To facilitate testing of methods in other GOOSs we need plan9 to
be able to build and run the te...

Previously, only V4 signatures were allowed in PGP messages,
and attempts to digest a message wi...

This ensures that higher level parts (e.g. the client authentication
loop) never have to deal wi...

Fixes golang/go#14941

Change-Id: I2b3a976d451d311519fab6cdabdc98a4a4752e31
Reviewed-on: https:/...

Change the build tags for xor.go and xor_unaligned.go
to perform better on ppc64/ppc64le.

This ...

Add support for creating and signing with ECDSA OpenPGP keys

Change-Id: I6d530325ab801ba800187b...

This was incorrect in crypto/x509 and go copied here.
See https://go-review.googlesource.com/#/c...

When parsing a truncated clearsigned message (one that includes the
opening header but no armore...

Change-Id: I373fdbb6351d71b12fcfed31cf4b08975a443294
Reviewed-on: https://go-review.googlesource...

Previously, OCSP errors (like “malformed request”, not “that certificate
is revoked”) were inten...

Change-Id: I9258ecf2b38258e31bcb6e73ac042ad8125fd2d1
Reviewed-on: https://go-review.googlesource...

When writing keys that contain ElGamal subkeys, the openpgp
package would previously return an e...

Cryptographic flaws are so hard to kill it can only be a matter of time
before they start crying...

No test, though, because I don't know this code. Sad that it passes
with the typo, though.

Fixe...

Some current uses of OCSP require extensions. In particular, Certificate
Transparency (RFC 6962)...

The Remove method for the keyring sliced the internal keys list
incorrectly when removing a key....

Change-Id: Ibb071aa550ca7392543c2d1eba8f8a69ba1d86fa
Reviewed-on: https://go-review.googlesource...

We have clang-format these days to eliminate any worries about C-code
formatting.

Change-Id: I8...

The test for this package contains a test case (disabled by default)
that exercises the code aga...

Since the test against libotr (disabled by default) runs forever, any
errors should be fatal oth...

The OTR implementation had a bug where key slots would not be marked as
unused after a rehandsha...

cound -> could
Also change fmt.Errorf -> errors.New for consistency.

Change-Id: I0b6900a76b70cd...

Change-Id: Icebde4a001b220a64aa4bcddd206484feed5ad79
Reviewed-on: https://go-review.googlesource...

* The other side is left hanging, waiting for their chance to do the
comparison.

Change-Id:...

A bug in the PBKDF implementation in the pkcs12 package caused certain
inputs to produce the wro...

Package pkcs12 provides some Go implementations of PKCS#12.
This implementation is distilled fro...

SymmetricKeyEncrypted cached the results of decryption so, if a bad
password was given, ReadMess...

280be00 introduced custom server versions; however, at least OpenSSH
clients do not accept a ser...

This adds a NewSignerFromSigner to crypto/ssh which takes a
crypto.Signer and turns it into an s...

The existing implementation did not save all the fields in keySlot, which not
only caused a cach...

Change parseECDSA() to unmarshal the key's contents into a struct
representing the wire format, ...

Fixes #12242

Change-Id: Ie40e84bc9e7db390219d85a7eddea99accb19cb8
Reviewed-on: https://go-revie...

clearsign.Encode currently creates bad signatures for inputs containing
lines that that consist ...

The error message reported by the ssh client when it can't find a
"cipher" in common between the...

In the initial patch enabling generation of OCSP responses, the Reason
field in the revokedInfo ...

The current ARM implementation assumes that the input message
is memory aligned and so it ca...

Unblock writers if a read error occurs while writers are blocked on a
pending key change.

Add t...

Change-Id: I6022d669946a7cb3403757a7c0dbf21a474e1c95
Reviewed-on: https://go-review.googlesource...

Fixes golang/go#11004.

Change-Id: Ic37cf9d620e3397b7ad769ae16abdaee63a7733b
Reviewed-on: https:...

Change-Id: I9d775d6e9c39bee1f2bf914ba3659acb6b0029dd
Reviewed-on: https://go-review.googlesource...

The current implementation is not compliant with the ASN.1 structure
for an OCSP response in RFC...

If the channel open request failed, a nil channel would be provided to
DiscardRequests, which wo...

Fixes golang/go#11722.

Change-Id: I4fa2a1db14050151f9269427ca35cf7ebd21440a
Reviewed-on: https:...

Update golang/go#11811

The increased default concurrency in Go 1.5 showed up a test flake in
th...

Fixes golang/go#11882

If an error occurs during handshakeTransport.writePacket the lock may not...

Updates golang/go#7797.

Change-Id: I7aa57f3fb812ecf644c8f8c065848938868e473b
Reviewed-on: https...

TEA is still in use, particularly in old software.

The algorithm is described at,
http://www.ci...

parseRSAPrivateKey calls rsa.PrivateKey.Precompute which triggers
divide-by-zero panic if either...

Fixes golang/go#6693.

Change-Id: I7322e107bd5f7ad07062dcaadeaa3e85a101015a
Reviewed-on: https:/...

Found using gofuzz.

Fixes golang/go#11504

Change-Id: I49cf01e75e37c5d87dad58c5349161d79d0b72f5...

Some invalid input may be parsed so that the length of an opaque
subpacket turns out to be 0. In...

The ssh-agent protocol allows the usage of keys and certs added to a
given agent to be constrain...

Change-Id: I65ebae299f272d5f1367ca4c2e47e51f9c392b6a
Reviewed-on: https://go-review.googlesource...

Comment in Agent made to conform the godoc style.

Change-Id: I4e1e8ce1a15ca346715fae257ae2178f5...

This is the same as https://golang.org/cl/154120043

Since the file textflag.h is not available ...

Fixes golang/go#11603

Change-Id: I019af73f5e036b47b8bd6c4a5541c06b97b44f11
Reviewed-on: https:/...

Thanks to Matt Goodall for pointing this out.

Change-Id: I30225299de2a6aba381f38bd753672c1137c3...

Fixes #11348

Change-Id: If083744343256a2a53eb813411ba0c9a359d6dbd
Reviewed-on: https://go-revie...

Change-Id: Ib9ef560da02d5d0273eb85137f41253f7cdbe756
Reviewed-on: https://go-review.googlesource...

Currently using go-fuzz with code using golang.org/x/crypto/ssh fails
because it passes CertTime...

Change-Id: I0c84f11fb74ee478617deb1b743a759c9f789101
Reviewed-on: https://go-review.googlesource...

Extra space added by 'gofmt -w' to align key/value columns
in the new test (TestParseCertWithOpt...

Section 11.1 of RFC4880 requires that binding signatures on
signing subkeys contain a valid embe...

Change-Id: I5ae662e95d9f0f0cbcbf0b15b6c7c52c51521cca
Reviewed-on: https://go-review.googlesource...

OCSP responders sometimes rely on pre-generated responses to increase
performance. In such cases...

The new function allows an existing encrypted key packet
to be serialized to a Writer.

Change-I...

This deprives an attacker of feedback for guesses against the packet
length given by the connect...

If the system is using UTC, then time.Now().loc != time.UTC().loc,
so it should not use reflect....

Fix compilation of poly1305 using go tip - it currently fails with:

./poly1305_arm.s:124: canno...

This change adds ARMv6 assembly implementation. The referenced assembly code was
the public ...

Fixes golang/go#10274

Change-Id: Id8386828ee92ccc6cba5197831cdb8b2ce0cd648
Reviewed-on: https:/...

Change-Id: I58fdfbe00fcc4ca09da9699edcc181cc512feef7
Reviewed-on: https://go-review.googlesource...

A carefully crafted packet can cause the packet reader to push an
infinite number of recursive p...

Attention - BREAKING change for the certificates generated with
the previous versions of crypto/...

Changed code.google.com repository links to the current
golang.org/x/crypto/ssh (except Gerrit h...

Minor change - updated the links to the ssh PROTOCOL.* docs.
Currently the [PROTOCOL...] links i...

Change-Id: I84713a4173d9de4cd3d14991b8a47c9fbae7dcfd
Reviewed-on: https://go-review.googlesource...

The aes128cbc cipher is commented out in cipher.go on purpose, anyone wants to
use the cipher ne...

Updates: golang/go#9845

Change-Id: I78ce460d2a188ee13dd3f80015919a14eba03d07
Reviewed-on: https...

See golang.org/cl/4131 for context.

Change-Id: I050ffde0bec2c2fd639e028e1abb22a720e1b2eb
Review...

Change-Id: Ib52f590ff2bfd44acfd37eb3bb545180f157a135
Reviewed-on: https://go-review.googlesource...

The current content of the ocsp module is focused on the processing needed to implement an OCSP ...

SessionID() returned nil previously.

Fixes #9761.

Change-Id: I53d2b347571d21eab2d913c2228e8599...

Fixes golang/go#9747

Move the example tests to an external test package so that they
must expli...

Change the location of the KAT data for consistency with
other packages.

Change-Id: Ica10ad7d17...

Speedup of about 1.4x on x64. Added benchmarks that use the
ShakeHash interface, which doesn't r...

The slice returned is constructed with both a pre-set length and
append() resulting in a slice t...

packet/packet.go: add ECDSA to the algorithms in CanSign()
packet/signature.go: add support for ...

The SSH server does not allow for setting a version string in the same
manner as the client. Th...

Fixes #9281

Change-Id: I15c448ec0fe8155b5e30e0aabdb48ea1d8504042
Reviewed-on: https://go-review...

SetSize has a problem may cause the following ReadPassword setting
temporary prompt not working,...

Change-Id: I33240faf1b8620d0cd600de661928d8e422ebdbc
Reviewed-on: https://go-review.googlesource...

This is a followup to https://golang.org/cl/176080043/. That
change didn't handle the case of a ...

This patch allows the user to choose the strength of the
passphrase mangling during the process ...

Some terminals support a mode where pasted text is bracketed by escape sequences. This is very u...

LGTM=bradfitz
R=rsc, bradfitz
CC=golang-codereviews
https://golang.org/cl/167190043

In my notes I had Home and End down as OH and OF. But that's nonsense, they are [H and ]F.
I nev...

Fixes golang/go#9040.

(Note: can't compile or test this one prior to committing.)

LGTM=iant, b...