Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/ooni/oocrypto
Fork of Go crypto/tls with extra patches from the OONI team
https://github.com/ooni/oocrypto
Change-Id: Ifbf4a95e5f315a88633ec0170625cadb087167c0
Reviewed-on: https://go-review.googlesource...
Change-Id: Id1ae6c8fbb8c2f31b251ba141dc2bbedae189006
Reviewed-on: https://go-review.googlesource...
rand.Prime does not guarantee the precise prime selection algorithm as
part of its contract. For...
Fixes #46057
Change-Id: Id3af101c54108d6fd5b65946c4358872358eefcc
Reviewed-on: https://go-revie...
(Primarily from Josh)
Updates #51759
Fixes #51763
Fixes CVE-2022-27536
Co-authored-by: Josh Bl...
d9c69101412ed189b0f3588c887e3ee5c1d72d4a authored over 2 years ago by Brad Fitzpatrick <[email protected]>
Disable SHA-1 signature verification in Certificate.CheckSignatureFrom,
but not in Certificate.C...
A future change to gofmt will rewrite
// Doc comment.
//
func f()
to
// Doc comment.
fun...
A run of lines that are indented with any number of spaces or tabs
format as a <pre> block. This...
(Temporarily, until the root cause of the test failure can be
diagnosed and fixed properly.)
Fo...
8a619fe6fe681ff7b6b8e7544ee72ef600483b3f authored over 2 years ago by Bryan C. Mills <[email protected]>
(Temporarily, until the root cause of the test failure can be
diagnosed and fixed properly.)
Fo...
da66e506ca73ec470db237b02a020dd19e653ea3 authored over 2 years ago by Bryan C. Mills <[email protected]>Fixes #51754
Change-Id: I3bfa15db3497de9fb82d6391d87fca1ae9ba6543
Reviewed-on: https://go-revie...
Fixes #52075
Change-Id: I595a7514c9a0aa1b9c76aedfc2307e1124271f27
Reviewed-on: https://go-revie...
Updates #51759
Change-Id: Ib73fa5ec62d90c7e595150217b048158789f1afd
Reviewed-on: https://go-rev...
The 'docker' command line tool is no longer available on my Linux laptop
due to Docker's new lic...
For #20322
For #51572
Change-Id: Id0b4799d097d01128e98ba4cc0092298357bca45
Reviewed-on: https:/...
Change-Id: I04d511ed8e3e7ca4a3267f226a0c3e248c0f84a9
240a7d67e8f3c79bd2ab1a304bc7fcf68ab9af7d authored over 2 years ago by Nicolas Hillegeer <[email protected]>Fixes #50663
Change-Id: I18754922bf139049443c0395eaa1606049df1331
GitHub-Last-Rev: 57ff5ddfe39c...
(Primarily from Josh)
Fixes #51759
Co-authored-by: Josh Bleecher Snyder <[email protected]>
...
The old code picks a random number n and then tests n, n+2, n+4, up to
n+(1<<20) for primality b...
Change-Id: I4e09d4f2cc77c4c2dc12f1ff40d8c36053ab7ab6
faa85e4660f89a8c3dc2ec8d42990847fb1648d2 authored almost 3 years ago by David Chase <[email protected]>
Change-Id: I7dfae0fc91c2d70873ec7ec920be7c0a4888153a
Reviewed-on: https://go-review.googlesource...
In a recent change CL 388654 a function was updated so it
no longer needed stack space, but the ...
This should be a bit faster and slicker than the very old ANSI X9.31,
which relied on the system...
The X9.31 expander is now only used for plan9. Perhaps once upon a time
there was a use for abst...
Import the following commits (and minor comment fixes):
* 17a0e59 - field: fix heap escape ...
de836e7aa0c299e10b91b31e7ee2bd93fc350c44 authored almost 3 years ago by Filippo Valsorda <[email protected]>
Workaround the minor endian differences, and avoid needing to
stack a frame as extra VSRs can be...
This adds an asm implementation of aes-cbc for ppc64le to
improve performance. This is ported fr...
This adds big endian support for the assembly implementation of
sha512. There was a recent reque...
As documented in #51209, we have been seeing a low-rate failure
on macOS builders caused by spur...
Updates #48171
Fixes #51000
Change-Id: Ia2e1920c0938a1f8659935a4f725a7e5090ef2c0
Reviewed-on: h...
AES-196 does not exist, but AES-192 does.
Signed-off-by: Eric Lagergren <[email protected]...
ab46d9a5f7425699713b4dfe76fe8d130f27b293 authored almost 3 years ago by Eric Lagergren <[email protected]>Change-Id: If6b68df0c90464566e68de6807d15f4b8bec6219
a7c6de3f18b2528f9034bad380cdb07a2c4afafe authored almost 3 years ago by Chressie Himpel <[email protected]>
go.dev/cl/339591 changed the code generation to use a constant string,
so that the ~88KiB table ...
Updates #50974
Fixes #50978
Fixes CVE-2022-23806
Change-Id: I0201c2c88f13dd82910985a495973f1683...
7373cb53e87578dd38eec31ff2ff0d9c258e0226 authored almost 3 years ago by Filippo Valsorda <[email protected]>Fixes #48171
Change-Id: Ia2e1920c0938a1f8659935a4f725a7e5090ef2c0
Reviewed-on: https://go-revie...
Change-Id: I18dbf4f9fa7e2334fccedd862a523126cf38164e
cc600882cbfe8514613e75da9222190f606284fe authored almost 3 years ago by Chressie Himpel <[email protected]>Thanks to Guido Vranken for reporting this issue.
Fixes #50974
Fixes CVE-2022-23806
Change-Id:...
d44b850aaef944a08001d78a65f5c327311c88a8 authored almost 3 years ago by Filippo Valsorda <[email protected]>
crypto/ecdsa was long overdue a cleanup. Bump the FIPS 186 version, and
make sure we consistentl...
Updates #49678
Fixes #50165
Change-Id: I47dd959a787180a67856e60dfa6eba3ddd045972
Reviewed-on: h...
Fixes #49678
Change-Id: I47dd959a787180a67856e60dfa6eba3ddd045972
Reviewed-on: https://go-revie...
And then revert the bootstrap cmd directories and certain testdata.
And adjust tests as needed.
...
The "-2008" builders are the only ones on which the failure has
been observed, so I suspect that...
goboringcrypto_linux_amd64.syso references pthread functions, so
we need to pass -pthread to the...
CL 205237 allowed SSL_CERT_DIR to be a colon delimited list of
directories. In the case that SSL...
Use SecCertificateCopyData instead of SecItemExport, which is only
available on macOS.
Updates ...
b58ee05656c0a5a796cfaa6eb0af78204b670737 authored about 3 years ago by Roland Shoemaker <[email protected]>Change-Id: If0a6a3d0abf15d9584ce572510b5bb31872d432f
44b336a2d585c42982beb37c9e65cb60d9f2750b authored about 3 years ago by Heschi Kreinick <[email protected]>Fixes #49435
Change-Id: I77ce12f447e727e7dc3b23de947357c27a268bd2
Reviewed-on: https://go-revie...
Make system cert pools special, such that when one has extra roots
added to it we run verificati...
CL 344955 and CL 359476 removed almost all // +build lines, but leaving
some assembly files and ...
Use the same certificate verification APIs on iOS as on macOS (they
share the same APIs, so we s...
When VerifyOptions.Roots is nil, default to using the platform X.509
certificate verification AP...
Updates #45428
Change-Id: I5d70066d4091196ec6f8bfc2edf3d78fdc0520c1
Reviewed-on: https://go-rev...
Updates #41682
Change-Id: Ib766d2587d54dd3aeff8ecab389741df5e8af7cc
Reviewed-on: https://go-rev...
Change-Id: I1aa33cabd0c55fe64994b08f8a3f7b6bbfb3282c
28cbd69d04e1df5d619daee589ced529085eb5e3 authored about 3 years ago by Roland Shoemaker <[email protected]>
This does not change any code, just reformats the comments in
the asm code.
Change-Id: I70fbfa7...
7ffe6fc9285d43ef5d80e5f23b75827479683580 authored about 3 years ago by Lynn Boger <[email protected]>
Also, adopt addchain code generation for field inversion, and switch
P-521 to Montgomery multipl...
The current code, introduced in CL 2422, mixes K bits of entropy with
the private key and messag...
The behavior of all Curve methods and package functions when provided an
off-curve point is unde...
Co-authored-by: Alex Willmer <[email protected]> (GitHub @moreati)
Co-authored-by: Alexander Y...
This abstracts the clunky and not constant time math/big elliptic.Curve
compatibility layer away...
name old time/op new time/op delta
pkg:crypto/elliptic goos:darwin goar...
Complete formulas don't have exceptions for P = Q or P = 0, which makes
them significantly simpl...
Improved readability, replaced constant time bit masked operations with
named functions, added c...
Update many generators, also handle files that were not part of the
standard build during 'go fi...
This makes the latest Go 1.18 cmd/dist happier.
Change-Id: If1894ce4f60a0b604a2bd889974ddb16c40...
6a49036317487f17c7373fc918f9615cac128b3f authored about 3 years ago by Russ Cox <[email protected]>
When these packages are released as part of Go 1.18,
Go 1.16 will no longer be supported, so we ...
Const strings can be marked readonly. This is particularly
important for this relatively large t...
Make the input match gofmt's output,
to make our lives easier as we phase out
old style build ta...
NetConn method gives us access to the underlying net.Conn
value.
Fixes #29257
Change-Id: I68b2...
e961d39dd7a1cf75ba66c2df81ccda5c98debb29 authored about 3 years ago by Agniva De Sarker <[email protected]>
Many uses of Index/IndexByte/IndexRune/Split/SplitN
can be written more clearly using the new Cu...
CL 269999 added support for getrandom on Dragonfly.
CL 299134 added support for getrandom on Sol...
Change-Id: Ia2a9465680e766336dae34f5d2b3cb412185bf1f
Reviewed-on: https://go-review.googlesource...
Change-Id: Iaff3f77b0a168e8bde981c791035a6451b3a49ac
Reviewed-on: https://go-review.googlesource...
For architectures without a specialized implementation (e.g. arm),
the generic implementation al...
CL 302489 switched crypto/rand to use getentropy on darwin, however this
function is not availab...
The hack was there for a couple intermediates with only SGC EKUs that
issued severAuth certifica...
While BoringCrypto has a certification for P-521, the go code disallows
certificates with it. Th...
Merge List:
+ 2021-08-26 5e6a7e9b86 embed: remove reference to global variables in docs
+ 2021-...
The existing implementation sets the ClientConfig to specific values to
check, but does not uses...
Fixing a typo, Deprected -> Deprecated.
Change-Id: Ie0ccc9a57ae6a935b4f67154ac097dba4c3832ec
Gi...
src/cmd/go/testdata/script/work.txt and
src/cmd/go/testdata/script/work_edit.txt were updated so...
CL 302489 switched crypto/rand to use getentropy on darwin, however this
function is not availab...
Change-Id: I83180c472db8795803c1b9be3a33f35959e4dcc2
Reviewed-on: https://go-review.googlesource...
Change-Id: I9e2b83c8356372034e4e3bfc6539b813e73611c9
d5745146c2cc35766fc6852e67f3c7cf4561b830 authored over 3 years ago by Roland Shoemaker <[email protected]>Sum224 and Sum256 didn't look the same at:
https://golang.org/pkg/crypto/sha256/
Now they ...
c2e6d72117b56b9c93b28dd372fa54734fd1a295 authored over 3 years ago by Brad Fitzpatrick <[email protected]>
Change-Id: Icfafcfb62a389d9fd2e7a4d17809486ed91f15c3
Reviewed-on: https://go-review.googlesource...
Conflicts:
- src/cmd/go/internal/modload/init.go
- src/cmd/go/internal/modload/load.go
Merge L...
7294e770eb1adfe9c21761b9fc99dec2b674e523 authored over 3 years ago by Jay Conrod <[email protected]>Updates #38843.
Change-Id: I6e003ed03cd13d8ecf86ce05ab0e11c47e271c0b
Reviewed-on: https://go-re...
When casting the certificate public key in generateClientKeyExchange,
check the type is appropri...
Merge List:
+ 2021-07-02 912f075047 net/http: mention socks5 support in proxy
+ 2021-07-02 287c...
If a certificate contains an AuthorityKeyIdentifier extension that
lacks the keyIdentifier field...
Fixes #46310
Change-Id: Idd5e30f05c439f736ae6f3904cbb9cc2ba772315
Reviewed-on: https://go-revie...
This is true since CL 315274.
Also adjust the P-256 note, since Add, Double, and IsOnCurve use ...
314da00a7294bbfc7649d5f891dc18224966b6e1 authored over 3 years ago by Filippo Valsorda <[email protected]>
Change-Id: I916df584859595067e5e86c35607869397dbbd8c
Reviewed-on: https://go-review.googlesource...
Change-Id: I6cab3624c875d9a70441a560e84f91c9b2df17b9
Reviewed-on: https://go-review.googlesource...
Up to FreeBSD 12.1 the package ca_root_nss was needed in order to have
certificates under /usr/l...
Change-Id: I86742ae7aa4ff49a38f8e3bc1d64fb223feae73e
Reviewed-on: https://go-review.googlesource...
There used to be two BoringCrypto-specific behaviors related to cipher
suites in crypto/tls:
1....
d35e495ae0e61d539c56626c171c8ec58387b4e0 authored over 3 years ago by Filippo Valsorda <[email protected]>
Don't add them to files in vendor and cmd/vendor though. These will be
pulled in by updating the...
This change alters the CurveParam methods to upgrade from the generic
curve implementation to th...