Various tests have been calling trustmanager.NewCertificate and
open-coding most of cryptoservice.GenerateCertificate. So, add
cryptoservice.GenerateTestingCertificate. It differs only by using
crypto.Signer instead of data.PrivateKey because the tests
have a crypto.Signer more frequently available, and converting
from data.PrivateKey to crypto.Signer is easier than the other way.
This will make it easier to add policy parameters which the tests don't
care about to trustmanager.NewCertificate and
cryptoservice.GenerateCertificate in the future.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This curve is not available on Fedora and RHEL systems, so removing the
reference allows tests to pass there. Vast majority of the
curve-specific work is done in the golang crypto/elliptic package, so
this does not weaken the tests noticeably.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Test for if client cert is passed without a client key and vice versa.
Fail in ConfigureClientTLS if only one of client cert/key is passed.
Lint fixes.
Signed-off-by: Ying Li <ying.li@docker.com>
Miloslav Trmač
Ying Li