exhaustive checks on DC tests

[armfazh]

In TestDCHandshakeServerAuth, the external loop iterates over the dcTests, and the internal loops over the signatureSchemes. It seems that the test is not executing all the combinations of (dcTests, signatureSchemes), is this the intended test?
Inspecting the dcCounter value, it runs from 0 to Len only for the first test case.

	for i, test := range dcTests {
		clientConfig.SupportDelegatedCredential = test.clientDCSupport
+		t.Logf("dcCounter: %v\n", dcCounter)
		for dcCounter < len(dcTestDCScheme)-1 {
			if test.serverDCSupport {
				serverConfig.GetDelegatedCredential = testGetDelegatedCredential
				dcCounter++
			} else {
				serverConfig.GetDelegatedCredential = nil
			}

[claucece]

Yes, it is expected. It is really not needed to test all the conditions as the other ones will fail one way or another. The added of a dcCounter was a request, which I think is unnecessary as it tests with every possible algorithm the tls connection (while in truthness if the DC is able to be created and validated, then it should work).

I expected to change the way DC test work when the new API lands (next week when I return to work): the usage of callbacks make it almost impossible to check with different algos and variables.

[claucece]

I'm going to leave this open for a while until the design of the new API is taken into account.

[armfazh]

the usage of callbacks make it almost impossible to check with different algos and variables

it is possible to create a factory of functions, so each produced function must use one combination of dc and signature scheme.

[claucece]

it is possible to create a factory of functions, so each produced function must use one combination of dc and signature scheme.

The callbacks will likely disappear in the new API by using the cert ones, so no need of it then.

[claucece]

Solved now.