSAPSSCertificate)
	if err != nil {
		panic(err)
	}
	rootCAs := x509.NewCertPool()
	rootCAs.AddCert(cert)

	config := testConfig.Clone()
	// Use GetClientCertificate to bypass the client certificate selection logic.
	config.GetClientCertificate = func(*CertificateRequestInfo) (*Certificate, error) {
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Thu May 23 03:10:12 UTC 2024
    - 88.7K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates/tlsconfig.go 

    			}

			newClientCAPool.AddCert(cert)
		}

		newTLSConfigCopy.ClientCAs = newClientCAPool
	}

	if len(newContent.servingCert.cert) > 0 && len(newContent.servingCert.key) > 0 {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Sat May 04 18:33:12 UTC 2024
    - 10.3K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/authentication/request/x509/x509_test.go 

    PKJQCs0CM0zkesktuLi/gFpuB0nEwyOgLg==
-----END CERTIFICATE-----`
)

func TestX509(t *testing.T) {
	multilevelOpts := DefaultVerifyOptions()
	multilevelOpts.Roots = x509.NewCertPool()
	multilevelOpts.Roots.AddCert(getCertsFromFile(t, "root")[0])

	testCases := map[string]struct {
		Insecure bool
		Certs    []*x509.Certificate

		Opts x509.VerifyOptions
		User UserConversion

		ExpectUserName string
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu May 02 23:23:03 UTC 2024
    - 36.9K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pkg/spiffe/spiffe_test.go 

    			h.statusCode = c.statusCode

			caCertPool, err := x509.SystemCertPool()
			if err != nil {
				t.Fatalf("failed to get SystemCertPool: %v", err)
			}
			for _, cert := range c.extraCerts {
				caCertPool.AddCert(cert)
			}

			// This is the system-under-test.
			rootCertMap, err := RetrieveSpiffeBundleRootCerts(c.in, caCertPool, time.Millisecond*50)

			if c.errContains != "" {
				if err == nil {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu May 23 21:07:03 UTC 2024
    - 18.1K bytes
    - Viewed (0)
  10. github.com/golang/go

    src/crypto/tls/bogo_shim_test.go 

    			log.Fatalf("load trust-cert err: %s", err)
		}
		block, _ := pem.Decode(certFile)
		cert, err := x509.ParseCertificate(block.Bytes)
		if err != nil {
			log.Fatalf("parse trust-cert err: %s", err)
		}
		pool.AddCert(cert)
		cfg.RootCAs = pool
	}

	if *requireAnyClientCertificate {
		cfg.ClientAuth = RequireAnyClientCert
	}
	if *verifyPeer {
		cfg.ClientAuth = VerifyClientCertIfGiven
	}
    Registered: Wed Jun 12 16:32:35 UTC 2024
    - Last Modified: Tue Jun 11 17:25:39 UTC 2024
    - 12.6K bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/util/pkiutil/pki_helpers.go 

    func VerifyCertChain(cert *x509.Certificate, intermediates []*x509.Certificate, root *x509.Certificate) error {
	rootPool := x509.NewCertPool()
	rootPool.AddCert(root)

	intermediatePool := x509.NewCertPool()
	for _, c := range intermediates {
		intermediatePool.AddCert(c)
	}

	verifyOptions := x509.VerifyOptions{
		Roots:         rootPool,
		Intermediates: intermediatePool,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 01 16:01:49 UTC 2024
    - 25.5K bytes
    - Viewed (0)
Back to top