Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/ooni/oocrypto
Fork of Go crypto/tls with extra patches from the OONI team
https://github.com/ooni/oocrypto
Like for P-224, we do the constant time selects to hide the
point-at-infinity special cases of a...
Fiat Cryptography (https://github.com/mit-plv/fiat-crypto) is a project
that produces prime orde...
Unfortunately, we can't improve the function signature to refer to
crypto.PrivateKey and crypto....
We now have a (well, two, depending on AES hardware support) universal
cipher suite preference o...
Common Name and NameConstraintsWithoutSANs are no more.
Fixes #24151 ᕕ(ᐛ)ᕗ
Change-Id: I15058f2...
1fcc8c0ce3b8f41cb86b7cc7a55b2cbe8ec9e4f5 authored over 3 years ago by Filippo Valsorda <[email protected]>
During the TLS handshake if the server doesn't support any of the
application protocols requeste...
Replaces the encoding/asn1 certificate parser with a
x/crypto/cryptobyte based parser. This prov...
Ensured all tests and benchmarks run over all curves.
Change-Id: Idcbe14a50c60ff6c2cd56793bced6...
7d822a7ac6492fa849b194f27a09f3d109b56ac8 authored over 3 years ago by Filippo Valsorda <[email protected]>Without optimizations, there will be unexpected allocations.
Change-Id: I90dc2636279b7fda7689ea...
897749f0a9650befbc7d1cb2beaffc05c1af5482 authored over 3 years ago by Filippo Valsorda <[email protected]>
This change replaces the crypto/ed25519/internal/edwards25519 package
with code from filippo.io/...
Store the precomputed P-256 basepoint table in source rather than
computing it at runtime, savin...
It's useful to compare TLS AEADs. Here are the numbers on my MacBook
with an Intel(R) Core(TM) i...
In CL 288092 we made Darwin syscall wrappers as ABIInternal, so
their addresses taken from Go us...
Change-Id: I6a4bd2544276d0638bddf07ebcf2ee636db30fea
Reviewed-on: https://go-review.googlesource...
Simplified both tests significantly by removing logic for writing
the client/server side message...
This follows the spelling choices that the Go project has made for English words.
https://github...
Updates #45402
Change-Id: Ifb1fa5232a0fa1be62e886643cec9deaa3b312ad
Reviewed-on: https://go-rev...
This will allow us to make changes to the internals confidently, without
risking causing issues ...
Change-Id: I1c2900d4e1c0b6108f13c4060d994d966f3e18f3
GitHub-Last-Rev: 3fde453686ab3fdeb77d2f73c0...
When PSSSaltLength is set, the maximum salt length must equal:
(modulus_key_size - 1 + 7)/8...
65dac45154b797051ff096496fb67db30cafa794 authored over 3 years ago by Himanshu Kishna Srivastava <[email protected]>
Change-Id: Ieb1900531f42acf2c8b98ac89fceb8b87c8e5d0c
Reviewed-on: https://go-review.googlesource...
Fixes #44777
Corrected the documentation comment on the EncryptOAEP function from
'if a given p...
The getentropy syscall is available on macOS since version 10.12, which
is the minimum required ...
This will be reintroduced again once the source of the
flakiness has been determined and fixed.
...
Adds the (*tls.Conn).HandshakeContext method. This allows
us to pass the context provided down t...
This is mostly cleanup and simplification. This removes
many unneeded register moves, loads, an...
Change-Id: Ib0469232a2b69a869e58d5d24990ad74ac96ea56
GitHub-Last-Rev: eb38e049ee1e773392ff3747e1...
The previous link broke, but it's available on the internet archive.
Fixes #39808
Change-Id: I...
83b1d5f948b4fc4ad73517ec56fc159a440a727a authored almost 4 years ago by Mostyn Bramley-Moore <[email protected]>
The Go standard library retrofitted context support onto existing APIs
using context.Background ...
The getrandom syscall is available on Solaris and Illumos, see
https://docs.oracle.com/cd/E88353...
Since the 5.7 release, DragonFlyBSD supports as well
the getrandom function, the actual stable i...
Change `Github` to `GitHub`
Change-Id: I514e8dc9a19182fcf9fcf5bc1b5fbff253c1a947
GitHub-Last-Re...
Change-Id: Ib689e5793d9cb372e759c4f34af71f004010c822
GitHub-Last-Rev: d63798388e5dcccb984689b0ae...
Make all our package sources use Go 1.17 gofmt format
(adding //go:build lines).
Part of //go:b...
22e6ca8c966f78d88667446f4159757da30260f6 authored almost 4 years ago by Russ Cox <[email protected]>
Manual edits in src/cmd/compile/internal/reflectdata/reflect.go
to keep build working.
Merge Li...
067dd6f4a8ed24619947645770793b1b8b5ad70b authored almost 4 years ago by Russ Cox <[email protected]>
The section doesn't survive some of the mangling of the object file we
do while building it, and...
Mark the syscall wrappers as ABIInternal, as they have addresses
taken from Go code, and it is i...
Conflicts:
- src/syscall/mksyscall.pl
Merge List:
+ 2021-02-02 fca94ab3ab spec: improve the e...
659891c43d6777cea653ffd9d389fabb270d81dc authored almost 4 years ago by Robert Griesemer <[email protected]>
Removes the KeyUsage field that was missed in the rollback in
CL 281235.
Also updates CreateCert...
This merge had two conflicts to resolve:
1. The embed code on master had somewhat substantially...
8eaf594018cfe67aca22a27f5abe0edaaf5b7584 authored almost 4 years ago by Matthew Dempsky <[email protected]>
This patch fixes two independent bugs in p224Contract, the function that
performs the final comp...
There's on need to expose this to the frozen syscall package, and it
also doesn't need to be uns...
Updates #38843
Change-Id: If76844e1caf23f98d814de89f77610de59d96a34
Reviewed-on: https://go-rev...
In general, we don't want to encourage reading them from CSRs, and
applications that really want...
The list of conflicted files for this merge is:
src/cmd/compile/internal/gc/inl.go
src/cm...
This reverts CL 246338.
Reason for revert: waiting for 1.17 release cycle
Updates #32406
Chan...
958f62deeb528ff5abb99ff89659bb05330eae72 authored about 4 years ago by Johan Brandhorst <[email protected]>Change-Id: I098acdbc5e2676aeb8700d935e796a9c29d04b88
ff7beef0a1ffd60679a34de5224658b0b03c5024 authored about 4 years ago by Alexander Rakoczy <[email protected]>
os.ReadDir is a replacement for ioutil.ReadDir that returns
a slice of fs.DirEntry instead of fs...
As part of #42026, these helpers from io/ioutil were moved to os.
(ioutil.TempFile and TempDir b...
Change-Id: Ia54d7306ca7550b8d5623f505070558d275faa23
3aa71dced83d521e6d9a64dfa6c28ac23a957ab9 authored about 4 years ago by Russ Cox <[email protected]>
Change-Id: I8133762d53d9e5d3cc13e0f97b9679a3248a7f0f
Reviewed-on: https://go-review.googlesource...
Add BoringCrypto-specific test data to TestAESCipherReordering
and TestAESCipherReordering13.
C...
eb370749ef56a4c1466baffa82c89fa899dbaec9 authored about 4 years ago by Dmitri Shuralyov <[email protected]>Change-Id: I31c69e54c904c66c10920e4c4caacfef08bb834f
c293d4e0f63a1f614eb1bdedc1aadbfdfb697bcf authored about 4 years ago by Dmitri Shuralyov <[email protected]>Allows emitting errors about ineffectual //go:linkname directives.
In particular, this exposed:...
603f8c4c418e19626fb69b6301bab76fa6d8bf44 authored about 4 years ago by Matthew Dempsky <[email protected]>Change-Id: Iba19903f0565b11c648e1fa6effc07b8f97dc322
238a2527a850f572d7c451f30860b7c6df0baf29 authored about 4 years ago by Roland Shoemaker <[email protected]>
TestNonUniqueHash will not work on boringcrypto because
the hash.Hash that sha256 provides is no...
Change-Id: I0596a40722bf62952bd2eba85ccf3f104de589e4
a2a317231beb73a275e830570e7493458141135f authored about 4 years ago by Dmitri Shuralyov <[email protected]>
When either the server or client are lacking hardware support for
AES-GCM ciphers, indicated by ...
This code was preserved just to do side-by-side testing while
transitioning to the Go implementa...
This is a SHALL in RFC 7301, Section 3.2.
Also some more cleanup after NPN, which worked the ot...
14d26082210ec98ef1652658599a5ba74f4d04e9 authored about 4 years ago by Filippo Valsorda <[email protected]>
Since we dropped SSLv3, there is only one MAC scheme, and it doesn't
need any state beyond a key...
Adds the (*tls.Conn).HandshakeContext method. This allows
us to pass the context provided down t...
Previously windows only returned the certificate-chain with the highest quality.
This change mak...
Adds the following additional convenience fields to CertificateRequest:
* KeyUsage
* ExtKeyUsage...
Extended the sorting logic to be stable even when there are two roots
with the same name and not...
Change-Id: I18d5b9fc392a6a52fbdd240254d6d9db838073a4
Reviewed-on: https://go-review.googlesource...
This fell through the cracks from the CL 229917 comments.
Change-Id: I22584107f1e8111f9c523f453...
d5c4537d58eb543656932cd6ab683ea8d98a1e3f authored about 4 years ago by Filippo Valsorda <[email protected]>Derived from CL 263277, which includes benchmarks.
Fixes #42035
Co-authored-by: Filippo Valsor...
a22dcb1853db189dd72770756aa2f646aec85452 authored about 4 years ago by cch123 <[email protected]>
Instead of parsing the PEM files and then storing the *Certificate
values forever, still parse t...
This will allow building CertPools that consume less memory. (Most
certs are never accessed. Dif...
cpu: HiSilicon(R) Kirin 970 2.4GHz
name old time/op new time/op delta
XOR...
This change also documents the need to set a Deadline before
calling Read or Write.
Fixes #3122...
e684de6a00c434cd51f2d921d0e07e6ef4ea91f0 authored about 4 years ago by Katie Hockman <[email protected]>This change modifies Go to add the Unwrap method to SystemRootsError
Updates #30322
Change-Id:...
d619076bf8a77b67091e1f0414fdc73eb4af0d9e authored about 4 years ago by Pantelis Sampaziotis <[email protected]>
Replace the chroot scaffolding with Docker, which brings its own caching
and works on macOS.
Fi...
a5c64f97b7596504dafb4dbcd9200ed2dfd0eba0 authored about 4 years ago by Filippo Valsorda <[email protected]>To educate future readers.
Change-Id: I1ef79178b6997cc96ca066c91b9fec822478674b
Reviewed-on: ht...
This reverts CL 250497. It also moves all blank identifier imports below the rest of the imports...
627ed3526ac6b61c3e453e0337fc5671c3151f72 authored about 4 years ago by Katie Hockman <[email protected]>Fixes #34023
Change-Id: Ib7552a8873a79a91e8d971f906c6d7283da7a80c
Reviewed-on: https://go-revie...
CryptGenRandom appears to be unfavorable these days, whereas the classic
RtlGenRandom is still g...
It's unfortunate that we don't implement PKCS#8 encryption (#8860)
so we can't recommend an alte...
This prevents the custom-built version of openssl prefering the system
libraries over the ones c...
Bypasses the signature verification check we previously added if the
signature algorithm is MD5W...
The old ioutil references are still valid, but update our code
to reflect best practices and get...
The old os references are still valid, but update our code
to reflect best practices and get use...
Also put Reset in the correct place for the other
benchmarks.
name old time/op new...
fe7e8afcf2782951eb84be3bc578890ff4859bcd authored about 4 years ago by Katie Hockman <[email protected]>
This changes checks the signature generated during CreateCertificate
and returns an error if the...
Updates #38485.
Change-Id: I0582a53171ce803ca1b0237cfa9bc022fc1da6f9
Reviewed-on: https://go-re...
Change-Id: I819c121ff388460ec348af773ef94b44416a2ea9
GitHub-Last-Rev: 98dd8fb25cecb73e88d107e0a3...
Updates #40337
Change-Id: I5c1218df3ae7e13144a1d9f7d4a4b456e4475c0a
Reviewed-on: https://go-rev...
Extends the IA5String encoding restrictions that are currently applied
to name constraints to dN...
Eliminate a panic in x509.CreateCertificate when passing templates with unknown ExtKeyUsage; ret...
580e589f70daa83b0d934afa770b5dfe30dace8f authored about 4 years ago by Paschalis Tsilias <[email protected]>
Originally, zeroExtendAndCopy is used to pad src with leading zeros and
copy the padded src into...
When building a x509 chain the algorithm currently looks for parents
that have a subject key ide...
A test that checks if "tls.(*Conn)" appears in any symbol's name.
tls.Conn is a type, so the str...
This will let applications target Go+BoringCrypto specific APIs cleanly.
Change-Id: I49cbe3a7f0...
780d5d725d70f6c7fbbdf6747e97b5676d0e618a authored about 4 years ago by Filippo Valsorda <[email protected]>
This will let applications check whether they are using BoringCrypto
without making assumptions....
Fixes #40565
Change-Id: I13a67be193f8cd68df02b8729529e627a73d364b
GitHub-Last-Rev: b03d2c04fd88...
Split the list of CA certificate directory locations in root_unix.go by
GOOS (aix, *bsd, js, lin...
Rather than generating the three possible RSA PSS parameters each time
they are needed just hard...
CL 250357 exported net.ErrClosed to allow more reliable detection
of closed network connection e...
Introduce GOOS=ios for iOS systems. GOOS=ios matches "darwin"
build tag, like GOOS=android match...