Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
cert-manager
cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates.
Collective -
Host: opensource -
https://opencollective.com/cert-manager
- Website: https://cert-manager.io
- Code: https://github.com/cert-manager
The SSE code of chacha20poly1305 used PINSRB and PEXTRQ, which are only available
on machines su...
I pushed from the wrong terminal when addressing the comments on
https://golang.org/cl/31256/
C...
github.com/cert-manager/crypto - 1ed0c38df5ad473c1d85c1f6490fb2868601a1d3 authored about 8 years ago by Adam Langley <[email protected]>
Change-Id: I9c247e49a13788408b4fe49676520d608d8c4380
Reviewed-on: https://go-review.googlesource...
Fixes golang/go#17424
Change-Id: I49d6e475c173da6a31542931d555ab87cc45a1c6
Reviewed-on: https:/...
Updates golang/go#17422
Change-Id: Ie5f16e24f87b3d800f1182b5b09d6cf638135e33
Reviewed-on: https...
Change-Id: I88bb7859259c82cd77ab2d26b728143281761def
Reviewed-on: https://go-review.googlesource...
This change adds a package, chacha20poly1305, which implements the
ChaCha20-Poly1305 AEAD from R...
Since the wrapper files are called sum_đť‘Ą.go, it makes sense that the
assembly files would be nam...
This change updates the Poly1305 code in x/crypto to reflect some
comments from the review of
ht...
Previously this code bounded the values to [1, p-1]. This protects
against invalid values that c...
This change add a function select to correct response from a responder
that includes multiple ce...
Tests that Marshaling a parsed response
returns the same bytes as were parsed.
Use Marshal in C...
github.com/cert-manager/crypto - 0e69e08b8a4ea0fbd49846e211075f79ca0fff4f authored about 8 years ago by Roland Shoemaker <[email protected]>
This change adds a test that catches the bug which existed in
[https://go-review.googlesource.co...
This adds support for crypto.Signer-based RSA and ECDSA private keys.
This enables using opaque ...
When implemented by ssh.PublicKey types, the new CryptoPublicKey
interface exposes the public ke...
The RequestPty function takes the size arguments in the order height,
then width, instead of the...
Fixes golang/go#13902.
Adds public key authentication to the
password authentication example.
...
github.com/cert-manager/crypto - bde08f269ed27dc9a9c105465110825e04ab3d41 authored about 8 years ago by Emmanuel Odeke <[email protected]>
After discussion around an example SFTP implementation:
https://github.com/pkg/sftp/pull/54
it h...
Fixes golang/go#13085.
Change-Id: I2fcdd60e5e8db032d6fa3ce76198bdc7a63f3cf6
Reviewed-on: https:...
Add the conditional subtraction of 3 from 'h2' (register R10).
Change-Id: I75615b0375f050a5cd97...
github.com/cert-manager/crypto - 84e98f45760e87786b7f24603b8166a6fa09811d authored about 8 years ago by Andreas Auernhammer <[email protected]>Improve performance on amd64 through faster assembly.
name old time/op new time/op delta
64...
RSA and DSA keys if encrypted have the
phrase ENCRYPTED in their Proc-Type block
header accordin...
Change-Id: I9fe23643ae644c4cc4a36b14ad6efe99197c8beb
Reviewed-on: https://go-review.googlesource...
If a key is added to an agent keyring with constraints, honor them.
This will remove keys when t...
In the initial key exchange, a client has the option of sending a
guessed key exchange packet. T...
If no key is provided in the *acme.Client, one is generated, but it
is not cached. This means th...
Say the user wants to create a NewEntity, then Serialize the private and public
keys. Then call ...
NIST published a Keccak Code Package following the SHA-3 workshop
organized in 2014, containing ...
This change allows for more customizations when creating a tls-sni
challenge response.
Same rea...
github.com/cert-manager/crypto - e311231e83195f401421a286060d65643f9c9d40 authored over 8 years ago by Alex Vaghin <[email protected]>
ECDSA P-256 keys are smaller than RSA 2048 keys and signing
operations are faster.
Change-Id: I...
github.com/cert-manager/crypto - 0e31b188fd38db611d4fbab7de9373a95f36aae5 authored over 8 years ago by Jonathan Rudenberg <[email protected]>Fixes golang/go#17046
Change-Id: I7fa7e0b700212992125de32524801048b56ac5d1
Reviewed-on: https:/...
This change also gets the Manager closer to being able
to cleanup in short-lived HTTP servers ru...
As with other methods of the Client, this is an implementation
for the v2 version of the spec.
...
github.com/cert-manager/crypto - f944096df80415fafc888544caecaab86a991785 authored over 8 years ago by Alex Vaghin <[email protected]>
Signature#SignUserId was ignoring the error returned by userIdSignatureHash.
This error can happ...
Change-Id: I0b5001db9a3541592b4ac0d4bba760b974f9b1a0
Reviewed-on: https://go-review.googlesource...
The package was incorrectly importing both, x/net/context
and the new context packages.
This ch...
github.com/cert-manager/crypto - f160b6bf95857cd862817875dd958be022e587c4 authored over 8 years ago by Alex Vaghin <[email protected]>
An internal import slipped through in autocert renewal tests
during https://go-review.googlesour...
This moves all of internal/acme into the acme package,
making the lower level API accessible by ...
A cert renewal loop is started when a certificate is fetched
from cache for the first time or a ...
Name the example package "secretbox_test" so we use the public
interface for secretbox in exampl...
Some systems can only operate with a certain key type, for instance RSA,
which makes it impossib...
This change adds implementation for dns-01 challenge responses.
Change-Id: I22b2b304ca4a2caeec2...
github.com/cert-manager/crypto - 351dc6a5bf92a5f2ae22fadeee08eb6a45aa2d93 authored over 8 years ago by Alex Vaghin <[email protected]>
The current behaviour of the crypto/ssh server implementation is to
remove the username from Con...
It is quite often the case users need to poll an authorization until it
reaches a final state.
...
github.com/cert-manager/crypto - b35ccbc95a0eaae49fb65c5d627cb7149ed8d1ab authored over 8 years ago by Alex Vaghin <[email protected]>
Let's Encrypt may respond with the "valid" value in status
field to authorization requests:
http...
This change improves tests speed further by switching to EC keys where
possible.
We are also sw...
github.com/cert-manager/crypto - 7e016f1856e33d687a3a722085e249982e673aff authored over 8 years ago by Alex Vaghin <[email protected]>
A previous change, https://go-review.googlesource.com/25462, added
support only for encoding JWK...
Sanjay came up with this idea of a more flexible way
to place restrictions on the Manager using ...
nacl.cr.yp.to is available over HTTPS and presents a valid certificate, so
seems useful to use i...
This change adds RevokeCert method to Client, implemented as described
in https://tools.ietf.org...
This change makes the tests run considerably faster on GOARCH=386
by reducing test RSA keys to 5...
This makes http-01 handling more consistent with tls-sni-* methods
and, hopefully, future implem...
Package autocert provides automatic access to certificates
from Let's Encrypt and any other ACME...
I read the docs and wasn't sure how to use the package - what is
the best way to generate a nonc...
This change adds a context to all exported methods of Client
which may perform network requests,...
The latest ACME spec (v3) changed the wording to:
... the server MUST send one or more link...
github.com/cert-manager/crypto - 6575f7ea326e67d12b77872ff66f5ea15f8aefad authored over 8 years ago by Alex Vaghin <[email protected]>
- move required fields before optional in the Client struct
- prefix all errors with "acme: "
- ...
Let's Encrypt has always provided Account URI in a response
to any registration request (new, ge...
This is a split of https://go-review.googlesource.com/23970 (patch set 8)
to address only Client...
There's no need to PEM-encode key/cert pair to create a tls.Certificate.
All tls.X509KeyPair do...
github.com/cert-manager/crypto - 5f961cd492ac9d43fc33a8ef646bae79d113fd97 authored over 8 years ago by Alex Vaghin <[email protected]>
Change-Id: I4956b8277969718e70bb4f5f9893213b58e159fc
Reviewed-on: https://go-review.googlesource...
Current and N-1 versions of the spec adopted TLS-SNI-02, but Let's
Encrypt seems to support TLS-...
The WG has recently published v3 of the spec.
The package implementation is still at v2. So is L...
This came up in the discussion of issue #16194.
Change-Id: Ibb4cadf3be975377819eca2e41e0992794a...
github.com/cert-manager/crypto - bc89c496413265e715159bdc8478ee9a92fdc265 authored over 8 years ago by Han-Wen Nienhuys <[email protected]>
Rather than guessing at which terminal flags should be set or cleared by
MakeRaw, this change tr...
This failure is tracked already. Remove it from the dashboard
while it's fixed so it doesn't hid...
Change-Id: I46bb7721c081b8a9b0395a4f7c49b7f3e27bbc49
Reviewed-on: https://go-review.googlesource...
Allow Client.Register callers to report CA terms agreement,
simplifying the registration usage.
...
ASN.1 specification of `ResponseData` is:
ResponseData ::= SEQUENCE {
version ...
Introduced by me in 21536
Change-Id: I4a5f3507270a3d6eea9779508642ea5789d1efca
Reviewed-on: htt...
Add Directory to the Client fields. This removes ACME resource URL
argument from almost all of t...
According to RFC 4254 section 6.10, SSH server implementations may
omit the exit-status and exit...
The typos were found by misspell tool.
Change-Id: I120740f12f7ba48330749ebf84050a7b98e01016
Rev...
Change-Id: Iab40fe42454088a00abea61dfb6f368da9323eb3
Reviewed-on: https://go-review.googlesource...
Adds a new AuthMethod called "RetryableAuthMethod" which decorates any
other authmethod, allowin...
the client library already supports them.
Fixes golang/go#16096
Change-Id: Iaa117ee31f706301e8...
github.com/cert-manager/crypto - 811831de4c4dd03a0b8737233af3b36852386373 authored over 8 years ago by Peter Moody <[email protected]>Fixed a function comment.
Change-Id: I1185c0c849abbb8244c6282fa6036fa6939c3309
Reviewed-on: htt...
Change-Id: I1b968decc23de5b7f635dcbc4133b1ab3745ff88
Reviewed-on: https://go-review.googlesource...
Fixes golang/go#15953
Change-Id: Ia36b5422bef14609d512c3f5055a3bffad18ce0f
Reviewed-on: https:/...
Fixes golang/go#15701
Change-Id: I561701e38b9d434ef44448bdbcfab203f3c31d99
Reviewed-on: https:/...
If one of both sides is slow, the first kex completes implicitly. The
first kex also produces ms...
3des-cbc is an insecure cipher. As such, you must explictly add it to
Config in order to use it....
Added support for parsing the "new" openssh private key format.
(ed25519 keys only in this forma...
This ensures that extraneous key exchanges cannot confuse application
level code.
Change-Id: I1...
github.com/cert-manager/crypto - b76c864ef1dca1d8f271f917c290cddcce3d9e0d authored over 8 years ago by Han-Wen Nienhuys <[email protected]>
Make x/crypto/ssh tests compatible with recent OpenSSH versions.
This means not using rsa keys s...
A test RSA private key was missing "-" in the END delimiter.
While working fine with encoding/pe...
Remove mention of panic from HashIdToString doc.
Change-Id: If606dc1ebad53ef5c1b052fff36499af2b...
github.com/cert-manager/crypto - 019870fc9d457ee8abd13a2e93e3f2a3b55b7119 authored over 8 years ago by Artyom Pervukhin <[email protected]>
Change-Id: Ibb26269608e506e8a676c276f847d77fe7014ceb
Reviewed-on: https://go-review.googlesource...
In https://go-review.googlesource.com/#/c/21606/ , kexResult.SessionID
was erroneously not set f...
This change “graduates” the Ed25519 package from my personal GitHub
account to x/crypto. At this...
This allows the golang ssh-agent to support the full suite of keys
the library accepts.
Current...
github.com/cert-manager/crypto - e84a34b1eedf81a90fb4f502d02d64ad365ef937 authored over 8 years ago by Peter Moody <[email protected]>
Change-Id: I685ba7f30f1d2e2bc3c078c7bddb6d383a179113
Reviewed-on: https://go-review.googlesource...
Add an example for using the PublicKeys AuthMethod.
Change-Id: I3fe02bb3c9b8ccf313d72858328c857...
github.com/cert-manager/crypto - 7b428712abe956d0e9e1e9a01e163fb6c7171438 authored over 8 years ago by Scott Bell <[email protected]>
A previous fix to improve performance based on alignment
to sha3 was made in both ppc64le and pp...
Some ssh-agent clients expect the server to support remove all messages
for protocols 1 & 2 and ...
Although the signal and msg fields are assigned together, their
values originate from the remote...
Change-Id: I14d59509f22edf01827610a4ef4c50b53cbc8059
Reviewed-on: https://go-review.googlesource...
Originated from github.com/google/goacme.
This does not include goacme command line program
git...
This is done by running the key exchange and setting the session ID
under mutex. If the first ex...
The MakeRaw method should be returning the original state so that
it can be restored. However, ...