Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/ooni/oocrypto

Fork of Go crypto/tls with extra patches from the OONI team
https://github.com/ooni/oocrypto

crypto/elliptic: fix BenchmarkMarshalUnmarshal/Compressed

Change-Id: Ifbf4a95e5f315a88633ec0170625cadb087167c0
Reviewed-on: https://go-review.googlesource...

f5ceec37c80cf9d410a56e07b1f31bdaa53587bc authored over 2 years ago by Filippo Valsorda <[email protected]>
crypto/subtle: note that input length mismatch makes ConstantTimeCompare return immediately

Change-Id: Id1ae6c8fbb8c2f31b251ba141dc2bbedae189006
Reviewed-on: https://go-review.googlesource...

667134a7bc87731b5370adb50967690c8cd04f04 authored over 2 years ago by Dan Kortschak <[email protected]>
crypto/rand: make Prime not deterministic for a fixed input stream

rand.Prime does not guarantee the precise prime selection algorithm as
part of its contract. For...

d9169b00469d9afbd0d613bbec74b99e3fa847fe authored over 2 years ago by Filippo Valsorda <[email protected]>
crypto/x509: add CertPool.Equal

Fixes #46057

Change-Id: Id3af101c54108d6fd5b65946c4358872358eefcc
Reviewed-on: https://go-revie...

dddeb7c8e8591a551f103354d91c4a88b1a0fc1b authored over 2 years ago by Roland Shoemaker <[email protected]>
[release-branch.go1.18] crypto/x509: fix Certificate.Verify crash

(Primarily from Josh)

Updates #51759
Fixes #51763
Fixes CVE-2022-27536

Co-authored-by: Josh Bl...

d9c69101412ed189b0f3588c887e3ee5c1d72d4a authored over 2 years ago by Brad Fitzpatrick <[email protected]>
crypto/x509: only disable SHA-1 verification for certificates

Disable SHA-1 signature verification in Certificate.CheckSignatureFrom,
but not in Certificate.C...

ad82faae711db590d1d339f639f21fe0f110156e authored over 2 years ago by Roland Shoemaker <[email protected]>
all: remove trailing blank doc comment lines

A future change to gofmt will rewrite

// Doc comment.
//
func f()

to

// Doc comment.
fun...

e78cadd6adcb4f8e8e06f0b13c2dee27acfa6295 authored over 2 years ago by Russ Cox <[email protected]>
all: fix various doc comment formatting nits

A run of lines that are indented with any number of spaces or tabs
format as a <pre> block. This...

86b31d0c891cd31d0b287bee4198edc0d5979f98 authored over 2 years ago by Russ Cox <[email protected]>
[release-branch.go1.18] crypto/x509: skip WSATRY_AGAIN errors when dialing badssl.com subdomains

(Temporarily, until the root cause of the test failure can be
diagnosed and fixed properly.)

Fo...

8a619fe6fe681ff7b6b8e7544ee72ef600483b3f authored over 2 years ago by Bryan C. Mills <[email protected]>
crypto/x509: skip WSATRY_AGAIN errors when dialing badssl.com subdomains

(Temporarily, until the root cause of the test failure can be
diagnosed and fixed properly.)

Fo...

da66e506ca73ec470db237b02a020dd19e653ea3 authored over 2 years ago by Bryan C. Mills <[email protected]>
crypto/x509: properly handle issuerUniqueID and subjectUniqueID

Fixes #51754

Change-Id: I3bfa15db3497de9fb82d6391d87fca1ae9ba6543
Reviewed-on: https://go-revie...

f84505c37e08130bf6b3ad58cc7c07445d21a668 authored over 2 years ago by Roland Shoemaker <[email protected]>
crypto/elliptic: tolerate zero-padded scalars in generic P-256

Fixes #52075

Change-Id: I595a7514c9a0aa1b9c76aedfc2307e1124271f27
Reviewed-on: https://go-revie...

59bd13fbae2e982e732a869a5aab2e7cc3d69db8 authored over 2 years ago by Filippo Valsorda <[email protected]>
crypto/x509/internal/macos: return errors when CFRef might be NULL

Updates #51759

Change-Id: Ib73fa5ec62d90c7e595150217b048158789f1afd
Reviewed-on: https://go-rev...

e51c5759b640a9725c3b556e0047e97dacb70875 authored over 2 years ago by Filippo Valsorda <[email protected]>
[dev.boringcrypto] crypto/internal/boring: update build instructions to use podman

The 'docker' command line tool is no longer available on my Linux laptop
due to Docker's new lic...

f697227cbce967620f3ecb4e7a874fc951245493 authored over 2 years ago by Russ Cox <[email protected]>
all: use new "unix" build tag where appropriate

For #20322
For #51572

Change-Id: Id0b4799d097d01128e98ba4cc0092298357bca45
Reviewed-on: https:/...

69032405b53f4bfc58db0aa2703edd3e795f1885 authored over 2 years ago by Ian Lance Taylor <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: I04d511ed8e3e7ca4a3267f226a0c3e248c0f84a9

240a7d67e8f3c79bd2ab1a304bc7fcf68ab9af7d authored over 2 years ago by Nicolas Hillegeer <[email protected]>
crypto/x509: return err ans1.Marshal gives an error

Fixes #50663

Change-Id: I18754922bf139049443c0395eaa1606049df1331
GitHub-Last-Rev: 57ff5ddfe39c...

f072015eec9d154fc3c97a69e08af161d6648bc3 authored almost 3 years ago by cuiweixie <[email protected]>
crypto/x509: fix Certificate.Verify crash

(Primarily from Josh)

Fixes #51759

Co-authored-by: Josh Bleecher Snyder <[email protected]>
...

c49fc3908419aa45febea8c38cb50867ef3eb843 authored almost 3 years ago by Brad Fitzpatrick <[email protected]>
crypto/rand: simplify Prime to use only rejection sampling

The old code picks a random number n and then tests n, n+2, n+4, up to
n+(1<<20) for primality b...

c5f618c88bf798d46a322d4f10bd6fc782c42ae6 authored almost 3 years ago by Russ Cox <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: I4e09d4f2cc77c4c2dc12f1ff40d8c36053ab7ab6

faa85e4660f89a8c3dc2ec8d42990847fb1648d2 authored almost 3 years ago by David Chase <[email protected]>
all: fix some typos

Change-Id: I7dfae0fc91c2d70873ec7ec920be7c0a4888153a
Reviewed-on: https://go-review.googlesource...

f0cbff0292ffe1850be78e7f9898fb9c261f2587 authored almost 3 years ago by Dan Kortschak <[email protected]>
crypto/sha512: fix stack size for previous change

In a recent change CL 388654 a function was updated so it
no longer needed stack space, but the ...

fa9bf0ae5dae09a983a3fb7048d9aac6df49ddee authored almost 3 years ago by Lynn Boger <[email protected]>
crypto/rand: use fast key erasure RNG on plan9 instead of ANSI X9.31

This should be a bit faster and slicker than the very old ANSI X9.31,
which relied on the system...

8da8eeb12570eb2e490c865f5942f9732cb45534 authored almost 3 years ago by Jason A. Donenfeld <[email protected]>
crypto/rand: separate out plan9 X9.31 /dev/random expander

The X9.31 expander is now only used for plan9. Perhaps once upon a time
there was a use for abst...

9d18c29cf5d212cdc0d1951089977dfb2fc6a1b0 authored almost 3 years ago by Jason A. Donenfeld <[email protected]>
crypto/ed25519/internal/edwards25519: sync with filippo.io/edwards25519

Import the following commits (and minor comment fixes):

* 17a0e59 - field: fix heap escape ...

de836e7aa0c299e10b91b31e7ee2bd93fc350c44 authored almost 3 years ago by Filippo Valsorda <[email protected]>
crypto/sha256: adapt ppc64le asm to work on ppc64

Workaround the minor endian differences, and avoid needing to
stack a frame as extra VSRs can be...

740a47821c8e0ea6c886f4346326cebad450f130 authored almost 3 years ago by Paul E. Murphy <[email protected]>
crypto/aes: improve performance for aes-cbc on ppc64le

This adds an asm implementation of aes-cbc for ppc64le to
improve performance. This is ported fr...

0f9bc7df84040bac3206bdcb24a892139925c518 authored almost 3 years ago by Lynn Boger <[email protected]>
crypto/sha512: add BE support to PPC64 asm implementation

This adds big endian support for the assembly implementation of
sha512. There was a recent reque...

68c2bc983a7b96f7cac92607a7564f988ea5a7d7 authored almost 3 years ago by Lynn Boger <[email protected]>
crypto/x509, runtime: fix occasional spurious “certificate is expired”

As documented in #51209, we have been seeing a low-rate failure
on macOS builders caused by spur...

1088fd17b5402da9de19f50debbb63de9b94662a authored almost 3 years ago by Russ Cox <[email protected]>
[release-branch.go1.17] crypto/x509: support NumericString in DN components

Updates #48171
Fixes #51000

Change-Id: Ia2e1920c0938a1f8659935a4f725a7e5090ef2c0
Reviewed-on: h...

6e9259b852ce0b377d4405fe3786f9b820154770 authored almost 3 years ago by Roland Shoemaker <[email protected]>
crypto/aes: fix key size typo

AES-196 does not exist, but AES-192 does.

Signed-off-by: Eric Lagergren <[email protected]...

ab46d9a5f7425699713b4dfe76fe8d130f27b293 authored almost 3 years ago by Eric Lagergren <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: If6b68df0c90464566e68de6807d15f4b8bec6219

a7c6de3f18b2528f9034bad380cdb07a2c4afafe authored almost 3 years ago by Chressie Himpel <[email protected]>
crypto/elliptic: use go:embed for the precomputed p256 table

go.dev/cl/339591 changed the code generation to use a constant string,
so that the ~88KiB table ...

dff91d3fb38a668118f17a5f7df302479e2812a1 authored almost 3 years ago by Daniel Martí <[email protected]>
[release-branch.go1.17] crypto/elliptic: make IsOnCurve return false for invalid field elements

Updates #50974
Fixes #50978
Fixes CVE-2022-23806

Change-Id: I0201c2c88f13dd82910985a495973f1683...

7373cb53e87578dd38eec31ff2ff0d9c258e0226 authored almost 3 years ago by Filippo Valsorda <[email protected]>
crypto/x509: support NumericString in DN components

Fixes #48171

Change-Id: Ia2e1920c0938a1f8659935a4f725a7e5090ef2c0
Reviewed-on: https://go-revie...

4d8411a8d7890b29e5d0443a7579754033d36c14 authored almost 3 years ago by Roland Shoemaker <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: I18dbf4f9fa7e2334fccedd862a523126cf38164e

cc600882cbfe8514613e75da9222190f606284fe authored almost 3 years ago by Chressie Himpel <[email protected]>
crypto/elliptic: make IsOnCurve return false for invalid field elements

Thanks to Guido Vranken for reporting this issue.

Fixes #50974
Fixes CVE-2022-23806

Change-Id:...

d44b850aaef944a08001d78a65f5c327311c88a8 authored almost 3 years ago by Filippo Valsorda <[email protected]>
crypto/ecdsa,crypto/elliptic: update docs and spec references

crypto/ecdsa was long overdue a cleanup. Bump the FIPS 186 version, and
make sure we consistentl...

2a59dfd0c79aa7b65f00aea41389d870961f340b authored almost 3 years ago by Filippo Valsorda <[email protected]>
[release-branch.go1.17] all: update vendored golang.org/x/crypto for cryptobyte fix

Updates #49678
Fixes #50165

Change-Id: I47dd959a787180a67856e60dfa6eba3ddd045972
Reviewed-on: h...

98e23cfac11fb3fea096b8b023daa6ff741b3f1a authored about 3 years ago by Filippo Valsorda <[email protected]>
all: update vendored golang.org/x/crypto for cryptobyte fix

Fixes #49678

Change-Id: I47dd959a787180a67856e60dfa6eba3ddd045972
Reviewed-on: https://go-revie...

3abfa46050fd53fc9ac47ed23bcece22652bccc6 authored about 3 years ago by Filippo Valsorda <[email protected]>
all: gofmt -w -r 'interface{} -> any' src

And then revert the bootstrap cmd directories and certain testdata.
And adjust tests as needed.
...

3f374bc7efa19c73bc2cce710ac980b8b24986bf authored about 3 years ago by Russ Cox <[email protected]>
crypto/x509: skip known TestSystemVerify flakes on windows-*-2008 builders

The "-2008" builders are the only ones on which the failure has
been observed, so I suspect that...

8b51d9465b07f7ce2db46a5d6983c4bd1bba22a0 authored about 3 years ago by Bryan C. Mills <[email protected]>
[dev.boringcrypto] crypto/internal/boring: add -pthread linker flag

goboringcrypto_linux_amd64.syso references pthread functions, so
we need to pass -pthread to the...

2173dca83439d6215089e884ddbecc44b1a667cc authored about 3 years ago by Cherry Mui <[email protected]>
crypto/x509: fix comments on certDirectories

CL 205237 allowed SSL_CERT_DIR to be a colon delimited list of
directories. In the case that SSL...

6280b28e15213fb36908a38342223a27f02b3adb authored about 3 years ago by Shang Jian Ding <[email protected]>
crypto/x509/internal/macos: use APIs available on ios

Use SecCertificateCopyData instead of SecItemExport, which is only
available on macOS.

Updates ...

b58ee05656c0a5a796cfaa6eb0af78204b670737 authored about 3 years ago by Roland Shoemaker <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: If0a6a3d0abf15d9584ce572510b5bb31872d432f

44b336a2d585c42982beb37c9e65cb60d9f2750b authored about 3 years ago by Heschi Kreinick <[email protected]>
crypto/x509: remove ios build tag restriction

Fixes #49435

Change-Id: I77ce12f447e727e7dc3b23de947357c27a268bd2
Reviewed-on: https://go-revie...

dedcc4b0efcc7fcca851a3be6542a43053708105 authored about 3 years ago by Roland Shoemaker <[email protected]>
crypto/x509: verification with system and custom roots

Make system cert pools special, such that when one has extra roots
added to it we run verificati...

c68f645ea278f69d545ee93a4fa4393fa788c2c4 authored about 3 years ago by Roland Shoemaker <[email protected]>
all: remove more leftover // +build lines

CL 344955 and CL 359476 removed almost all // +build lines, but leaving
some assembly files and ...

05b71889f3a7d8ac725865b70e28e6a0fde04d84 authored about 3 years ago by Tobias Klauser <[email protected]>
crypto/x509: use the platform verifier on iOS

Use the same certificate verification APIs on iOS as on macOS (they
share the same APIs, so we s...

e9f2bc149bf0331a2d5cf7f4a66c95307b8067d5 authored about 3 years ago by Roland Shoemaker <[email protected]>
crypto/x509: use platform verifier on darwin

When VerifyOptions.Roots is nil, default to using the platform X.509
certificate verification AP...

4db8b5d2246de1039b48c4bfcb1c12d8b61fabb4 authored about 3 years ago by Roland Shoemaker <[email protected]>
crypto/tls: set default minimum client version to TLS 1.2

Updates #45428

Change-Id: I5d70066d4091196ec6f8bfc2edf3d78fdc0520c1
Reviewed-on: https://go-rev...

9051a4f7a352c6affbe4887eac875e4cf4af249d authored about 3 years ago by Filippo Valsorda <[email protected]>
crypto/x509: disable SHA-1 signature verification

Updates #41682

Change-Id: Ib766d2587d54dd3aeff8ecab389741df5e8af7cc
Reviewed-on: https://go-rev...

b411423005a8539613a9a231acd01223e5a1dced authored about 3 years ago by Filippo Valsorda <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: I1aa33cabd0c55fe64994b08f8a3f7b6bbfb3282c

28cbd69d04e1df5d619daee589ced529085eb5e3 authored about 3 years ago by Roland Shoemaker <[email protected]>
crypt/aes: update formatting of ppc64le asm comments

This does not change any code, just reformats the comments in
the asm code.

Change-Id: I70fbfa7...

7ffe6fc9285d43ef5d80e5f23b75827479683580 authored about 3 years ago by Lynn Boger <[email protected]>
crypto/elliptic: port P-224 and P-384 to fiat-crypto

Also, adopt addchain code generation for field inversion, and switch
P-521 to Montgomery multipl...

db6ca6dd44f65dd277f450867affcb17ae428bf8 authored about 3 years ago by Filippo Valsorda <[email protected]>
crypto/ecdsa: draw a fixed amount of entropy while signing

The current code, introduced in CL 2422, mixes K bits of entropy with
the private key and messag...

f7b04173bbc3c2e829b2cb3c4f0fc2410ddcc6e6 authored about 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: tolerate large inputs to IsOnCurve methods

The behavior of all Curve methods and package functions when provided an
off-curve point is unde...

6a4970d023959e15907df1267ed8dfc6210a23c4 authored about 3 years ago by Filippo Valsorda <[email protected]>
net/netip: add new IP address package

Co-authored-by: Alex Willmer <[email protected]> (GitHub @moreati)
Co-authored-by: Alexander Y...

254307be9123f3409d4af84f84919e5b66f47ded authored about 3 years ago by Brad Fitzpatrick <[email protected]>
crypto/elliptic: move P-521 group logic to internal/nistec

This abstracts the clunky and not constant time math/big elliptic.Curve
compatibility layer away...

45dcd64b3e004a2750fe1eb0d1e778899c92b4f7 authored about 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: use a 4-bit sliding window for P-521 ScalarMult

name old time/op new time/op delta
pkg:crypto/elliptic goos:darwin goar...

d4cea8396287f2e4d4035c9ade4497fa4122df51 authored about 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: use complete addition formulas for P-521

Complete formulas don't have exceptions for P = Q or P = 0, which makes
them significantly simpl...

54d400870e022798bbeb93b898bf848547df5cb8 authored about 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: refactor P-224 field implementation

Improved readability, replaced constant time bit masked operations with
named functions, added c...

c91c2cc9a360b174a73726e359c967d3629d0c14 authored about 3 years ago by Filippo Valsorda <[email protected]>
all: manual fixups for //go:build vs // +build

Update many generators, also handle files that were not part of the
standard build during 'go fi...

3d4cf4b342de8bf4fd92a2dba70749356c49e483 authored about 3 years ago by Russ Cox <[email protected]>
[dev.boringcrypto] all: convert +build to //go:build lines in boring-specific files

This makes the latest Go 1.18 cmd/dist happier.

Change-Id: If1894ce4f60a0b604a2bd889974ddb16c40...

6a49036317487f17c7373fc918f9615cac128b3f authored about 3 years ago by Russ Cox <[email protected]>
all: go fix -fix=buildtag std cmd (except for bootstrap deps, vendor)

When these packages are released as part of Go 1.18,
Go 1.16 will no longer be supported, so we ...

a5cb61667cdc384a62ac9c17579bee09a514f8c5 authored about 3 years ago by Russ Cox <[email protected]>
crypto/elliptic: use a const string for precomputed P256 table

Const strings can be marked readonly. This is particularly
important for this relatively large t...

2bf93924a4055c979f9fad944cad5dc61dc57190 authored about 3 years ago by Josh Bleecher Snyder <[email protected]>
crypto/x509: generate new-style build tags for iOS

Make the input match gofmt's output,
to make our lives easier as we phase out
old style build ta...

37c883e27c22f9cd6fc16448cb58d41d883448de authored about 3 years ago by Josh Bleecher Snyder <[email protected]>
crypto/tls: add Conn.NetConn method

NetConn method gives us access to the underlying net.Conn
value.

Fixes #29257

Change-Id: I68b2...

e961d39dd7a1cf75ba66c2df81ccda5c98debb29 authored about 3 years ago by Agniva De Sarker <[email protected]>
all: use bytes.Cut, strings.Cut

Many uses of Index/IndexByte/IndexRune/Split/SplitN
can be written more clearly using the new Cu...

b256fb9b0d69663d2185d9123228a88912097865 authored about 3 years ago by Russ Cox <[email protected]>
crypto/rand: document additional getrandom/getentropy support in Reader

CL 269999 added support for getrandom on Dragonfly.
CL 299134 added support for getrandom on Sol...

394fac8937a16e03cc523697a8842a01c4c4e66d authored about 3 years ago by Tobias Klauser <[email protected]>
crypto/tls: use cryptobyte.NewFixedBuilder

Change-Id: Ia2a9465680e766336dae34f5d2b3cb412185bf1f
Reviewed-on: https://go-review.googlesource...

8dd3592c60d5ee255f1dea3ebfee1f3ba708d78f authored about 3 years ago by Filippo Valsorda <[email protected]>
crypto: document the extended key interfaces

Change-Id: Iaff3f77b0a168e8bde981c791035a6451b3a49ac
Reviewed-on: https://go-review.googlesource...

14d627bd1e30c61cd39145fb120c0824f43fe40b authored about 3 years ago by Filippo Valsorda <[email protected]>
crypto: avoid escaping Hash.Sum on generic architectures

For architectures without a specialized implementation (e.g. arm),
the generic implementation al...

eb66d65d8451889d7384cffcbbb6ffd4c6dc6d41 authored about 3 years ago by Joe Tsai <[email protected]>
[release-branch.go1.17] crypto/rand, internal/syscall/unix: don't use getentropy on iOS

CL 302489 switched crypto/rand to use getentropy on darwin, however this
function is not availab...

1f94b6518caf2a71e3ea5560448d426ab18cc7ff authored over 3 years ago by Tobias Klauser <[email protected]>
crypto/x509: drop compatibility hack for expired COMODO intermediates

The hack was there for a couple intermediates with only SGC EKUs that
issued severAuth certifica...

175d3b7ed33d80c2d30f304706a6f82198184f9b authored over 3 years ago by Filippo Valsorda <[email protected]>
[dev.boringcrypto] crypto/tls: permit P-521 in FIPS mode

While BoringCrypto has a certification for P-521, the go code disallows
certificates with it. Th...

efea22890ac9743cb754add10ff2fe2cf18850aa authored over 3 years ago by Watson Ladd <[email protected]>
[dev.cmdgo] all: merge master (5e6a7e9) into dev.cmdgo

Merge List:

+ 2021-08-26 5e6a7e9b86 embed: remove reference to global variables in docs
+ 2021-...

63e087c2b1d8bf8f5d4ed401fccf3d4c857dc69a authored over 3 years ago by Michael Matloob <[email protected]>
[dev.boringcrypto] crypto/tls: use correct config in TestBoringClientHello

The existing implementation sets the ClientConfig to specific values to
check, but does not uses...

934ad5472393a17e5852543154b4304559ef396a authored over 3 years ago by Sofía Celi <[email protected]>
crypto/tls: fix typo in PreferServerCipherSuites comment

Fixing a typo, Deprected -> Deprecated.

Change-Id: Ie0ccc9a57ae6a935b4f67154ac097dba4c3832ec
Gi...

c6462781f2c554a2c8a233089915f79367de46d4 authored over 3 years ago by vinckr <[email protected]>
[dev.cmdgo] all: merge master (c2f96e6) into dev.cmdgo

src/cmd/go/testdata/script/work.txt and
src/cmd/go/testdata/script/work_edit.txt were updated so...

65fe58d23f955b40539a2d2cd6cf60e2f6d0b9da authored over 3 years ago by Michael Matloob <[email protected]>
crypto/rand, internal/syscall/unix: don't use getentropy on iOS

CL 302489 switched crypto/rand to use getentropy on darwin, however this
function is not availab...

2cba49ed140c2981432b74d9baa0cca0dfaebe13 authored over 3 years ago by Tobias Klauser <[email protected]>
all: fix typos

Change-Id: I83180c472db8795803c1b9be3a33f35959e4dcc2
Reviewed-on: https://go-review.googlesource...

e55cd318050ddf8b8b4dd341db73f33bfa27afca authored over 3 years ago by Yasuhiro Matsumoto <[email protected]>
[dev.boringcrypto] all: merge commit 57c115e1 into dev.boringcrypto

Change-Id: I9e2b83c8356372034e4e3bfc6539b813e73611c9

d5745146c2cc35766fc6852e67f3c7cf4561b830 authored over 3 years ago by Roland Shoemaker <[email protected]>
crypto/sha{256,512}: unname result parameters for consistency

Sum224 and Sum256 didn't look the same at:

https://golang.org/pkg/crypto/sha256/

Now they ...

c2e6d72117b56b9c93b28dd372fa54734fd1a295 authored over 3 years ago by Brad Fitzpatrick <[email protected]>
all: gofmt

Change-Id: Icfafcfb62a389d9fd2e7a4d17809486ed91f15c3
Reviewed-on: https://go-review.googlesource...

c4c2184b2970f4eb7cb015cd6e1487d2f3f83798 authored over 3 years ago by Josh Bleecher Snyder <[email protected]>
[dev.cmdgo] all: merge master (9eee0ed) into dev.cmdgo

Conflicts:

- src/cmd/go/internal/modload/init.go
- src/cmd/go/internal/modload/load.go

Merge L...

7294e770eb1adfe9c21761b9fc99dec2b674e523 authored over 3 years ago by Jay Conrod <[email protected]>
crypto/x509: update iOS bundled roots to version 55188.120.1.0.1

Updates #38843.

Change-Id: I6e003ed03cd13d8ecf86ce05ab0e11c47e271c0b
Reviewed-on: https://go-re...

83ce80272cd2bfa3d67ac65e5b070889d235525e authored over 3 years ago by Dmitri Shuralyov <[email protected]>
crypto/tls: test key type when casting

When casting the certificate public key in generateClientKeyExchange,
check the type is appropri...

996fcc195144c6373b8805a31571c3843067de34 authored over 3 years ago by Roland Shoemaker <[email protected]>
[dev.cmdgo] all: merge master (912f075) into dev.cmdgo

Merge List:

+ 2021-07-02 912f075047 net/http: mention socks5 support in proxy
+ 2021-07-02 287c...

9ce669f0c74e42a564129da6f898a64a31a5e96f authored over 3 years ago by Jay Conrod <[email protected]>
crypto/x509: don't fail on optional auth key id fields

If a certificate contains an AuthorityKeyIdentifier extension that
lacks the keyIdentifier field...

49148c66be1007ca0e2f2559129a3441caa9bd0e authored over 3 years ago by Roland Shoemaker <[email protected]>
crypto/tls: let HTTP/1.1 clients connect to servers with NextProtos "h2"

Fixes #46310

Change-Id: Idd5e30f05c439f736ae6f3904cbb9cc2ba772315
Reviewed-on: https://go-revie...

ec2621746a01e1602134b8036bb23115840afaca authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: update P-521 docs to say it's constant-time

This is true since CL 315274.

Also adjust the P-256 note, since Add, Double, and IsOnCurve use ...

314da00a7294bbfc7649d5f891dc18224966b6e1 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/tls: fix typo in Config.NextProtos docs

Change-Id: I916df584859595067e5e86c35607869397dbbd8c
Reviewed-on: https://go-review.googlesource...

cdff9b4f475169fe54172e2c3ff8a78dd7d2dd01 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: fix typo in p521Point type name

Change-Id: I6cab3624c875d9a70441a560e84f91c9b2df17b9
Reviewed-on: https://go-review.googlesource...

e1961bdb86843123fecfe1b9795ac87dd17c2419 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/x509: add new FreeBSD 12.2+ trusted certificate folder

Up to FreeBSD 12.1 the package ca_root_nss was needed in order to have
certificates under /usr/l...

803bdc4b1d80bb0e79cc2ab02416013e2263b69d authored over 3 years ago by Lapo Luchini <[email protected]>
crypto/x509: remove duplicate import

Change-Id: I86742ae7aa4ff49a38f8e3bc1d64fb223feae73e
Reviewed-on: https://go-review.googlesource...

dee8736f538e31916eaf60d93144eb9aca2af533 authored over 3 years ago by Roland Shoemaker <[email protected]>
[dev.boringcrypto] all: merge commit 9d0819b27c (CL 314609) into dev.boringcrypto

There used to be two BoringCrypto-specific behaviors related to cipher
suites in crypto/tls:

1....

d35e495ae0e61d539c56626c171c8ec58387b4e0 authored over 3 years ago by Filippo Valsorda <[email protected]>
all: add //go:build lines to assembly files

Don't add them to files in vendor and cmd/vendor though. These will be
pulled in by updating the...

d5b6ee598af8d7a79fafbb8e170e83eb01c34b15 authored over 3 years ago by Tobias Klauser <[email protected]>
crypto/elliptic: upgrade from generic curve impl to specific if available

This change alters the CurveParam methods to upgrade from the generic
curve implementation to th...

0def25409d9974b834bea3bd908d3b473c3cb35b authored over 3 years ago by Roland Shoemaker <[email protected]>