Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/ooni/oocrypto

Fork of Go crypto/tls with extra patches from the OONI team
https://github.com/ooni/oocrypto

crypto/elliptic: make P-521 scalar multiplication constant time

Like for P-224, we do the constant time selects to hide the
point-at-infinity special cases of a...

3fcc2d850404df0abc41dd9f70017c20ff1eb447 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: import fiat-crypto P-521 field implementation

Fiat Cryptography (https://github.com/mit-plv/fiat-crypto) is a project
that produces prime orde...

dc007cec4744ac205d2a7aafb30ba353b52686bb authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/x509: check the private key passed to CreateCertificate

Unfortunately, we can't improve the function signature to refer to
crypto.PrivateKey and crypto....

6db005743733edace18bd7c50cf01efe1ad132ba authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/tls: make cipher suite preference ordering automatic

We now have a (well, two, depending on AES hardware support) universal
cipher suite preference o...

3f48b24f18e4b6a2e76d632f30be4106ac3c5cbd authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/x509: remove GODEBUG=x509ignoreCN=0 flag

Common Name and NameConstraintsWithoutSANs are no more.

Fixes #24151 ᕕ(ᐛ)ᕗ

Change-Id: I15058f2...

1fcc8c0ce3b8f41cb86b7cc7a55b2cbe8ec9e4f5 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/tls: enforce ALPN overlap when negotiated on both sides

During the TLS handshake if the server doesn't support any of the
application protocols requeste...

908cc2be1091f4bb76f917aee342fafe245a9638 authored over 3 years ago by Roland Shoemaker <[email protected]>
crypto/x509: rewrite certificate parser

Replaces the encoding/asn1 certificate parser with a
x/crypto/cryptobyte based parser. This prov...

a472a92add01091be9123ec26f96dc6d56fddb1f authored over 3 years ago by Roland Shoemaker <[email protected]>
crypto/ecdsa,crypto/elliptic: improve tests and benchmarks

Ensured all tests and benchmarks run over all curves.

Change-Id: Idcbe14a50c60ff6c2cd56793bced6...

7d822a7ac6492fa849b194f27a09f3d109b56ac8 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/ed25519: skip allocations test on -noopt builder

Without optimizations, there will be unexpected allocations.

Change-Id: I90dc2636279b7fda7689ea...

897749f0a9650befbc7d1cb2beaffc05c1af5482 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/ed25519: replace internal/edwards25519 with filippo.io/edwards25519

This change replaces the crypto/ed25519/internal/edwards25519 package
with code from filippo.io/...

70d7e1a8e26248eccc68b03e5fa485a26dcd40b3 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: store P-256 precomputed basepoint table in source

Store the precomputed P-256 basepoint table in source rather than
computing it at runtime, savin...

8b390cf8930c9ac15e4bfb52b04972a6ba95bfc2 authored over 3 years ago by Roland Shoemaker <[email protected]>
crypto/cipher: make AES-GCM benchmarks match ChaCha20Poly1305 ones

It's useful to compare TLS AEADs. Here are the numbers on my MacBook
with an Intel(R) Core(TM) i...

363e5b169a68b4adf685cabea0b0e9e571c542e9 authored over 3 years ago by Filippo Valsorda <[email protected]>
syscall, etc.: use abi.FuncPCABI0 for libc syscall wrappers

In CL 288092 we made Darwin syscall wrappers as ABIInternal, so
their addresses taken from Go us...

5ca758456823b0dd7e96096372206e1333deb512 authored over 3 years ago by Cherry Zhang <[email protected]>
all: remove redundant spaces before . and ,

Change-Id: I6a4bd2544276d0638bddf07ebcf2ee636db30fea
Reviewed-on: https://go-review.googlesource...

4bde370b0fa78c59a4090ce64a031f77c6ec3269 authored over 3 years ago by Yury Smolsky <[email protected]>
crypto/tls: fix flaky handshake cancellation tests

Simplified both tests significantly by removing logic for writing
the client/server side message...

f3b3ea5a7b4b0f3d675c89b28e2921abe3a9997c authored over 3 years ago by Johan Brandhorst <[email protected]>
all: fix spellings

This follows the spelling choices that the Go project has made for English words.
https://github...

3a430439f154f76de2e5537421c8b405dad7f23f authored over 3 years ago by Naman Gera <[email protected]>
crypto/x509: replace os.MkdirTemp with T.TempDir

Updates #45402

Change-Id: Ifb1fa5232a0fa1be62e886643cec9deaa3b312ad
Reviewed-on: https://go-rev...

09170401b15f1b3d1605d8c3662a0a704e38719c authored over 3 years ago by ian woolf <[email protected]>
crypto/ed25519: add comprehensive edge-case test vectors

This will allow us to make changes to the internals confidently, without
risking causing issues ...

bb39f03cb39403b8d76502298b99677ffb6e9a73 authored over 3 years ago by Filippo Valsorda <[email protected]>
crypto/elliptic: fix some typos

Change-Id: I1c2900d4e1c0b6108f13c4060d994d966f3e18f3
GitHub-Last-Rev: 3fde453686ab3fdeb77d2f73c0...

112707dafe9ee77c3c7d31f442536437c8bcfeea authored over 3 years ago by chenjie <[email protected]>
crypto/rsa: fix salt length calculation with PSSSaltLengthAuto

When PSSSaltLength is set, the maximum salt length must equal:

(modulus_key_size - 1 + 7)/8...

65dac45154b797051ff096496fb67db30cafa794 authored over 3 years ago by Himanshu Kishna Srivastava <[email protected]>
crypto/x509: fix spelling error

Change-Id: Ieb1900531f42acf2c8b98ac89fceb8b87c8e5d0c
Reviewed-on: https://go-review.googlesource...

802626711c41600619c3aece30923ae785366e69 authored over 3 years ago by Kevin Burke <[email protected]>
crypto/rsa: correct EncryptOAEP doc comment

Fixes #44777

Corrected the documentation comment on the EncryptOAEP function from
'if a given p...

6bd8389c1199532891d8b8aacfe5253081b99c0b authored almost 4 years ago by Richard Pickering <[email protected]>
crypto/rand, internal/syscall/unix: add support for getentropy syscall on darwin

The getentropy syscall is available on macOS since version 10.12, which
is the minimum required ...

0f47d07dbacf98fdf5af4fa6990fe108f18e5b28 authored almost 4 years ago by Tobias Klauser <[email protected]>
crypto/tls: remove flaky cancellation test

This will be reintroduced again once the source of the
flakiness has been determined and fixed.
...

b1b4f43c2fb1f6d3145631800876a214c6f99247 authored almost 4 years ago by Johan Brandhorst <[email protected]>
crypto/tls: add HandshakeContext method to Conn

Adds the (*tls.Conn).HandshakeContext method. This allows
us to pass the context provided down t...

0b92ef3fefedc8ecb5bd5be1f59666733de01920 authored almost 4 years ago by Johan Brandhorst <[email protected]>
crypto/md5: improve ppc64x performance

This is mostly cleanup and simplification. This removes
many unneeded register moves, loads, an...

b636a999baa0db438d61eda485e69e475c3c6c88 authored almost 4 years ago by Paul E. Murphy <[email protected]>
all: remove duplicate words

Change-Id: Ib0469232a2b69a869e58d5d24990ad74ac96ea56
GitHub-Last-Rev: eb38e049ee1e773392ff3747e1...

b606feeca9ea82283809ec1c051affb13a2977ec authored almost 4 years ago by John Bampton <[email protected]>
crypto/ecdsa: fix dead reference link

The previous link broke, but it's available on the internet archive.

Fixes #39808

Change-Id: I...

83b1d5f948b4fc4ad73517ec56fc159a440a727a authored almost 4 years ago by Mostyn Bramley-Moore <[email protected]>
docs: clarify when APIs use context.Background.

The Go standard library retrofitted context support onto existing APIs
using context.Background ...

4f7c63763360b3b931902e453c4f7acf62fbe11d authored almost 4 years ago by Matt T. Proud <[email protected]>
crypto/rand, internal/syscall/unix: add support for getrandom syscall on solaris

The getrandom syscall is available on Solaris and Illumos, see
https://docs.oracle.com/cd/E88353...

34cf1459b614b6c1ffe1ea924b03fe0fc997942f authored almost 4 years ago by Tobias Klauser <[email protected]>
crypto/rand: supports for getrandom syscall in DragonFlyBSD

Since the 5.7 release, DragonFlyBSD supports as well
the getrandom function, the actual stable i...

c8d5a1347d9c0537e74d87949aa8f69ebbd97131 authored almost 4 years ago by David Carlier <[email protected]>
docs: fix case of GitHub

Change `Github` to `GitHub`

Change-Id: I514e8dc9a19182fcf9fcf5bc1b5fbff253c1a947
GitHub-Last-Re...

37b960c11d248fe91784e201d6eaa5e9f47d684b authored almost 4 years ago by John Bampton <[email protected]>
docs: fix spelling

Change-Id: Ib689e5793d9cb372e759c4f34af71f004010c822
GitHub-Last-Rev: d63798388e5dcccb984689b0ae...

8ee2b023ea5a071fbc28420cc6063456c5ccae99 authored almost 4 years ago by John Bampton <[email protected]>
all: go fmt std cmd (but revert vendor)

Make all our package sources use Go 1.17 gofmt format
(adding //go:build lines).

Part of //go:b...

22e6ca8c966f78d88667446f4159757da30260f6 authored almost 4 years ago by Russ Cox <[email protected]>
[dev.boringcrypto] all: merge master (2f0da6d) into dev.boringcrypto

Manual edits in src/cmd/compile/internal/reflectdata/reflect.go
to keep build working.

Merge Li...

067dd6f4a8ed24619947645770793b1b8b5ad70b authored almost 4 years ago by Russ Cox <[email protected]>
[dev.boringcrypto] crypto/internal/boring: remove .llvm_addrsig section

The section doesn't survive some of the mangling of the object file we
do while building it, and...

b984635d33644d9d0a3b3030a5989da1d645d39f authored almost 4 years ago by Filippo Valsorda <[email protected]>
[dev.regabi] runtime, syscall, etc.: mark Darwin syscall wrappers as ABIInternal

Mark the syscall wrappers as ABIInternal, as they have addresses
taken from Go code, and it is i...

67a1fbd6608e413d65b2605ccb700b449d03cabe authored almost 4 years ago by Cherry Zhang <[email protected]>
[dev.regabi] all: merge master (fca94ab) into dev.regabi

Conflicts:

- src/syscall/mksyscall.pl

Merge List:

+ 2021-02-02 fca94ab3ab spec: improve the e...

659891c43d6777cea653ffd9d389fabb270d81dc authored almost 4 years ago by Robert Griesemer <[email protected]>
crypto/x509: remove leftover CertificateRequest field

Removes the KeyUsage field that was missed in the rollback in
CL 281235.
Also updates CreateCert...

8ab8fc2fa3e2916363462071ad2b2d0df2c2b57e authored almost 4 years ago by Roland Shoemaker <[email protected]>
[dev.regabi] all: merge master (dab3e5a) into dev.regabi

This merge had two conflicts to resolve:

1. The embed code on master had somewhat substantially...

8eaf594018cfe67aca22a27f5abe0edaaf5b7584 authored almost 4 years ago by Matthew Dempsky <[email protected]>
crypto/elliptic: fix P-224 field reduction

This patch fixes two independent bugs in p224Contract, the function that
performs the final comp...

e7049508a36a432e26e856a13f4bcca8fcb9fe41 authored almost 4 years ago by Filippo Valsorda <[email protected]>
syscall: remove RtlGenRandom and move it into internal/syscall

There's on need to expose this to the frozen syscall package, and it
also doesn't need to be uns...

0dff76a369a3e7dfab28e95dd6a470a4bcf1fa17 authored almost 4 years ago by Jason A. Donenfeld <[email protected]>
crypto/x509: update iOS bundled roots to version 55188.40.9

Updates #38843

Change-Id: If76844e1caf23f98d814de89f77610de59d96a34
Reviewed-on: https://go-rev...

ead76a95ce978a23eb10dc88a035a35475fbf32c authored almost 4 years ago by Filippo Valsorda <[email protected]>
crypto/x509: rollback new CertificateRequest fields

In general, we don't want to encourage reading them from CSRs, and
applications that really want...

8ad00974d5ab44d963949a86a126e10dea239483 authored almost 4 years ago by Filippo Valsorda <[email protected]>
[dev.regabi] all: merge master into dev.regabi

The list of conflicted files for this merge is:

src/cmd/compile/internal/gc/inl.go
src/cm...

725fba664eb89be1ad0fc9256bf54201cd20402f authored about 4 years ago by Matthew Dempsky <[email protected]>
crypto/tls: revert "add HandshakeContext method to Conn"

This reverts CL 246338.

Reason for revert: waiting for 1.17 release cycle

Updates #32406

Chan...

958f62deeb528ff5abb99ff89659bb05330eae72 authored about 4 years ago by Johan Brandhorst <[email protected]>
Merge branch 'master' into dev.regabi

Change-Id: I098acdbc5e2676aeb8700d935e796a9c29d04b88

ff7beef0a1ffd60679a34de5224658b0b03c5024 authored about 4 years ago by Alexander Rakoczy <[email protected]>
all: update to use os.ReadDir where appropriate

os.ReadDir is a replacement for ioutil.ReadDir that returns
a slice of fs.DirEntry instead of fs...

16a77a464c65701cb736e8188d8fdf632ed3707e authored about 4 years ago by Russ Cox <[email protected]>
all: update to use os.ReadFile, os.WriteFile, os.CreateTemp, os.MkdirTemp

As part of #42026, these helpers from io/ioutil were moved to os.
(ioutil.TempFile and TempDir b...

1ff00f2017a0e7bd2ae390969dc3ef1337cf5287 authored about 4 years ago by Russ Cox <[email protected]>
[dev.regabi] all: merge master (d0c0dc682c1f) into dev.regabi

Change-Id: Ia54d7306ca7550b8d5623f505070558d275faa23

3aa71dced83d521e6d9a64dfa6c28ac23a957ab9 authored about 4 years ago by Russ Cox <[email protected]>
crypto/ed25519/internal/edwards25519: fix typo in comments

Change-Id: I8133762d53d9e5d3cc13e0f97b9679a3248a7f0f
Reviewed-on: https://go-review.googlesource...

cd1064fbcd68b125fa85872f503d72a8929bcaad authored about 4 years ago by Filippo Valsorda <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Add BoringCrypto-specific test data to TestAESCipherReordering
and TestAESCipherReordering13.

C...

eb370749ef56a4c1466baffa82c89fa899dbaec9 authored about 4 years ago by Dmitri Shuralyov <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: I31c69e54c904c66c10920e4c4caacfef08bb834f

c293d4e0f63a1f614eb1bdedc1aadbfdfb697bcf authored about 4 years ago by Dmitri Shuralyov <[email protected]>
[dev.regabi] cmd/compile: process //go:linknames after declarations

Allows emitting errors about ineffectual //go:linkname directives.

In particular, this exposed:...

603f8c4c418e19626fb69b6301bab76fa6d8bf44 authored about 4 years ago by Matthew Dempsky <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: Iba19903f0565b11c648e1fa6effc07b8f97dc322

238a2527a850f572d7c451f30860b7c6df0baf29 authored about 4 years ago by Roland Shoemaker <[email protected]>
[dev.boringcrypto] crypto/hmac: merge up to 2a206c7 and skip test

TestNonUniqueHash will not work on boringcrypto because
the hash.Hash that sha256 provides is no...

9bdf871867c37246d85a1a85c34a580594710989 authored about 4 years ago by Katie Hockman <[email protected]>
[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: I0596a40722bf62952bd2eba85ccf3f104de589e4

a2a317231beb73a275e830570e7493458141135f authored about 4 years ago by Dmitri Shuralyov <[email protected]>
crypto/tls: de-prioritize AES-GCM ciphers when lacking hardware support

When either the server or client are lacking hardware support for
AES-GCM ciphers, indicated by ...

717e87dcfd195b88bfbea2be6336947f8b989f13 authored about 4 years ago by Roland Shoemaker <[email protected]>
crypto/x509: drop the cgo implementation of root_darwin_amd64.go

This code was preserved just to do side-by-side testing while
transitioning to the Go implementa...

e5f673f6fc21cb29691d3c147fd555d1fb7651a6 authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/tls: ensure the server picked an advertised ALPN protocol

This is a SHALL in RFC 7301, Section 3.2.

Also some more cleanup after NPN, which worked the ot...

14d26082210ec98ef1652658599a5ba74f4d04e9 authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/tls: drop macFunction abstraction

Since we dropped SSLv3, there is only one MAC scheme, and it doesn't
need any state beyond a key...

d43de91a88a94003cd1db80bc223e5e48dc50541 authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/tls: add HandshakeContext method to Conn

Adds the (*tls.Conn).HandshakeContext method. This allows
us to pass the context provided down t...

5fcd35c12989c68555477be39935a6abfccda975 authored about 4 years ago by Johan Brandhorst <[email protected]>
crypto/x509: return additional chains from Verify on Windows

Previously windows only returned the certificate-chain with the highest quality.
This change mak...

10a800688221cebdc543495a5e15a9f1c6f98e59 authored about 4 years ago by Koen <[email protected]>
crypto/x509: add additional convenience fields to CertificateRequest

Adds the following additional convenience fields to CertificateRequest:
* KeyUsage
* ExtKeyUsage...

12838d41319303d194808d42d3ad47d77375bc8a authored about 4 years ago by Roland Shoemaker <[email protected]>
crypto/x509: update iOS bundled roots to version 55161.140.3

Extended the sorting logic to be stable even when there are two roots
with the same name and not...

67937e374db1b4fa40e30e845648a10f66e50535 authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/tls: don't use CN in BuildNameToCertificate if SANs are present

Change-Id: I18d5b9fc392a6a52fbdd240254d6d9db838073a4
Reviewed-on: https://go-review.googlesource...

a08a91027e6e671134e03648a6ee55f2921d79ab authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/x509: use fingerprint map for (*CertPool).contains

This fell through the cracks from the CL 229917 comments.

Change-Id: I22584107f1e8111f9c523f453...

d5c4537d58eb543656932cd6ab683ea8d98a1e3f authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/tls: pool Conn's outBuf to reduce memory cost of idle connections

Derived from CL 263277, which includes benchmarks.

Fixes #42035

Co-authored-by: Filippo Valsor...

a22dcb1853db189dd72770756aa2f646aec85452 authored about 4 years ago by cch123 <[email protected]>
crypto/x509: keep smaller root cert representation in memory until needed

Instead of parsing the PEM files and then storing the *Certificate
values forever, still parse t...

f01850b46bac9540e9dbe236dad48df2187d0f2a authored about 4 years ago by Brad Fitzpatrick <[email protected]>
crypto/x509: add support for CertPool to load certs lazily

This will allow building CertPools that consume less memory. (Most
certs are never accessed. Dif...

22c6907e0b4a57d678deb0d11397b8698691fb5f authored about 4 years ago by Brad Fitzpatrick <[email protected]>
crypto/cipher: use Neon for xor on arm64

cpu: HiSilicon(R) Kirin 970 2.4GHz

name old time/op new time/op delta
XOR...

1aaa01239b7e836f2e14b16ca2a69506712f8e62 authored about 4 years ago by Meng Zhuo <[email protected]>
crypto/tls: set Deadline before sending close notify alert

This change also documents the need to set a Deadline before
calling Read or Write.

Fixes #3122...

e684de6a00c434cd51f2d921d0e07e6ef4ea91f0 authored about 4 years ago by Katie Hockman <[email protected]>
crypto/x509: add Unwrap to SystemRootsError

This change modifies Go to add the Unwrap method to SystemRootsError

Updates #30322

Change-Id:...

d619076bf8a77b67091e1f0414fdc73eb4af0d9e authored about 4 years ago by Pantelis Sampaziotis <[email protected]>
[dev.boringcrypto] crypto/internal/boring: update BoringCrypto module to certificate 3678

Replace the chroot scaffolding with Docker, which brings its own caching
and works on macOS.

Fi...

a5c64f97b7596504dafb4dbcd9200ed2dfd0eba0 authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/x509: add comment to blank imports done for init side effects

To educate future readers.

Change-Id: I1ef79178b6997cc96ca066c91b9fec822478674b
Reviewed-on: ht...

43627679cc8b04535c814e512f44a77d02dd47be authored about 4 years ago by Brad Fitzpatrick <[email protected]>
Revert "crypto/x509: fix duplicate import"

This reverts CL 250497. It also moves all blank identifier imports below the rest of the imports...

627ed3526ac6b61c3e453e0337fc5671c3151f72 authored about 4 years ago by Katie Hockman <[email protected]>
crypto/tls: document the ClientAuthType consts

Fixes #34023

Change-Id: Ib7552a8873a79a91e8d971f906c6d7283da7a80c
Reviewed-on: https://go-revie...

1f0f6aec7dd8131668769bb335abf437c1fa72c0 authored about 4 years ago by Roland Shoemaker <[email protected]>
crypto/rand: generate random numbers using RtlGenRandom on Windows

CryptGenRandom appears to be unfavorable these days, whereas the classic
RtlGenRandom is still g...

e6ec5b102e48150f6a0ad3908c686e3571f1f6ab authored about 4 years ago by Jason A. Donenfeld <[email protected]>
crypto/x509: deprecate legacy PEM encryption

It's unfortunate that we don't implement PKCS#8 encryption (#8860)
so we can't recommend an alte...

2031dd697816ac9f13f7f3b9df76fc0de1242a08 authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/tls: add no-shared to openssl build instructions

This prevents the custom-built version of openssl prefering the system
libraries over the ones c...

95e18b4ea1acf75e751d4390bf4922a51ec7685d authored about 4 years ago by Thom Wiggers <[email protected]>
crypto/x509: bypass signature verification in CreateCertificate when using MD5WithRSA

Bypasses the signature verification check we previously added if the
signature algorithm is MD5W...

5ffaaff639922947249cd5a3d323af5dbedba886 authored about 4 years ago by Roland Shoemaker <[email protected]>
all: update references to symbols moved from io/ioutil to io

The old ioutil references are still valid, but update our code
to reflect best practices and get...

5b0806d0fdc0e98ee6a4366db5999b642d3f4469 authored about 4 years ago by Russ Cox <[email protected]>
all: update references to symbols moved from os to io/fs

The old os references are still valid, but update our code
to reflect best practices and get use...

d729a44128f971399386685d03529bc6a6a4baf4 authored about 4 years ago by Russ Cox <[email protected]>
crypto/hmac: panic if reusing hash.Hash values

Also put Reset in the correct place for the other
benchmarks.

name old time/op new...

fe7e8afcf2782951eb84be3bc578890ff4859bcd authored about 4 years ago by Katie Hockman <[email protected]>
crypto/x509: add signature verification to CreateCertificate

This changes checks the signature generated during CreateCertificate
and returns an error if the...

ad9304811995da01ea41ff8fd5ff812a648b9467 authored about 4 years ago by Roland Shoemaker <[email protected]>
crypto/x509: use macOS/AMD64 implementation on macOS/ARM64

Updates #38485.

Change-Id: I0582a53171ce803ca1b0237cfa9bc022fc1da6f9
Reviewed-on: https://go-re...

3452e85d5f98a978eabc2e23eda14cd128fea868 authored about 4 years ago by Cherry Zhang <[email protected]>
crypto/tls: fix typo in spelling of permanentError

Change-Id: I819c121ff388460ec348af773ef94b44416a2ea9
GitHub-Last-Rev: 98dd8fb25cecb73e88d107e0a3...

3d3d1c7fc60c7d5f3897adff3a9426993a85dc07 authored about 4 years ago by Luca Spiller <[email protected]>
crypto/dsa,crypto/x509: deprecate DSA and remove crypto/x509 support

Updates #40337

Change-Id: I5c1218df3ae7e13144a1d9f7d4a4b456e4475c0a
Reviewed-on: https://go-rev...

4716804a9314b180f059f07c04909ce3afd10aa7 authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/x509: enforce SAN IA5String encoding restrictions

Extends the IA5String encoding restrictions that are currently applied
to name constraints to dN...

591a3bbbf63db8c06af86a32fa2c5beb35675ed0 authored about 4 years ago by Roland Shoemaker <[email protected]>
crypto/x509: return errors instead of panicking

Eliminate a panic in x509.CreateCertificate when passing templates with unknown ExtKeyUsage; ret...

580e589f70daa83b0d934afa770b5dfe30dace8f authored about 4 years ago by Paschalis Tsilias <[email protected]>
crypto/ecdsa: use FillBytes on s390x

Originally, zeroExtendAndCopy is used to pad src with leading zeros and
copy the padded src into...

2535d4d209d0e0a9760071db1ea55959be5a8819 authored about 4 years ago by Ruixin Bao <[email protected]>
crypto/x509: prioritize potential parents in chain building

When building a x509 chain the algorithm currently looks for parents
that have a subject key ide...

f42a612cba2c6be3d0837d02fe5ee121eb15b978 authored about 4 years ago by Roland Shoemaker <[email protected]>
crypto/tls: fix TestLinkerGC test

A test that checks if "tls.(*Conn)" appears in any symbol's name.
tls.Conn is a type, so the str...

6c08470bfcb07755a93b09e9c787f3fb5337c853 authored about 4 years ago by Cherry Zhang <[email protected]>
[dev.boringcrypto] go/build: satisfy the boringcrypto build tag

This will let applications target Go+BoringCrypto specific APIs cleanly.

Change-Id: I49cbe3a7f0...

780d5d725d70f6c7fbbdf6747e97b5676d0e618a authored about 4 years ago by Filippo Valsorda <[email protected]>
[dev.boringcrypto] crypto/boring: expose boring.Enabled()

This will let applications check whether they are using BoringCrypto
without making assumptions....

2f3df3e2eb714f02b71ef9a8f988f18c9988544b authored about 4 years ago by Filippo Valsorda <[email protected]>
crypto/tls: make config.Clone return nil if the source is nil

Fixes #40565

Change-Id: I13a67be193f8cd68df02b8729529e627a73d364b
GitHub-Last-Rev: b03d2c04fd88...

2ff63da2f04a98402e3fc3fff7b760cf29ef35d3 authored about 4 years ago by Chen.Zhidong <[email protected]>
crypto/x509: define certDirectories per GOOS

Split the list of CA certificate directory locations in root_unix.go by
GOOS (aix, *bsd, js, lin...

15212a5299143d2310bc1e983099d6f932bf1a11 authored about 4 years ago by Tobias Klauser <[email protected]>
crypto/x509: hardcode RSA PSS parameters rather than generating them

Rather than generating the three possible RSA PSS parameters each time
they are needed just hard...

3a356d1ad3b3d8065746723d4a5717caa2a733c7 authored about 4 years ago by Roland Shoemaker <[email protected]>
crypto/tls: replace errClosed with net.ErrClosed

CL 250357 exported net.ErrClosed to allow more reliable detection
of closed network connection e...

b9c48a06d85875592e7bc503f2bc4cbaa89a968f authored about 4 years ago by Ainar Garipov <[email protected]>
all: add GOOS=ios

Introduce GOOS=ios for iOS systems. GOOS=ios matches "darwin"
build tag, like GOOS=android match...

b633c8e0254327faaac1163615360c4f2026939e authored about 4 years ago by Cherry Zhang <[email protected]>