Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/ooni/oocrypto
Fork of Go crypto/tls with extra patches from the OONI team
https://github.com/ooni/oocrypto
6ffddea0a4c8feaedf5617e4baaf3ded201c01ee authored over 2 years ago by Simone Basso <[email protected]>
I have manually inspected the newly added packages as specified
in the upgrade procedure and it ...
2d2c983d9fa96dfdc7dd30a7b68ffe28a67b4436 authored over 2 years ago by Simone Basso <[email protected]>
8581ebf3d67fe52a27b1c6e49aaf910f59e42bdb authored over 2 years ago by Simone Basso <[email protected]>
8508ab2647281a16cf70be464315e949029ad847 authored over 2 years ago by Simone Basso <[email protected]>
80c1f8470a62fd22504e7e4d0e839845c12ee4dc authored over 2 years ago by Simone Basso <[email protected]>
17c63a553bf429ae6075b45d6e2530ba70e39616 authored over 2 years ago by Simone Basso <[email protected]>
b8425b3ccf471122823fe6be3aeb300093a162f2 authored over 2 years ago by Simone Basso <[email protected]>
This diff modifies the selection logic for AES based algorithms
to use insights from the interna...
This diff modifies aes code to use the cpuarm64 package instead
of using the golang.org/x/sys/cp...
This diff pulls code from https://go-review.googlesource.com/c/sys/+/197540/
to add better suppo...
Additionally, be slightly more precise with respect to the Go source
code license and add a link...
I do not currently see a toil-free way of supporting using the TLS config
defined in the standar...
32aa095615ce80ef95435ee987f5a22c43f58934 authored over 2 years ago by Simone Basso <[email protected]>
We don't want to import from a standard library package if we have
an equivalent package inside ...
614b03d87b50b35e44b2860d70d193d2454e6834 authored over 2 years ago by Simone Basso <[email protected]>
a60493437d6c1dd26f8434a96d0d9b672f3cd658 authored over 2 years ago by Simone Basso <[email protected]>
35b7a0e583557dce16ee7bae1634163fa05b9fdf authored over 2 years ago by Simone Basso <[email protected]>
1d8a66af050da57ce9bae90b1402f04c3e0098d9 authored over 2 years ago by Simone Basso <[email protected]>
1. replace the dependency on `internal/cpu` with the equivalent
package inside of `golang.org/x/...
A new task inside README.md explains what are the criteria to
determine whether we can safely de...
cfe9e2d7cc835ee5606476e422cb5e0d5e12759a authored over 2 years ago by Simone Basso <[email protected]>
This commit merges go1.17.10 unmodified src/crypto's subtree into
the main branch of this reposi...
1b70c95cbae33f09c4a6c0df7c72abd7b8c59541 authored over 2 years ago by Simone Basso <[email protected]>
3162d129940f923a65542687821a5c9f26fd4365 authored over 2 years ago by Simone Basso <[email protected]>
Excluding vendor and testdata.
CL 384268 already reformatted most, but these slipped past.
The ...
ae2266e70a9a6564182e03e6697d143703e5107c authored over 2 years ago by Russ Cox <[email protected]>
As required by RFC 8446, section 4.6.1, ticket_age_add now holds a
random 32-bit value. Before t...
- formatting and optimized init functionality for precomputed table
- updated formatting for com...
Change-Id: Iee18987c495d1d4bde9da888d454eea8079d3ebc
GitHub-Last-Rev: ff5e01599ddf7deb3ab6ce190b...
Change-Id: I68538a50c22b02cdb5aa2a889f9440fed7b94c54
GitHub-Last-Rev: aaac9e78340ac482e9cd1b506a...
There is no requirement for how the expanded keys are stored
in memory. They are only accessed b...
This reworks how we load/store vector registers using the new
bi-endian P9 instruction emulation...
In TestHybridPool attempt to prime to the windows root pool before
the real test actually happen...
This adds the code to allow the gcm assembler code to work on
big endian ppc64.
Updates #18499
...
Make some code more simple.
Change-Id: I801adf0dba5f6c515681345c732dbb907f945419
GitHub-Last-Re...
This does not enable GCM or CBC variants for ppc64, they
require more work to support bi-endian....
The Read and Write methods of *tls.Conn call Handshake
unconditionally, every time they are call...
This unrolls the counter loop and simplifies the load/storing
of text/ciphertext and keys by usi...
This race is benign, but it still trips up the race detector, so turn
this into an atomic read.
...
The path building rework broke the enforcement of EKU nesting, this
change goes back to using th...
Add support for ppc64le assembler to p256. Most of the changes
are due to the change in nistec i...
Use the batched reader to chunk large Read calls on windows to a max of
1 << 31 - 1 bytes. This ...
This will allow us to use crypto/internal/edwards25519/field from
crypto/ecdh to implement X2551...
So it's reachable from crypto/ecdsa and the upcoming crypto/ecdh.
No code changes.
For #52182
...
Fixes #50975
For #52182
Change-Id: I4a98d965436c7034877b8c0146bb0bd5b802d6fa
Reviewed-on: https...
For #52182
Change-Id: If9eace36b757ada6cb5123cc60f1e10d4e8280c5
Reviewed-on: https://go-review....
name old time/op new time/op delta
pkg:crypto/ecdsa goos:darwin goarch:...
For #52182
Change-Id: I8a68fda3e54bdea48b0dfe528fe293d47bdcd145
Reviewed-on: https://go-review....
The goal of this CL is to move the implementation to the new interface
with the least amount of ...
For #52182
Change-Id: I8d8b4c3d8299fbd59b0bf48e5c8b7b41c533a2cc
Reviewed-on: https://go-review....
For #52182
Change-Id: I4dedd8ed9f57f6fc394c71cd20c3b27c3ea29a95
Reviewed-on: https://go-review....
Move the aesCipherGCM struct definition into cipher_asm.go, it is
needed to compile this file, b...
Discovered running recent changes against Google internal tests.
Change-Id: Ief51eae82c9f27d2a2...
988683153104d418ef5fc8e88f7df7d63cb799e6 authored over 2 years ago by Russ Cox <[email protected]>
MD5 is hopelessly broken, we already don't allow verification of
MD5 signatures, we shouldn't su...
Updates #51754
Fixes #51858
Change-Id: I3bfa15db3497de9fb82d6391d87fca1ae9ba6543
Reviewed-on: h...
Updates #51754
Fixes #51859
Change-Id: I3bfa15db3497de9fb82d6391d87fca1ae9ba6543
Reviewed-on: h...
This commit is a REVERSE MERGE.
It merges dev.boringcrypto back into its parent branch, master.
...
Reserve 't' for type *testing.T variables.
Change-Id: I037328df59d3af1aa28714f9efe15695b6fd62a9...
2983083a7fb5a08cadfad6957e2abb08b16f0cd0 authored over 2 years ago by Ludi Rehak <[email protected]>
In the original BoringCrypto port, ecdsa and rsa's public and private
keys added a 'boring unsaf...
In the original BoringCrypto port, ecdsa and rsa's public and private
keys added a 'boring unsaf...
This API was added only for BoringCrypto, never shipped in standard
Go. This API is also not com...
One annoying difference between dev.boringcrypto and master is that
there is not a clear separat...
The standard Go implementations are allocation-free.
Making the BoringCrypto ones the same helps...
The conversion via byte slices is inefficient; we can convert via word slices
and avoid the copy...
A plain make.bash in this tree will produce a working,
standard Go toolchain, not a BoringCrypto...
Change-Id: Ic5f71c04f08c03319c043f35be501875adb0a3b0
678eba9ce44d8f77bc7f8b8a608f33111401a1b2 authored over 2 years ago by Chressie Himpel <[email protected]>Updates #45428
Change-Id: Ic2ff459e6a3f1e8ded2a770c11d34067c0b39a8a
Reviewed-on: https://go-rev...
This makes Gerrit recognize the rename of the field implementation and
facilitates the review. N...
Marshal behavior for invalid points is undefined, so don't use it to
check if points are valid.
...
There was no way to use an interface because the methods on the Point
types return concrete Poin...
Not quite golang.org/wiki/TargetSpecific compliant, but almost.
The only substantial code chang...
eba68f2e46f50f7f4c51c9c2d3bc765af1c8fdde authored over 2 years ago by Filippo Valsorda <[email protected]>
Fix up TestEd25519Vectors to download files into its own temporary mod
cache, as opposed relying...
This reverts CL400377, which restricted serials passed to
x509.CreateCertificate to <= 20 octets...
Per RFC 4158 Section 2.4.2, when we are discarding candidate
certificates during path building, ...
Does what it says on the tin.
Fixes #51088
Change-Id: I12c0fa6bba1c1ce96c1ad31ba387c77a93f801c...
2403fafb1ddd20b335f1d3b02005d95b0d420e5b authored over 2 years ago by Roland Shoemaker <[email protected]>Change-Id: I30dbbe508a6252d50b4154cb9a8299cf0a054449
5c4cd5517704da9e9d093359ab8588ebf5321fc8 authored over 2 years ago by Chressie Himpel <[email protected]>
This case was missed in CL 370894, and masked by the lack of an
Illumos TryBot.
Fixes #52452.
...
fb0afe0bd39cec53b90832216baa6fa3f777a375 authored over 2 years ago by Bryan C. Mills <[email protected]>Change-Id: I52009bf809dda4fbcff03aa82d0ea8aa2a978fa2
bbf98190697a508fb23ec85ea13c005d428c7a14 authored over 2 years ago by Chressie Himpel <[email protected]>
The kernel's RNG is fast enough, and buffering means taking locks, which
we don't want to do. So...
We're using bufio to batch reads of /dev/urandom to 4k, but we weren't
doing the same on newer p...
Updates #41682
Change-Id: I3a2d6eedf4030cdc7308001aef549eb20eeb11c1
Reviewed-on: https://go-rev...
When parsing certificates and CSRs, reject duplicate extensions (and
additionally duplicate requ...
Refuse to create certificates with negative serial numbers, as they
are explicitly disallowed by...
Don't create certificates that have serial numbers that are longer
than 20 octets (when encoded)...
Export the previously private method copy as Clone.
Fixes #35044
Change-Id: I5403d6a3b9f344c98...
595afafda6dc5b48c87010934e0c8e181e5bbaf1 authored over 2 years ago by Roland Shoemaker <[email protected]>Otherwise we panic if either pool is nil.
Change-Id: I8598e3c0f3a5294135f1c330e319128d552ebb67
...
In CreateCertificate, if there are no extensions, don't include the
extensions SEQUENCE in the e...
[This CL is part of a sequence implementing the proposal #51082.
The design doc is at https://go...
It is not necessary to expand the key twice for each direction,
the decrypt key can be stored in...
It has been agreed that we should prefer the US spelling of words like
"canceling" over "cancell...
The ported cryptogam implementation uses a subtle and tricky mechanism
using lxv/vperm/lvsl to l...
Updates #52075
Fixes #52077
Fixes CVE-2022-28327
Change-Id: I595a7514c9a0aa1b9c76aedfc2307e1124...
59f81c65d5481f5d98feb3fba69695d802e21ed5 authored over 2 years ago by Filippo Valsorda <[email protected]>
Updates #52075
Fixes #52076
Fixes CVE-2022-28327
Change-Id: I595a7514c9a0aa1b9c76aedfc2307e1124...
f41b1fdee4e10d3197ab0a1f16e76400d34983d5 authored over 2 years ago by Filippo Valsorda <[email protected]>
Adds a new, cryptobyte based, CRL parser, which returns a
x509.RevocaitonList, rather than a pki...
A future change to gofmt will rewrite
// Doc comment.
//go:foo
to
// Doc comment.
//
//g...
go/doc in all its forms applies this replacement when rendering
the comments. We are considering...
This change does four things:
* removes the chain cache
* during path building, equality is ...
Change-Id: Iaf618444dd2d99721c19708df9ce2c1f35854efd
535cecc01fe41eaa6b4658c487cf15689810a8be authored over 2 years ago by Lasse Folger <[email protected]>
Disable SHA-1 signature verification in Certificate.CheckSignatureFrom,
but not in Certificate.C...
It had not been doing anything since CL 233939, because the Params
method was getting upgraded t...