The Manager now uses RFC 8555 implementation of Let's Encrypt by default.
Existing users need no...

This updates the default Directory URL to Let's Encrypt v2.
Their v1 has been deprecated and new...

Client's FetchCert now requires to do the discovery before
fetching a cert from RFC 8555 complia...

This improves the performance of the asm implementation for
chacha20 on ppc64le by updating to t...

Fixes golang/go#33301

Change-Id: I74a389367d34d4718d70349794027ed9f1eca370
GitHub-Last-Rev: 6d9...

While working on the RFC 8555 implementation for golang/go#21081,
I've been also manually verify...

This adds RFC support to the existing methods which,
in conjunction with the new order based met...

The order based issuance flow is different from pre-authorization
in that users tell upfront whi...

Most important change in this CL is that Client is now able
to correctly format and sign request...

This reverts commit CL 196897 (commit 9ee001bba3923)

Reason for revert: we're reverting the API...

RFC8555 requires that most requests contain "kid" field in the
protected header. The JWK version...

Previously, nonce values were fetched from Directory URL.
RFC8555 and some recent drafts provide...

This CL is part of many to extend existing acme package
functionality to support RFC8555 without...

The API changed for this function, since the call always succeeds.
Update this user of it accord...

These challenge types have been deprecated by popular ACME providers
due to security issues in t...

This removes diffie-hellman-group1-sha1 from the list of default
key exchange algorithms. This k...

Add a space before build tag comments so it corresponds to the format
documented at https://gola...

This test just tests the behaviour of the host sshd in the face of
invalid terminal modes, and t...

Per https://golang.org/pkg/io/ioutil/#TempFile description, caller should remove the file when n...

The wasm runtime cannot schedule a GC run on tight loops.
Therefore it runs out of memory if suc...

This is useful to CAs, to identify and reach out to problematic clients.

Fixes golang/go#24496
...

Updates golang/go#25355

Change-Id: Id077d96749194943914d956bd8e79e5272477d7e
Reviewed-on: https...

Add the diffie-hellman-group-exchange-sha256 defined in RFC 4419 to
the list of supported key ex...

Wrong variable naming was causing 'go vet' to fail. This change fixes that.

Change-Id: I71e1842...

This adds an asm implementation for poly1305 on ppc64le, based on
the amd64 asm implementation u...

Add asm implementation for chacha20 using vector instructions on ppc64le.
Below, the difference ...

Clone() made a copy of the Keccak state after invoking clone(), which is not
supported, since th...

Change-Id: I20e3356476dc50402dd34d2b39ad030c1e63a9ef
Reviewed-on: https://go-review.googlesource...

RFC 4880 uses the term "creation time" to refer to when keys and
signatures are created, and thi...

This makes code more readable and idiomatic. No change in benchmarks.

Updates golang/go#31456

...

Fixes golang/go#31413

Change-Id: I52105280a2237f23cd91b8ec92fd89cf62564572
Reviewed-on: https:/...

Aida Mynzhasova of SEC Consult Vulnerability Lab reported that the
clearsign package accepts som...

This makes code more readable and idiomatic.

Updates golang/go#31456

Benchstat:
name old...

According to the [RFC 5280, section 4.2.1.6](https://tools.ietf.org/html/rfc5280#section-4.2.1.6...

This makes code more readable and idiomatic and slightly improves performance.

Updates golang/g...

At the protocol level, SSH lets client and server specify different
algorithms for the read and ...

This should fix the build on the js/wasm builder.

Change-Id: I02a0ae00dcfd2691fbb4c7cf038b12988...

This patch implements 128- and 256-bit version of customizable variant
of SHAKE function (cSHAKE...

Assembly files with "/vendor/" or "testdata" in their paths were
ignored.

Change-Id: I10621751b...

Change-Id: Ic57625964b6d40d63acade476a0f99c00d598267
Reviewed-on: https://go-review.googlesource...

This helps debugging protocol violations by the client

Change-Id: I8e5486b49515b719bbe3de44daa4...

Change-Id: Ie1f58e00982568382e09d8f1dd12bf8a1dc1a9ed
Reviewed-on: https://go-review.googlesource...

Change-Id: I6d0f3396f06871286e3d48ec5af38770663dbed2
Reviewed-on: https://go-review.googlesource...

Change-Id: I9cb821827b16d60b0a8c4fff9caec78748f3a495
Reviewed-on: https://go-review.googlesource...

The new name readCipherPacket/writeCipherPacket disambiguates method
calls from packetConn.{read...

Change-Id: I734bf1f709a259889eeb9243079edb90d6751f67
Reviewed-on: https://go-review.googlesource...

To fix broken builds like:
https://build.golang.org/log/4c3d8463f5c2b2478dc2315f6c685b2f77bfcdd1...

Before, we emitted N single-move sequences on a cursor move. For
example, "move 4 left" would em...

Fixes golang/go#30965

Change-Id: I83a804d555c048e0124c35f95c9e611b2c5bdb01
Reviewed-on: https:/...

This diff extends the curve25519 test suite with some test vectors
generated from BoringSSL.

Up...

This CL adds the poly1305.MAC type which implements a
subset of the hash.Hash interface. With MA...

Use the recently added CPU feature detection API rather than custom
assembly. This will need to ...

Use the recently added CPU feature detection API rather than custom
assembly. This will need to ...

Use the recently added CPU feature detection API rather than custom
assembly.

While we are here...

Return window size instead of buffer size.

Fixes golang/go#27743

Change-Id: Ib1cd249f5680d86d5...

This change adds a go.mod and go.sum file to this repo, following the
requirements stated in bcm...

Previously empty SSH requests would cause a panic.

Change-Id: I8443fee50891b3d2b3b62ac01fb0b9e9...

The call to k2.Encrypt causes tweak to escape to the heap, resulting
in a 16-byte allocation for...

Previously, when g.p == nil, String() crashed. In other method like Add(),
a point with g.p == n...

Fixes golang/go#30141

Change-Id: I76f8eae31cfd6d106440114685cc0d9abba374f8
Reviewed-on: https:/...

The change should reduce resource quota consumed by the client overall.

Instead of sending HEAD...

Inspired by Vectorization of ChaCha Stream Cipher
https://eprint.iacr.org/2013/759.pdf

name ...

Comparison against BoringSSL-generated test vectors showed mismatches
with the pure Go implement...

audited using ineffassign tool from
github.com/gordonklaus/ineffassign
go generate does not gene...

Updates golang/go#14015

Change-Id: Iffe73540c5d74e4b3d0664035a1bdce5b47663ee
Reviewed-on: https...

This change extends the Client to allow users request
certificate issuance for IP addresses.

Se...

Change-Id: Ia4d87b816f176194cd9e37efb42e273d678a84b7
Reviewed-on: https://go-review.googlesource...

This reverts commit bf88e3f4ba724b9852073e3d792ab18358069896.

Reason for revert: https://go-rev...

Addition of a DecodeAll function as it was mentioned in #14015.

This solves a need many people ...

This makes it possible to navigate the history without leaving
the home row on the keyboard.

Ch...

Change-Id: I03e9cf1ee82b38f15232a48992bae0234bd51f1a
GitHub-Last-Rev: fd7b92d97c7b52ae00821bad09...

Change-Id: Idacdbf5ee847be6e21ecce0c9d41818e643c4835
GitHub-Last-Rev: bf1a719b62167d294319f23576...

Keccak uses a different domain separation byte as the NIST-
standardized SHA-3 hashing function....

Previously MulScalar was ignoring the first parameter, which was inconsistent with gfp6 and gfp2...

SHA384 is a natural hashing choice for P-384 ECDSA. The only thing
needed to make it usable, is ...

Enable the tests on aix after support was added in CL 151077.

Change-Id: I2dcdaaa54d7c27b769722...

Go documentation style for boolean funcs is to say:

// Foo reports whether ...
func Foo...

Change-Id: I03178eca962c29ad03fd9b2fb57ad35c53c99860
GitHub-Last-Rev: 21a7a751920a5d3e650d1f91d1...

This commit adds AIX operation system to ssh/terminal package.

Change-Id: I31ccec5512dbf476eaf2...

Builders created with NewFixedBuilder were broken when used with
BuilderContinuations. The lengt...

Previously, this would return the default error "no auth passed yet".

Not only is the new error...

Currently, only rsa.PrivateKey and ecdsa.PrivateKey are supported
when creating JWS signatures. ...

Make sure a meaningful error is returned when the SSH agent client receives
a response that is t...

Currently the benchmarks hard code "10" for the cost but maybe a
better benchmark would be to us...

Unwrite allows programs to rollback builders more reliably and
efficiently than by copying a Bui...

Change-Id: Iabb601d9d7f3394c2a20cacd042c00bd05457500
Reviewed-on: https://go-review.googlesource...

This commit implements two new features. To preserve backwards
compatibility the new methods are...

Change-Id: I62cbcfcd0be5f6a74d93b85b24ff7607533bb239
GitHub-Last-Rev: 9967869e706e9fe7d13964bb32...

RFC 5869, Section 3.3 suggests it might be sometimes appropriate to use
Expand without Extract, ...

Change-Id: I540c699baf1f7cbf27da458961d581773f442864
Reviewed-on: https://go-review.googlesource...

These are deprecated according to RFC4880 and should no longer be
generated: https://tools.ietf....

More informative error message enables HTTPS server configuration mistakes to be corrected quick...

Change-Id: I93275a7aa048bab63bcf5dafe8582a0fcd7802ae
GitHub-Last-Rev: d56c40c905351af5d9555b2966...

Fix typo in error message when keyboard-interactive auth not supported by server and client requ...

keys_test.go was slowing down my editor because it was getting too
large. It helps to remove the...

Fixes golang/go#27606

Change-Id: I88b2f7c7796b43449a17a6be963c05f741dbf904
Reviewed-on: https:/...

Test for RFC4880 5.2.3.3:
> An implementation that encounters multiple self-signatures on the
> ...

Rather than using the first subkey binding signature encountered, use
the one with the most rece...

In change id Id992676ef2363779a7028f4799180efb027fcf47, "current" was
moved into the UserID pack...

Consider the following packet ordering scenario:
PUBKEY UID SELFSIG SUBKEY REV SELFSIG

In t...