Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/ooni/oocrypto
Fork of Go crypto/tls with extra patches from the OONI team
https://github.com/ooni/oocrypto
chore: sync with go1.20.12
831ed11e604d748975d70e5a0ad53b2f8622f0cb authored about 1 year ago by Simone Basso <[email protected]>7c392d37ca785390aa386910c6bfb522dea5305e authored about 1 year ago by Simone Basso <[email protected]>
See https://github.com/ooni/probe/issues/2556
3d3574d8a782d013099f517a2eb7399ed5639785 authored about 1 year ago by Simone Basso <[email protected]>This reverts CL 545356.
Reason for revert: 1.20 still supports Windows versions before
ProcessP...
RtlGenRandom is a semi-undocumented API, also known as
SystemFunction036, which we use to genera...
chore: prepare for merging from go1.20.11
bcdda87e4e47d62caebc6d816759f3ec8590f032 authored about 1 year ago by Simone Basso <[email protected]>7f0d329c840738585be6e86b8704f0b7d3f09fe6 authored about 1 year ago by Simone Basso <[email protected]>
chore: prepare for merging with go1.20.10
da418b9d57eb8c6e63eac5e34c8317e6be0be783 authored about 1 year ago by Simone Basso <[email protected]>Part of https://github.com/ooni/probe/issues/2524
440e46048dba8ea2c17c87ca03e6c40a25a32500 authored about 1 year ago by Simone Basso <[email protected]>Part of https://github.com/ooni/probe/issues/2524
2dfb6ffc70b533265e9973cd7e6d1c9b4180469c authored about 1 year ago by Simone Basso <[email protected]>8a0f3db02c130b04323bc057e3294cea025c2f50 authored about 1 year ago by Simone Basso <[email protected]>
The newly added code was using internal/godebug, which we cannot use
because we're not in the st...
60122706ee327ba43948371959cfb778e71aa754 authored about 1 year ago by Simone Basso <[email protected]>
16e728e3937fcae1d8314634d2f263e68af59d08 authored about 1 year ago by Simone Basso <[email protected]>
Add a new GODEBUG setting, tlsmaxrsasize, which allows controlling the
maximum RSA key size we w...
Extremely large RSA keys in certificate chains can cause a client/server
to expend significant C...
Part of https://github.com/ooni/probe/issues/2503
d4e3826cee6d898bcb5fc6360114b0db8a85e7ab authored over 1 year ago by Simone Basso <[email protected]>chore: update to go1.20.6
Part of https://github.com/ooni/probe/issues/2503
f218e4bcd464c6a86e034cc8883762d756e03d80 authored over 1 year ago by Simone Basso <[email protected]>
Conflicts:
ecdsa/ecdsa.go
ecdsa/ecdsa_test.go
x509/verify_test.go
See https://github.com/ooni/probe/issues/2503
e87a93d510bbcff9902ce128f4a7dc8ee3ab192d authored over 1 year ago by Simone Basso <[email protected]>
Due to the semantics of roots, a root store may contain two valid roots
that have the same subje...
Before, if a hash was exactly 66 bytes long, we weren't truncating it
for use with P-521, becaus...
chore: update to go1.20.5
f3d6c4c64f1ea30a1187f0c0236c76998811c56b authored over 1 year ago by Simone Basso <[email protected]>
Conflicts:
rsa/rsa.go
99dcffdaaecf3c6b7a7e5d3b1d636ba319160f11 authored over 1 year ago by Simone Basso <[email protected]>
01217a24ac3927d34cb20e015dbdd8cdc27b7195 authored over 1 year ago by Simone Basso <[email protected]>
Part of https://github.com/ooni/probe/issues/2417
506c80f5e65a0b6276c2e068e1429d56307fae6d authored over 1 year ago by Simone Basso <[email protected]>4c8182cd066c532edd922ec6df8f51071aada25a authored over 1 year ago by Simone Basso <[email protected]>
932253acd5fb2bcb998a40ce744201f19861287b authored over 1 year ago by Simone Basso <[email protected]>
This pull request updates oocrypto to use go1.20.4. After this pull request is merged, one must ...
9894b245953cbc0397fef09a2a9b877d34dc5159 authored over 1 year ago by Simone Basso <[email protected]>022248a7f3a8b8ce0ca33a9bb723f3b41b5e0117 authored over 1 year ago by Simone Basso <[email protected]>
c8a8b25d17f098757900f21a579865721e4638fa authored over 1 year ago by Simone Basso <[email protected]>
04fa8a45a6a6fa681461bca639f6230889c6adbf authored over 1 year ago by Simone Basso <[email protected]>
baf14a805787855f90fdc7303273b687db3e3a4d authored over 1 year ago by Simone Basso <[email protected]>
Updates #58803
Fixes #58927
Change-Id: I097938ff61dae2b65214f8d0126d68de63525f5b
Reviewed-on: h...
When server and client have mismatch in curve preference, the server will
send HelloRetryRequest...
Casting to a *uintptr is not ok if there isn't at least 8 bytes of
data backing that pointer (on...
Convert TestUnknownAuthorityError to use subtests, avoiding continuing
the test after an unrecov...
On Windows, replace tests which rely on a root that expired last year.
On Darwin fix an test whi...
Updates #58789.
Fixes #58793.
Change-Id: I91cdd20c6d4f05baaacd6a38717aa7bed6682573
Reviewed-on:...
I had forgotten, which caused amd64 allocations to go back up
significantly. Added an allocation...
Return an explicit error when PrivateKey.ECDH is called with a PublicKey
which uses a different ...
Unlike the rest of nistec, the P-256 assembly doesn't use complete
addition formulas, meaning th...
feat: update to go1.19.6
148030f9cd6271e87ddd9dd8bf23faf98d76c70a authored almost 2 years ago by Simone Basso <[email protected]>
Conflicts:
tls/boring_test.go
x509/boring_test.go
d246ac95e4f19d9967abb561f58d937eea0d7378 authored almost 2 years ago by Simone Basso <[email protected]>
fdc5358de48d53e5705c832579bd758defd663a2 authored almost 2 years ago by Simone Basso <[email protected]>
Message marshalling makes use of BytesOrPanic a lot, under the
assumption that it will never pan...
Message marshalling makes use of BytesOrPanic a lot, under the
assumption that it will never pan...
Change-Id: Ic215a90d1e1daa5805dbab1dc56480281e53b341
Reviewed-on: https://go-review.googlesource...
In particular, CheckSignatureFrom just can't check the path length
limit, because it might be en...
Generating 8192 bit keys times out on builders relatively frequently. We
just need something tha...
chore: merge changes from go1.19.5
See https://github.com/ooni/probe/issues/2273
94c8b4315fdd3b23c3362570c459da9cc8b2646b authored almost 2 years ago by Simone Basso <[email protected]>2965a9db2644e28027ff3ad97f1b0cb66adb3431 authored almost 2 years ago by Simone Basso <[email protected]>
Conflicts:
x509/internal/macos/corefoundation.go
x509/internal/macos/corefoundation.s
x509/in...
fb12f683edc933ab657569305dc8f2a74b96f9ab authored almost 2 years ago by Simone Basso <[email protected]>
On macOS return the error code from SecTrustEvaluateWithError, and use
it to create typed errors...
Change-Id: Idcea184a5b0c205efd3c91c60b5d954424f37679
Reviewed-on: https://go-review.googlesource...
Update to go 1.19.4
199e7f7bcc6ad77c7447156c820df64f89188d6d authored almost 2 years ago by Simone Basso <[email protected]>724c38e771f698b41629a8686332a784f666aebb authored almost 2 years ago by Simone Basso <[email protected]>
With these scripts, we have greater confidence in the process.
dc72f5ab5260e3e3f78a13cb049134f5af90a967 authored almost 2 years ago by Simone Basso <[email protected]>The dev branch is at go1.19.4
ef2ef96db95e3987b677c18c19e8d597fbf76acd authored almost 2 years ago by Simone Basso <[email protected]>
Conflicts:
README.md
chore: update to go1.19.4
0c63c486bbf1d2c3b733d61eb50de404742704ab authored almost 2 years ago by Simone Basso <[email protected]>cb7420b9e56f36f6cf98dc025009ca1ae9e49128 authored almost 2 years ago by Simone Basso <[email protected]>
Conflicts:
tls/boring_test.go
x509/boring.go
x509/boring_test.go
x509/sec1.go
x509/verify_t...
This branch does not exist anymore.
Part of https://github.com/ooni/probe/issues/2273
d7a88a1dcd20f59441577e95f16de759bd7073cc authored almost 2 years ago by Simone Basso <[email protected]>chore: merge stable into main
Similar to https://github.com/ooni/oohttp/pull/35
Part of ht...
7946b0a2cfc90f8b47b2962e832781e9ffc399b7 authored almost 2 years ago by Simone Basso <[email protected]>Here's the actual diff:
```diff
diff --git a/go.mod b/go.mod
index f05467ac6b..8fb70ec083 10064...
To this end, the diff between this branch and stable should be
zero for *.go files in this repos...
ca1c96652eb0df98bc68e5eb71560c7f4bfcc72f authored almost 2 years ago by Simone Basso <[email protected]>
chore: update to go1.18.9
7020325605f2abcc18b936e42da394793ca7c6ae authored almost 2 years ago by Simone Basso <[email protected]>71f822d2f2f080183e4fec57b283db7a7a2d9807 authored almost 2 years ago by Simone Basso <[email protected]>
Conflicts:
x509/verify_test.go
x509/x509.go
x509/x509_test.go
Fixes #57556
Updates #54936
Change-Id: I3fb4331c2b1b6adafbac3e76eaf66c79cd5ef56f
Reviewed-on: h...
Add the text from dev.boringcrypto's README making clear what
this code is and that it is unsupp...
On macOS return the error code from SecTrustEvaluateWithError, and use
it to create typed errors...
The comment copy pasted from the permuteInitialBlock and should be fixed.
Change-Id: I101f1dece...
cb24c3eebad8cee99e74ed66596798563e2e54d6 authored about 2 years ago by Chaoshuai Lü <[email protected]>Include hint from isValid, as well as CheckSignatureFrom.
Change-Id: I408f73fc5f12572f1937da50b...
e33bc59a8186b2be9a1a464168af6d89e5ac1908 authored about 2 years ago by Roland Shoemaker <[email protected]>
CL 353849 removed validation of signature parameters being passed to
Verify which led to two dis...
These should be deprecated, but per go.dev/wiki/Deprecated,
that should only happen two releases...
These should be marked deprecated, but that needs a
(likely quick) proposal review.
The proposa...
7a92a47573cec2378d06ca1ef7f4701625f275a2 authored about 2 years ago by Russ Cox <[email protected]>
VerifyASN1 became directly reachable without encoding/decoding in
CL 353849, so it's now possibl...
crypto/sha512:
name old time/op new time/op delta
Hash8Bytes/New...
With this change, we are down to 1.2x the running time of the previous
variable time implementat...
Ignoring custom curves, this makes the whole package constant-time.
There is a slight loss in pe...
This will let us reuse it in crypto/ecdsa for the NIST scalar fields.
The main change in API is...
dc86fe8d36d3ec659693d0a000bc8c189207463e authored about 2 years ago by Filippo Valsorda <[email protected]>
This is missing a test for Ed25519ph with context, since the RFC doesn't
provide one.
Fixes #31...
09be2bbfb6053b30bca2334f98a004b0ddc201dc authored about 2 years ago by Filippo Valsorda <[email protected]>
Several operations emulate instructions available on power9. Use
the GOPPC64_power9 macro provid...
With a small tweak and the help of the inliner, we preallocate enough
nat backing space to do RS...
This is faster than the current code because computing RR involves
one more shiftIn and using it...
This change adds some private fields to PrecomputedValues.
If applications were for some reason...
829bcaff4d9dd1cee990eb174db3077b6fe717f2 authored about 2 years ago by Filippo Valsorda <[email protected]>
I have never encountered multi-prime RSA in the wild. A GitHub-wide
search reveals exactly two e...
Infamously, big.Int does not provide constant-time arithmetic, making
its use in cryptographic c...
Fixes #56088
Updates #52221
Change-Id: Id2f806a116100a160be7daafc3e4c0be2acdd6a9
Reviewed-on: h...
Adds a method which allows users to set a fallback certificate pool for
usage during verificatio...
Fixes #48152
Change-Id: I503f088edeb5574fd5eb5905bff7c3c23b2bc8fc
GitHub-Last-Rev: 2b0e982f3f6b...
Change-Id: I69065f8adf101fdb28682c55997f503013a50e29
Reviewed-on: https://go-review.googlesource...
While at it, drop P-224 benchmarks. Nobody cares about P-224.
Change-Id: I31db6fedde6026deff36d...
2204f5889876f83773f96b7df80b16120e4d91d2 authored about 2 years ago by Filippo Valsorda <[email protected]>
Generating 8192 bit keys times out on builders relatively frequently. We
just need something tha...