Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

all: merge upstream changes #11

Merged
merged 114 commits into from
Jan 8, 2024
Merged

all: merge upstream changes #11

merged 114 commits into from
Jan 8, 2024

Commits on Mar 31, 2022

  1. ocsp: add Response.Raw

    Fixes golang/go#38340
    
    Change-Id: I77afc901584ac3361eafa13c9ee9f8cf9ec2ee28
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/389256
    Trust: Roland Shoemaker <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    rolandshoemaker authored and gopherbot committed Mar 31, 2022
    Configuration menu
    Copy the full SHA
    ae2d966 View commit details
    Browse the repository at this point in the history

Commits on Apr 8, 2022

  1. acme/autocert: support External Account Binding (EAB) tokens

    Support External Account Binding (EAB) tokens to the Manager as defined
    in RFC 8555, Section 7.3.4. If the ExternalAccountBinding field is set
    on Manager, pass it into the acme Account during registration.
    
    Fixes golang/go#48809
    
    Change-Id: I64c38b05ab577acbde9f526638cc8104d15ff055
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/354189
    Reviewed-by: Brad Fitzpatrick <[email protected]>
    Trust: Brad Fitzpatrick <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    benburkert authored and gopherbot committed Apr 8, 2022
    Configuration menu
    Copy the full SHA
    5352b09 View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2022

  1. all: gofmt

    Gofmt to update doc comments to the new formatting.
    
    For golang/go#51082.
    
    Change-Id: I076031b6613691eefbb0f21739366e3fd2011ec9
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/399356
    Run-TryBot: Russ Cox <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Russ Cox <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    rsc authored and gopherbot committed Apr 11, 2022
    Configuration menu
    Copy the full SHA
    7b82a4e View commit details
    Browse the repository at this point in the history

Commits on Apr 27, 2022

  1. internal/wycheproof: add ECDH tests, including point decompression

    Fixes golang/go#38936
    
    Change-Id: I231d30fcc683abd9efb36b6fd9cc05f599078ade
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/396174
    Run-TryBot: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    FiloSottile authored and gopherbot committed Apr 27, 2022
    Configuration menu
    Copy the full SHA
    eb4f295 View commit details
    Browse the repository at this point in the history

Commits on May 7, 2022

  1. internal/wycheproof: skip truncated SHA-512 RSAPSS tests for boring

    On the boringcrypto builder, skip the RSAPSS tests that use the
    truncated SHA-512 hashes, since boringcrypto does not support them.
    
    Fixes #52670
    
    Change-Id: I8caecd0f34eb6d2740372db2b641563e3965ac7c
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/404654
    Run-TryBot: Roland Shoemaker <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    rolandshoemaker authored and gopherbot committed May 7, 2022
    Configuration menu
    Copy the full SHA
    2cf3ade View commit details
    Browse the repository at this point in the history

Commits on May 11, 2022

  1. acme/autocert/internal/acmetest: don't validate in goroutine

    In the test server, rather than spawning a goroutine to validate
    challenges, block on the validation before responding to the client.
    This prevents a test race, where testing.T.Logf is called after the
    test is completed.
    
    While this has a slight behavioral difference to some production
    ACME server implementations (although is behavior allowed in the spec),
    the change has little material impact on what we are testing, since
    previously the validation would happen so quickly that it would be
    indistinguishable from the new blocking behavior (i.e. we would not be
    sending multiple requests during polling previously.)
    
    Fixes golang/go#52170
    
    Change-Id: I75e3b2da69ddc2302be25a99f1b1151ed0f4af9b
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/405548
    Run-TryBot: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    rolandshoemaker committed May 11, 2022
    Configuration menu
    Copy the full SHA
    c6db032 View commit details
    Browse the repository at this point in the history

Commits on May 13, 2022

  1. ssh/agent: fix non-RSA certificates

    The type of ssh.PublicKey.Type can be a certificate type, while the
    algorithm passed to SignWithAlgorithm is going to be an underlying
    algorithm.
    
    Fixes golang/go#52185
    
    Change-Id: I0f7c46defa83d1fd64a3c1e861734650b20cca21
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/404614
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    FiloSottile authored and gopherbot committed May 13, 2022
    Configuration menu
    Copy the full SHA
    4661260 View commit details
    Browse the repository at this point in the history

Commits on May 16, 2022

  1. acme: add AccountKeyRollover

    Add support for AccountKeyRollover. API only returns an error since acme.Error
    will contain appropriate KID lookup information. Due to the requirements
    of double JWS encoding jwsEncodeJSON is also modified to support a
    missing Nonce header and raw string embedding in the payload.
    
    Fixes golang/go#42516
    
    Change-Id: I959660a1a39b2c469b959accd48fda519daf4eb3
    GitHub-Last-Rev: 8e8cc5b
    GitHub-Pull-Request: golang#215
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/400274
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    jason-baker authored and rolandshoemaker committed May 16, 2022
    Configuration menu
    Copy the full SHA
    403b017 View commit details
    Browse the repository at this point in the history

Commits on May 17, 2022

  1. curve25519/internal/field: update generator to avo v0.4.0

    This version generates //go:build lines.
    
    For golang/go#46155
    
    Change-Id: I23e4617aa96bc5c15c10f3cd0882028ca08e09e8
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/388874
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Run-TryBot: Tobias Klauser <[email protected]>
    Auto-Submit: Tobias Klauser <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    tklauser authored and gopherbot committed May 17, 2022
    Configuration menu
    Copy the full SHA
    85d78b3 View commit details
    Browse the repository at this point in the history

Commits on May 18, 2022

  1. acme: DeactivateReg fix panic

    Currently discover is not called which results in a panic if just a key
    is added to an ACME client and then deactivation is attempted.
    This patch adds a discover call as well as missing unit tests for the
    API.
    
    Change-Id: I0719e5376eb2fccf62182e5f91e5b5eaa7bdd518
    GitHub-Last-Rev: 501d7c6
    GitHub-Pull-Request: golang#217
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/406734
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    jason-baker authored and gopherbot committed May 18, 2022
    Configuration menu
    Copy the full SHA
    6f7dac9 View commit details
    Browse the repository at this point in the history

Commits on May 25, 2022

  1. acme/autocert: properly clean DirCache paths

    Don't assume the path passed into the DirCache methods is absolute, and
    clean it before further operating on it. Put and Delete are not attacker
    controlled, but clean them anyway.
    
    Fixes #53082
    Fixes CVE-2022-30636
    
    Change-Id: I755f525a737da60ccba07ebce4d41cc8faebfcca
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/408694
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    rolandshoemaker committed May 25, 2022
    Configuration menu
    Copy the full SHA
    793ad66 View commit details
    Browse the repository at this point in the history

Commits on Jun 22, 2022

  1. curve25519: remove dependency on fmt

    For golang/go#48154
    
    Change-Id: If7e99bd1159edc2e3deeb3a4e3d8fb048bc591ab
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/348069
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Dmitri Shuralyov <[email protected]>
    Auto-Submit: Dmitri Shuralyov <[email protected]>
    aaqaishtyaq authored and gopherbot committed Jun 22, 2022
    Configuration menu
    Copy the full SHA
    0559593 View commit details
    Browse the repository at this point in the history

Commits on Jul 22, 2022

  1. A+C: delete AUTHORS and CONTRIBUTORS

    In 2009, Google's open-source lawyers asked us to create the AUTHORS
    file to define "The Go Authors", and the CONTRIBUTORS file was in
    keeping with open source best practices of the time.
    
    Re-reviewing our repos now in 2022, the open-source lawyers are
    comfortable with source control history taking the place of the
    AUTHORS file, and most open source projects no longer maintain
    CONTRIBUTORS files.
    
    To ease maintenance, remove AUTHORS and CONTRIBUTORS from all repos.
    
    For golang/go#53961.
    
    Change-Id: Ieb32933de4f234c77f0131490d4081b6c336820c
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/419094
    Run-TryBot: Russ Cox <[email protected]>
    Reviewed-by: David Chase <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    rsc committed Jul 22, 2022
    Configuration menu
    Copy the full SHA
    630584e View commit details
    Browse the repository at this point in the history

Commits on Aug 17, 2022

  1. internal/subtle: rename to internal/alias

    This avoids an import conflict in code that needs to import
    crypto/subtle as well.
    
    CL 424194 does the same for the main repo.
    
    Change-Id: Ic54cb62bbfdcf5c2cb6f15ac47075ee1c41981ad
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/424175
    Reviewed-by: Cherry Mui <[email protected]>
    Run-TryBot: Russ Cox <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Russ Cox <[email protected]>
    rsc authored and gopherbot committed Aug 17, 2022
    Configuration menu
    Copy the full SHA
    04dced1 View commit details
    Browse the repository at this point in the history
  2. acme: gofmt code with Go 1.19 gofmt

    Change-Id: Ib0fd6fcfa358df2bdb820a512b73e7cdb34120f8
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/424174
    Run-TryBot: Russ Cox <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Russ Cox <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    rsc authored and gopherbot committed Aug 17, 2022
    Configuration menu
    Copy the full SHA
    bc19a97 View commit details
    Browse the repository at this point in the history

Commits on Aug 24, 2022

  1. cryptobyte: add ReadUint64 and AddUint64

    Fixes golang/go#53481.
    
    Change-Id: Ic00eef498d1d3b5b0ca5c9c526fac7c26de30cf2
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/421014
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Run-TryBot: hopehook <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    hopehook authored and gopherbot committed Aug 24, 2022
    Configuration menu
    Copy the full SHA
    5757bc0 View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2022

  1. ssh/agent: match OpenSSH extensionAgentMsg, not IETF draft

    The OpenSSH wire format just suffixes the raw extension body,
    without a nested string.
    
    Fixes golang/go#51689
    
    Change-Id: Ic224cedb934ba0563abca9a45a6be1c67769ed6d
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/412154
    Reviewed-by: Roland Shoemaker <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Run-TryBot: hopehook <[email protected]>
    Reviewed-by: Daniel Lublin <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: David Chase <[email protected]>
    edef1c authored and gopherbot committed Aug 26, 2022
    Configuration menu
    Copy the full SHA
    bd7e27e View commit details
    Browse the repository at this point in the history

Commits on Aug 29, 2022

  1. internal/wycheproof: add crypto/ecdh tests

    Alongside the existing ECDH tests, add tests that use the new
    crypto/ecdh package. The test vectors include a number of private
    that use non-standard sizes, which we reject, but aren't flagged,
    so we need to skip them.
    
    Change-Id: Iaaef225b0149a86833095f51748d230385d43bfe
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/424274
    Reviewed-by: Russ Cox <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    rolandshoemaker authored and gopherbot committed Aug 29, 2022
    Configuration menu
    Copy the full SHA
    c86fa9a View commit details
    Browse the repository at this point in the history

Commits on Sep 19, 2022

  1. all: replace io/ioutil with io and os package

    For golang/go#45557
    
    Change-Id: I447530cc66896aef7a8d528ccb8d095b80e3cf47
    GitHub-Last-Rev: 5f385ff
    GitHub-Pull-Request: golang#230
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/430797
    Auto-Submit: Ian Lance Taylor <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Reviewed-by: Meng Zhuo <[email protected]>
    Run-TryBot: Ian Lance Taylor <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    cuishuang authored and gopherbot committed Sep 19, 2022
    Configuration menu
    Copy the full SHA
    35f4265 View commit details
    Browse the repository at this point in the history

Commits on Sep 24, 2022

  1. acme/autocert: fix renewal timer issue

    Block when creating the renewal timer, rather than doing it in a
    goroutine. This fixes an issue where startRenew and stopRenew are called
    very closely together, and due to lock ordering, stopRenew may be called
    before startRenew, resulting in the appearance that the renewal timer
    has been stopped before it has actually been created.
    
    This is only an issue in tests, as that is the only place stopRenew is
    actually used. In particular this issue manifests in TestGetCertiifcate
    sub-tests, where a httptest server reuses a port across two of the
    sub-tests. In this case, the renewal calls end up creating dirty state
    for the subsequent test, which can cause confusing behavior (such as
    attempting to register an account twice.)
    
    Another solution to this problem would be introducing a bool, protected
    by renewalMu, which indicates if renewal has been halted, and to check
    it in startRenew to check if stopRenew has already been called, which
    would allow us to continue calling startRenew in a goroutine and relying
    on renewalMu locking for ordering. That said I don't see a particularly
    strong reason to call startRenew concurrently, so this seems like the
    simplest solution for now.
    
    Fixes golang/go#52494
    
    Change-Id: I95420d3fd877572a0b9e408d2f8cd353f6a4e80e
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/433016
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    rolandshoemaker committed Sep 24, 2022
    Configuration menu
    Copy the full SHA
    4ba4fb4 View commit details
    Browse the repository at this point in the history

Commits on Sep 26, 2022

  1. acme/autocert: remove TestRenewFromCache skips

    Removes the skips from TestRenewFromCache and
    TestRenewFromCacheAlreadyRenewed, which were added due to flakes which
    may have been fixed by the renewal timer change.
    
    Updates golang/go#51080
    
    Change-Id: Ib953a24e610e89dfbbea450a4c257c105055ce7e
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/433815
    Run-TryBot: Roland Shoemaker <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    rolandshoemaker authored and gopherbot committed Sep 26, 2022
    Configuration menu
    Copy the full SHA
    eccd636 View commit details
    Browse the repository at this point in the history

Commits on Oct 5, 2022

  1. all: replace bytes.Compare with bytes.Equal

    Change-Id: I911366b91ff2a1d02d7de202a166d876fb873142
    GitHub-Last-Rev: f50e003
    GitHub-Pull-Request: golang#233
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/438536
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Run-TryBot: Ian Lance Taylor <[email protected]>
    Auto-Submit: Ian Lance Taylor <[email protected]>
    cuishuang authored and gopherbot committed Oct 5, 2022
    Configuration menu
    Copy the full SHA
    4161e89 View commit details
    Browse the repository at this point in the history

Commits on Oct 10, 2022

  1. ssh: add ServerConfig.NoClientAuthCallback

    It was possible to accept auth type "none" before, but not dynamically
    at runtime as a function of the ConnMetadata like the other auth types'
    callback hooks.
    
    Fixes golang/go#51994
    
    Change-Id: I83ea80901d4977d8f78523e3d1e16e0a7df5b172
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/395314
    Reviewed-by: Roland Shoemaker <[email protected]>
    Run-TryBot: Brad Fitzpatrick <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Julie Qiu <[email protected]>
    bradfitz authored and rolandshoemaker committed Oct 10, 2022
    Configuration menu
    Copy the full SHA
    d6f0a8c View commit details
    Browse the repository at this point in the history

Commits on Oct 12, 2022

  1. all: fix a few function names on comments

    Change-Id: Iac9c8f06b874e62b56f634dede8757b87514f421
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/442135
    Run-TryBot: Ian Lance Taylor <[email protected]>
    Auto-Submit: Ian Lance Taylor <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Joedian Reid <[email protected]>
    cuishuang authored and gopherbot committed Oct 12, 2022
    Configuration menu
    Copy the full SHA
    9be5aaa View commit details
    Browse the repository at this point in the history
  2. all: use automatic RFC linking

    pkgsite automatically links /RFC \d+/ to the mentioned RFC. Insert a
    bunch of spaces into doc-comments for that to match.
    
    Change-Id: I01834d7573428563f21c37e43316442e148dd8c4
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/442055
    Reviewed-by: Joedian Reid <[email protected]>
    Run-TryBot: Ian Lance Taylor <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Auto-Submit: Ian Lance Taylor <[email protected]>
    Merovius authored and gopherbot committed Oct 12, 2022
    Configuration menu
    Copy the full SHA
    56aed06 View commit details
    Browse the repository at this point in the history

Commits on Oct 19, 2022

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: If840eea1cadc749ce55efd88eb7d9fc38472839e
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/443996
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    gopherbot committed Oct 19, 2022
    Configuration menu
    Copy the full SHA
    642fcc3 View commit details
    Browse the repository at this point in the history

Commits on Oct 24, 2022

  1. all: use math/bits.RotateLeft

    Updates golang/go#31456
    
    Change-Id: Idf043a25632526baa190bf42ed360cb79f85e493
    GitHub-Last-Rev: 5946157
    GitHub-Pull-Request: golang#195
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/356518
    Auto-Submit: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Reviewed-by: David Chase <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    AlexanderYastrebov authored and gopherbot committed Oct 24, 2022
    Configuration menu
    Copy the full SHA
    a3485e1 View commit details
    Browse the repository at this point in the history

Commits on Nov 4, 2022

  1. ssh: fix typo

    Change-Id: I560d7f5a62161cd88361a9fe9982d36f8e25e5af
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/447475
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Auto-Submit: Ian Lance Taylor <[email protected]>
    Reviewed-by: Than McIntosh <[email protected]>
    Run-TryBot: Ian Lance Taylor <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    ideapark authored and gopherbot committed Nov 4, 2022
    Configuration menu
    Copy the full SHA
    334521b View commit details
    Browse the repository at this point in the history

Commits on Nov 8, 2022

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: Ic7c0afcece0f3d2065c7a7e08f092c4344d90655
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448755
    Run-TryBot: Gopher Robot <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Jenny Rakoczy <[email protected]>
    gopherbot committed Nov 8, 2022
    Configuration menu
    Copy the full SHA
    183a9b7 View commit details
    Browse the repository at this point in the history

Commits on Nov 9, 2022

  1. all: remove redundant type conversion

    Change-Id: Ic6b210c1e5b99eef5c6e38d96feaf40e7e6033bb
    GitHub-Last-Rev: b8ecf76
    GitHub-Pull-Request: golang#229
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/429016
    Run-TryBot: Ian Lance Taylor <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    cuishuang authored and randall77 committed Nov 9, 2022
    Configuration menu
    Copy the full SHA
    21d60a1 View commit details
    Browse the repository at this point in the history

Commits on Nov 12, 2022

  1. ssh: support rsa-sha2-256/512 on the server side

    This lets clients know we support rsa-sha2-256/512 signatures from
    ssh-rsa public keys. OpenSSH prefers to break the connection rather than
    attempting trial and error, apparently.
    
    We don't enable support for the "ext-info-s" because we're not
    interested in any client->server extensions.
    
    This also replaces isAcceptableAlgo which was rejecting the
    rsa-sha2-256/[email protected] public key algorithms.
    
    Tested with OpenSSH 9.1 on macOS Ventura.
    
    Fixes golang/go#49269
    Updates golang/go#49952
    
    Co-authored-by: Nicola Murino <[email protected]>
    Co-authored-by: Kristin Davidson <[email protected]>
    Change-Id: I4955c3b12bb45575e9977ac657bb5805b49d00c3
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/447757
    Run-TryBot: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    3 people committed Nov 12, 2022
    Configuration menu
    Copy the full SHA
    6fad3df View commit details
    Browse the repository at this point in the history

Commits on Nov 16, 2022

  1. internal/wycheproof: update Go 1.20 crypto/ecdh API

    For golang/go#56052
    
    Change-Id: If34d01132e221ff525319e43d127ef14579f9054
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/451095
    Reviewed-by: Bryan Mills <[email protected]>
    Reviewed-by: Joedian Reid <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Run-TryBot: Joedian Reid <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    FiloSottile authored and gopherbot committed Nov 16, 2022
    Configuration menu
    Copy the full SHA
    0ec7e83 View commit details
    Browse the repository at this point in the history

Commits on Nov 17, 2022

  1. cryptobyte: add support for ReadASN1Integer into []byte

    This lets us extract large integers without involving math/big.
    
    While at it, drop some use of reflect where a type switch will do.
    
    Change-Id: Iebe2fb2267610bf95cf9747ba1d49b5ac9e62cda
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/451515
    Run-TryBot: Filippo Valsorda <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    FiloSottile authored and gopherbot committed Nov 17, 2022
    Configuration menu
    Copy the full SHA
    2c47667 View commit details
    Browse the repository at this point in the history

Commits on Dec 6, 2022

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: If72a913d54ec282d75e270409971b148df4b417c
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/455436
    Reviewed-by: Carlos Amedee <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    gopherbot committed Dec 6, 2022
    Configuration menu
    Copy the full SHA
    eb2c406 View commit details
    Browse the repository at this point in the history

Commits on Dec 8, 2022

  1. acme: eliminate arbitrary timeouts in tests

    Fixes golang/go#57107.
    
    Change-Id: I20b1f6ca85170c6b4731d7c7ea06f4db742526cc
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/456123
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Bryan Mills <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Auto-Submit: Bryan Mills <[email protected]>
    Bryan C. Mills authored and gopherbot committed Dec 8, 2022
    Configuration menu
    Copy the full SHA
    f495dc3 View commit details
    Browse the repository at this point in the history

Commits on Dec 12, 2022

  1. ssh: ensure that handshakeTransport goroutines have finished before C…

    …lose returns
    
    This fixes a data race in the tests for x/crypto/ssh, which expects to
    be able to examine a transport's read and write counters without
    locking after closing it.
    
    (Given the number of goroutines, channels, and mutexes used in this
    package, I wouldn't be surprised if other concurrency bugs remain.
    I would suggest simplifying the concurrency in this package, but I
    don't intend to follow up on that myself at the moment.)
    
    Fixes golang/go#56957.
    
    Change-Id: Ib1f1390b66707c66a3608e48f3f52483cff3c1f5
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/456758
    Reviewed-by: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Bryan Mills <[email protected]>
    Run-TryBot: Bryan Mills <[email protected]>
    Bryan C. Mills authored and gopherbot committed Dec 12, 2022
    Configuration menu
    Copy the full SHA
    23edec0 View commit details
    Browse the repository at this point in the history

Commits on Dec 21, 2022

  1. internal/wycheproof: also use Verify in TestECDSA

    Check both Verify and VerifyASN1 in the ECDSA tests.
    
    Change-Id: Id767354484a7da18ae4e00cd6f2a01a2909e6732
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/453755
    Reviewed-by: Than McIntosh <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    rolandshoemaker committed Dec 21, 2022
    Configuration menu
    Copy the full SHA
    7e3ac20 View commit details
    Browse the repository at this point in the history
  2. bcrypt: reject passwords longer than 72 bytes

    By design, bcrypt only uses the first 72 bytes of a password when
    generating a hash. Most implementations, including the reference one,
    simply silently ignore any trailing input when provided passwords longer
    than 72 bytes. This can cause confusion for users who expect the entire
    password to be used to generate the hash.
    
    In GenerateFromPassword, reject passwords longer than 72 bytes.
    CompareHashAndPassword will still accept these passwords, since we
    cannot break hashes that have already been stored.
    
    Fixes golang/go#36546
    
    Change-Id: I039addd2a2961a7fa9d1e4a3e892a9e3c8bf4c9a
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/450415
    Reviewed-by: Damien Neil <[email protected]>
    Reviewed-by: Jason McNeil <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    rolandshoemaker authored and gopherbot committed Dec 21, 2022
    Configuration menu
    Copy the full SHA
    bc7d1d1 View commit details
    Browse the repository at this point in the history

Commits on Jan 4, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: I25128883772569c8f729b091b0efcbc4afcbea67
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/460500
    Run-TryBot: Gopher Robot <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    gopherbot committed Jan 4, 2023
    Configuration menu
    Copy the full SHA
    3d872d0 View commit details
    Browse the repository at this point in the history

Commits on Jan 30, 2023

  1. all: fix some comments

    Change-Id: I11030ee466c8cac6855ce4fe2cf72e0b8d7029f8
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/463796
    Auto-Submit: Ian Lance Taylor <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    Run-TryBot: Ian Lance Taylor <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    cuishuang authored and gopherbot committed Jan 30, 2023
    Configuration menu
    Copy the full SHA
    59ff472 View commit details
    Browse the repository at this point in the history

Commits on Feb 3, 2023

  1. cryptobyte: reject negative Unwrite argument

    Fixes golang/go#57112
    
    Change-Id: I7a533046a6451d7ae3704eb81e6ddeec8442cf06
    GitHub-Last-Rev: 3b088d9
    GitHub-Pull-Request: golang#249
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/464338
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    Reviewed-by: Emmanuel Odeke <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    AlexanderYastrebov authored and gopherbot committed Feb 3, 2023
    Configuration menu
    Copy the full SHA
    310bfa4 View commit details
    Browse the repository at this point in the history

Commits on Feb 8, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: If0ff32acaae5f6a717ed4d178a88f3346ecf1600
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/466736
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    gopherbot committed Feb 8, 2023
    Configuration menu
    Copy the full SHA
    a9f661c View commit details
    Browse the repository at this point in the history

Commits on Feb 15, 2023

  1. ssh: add support for [email protected]

    Change-Id: I91caf3bda3dfd00c050f5ebf23c2a35a04c5762b
    GitHub-Last-Rev: 6e71340
    GitHub-Pull-Request: golang#127
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/223518
    Auto-Submit: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Reviewed-by: Han-Wen Nienhuys <[email protected]>
    drakkan authored and gopherbot committed Feb 15, 2023
    Configuration menu
    Copy the full SHA
    ebe9262 View commit details
    Browse the repository at this point in the history

Commits on Mar 5, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: Ic0f0e8147eae1918612c3d1a1c1de14af0a43294
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/473439
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    gopherbot committed Mar 5, 2023
    Configuration menu
    Copy the full SHA
    776e461 View commit details
    Browse the repository at this point in the history

Commits on Mar 13, 2023

  1. ssh: document that ParseRawPrivateKey supports Ed25519 keys

    From CL 173457 and CL 235358.
    
    Change-Id: Ia46ab9c7e2c57472df3126ddc7050f0068fcaab9
    GitHub-Last-Rev: c38e379
    GitHub-Pull-Request: golang#146
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/241282
    Auto-Submit: Han-Wen Nienhuys <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    Reviewed-by: Han-Wen Nienhuys <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Han-Wen Nienhuys <[email protected]>
    nhooyr authored and gopherbot committed Mar 13, 2023
    Configuration menu
    Copy the full SHA
    c6a20f9 View commit details
    Browse the repository at this point in the history
  2. curve25519: use crypto/ecdh on Go 1.20

    For golang/go#52221
    
    Change-Id: I27e867d4cc89cd52c8d510f0dbab4e89b7cd4763
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/451115
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    FiloSottile authored and gopherbot committed Mar 13, 2023
    Configuration menu
    Copy the full SHA
    9cd0187 View commit details
    Browse the repository at this point in the history

Commits on Mar 20, 2023

  1. all: fix some comments

    Change-Id: Ia0410f1f3bb0a9ee68c6dbe1e6f62f65f9e00955
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/477755
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Auto-Submit: Ian Lance Taylor <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    Run-TryBot: shuang cui <[email protected]>
    Run-TryBot: Ian Lance Taylor <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    cuishuang authored and gopherbot committed Mar 20, 2023
    Configuration menu
    Copy the full SHA
    018c28f View commit details
    Browse the repository at this point in the history

Commits on Apr 6, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: I568d040817345a10881c31b8efc296f543e59113
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/482855
    Reviewed-by: Heschi Kreinick <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    Reviewed-by: Carlos Amedee <[email protected]>
    gopherbot committed Apr 6, 2023
    Configuration menu
    Copy the full SHA
    00fd4ff View commit details
    Browse the repository at this point in the history

Commits on Apr 12, 2023

  1. cryptobyte: reject Object Identifiers with leading 0x80

    Change-Id: Ie3a1b53e801077cd86963799e644b9783943933c
    GitHub-Last-Rev: 6629bd7
    GitHub-Pull-Request: golang#255
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/483955
    Run-TryBot: Mateusz Poliwczak <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Auto-Submit: Ian Lance Taylor <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Run-TryBot: Ian Lance Taylor <[email protected]>
    mateusz834 authored and gopherbot committed Apr 12, 2023
    Configuration menu
    Copy the full SHA
    1faeef9 View commit details
    Browse the repository at this point in the history

Commits on Apr 17, 2023

  1. ssh/test: skip TestValidTerminalMode on non-Bourne shells

    Fixes golang/go#38037.
    
    Change-Id: Ide77dddc9f57b3f0318a419a1474e11215623b64
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/485175
    Run-TryBot: Bryan Mills <[email protected]>
    Commit-Queue: Bryan Mills <[email protected]>
    Auto-Submit: Bryan Mills <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Bryan C. Mills authored and gopherbot committed Apr 17, 2023
    Configuration menu
    Copy the full SHA
    7d6d3f5 View commit details
    Browse the repository at this point in the history

Commits on Apr 18, 2023

  1. ssh: skip unsupported tests on wasip1

    Updates golang/go#32840
    Updates golang/go#58141
    
    Change-Id: Ib4425c1743d417920745205586af250dbf80c7e4
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/485695
    Auto-Submit: Tobias Klauser <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    Run-TryBot: Tobias Klauser <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    tklauser authored and gopherbot committed Apr 18, 2023
    Configuration menu
    Copy the full SHA
    a8cc953 View commit details
    Browse the repository at this point in the history

Commits on May 4, 2023

  1. ssh/test: enable on solaris

    Change-Id: Icf9c867e64ef68f6f46dd7d4cec07cf7c315c2ad
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/490155
    Reviewed-by: Bryan Mills <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Run-TryBot: Tobias Klauser <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Tobias Klauser <[email protected]>
    tklauser authored and gopherbot committed May 4, 2023
    Configuration menu
    Copy the full SHA
    3ef8056 View commit details
    Browse the repository at this point in the history

Commits on May 8, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: I1eb2365549b72cbad23fa7c355f427c6ed75e450
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/493575
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    gopherbot committed May 8, 2023
    Configuration menu
    Copy the full SHA
    a4e9841 View commit details
    Browse the repository at this point in the history

Commits on Jun 5, 2023

  1. Add support for "[email protected]"

    Change-Id: I0203881afd7ad72e68f76650817451d7e292c91b
    GitHub-Last-Rev: 42b4119
    GitHub-Pull-Request: golang#129
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/226982
    Run-TryBot: Han-Wen Nienhuys <[email protected]>
    Reviewed-by: Han-Wen Nienhuys <[email protected]>
    Auto-Submit: Han-Wen Nienhuys <[email protected]>
    Reviewed-by: David Chase <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    s-k2 authored and gopherbot committed Jun 5, 2023
    Configuration menu
    Copy the full SHA
    1622238 View commit details
    Browse the repository at this point in the history

Commits on Jun 9, 2023

  1. x509roots: add new module

    Adds the nss parser, under x509roots/nss, and the fallback
    module/package, with the initial generated bundle.
    
    Fixes golang/go#57792
    
    Change-Id: Iebb1052e49126fa5baba1236f4ebc8dd8a823179
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/462036
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    rolandshoemaker authored and gopherbot committed Jun 9, 2023
    Configuration menu
    Copy the full SHA
    d0b3160 View commit details
    Browse the repository at this point in the history

Commits on Jun 12, 2023

  1. go.mod: tell x repo tagging to ignore dep on net

    CL 475438 introduced a cycle between net and crypto. This direction is
    less important, so have the tagging process ignore it.
    
    Change-Id: Ie424fef0238702a5a16aba79bb60f86f39dc66eb
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/502595
    Auto-Submit: Heschi Kreinick <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    Run-TryBot: Heschi Kreinick <[email protected]>
    heschi authored and gopherbot committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    22c9997 View commit details
    Browse the repository at this point in the history
  2. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: If19e251a79af033583e6968766b7a831741cebb7
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/502518
    Reviewed-by: Heschi Kreinick <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    Reviewed-by: Carlos Amedee <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    gopherbot committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    8e447d8 View commit details
    Browse the repository at this point in the history

Commits on Jun 15, 2023

  1. ssh/test: set a timeout and WaitDelay on sshd subcommands

    This uses a copy of testenv.Command copied from the main repo, with
    light edits to allow the testenv helpers to build with Go 1.19.
    
    The testenv helper revealed an exec.Command leak in TestCertLogin, so
    we also fix that leak and simplify server cleanup using
    testing.T.Cleanup.
    
    For golang/go#60099.
    Fixes golang/go#60343.
    
    Change-Id: I7f79fcdb559498b987ee7689972ac53b83870aaf
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/496935
    Auto-Submit: Bryan Mills <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Run-TryBot: Bryan Mills <[email protected]>
    Bryan C. Mills authored and gopherbot committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    0ff6005 View commit details
    Browse the repository at this point in the history

Commits on Jun 20, 2023

  1. x509roots: use "generate" build tag

    Since go generate sets it automatically.
    
    Change-Id: I4623e523392140c0472b250ac99c8c3fa31e5b15
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/504595
    Auto-Submit: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    rolandshoemaker authored and gopherbot committed Jun 20, 2023
    Configuration menu
    Copy the full SHA
    0d502d7 View commit details
    Browse the repository at this point in the history
  2. x509roots: fix generate script argument checking

    Check for supply of both arguments forgot that the URL is set by
    default. Instead just let the local path supersede the URL.
    
    Change-Id: I0499137c99c735e8e453ff1c2a925435f3cd8039
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/504596
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    rolandshoemaker authored and gopherbot committed Jun 20, 2023
    Configuration menu
    Copy the full SHA
    043e94c View commit details
    Browse the repository at this point in the history
  3. x509roots: remove list hash and generation date, change ordering

    This makes the automated update workflow simpler.
    
    Also switch the ordering from human readable subject (which is not
    necessarily unique), to the raw SPKI (which should always be unique).
    This makes it somewhat harder to read to a human (since it'll appear a
    little jumbled) but results in a stable sort.
    
    Note this results in adding two new roots, which were added since we
    last generated the bundle.
    
    Change-Id: Id4d34bf9e98164e7b2fc4f06f9b46b63c0013d23
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/504597
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    rolandshoemaker committed Jun 20, 2023
    Configuration menu
    Copy the full SHA
    5fe8145 View commit details
    Browse the repository at this point in the history

Commits on Jun 22, 2023

  1. ssh: add hmac-sha2-512

    This adds support for hmac-sha2-512 to ensure compatibility with SSH clients that request this MAC algorithm.
    
    This rebases golang#18.
    
    Change-Id: Ia103c10a8b7e2e8dde556d5c36550eb5fa6bc1f6
    GitHub-Last-Rev: 987ccae
    GitHub-Pull-Request: golang#257
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/501455
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Commit-Queue: Han-Wen Nienhuys <[email protected]>
    Auto-Submit: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Han-Wen Nienhuys <[email protected]>
    Run-TryBot: Han-Wen Nienhuys <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    stanhu authored and gopherbot committed Jun 22, 2023
    Configuration menu
    Copy the full SHA
    64c3993 View commit details
    Browse the repository at this point in the history

Commits on Jun 23, 2023

  1. x509roots/fallback: add //go:build go1.20 to bundle.go

    Package fallback has no API; its only purpose is to automatically call
    x509.SetFallbackRoots with a set of fallback roots. That API was added
    in Go 1.20, hence the go1.20 build constraint in fallback.go.
    
    Add that constraint to bundle.go too, so that it fails to build rather
    than quietly being a no-op in Go 1.19.
    
    Also simplify Write(fmt.Sprintf()) into fmt.Fprintf while here.
    
    Add a temporary workaround for go.dev/issue/52287.
    It has no effect on the public API in this module.
    
    For golang/go#57792.
    For golang/go#52287.
    
    Change-Id: I1fe13f7d54b07b0b031e8bae685cffd7a8160165
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/505578
    Auto-Submit: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Run-TryBot: Dmitri Shuralyov <[email protected]>
    dmitshur authored and gopherbot committed Jun 23, 2023
    Configuration menu
    Copy the full SHA
    a9e447d View commit details
    Browse the repository at this point in the history
  2. x509roots: generate a stable sort, for real this time

    Sort based on the stringified subject, then break ties based on the raw
    DER (which will, actually, be unique this time).
    
    Change-Id: I3dd912fb19b103e92fabfb4562e31c6dcec40614
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/505695
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    rolandshoemaker committed Jun 23, 2023
    Configuration menu
    Copy the full SHA
    183630a View commit details
    Browse the repository at this point in the history

Commits on Jul 5, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: Icede82501a3703fcaad524f6b91ff6e5452b4547
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507837
    Reviewed-by: Heschi Kreinick <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    gopherbot committed Jul 5, 2023
    Configuration menu
    Copy the full SHA
    e984872 View commit details
    Browse the repository at this point in the history
  2. ssh: prefer sha256 based MAC algorithms

    sha256 is more optimized than sha512 in Go and is secure enough
    so prefer sha256 over sha512.
    
    Fixes golang/go#61138
    
    Change-Id: I7658808655367f1ab5f4ac8b52e6b20bd30ebf87
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507555
    Run-TryBot: Filippo Valsorda <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: Joedian Reid <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    drakkan authored and gopherbot committed Jul 5, 2023
    Configuration menu
    Copy the full SHA
    23b1b90 View commit details
    Browse the repository at this point in the history

Commits on Jul 10, 2023

  1. ssh: fix RSA certificate and public key authentication with older cli…

    …ents
    
    After adding support for rsa-sha2-256/512 on the server side some edge
    cases started to arise with old clients:
    
    1) public key authentication with gpg-agent < 2.2.6 fails because we
       receive ssh-rsa as signature format and rsa-sha2-256 or rsa-sha2-512
       as algorithm.
       This is a bug in gpg-agent fixed in this commit:
    
       gpg/gnupg@80b775b
    
    2) certificate authentication fails with OpenSSH 7.2-7.7 because we
       receive [email protected] as algorithm and rsa-sha2-256
       or rsa-sha2-512 as signature format.
    
    This patch is based on CL 412854 and has been tested with every version
    of OpenSSH from 7.1 to 7.9 and OpenSSH 9.3.
    
    Fixes golang/go#53391
    
    Change-Id: Id71f596f73d84efb5c76d6d5388432cccad3e3b1
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/506835
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    drakkan authored and gopherbot committed Jul 10, 2023
    Configuration menu
    Copy the full SHA
    64e0e99 View commit details
    Browse the repository at this point in the history

Commits on Jul 11, 2023

  1. fix TestValidTerminalMode: missing output from echo SHELL $SHELL

    add leading `echo` to have better compatibility
    
    before
    
    ```
     go test -run ^TestValidTerminalMode -v
    === RUN   TestValidTerminalMode
        session_test.go:261: echo SHELL $SHELL && stty -a && exit:
            Last login: Thu Jul  6 12:24:38 2023 from 192.168.200.1
    SHELL /bin/bashubuntu:~$
            speed 38400 baud; rows 80; columns 40;
            line = 0;
            intr = ^C; quit = ^\; erase = ^?;
            kill = ^U; eof = ^D; eol = <undef>;
            eol2 = <undef>; swtch = <undef>;
            start = ^Q; stop = ^S; susp = ^Z;
            rprnt = ^R; werase = ^W; lnext = ^V;
            discard = ^O; min = 1; time = 0;
            -parenb -parodd -cmspar cs8 -hupcl
            -cstopb cread -clocal -crtscts
            -ignbrk -brkint -ignpar -parmrk -inpck
            -istrip -inlcr -igncr icrnl ixon -ixoff
            -iuclc -ixany -imaxbel -iutf8
            opost -olcuc -ocrnl onlcr -onocr -onlret
            -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
            isig icanon iexten -echo echoe echok
            -echonl -noflsh -xcase -tostop -echoprt
            echoctl echoke -flusho -extproc
            logout
        session_test.go:266: missing output from echo SHELL $SHELL
    ```
    
    after
    
    ```
     go test -run ^TestValidTerminalMode -v
    === RUN   TestValidTerminalMode
        session_test.go:261: echo SHELL $SHELL && stty -a && exit:
            Last login: Thu Jul  6 12:24:38 2023 from 192.168.200.1
            bolian@ubuntu:~$
            SHELL /bin/bash
            speed 38400 baud; rows 80; columns 40;
            line = 0;
            intr = ^C; quit = ^\; erase = ^?;
            kill = ^U; eof = ^D; eol = <undef>;
            eol2 = <undef>; swtch = <undef>;
            start = ^Q; stop = ^S; susp = ^Z;
            rprnt = ^R; werase = ^W; lnext = ^V;
            discard = ^O; min = 1; time = 0;
            -parenb -parodd -cmspar cs8 -hupcl
            -cstopb cread -clocal -crtscts
            -ignbrk -brkint -ignpar -parmrk -inpck
            -istrip -inlcr -igncr icrnl ixon -ixoff
            -iuclc -ixany -imaxbel -iutf8
            opost -olcuc -ocrnl onlcr -onocr -onlret
            -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0
            isig icanon iexten -echo echoe echok
            -echonl -noflsh -xcase -tostop -echoprt
            echoctl echoke -flusho -extproc
            logout
    --- PASS: TestValidTerminalMode (0.06s)
    ```
    
    Change-Id: If60c040edb8c78a7d86bf58a6be47636d9e8f173
    GitHub-Last-Rev: a2cc1b1
    GitHub-Pull-Request: golang#264
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/508115
    Reviewed-by: Heschi Kreinick <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Heschi Kreinick <[email protected]>
    Auto-Submit: Heschi Kreinick <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    tg123 authored and gopherbot committed Jul 11, 2023
    Configuration menu
    Copy the full SHA
    2e82bdd View commit details
    Browse the repository at this point in the history

Commits on Jul 13, 2023

  1. ssh: disable client agent tests on Windows

    ssh-agent is implemented as a Windows service and exposed on a
    named pipe. We don't currently support it.
    
    See golang/go#60981
    
    Change-Id: Iebdc42db30b37a87ac0766231b16aff3f17b3f56
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/509035
    Run-TryBot: Heschi Kreinick <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Auto-Submit: Heschi Kreinick <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    drakkan authored and gopherbot committed Jul 13, 2023
    Configuration menu
    Copy the full SHA
    5df3b59 View commit details
    Browse the repository at this point in the history

Commits on Jul 14, 2023

  1. ssh: prefer sha256 based RSA key algorithms

    sha256 is more optimized than sha512 in Go and is secure enough
    so prefer sha256 over sha512.
    
    Change-Id: I3fcf7457791e3ef4539e97049aa905dcd293499d
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507556
    Reviewed-by: Filippo Valsorda <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    drakkan authored and gopherbot committed Jul 14, 2023
    Configuration menu
    Copy the full SHA
    3f8f064 View commit details
    Browse the repository at this point in the history

Commits on Jul 18, 2023

  1. internal/wycheproof: skip all tests in short test mode

    The testdata for this package is around 8 MB and downloaded dynamically
    via 'go mod download' from its canonical source rather than being copied
    to this repository. We're moving towards disallowing all network use in
    short test mode, including proxy.golang.org, so add a corresponding test
    skip.
    
    Needing to lookup a go test flag is unfortunate, but I don't know of a
    less bad available option while the test does the download in TestMain.
    
    On balance, it becomes viable to no longer disable the checksum database
    since the test will only run on builders that permit internet use and so
    sum.golang.org should just work.
    
    Change-Id: Iaffe3899351da375928aaba114c4875f5438336b
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/510695
    Run-TryBot: Dmitri Shuralyov <[email protected]>
    Auto-Submit: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    dmitshur authored and gopherbot committed Jul 18, 2023
    Configuration menu
    Copy the full SHA
    12e1fcd View commit details
    Browse the repository at this point in the history

Commits on Jul 25, 2023

  1. x509roots/fallback: update bundle

    This is an automated CL which updates the NSS root bundle.
    
    Change-Id: Ic70152e674c60e48e85d96eab244add9b4fa5eb8
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/512595
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    gopherbot committed Jul 25, 2023
    Configuration menu
    Copy the full SHA
    d08e19b View commit details
    Browse the repository at this point in the history

Commits on Jul 31, 2023

  1. ssh: ignore invalid MACs and KEXs just like we do for ciphers

    Tighter validation could cause backwards incompatibility issues, eg
    configurations with valid and invalid MACs, KEXs, ciphers currently work
    if a supported algorithm is negotiated and that's also the scenario of
    removing support for an existing algorithm.
    
    Fixes golang/go#39397
    
    Change-Id: If90253ba89e1d8f732cc1e1c3d24fe0a1e2dac71
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/512175
    Run-TryBot: Han-Wen Nienhuys <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Reviewed-by: Han-Wen Nienhuys <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: David Chase <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    drakkan authored and gopherbot committed Jul 31, 2023
    Configuration menu
    Copy the full SHA
    ddfa821 View commit details
    Browse the repository at this point in the history
  2. ssh: add diffie-hellman-group16-sha512 kex

    This group is disabled by default because it is a bit slower than
    the others.
    The group18-sha512 variant is too slow to include.
    
    Benchstat results including diffie-hellman-group18-sha512:
    
    name                                           time/op
    Kexes/diffie-hellman-group-exchange-sha256-12  22.6ms ± 9%
    Kexes/diffie-hellman-group18-sha512-12          1.15s ±11%
    Kexes/ecdh-sha2-nistp384-12                    3.91ms ± 6%
    Kexes/ecdh-sha2-nistp256-12                     304µs ± 5%
    Kexes/[email protected]           413µs ± 7%
    Kexes/ecdh-sha2-nistp521-12                    11.6ms ±13%
    Kexes/curve25519-sha256-12                      361µs ± 5%
    Kexes/diffie-hellman-group-exchange-sha1-12    22.9ms ± 9%
    Kexes/diffie-hellman-group1-sha1-12            3.59ms ± 6%
    Kexes/diffie-hellman-group14-sha1-12           22.1ms ±11%
    Kexes/diffie-hellman-group14-sha256-12         21.6ms ± 8%
    Kexes/diffie-hellman-group16-sha512-12          138ms ± 9%
    
    name                                           alloc/op
    Kexes/diffie-hellman-group-exchange-sha256-12  67.8kB ± 1%
    Kexes/diffie-hellman-group18-sha512-12          243kB ± 9%
    Kexes/ecdh-sha2-nistp384-12                    13.9kB ± 0%
    Kexes/ecdh-sha2-nistp256-12                    12.1kB ± 0%
    Kexes/[email protected]          8.22kB ± 0%
    Kexes/ecdh-sha2-nistp521-12                    16.5kB ± 0%
    Kexes/curve25519-sha256-12                     8.22kB ± 0%
    Kexes/diffie-hellman-group-exchange-sha1-12    67.5kB ± 0%
    Kexes/diffie-hellman-group1-sha1-12            34.9kB ± 0%
    Kexes/diffie-hellman-group14-sha1-12           61.9kB ± 0%
    Kexes/diffie-hellman-group14-sha256-12         62.0kB ± 0%
    Kexes/diffie-hellman-group16-sha512-12          117kB ± 0%
    
    name                                           allocs/op
    Kexes/diffie-hellman-group-exchange-sha256-12     314 ± 0%
    Kexes/diffie-hellman-group18-sha512-12            271 ± 4%
    Kexes/ecdh-sha2-nistp384-12                       243 ± 0%
    Kexes/ecdh-sha2-nistp256-12                       213 ± 0%
    Kexes/[email protected]             168 ± 0%
    Kexes/ecdh-sha2-nistp521-12                       245 ± 0%
    Kexes/curve25519-sha256-12                        168 ± 0%
    Kexes/diffie-hellman-group-exchange-sha1-12       314 ± 0%
    Kexes/diffie-hellman-group1-sha1-12               255 ± 0%
    Kexes/diffie-hellman-group14-sha1-12              255 ± 0%
    Kexes/diffie-hellman-group14-sha256-12            255 ± 0%
    Kexes/diffie-hellman-group16-sha512-12            256 ± 0%
    
    Change-Id: Id119401fda7e417675325f37e3d442e70585206c
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/506839
    Run-TryBot: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: David Chase <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    drakkan authored and gopherbot committed Jul 31, 2023
    Configuration menu
    Copy the full SHA
    eab9315 View commit details
    Browse the repository at this point in the history
  3. ssh: fix call to Fatalf from a non-test goroutine

    Also fix some redundant type declarations.
    
    Change-Id: Iad2950b67b1ec2e2590c59393b8ad15421ed3add
    GitHub-Last-Rev: 41cf552
    GitHub-Pull-Request: golang#263
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/505798
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: David Chase <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    drakkan authored and gopherbot committed Jul 31, 2023
    Configuration menu
    Copy the full SHA
    edc325d View commit details
    Browse the repository at this point in the history

Commits on Aug 4, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    Once this CL is submitted, and post-submit testing succeeds on all
    first-class ports across all supported Go versions, this repository
    will be tagged with its next minor version.
    
    Change-Id: Id40feba36dfc31c7033c91b952ec824a38e048ee
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/515976
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Gopher Robot <[email protected]>
    gopherbot committed Aug 4, 2023
    Configuration menu
    Copy the full SHA
    b4ddeed View commit details
    Browse the repository at this point in the history

Commits on Sep 5, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    
    Change-Id: Ib391e4f2f09056cb025de97d5d8f2640859d9163
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/525335
    Run-TryBot: Gopher Robot <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    gopherbot committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    0d375be View commit details
    Browse the repository at this point in the history
  2. ssh: check the declared public key algo against decoded one

    This check will ensure we don't accept e.g. [email protected]
    algorithm with ssh-rsa public key type.
    The algorithm and public key type must be consistent: both must be
    certificate algorithms, or neither.
    
    Change-Id: I1d75074fb4d6db3a8796408e98ddffe577a96ab1
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/506836
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    drakkan authored and gopherbot committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    c5370d2 View commit details
    Browse the repository at this point in the history
  3. ssh: support for marshaling keys using the OpenSSH format

    This adds methods to marshal private keys, encrypted and unencrypted
    to the OpenSSH format.
    
    Fixes golang/go#37132
    
    Change-Id: I1a95301f789ce04858e6b147748c6e8b7700384b
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/218620
    Run-TryBot: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    maraino authored and gopherbot committed Sep 5, 2023
    Configuration menu
    Copy the full SHA
    d359caa View commit details
    Browse the repository at this point in the history

Commits on Sep 7, 2023

  1. cryptobyte: add uint48 methods

    Adds uint48 methods for cryptobyte.Builder and cryptobyte.String.
    Supporting 48-bit unsigned integers is useful for working with protocols
    that use them for sequence numbers, such as DTLS.
    
    Fixes golang/go#61275
    
    Change-Id: Ibe49422d37644b9212b28b123dc5e01850f7b05b
    GitHub-Last-Rev: 11b388c
    GitHub-Pull-Request: golang#265
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/508675
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    Reviewed-by: qiulaidongfeng <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    hasheddan authored and gopherbot committed Sep 7, 2023
    Configuration menu
    Copy the full SHA
    e90f1e1 View commit details
    Browse the repository at this point in the history

Commits on Sep 10, 2023

  1. sha3: have ShakeHash extend hash.Hash

    Package sha3 recommends the SHAKE functions for new uses, but this is
    currently somewhat inconvenient because ShakeHash does not implement
    hash.Hash. This is understandable, as SHAKE supports arbitrary-length
    outputs whereas hash.Hash only supports fixed-length outputs. But
    there's a natural fixed-length output to provide: the minimum output
    that still provides SHAKE's full-strength generic security.
    
    While here, tweak Sum so that its temporary buffer can be stack
    allocated.
    
    Also, tweak the panic message in Write so that the error text is more
    readily understandable to Go programmers without needing to be
    familiar with crypto jargon, and add a similar check in Sum.
    
    Change-Id: Icf037d3990a71de5630f8825606614443f8c5245
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/526937
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Adam Langley <[email protected]>
    Auto-Submit: Matthew Dempsky <[email protected]>
    mdempsky authored and gopherbot committed Sep 10, 2023
    Configuration menu
    Copy the full SHA
    3f0842a View commit details
    Browse the repository at this point in the history

Commits on Sep 20, 2023

  1. ssh: add MultiAlgorithmSigner

    MultiAlgorithmSigner allows to restrict client-side, server-side and
    certificate signing algorithms.
    
    Fixes golang/go#52132
    Fixes golang/go#36261
    
    Change-Id: I295092f1bba647327aaaf294f110e9157d294159
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/508398
    Reviewed-by: Filippo Valsorda <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Matthew Dempsky <[email protected]>
    drakkan authored and gopherbot committed Sep 20, 2023
    Configuration menu
    Copy the full SHA
    28c53ff View commit details
    Browse the repository at this point in the history
  2. ssh: add test cases for compatibility with old (buggy) clients

    Improved test cases for CL 506835.
    
    Change-Id: If4a98ae4a7b39d2e59b203d10080b71283e1a80e
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/525735
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Matthew Dempsky <[email protected]>
    Run-TryBot: Filippo Valsorda <[email protected]>
    Reviewed-by: Ian Lance Taylor <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    drakkan authored and gopherbot committed Sep 20, 2023
    Configuration menu
    Copy the full SHA
    a1aeb9b View commit details
    Browse the repository at this point in the history

Commits on Sep 27, 2023

  1. all: use crypto/ed25519 instead of golang.org/x/crypto/ed25519

    This is a follow-up to CL 317169, which dropped go1.12 compatibility,
    and made the golang.org/x/crypto/ed25519 package an alias / wrapper for
    crypto/ed25519 in stdlib.
    
    This patch updates uses within this repository to use stdlib instead of
    depending on the wrapper. With this patch applied, the only remaining
    use of the wrapper is in ed25519_test, which appears to be in place to
    verify compatibility of the wrapper itself.
    
    Change-Id: I0195396102a75ae20bdd82ca8ab59855c0eb5cea
    GitHub-Last-Rev: 24dbec5
    GitHub-Pull-Request: golang#238
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448238
    Reviewed-by: Bryan Mills <[email protected]>
    Run-TryBot: Nicola Murino <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Joedian Reid <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Than McIntosh <[email protected]>
    thaJeztah authored and FiloSottile committed Sep 27, 2023
    Configuration menu
    Copy the full SHA
    b665ba6 View commit details
    Browse the repository at this point in the history

Commits on Sep 28, 2023

  1. chacha20: drop Go 1.10 compatibility for arm64

    Other packages already dropped compatibility with go < 1.12, so it should be safe to remove it for this package as well.
    
    Change-Id: Ib1424763e3aa94d0187a667ebee058100136f53b
    GitHub-Last-Rev: 51df969
    GitHub-Pull-Request: golang#241
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448241
    Reviewed-by: Roland Shoemaker <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Than McIntosh <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Reviewed-by: Joedian Reid <[email protected]>
    thaJeztah authored and gopherbot committed Sep 28, 2023
    Configuration menu
    Copy the full SHA
    ec07f4e View commit details
    Browse the repository at this point in the history

Commits on Oct 4, 2023

  1. ssh: add server side support for [email protected] protocol extension

    Fixes golang/go#62390
    
    Change-Id: Ie4dc577fb55b45a0c26a9e2dc5903af2bd382e00
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/524775
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Matthew Dempsky <[email protected]>
    Reviewed-by: Than McIntosh <[email protected]>
    Run-TryBot: Nicola Murino <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    drakkan authored and FiloSottile committed Oct 4, 2023
    Configuration menu
    Copy the full SHA
    833695f View commit details
    Browse the repository at this point in the history

Commits on Oct 5, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    
    Change-Id: Ib80d50bdd762d1ba04f9267aeddc17272ef8cd66
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/532976
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Carlos Amedee <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    gopherbot committed Oct 5, 2023
    Configuration menu
    Copy the full SHA
    e3cc52e View commit details
    Browse the repository at this point in the history

Commits on Oct 11, 2023

  1. ssh: add support for SSH_AGENT_CONSTRAIN_EXTENSION with id 255

    it was changed in the following draft
    
    https://datatracker.ietf.org/doc/html/draft-miller-ssh-agent-03
    
    The id 3 is now used for SSH_AGENT_CONSTRAIN_MAXSIGN key constraint,
    an OpenSSH extension to the protocol that we do not currently support.
    Instead, we added a compatibility layer for
    SSH_AGENT_CONSTRAIN_EXTENSION with ID 3.
    
    Fixes golang/go#62311
    
    Change-Id: I421aee92aee9e693e43f66e6a5515c055333cb9b
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/525355
    Reviewed-by: Matthew Dempsky <[email protected]>
    Run-TryBot: Nicola Murino <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Than McIntosh <[email protected]>
    drakkan authored and FiloSottile committed Oct 11, 2023
    Configuration menu
    Copy the full SHA
    2aeefc3 View commit details
    Browse the repository at this point in the history
  2. all: update go directive to 1.18

    Done with:
    
    go get [email protected]
    go mod tidy
    go fix ./...
    
    Using go1.21.3.
    
    Also update avo to v0.5.0 in the curve25519/internal/field/_asm module.
    It's newer and produces no diff in the generated code.
    
    For golang/go#60268.
    
    Change-Id: I9bd771ee8561595d7f68aaca76df6e3e33d35013
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/534141
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    Auto-Submit: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    dmitshur authored and gopherbot committed Oct 11, 2023
    Configuration menu
    Copy the full SHA
    8779cbd View commit details
    Browse the repository at this point in the history

Commits on Oct 21, 2023

  1. x509roots: check HTTP response status code and media type

    The HTTP response status code is expected to be 200 OK, and
    the certdata.txt file media type is expected to be plain text.
    Check that it is before proceeding with parsing it.
    
    Might help avoid repeats of CL 535735.
    
    Change-Id: I1a7896b3e20d33a23fdc53c572ae9700c9eae1ef
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/536717
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Commit-Queue: Roland Shoemaker <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    dmitshur authored and gopherbot committed Oct 21, 2023
    Configuration menu
    Copy the full SHA
    1d57292 View commit details
    Browse the repository at this point in the history

Commits on Oct 23, 2023

  1. x509roots: catch the zero-roots case when generating the bundle

    If the parser returns zero roots, don't attempt to completely remove
    the bundle. This may happen if, i.e., the HTTP response is 200 but has
    no content. An example of this may be http://go.dev/cl/535735.
    
    Change-Id: I81fc2b49c8ec813cca17fd1c807296bfb053d992
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/536136
    Reviewed-by: Damien Neil <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    rolandshoemaker authored and gopherbot committed Oct 23, 2023
    Configuration menu
    Copy the full SHA
    4f30245 View commit details
    Browse the repository at this point in the history

Commits on Oct 24, 2023

  1. ssh: add test case against ssh CLI

    These tests try to ensure better compatibility of our server implementation
    with the ssh CLI.
    
    With these tests in place:
    
    1) before merging CL 447757 we would have noticed that our server
       implementation was broken with OpenSSH 8.8+
    2) after merging CL 447757 we would have noticed that our server
       implementation was broken with OpenSSH 7.2-7.7
    
    The ssh CLI from $PATH is used by default, but can be overridden using
    the SSH_CLI_PATH environment variable.
    
    Change-Id: I93d64be41c7613132b0364afac8397f57c2dcbca
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/506837
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Benny Siegert <[email protected]>
    Reviewed-by: Han-Wen Nienhuys <[email protected]>
    Run-TryBot: Nicola Murino <[email protected]>
    drakkan authored and bsiegert committed Oct 24, 2023
    Configuration menu
    Copy the full SHA
    cf8dcb0 View commit details
    Browse the repository at this point in the history

Commits on Oct 30, 2023

  1. crypto/hkdf: remove useless call to Reset

    HKDF is commonly used to read keys that are the the same length (or
    smaller) than the size of the hash digest, which means the loop inside
    Read only runs once.
    
    In that case, calling Reset is unnecesssary overhead.
    
    name                  old time/op    new time/op    delta
    16ByteMD5Single-8       1.39µs ± 1%    1.22µs ± 0%  -11.95%  (p=0.000 n=10+9)
    20ByteSHA1Single-8       826ns ± 0%     746ns ± 0%   -9.70%  (p=0.000 n=9+10)
    32ByteSHA256Single-8     838ns ± 1%     744ns ± 0%  -11.29%  (p=0.000 n=10+10)
    64ByteSHA512Single-8    5.12µs ± 0%    4.57µs ± 0%  -10.78%  (p=0.000 n=8+10)
    8ByteMD5Stream-8         137ns ± 0%     138ns ± 0%   +0.27%  (p=0.009 n=9+6)
    16ByteMD5Stream-8        264ns ± 0%     265ns ± 0%   +0.29%  (p=0.000 n=10+10)
    8ByteSHA1Stream-8       64.1ns ± 0%    64.4ns ± 0%   +0.60%  (p=0.000 n=9+9)
    20ByteSHA1Stream-8       145ns ± 0%     146ns ± 1%   +0.69%  (p=0.000 n=9+10)
    8ByteSHA256Stream-8     42.9ns ± 1%    43.1ns ± 0%   +0.48%  (p=0.005 n=10+10)
    32ByteSHA256Stream-8     151ns ± 0%     152ns ± 0%   +0.35%  (p=0.006 n=10+8)
    8ByteSHA512Stream-8      139ns ± 0%     139ns ± 0%   +0.08%  (p=0.035 n=9+10)
    64ByteSHA512Stream-8    1.07µs ± 0%    1.07µs ± 0%   +0.33%  (p=0.000 n=9+10)
    
    name                  old speed      new speed      delta
    16ByteMD5Single-8     11.6MB/s ± 0%  13.1MB/s ± 0%  +13.50%  (p=0.000 n=9+9)
    20ByteSHA1Single-8    24.2MB/s ± 0%  26.8MB/s ± 0%  +10.75%  (p=0.000 n=9+10)
    32ByteSHA256Single-8  38.2MB/s ± 1%  43.0MB/s ± 0%  +12.72%  (p=0.000 n=10+10)
    64ByteSHA512Single-8  12.5MB/s ± 0%  14.0MB/s ± 0%  +12.06%  (p=0.000 n=8+10)
    8ByteMD5Stream-8      58.2MB/s ± 0%  58.1MB/s ± 0%   -0.27%  (p=0.004 n=9+9)
    16ByteMD5Stream-8     60.6MB/s ± 0%  60.5MB/s ± 0%   -0.27%  (p=0.000 n=9+10)
    8ByteSHA1Stream-8      125MB/s ± 0%   124MB/s ± 0%   -0.59%  (p=0.000 n=9+9)
    20ByteSHA1Stream-8     138MB/s ± 0%   137MB/s ± 1%   -0.69%  (p=0.000 n=9+10)
    8ByteSHA256Stream-8    186MB/s ± 1%   185MB/s ± 0%   -0.47%  (p=0.005 n=10+10)
    32ByteSHA256Stream-8   211MB/s ± 0%   211MB/s ± 0%   -0.37%  (p=0.003 n=10+8)
    8ByteSHA512Stream-8   57.4MB/s ± 1%  57.4MB/s ± 0%     ~     (p=0.137 n=10+10)
    64ByteSHA512Stream-8  59.9MB/s ± 0%  59.7MB/s ± 0%   -0.33%  (p=0.000 n=9+10)
    
    name                  old alloc/op   new alloc/op   delta
    16ByteMD5Single-8       1.17kB ± 0%    0.98kB ± 0%  -16.42%  (p=0.000 n=10+10)
    20ByteSHA1Single-8      1.25kB ± 0%    1.06kB ± 0%  -15.37%  (p=0.000 n=10+10)
    32ByteSHA256Single-8    1.36kB ± 0%    1.14kB ± 0%  -16.46%  (p=0.000 n=10+10)
    64ByteSHA512Single-8    2.26kB ± 0%    1.84kB ± 0%  -18.43%  (p=0.000 n=10+10)
    8ByteMD5Stream-8         2.00B ± 0%     2.00B ± 0%     ~     (all equal)
    16ByteMD5Stream-8        5.00B ± 0%     5.00B ± 0%     ~     (all equal)
    8ByteSHA1Stream-8        2.00B ± 0%     2.00B ± 0%     ~     (all equal)
    20ByteSHA1Stream-8       5.00B ± 0%     5.00B ± 0%     ~     (all equal)
    8ByteSHA256Stream-8      1.00B ± 0%     1.00B ± 0%     ~     (all equal)
    32ByteSHA256Stream-8     6.00B ± 0%     6.00B ± 0%     ~     (all equal)
    8ByteSHA512Stream-8      1.00B ± 0%     1.00B ± 0%     ~     (all equal)
    64ByteSHA512Stream-8     9.00B ± 0%     9.00B ± 0%     ~     (all equal)
    
    name                  old allocs/op  new allocs/op  delta
    16ByteMD5Single-8         16.0 ± 0%      14.0 ± 0%  -12.50%  (p=0.000 n=10+10)
    20ByteSHA1Single-8        16.0 ± 0%      14.0 ± 0%  -12.50%  (p=0.000 n=10+10)
    32ByteSHA256Single-8      16.0 ± 0%      14.0 ± 0%  -12.50%  (p=0.000 n=10+10)
    64ByteSHA512Single-8      16.0 ± 0%      14.0 ± 0%  -12.50%  (p=0.000 n=10+10)
    8ByteMD5Stream-8          0.00           0.00          ~     (all equal)
    16ByteMD5Stream-8         1.00 ± 0%      1.00 ± 0%     ~     (all equal)
    8ByteSHA1Stream-8         0.00           0.00          ~     (all equal)
    20ByteSHA1Stream-8        1.00 ± 0%      1.00 ± 0%     ~     (all equal)
    8ByteSHA256Stream-8       0.00           0.00          ~     (all equal)
    32ByteSHA256Stream-8      1.00 ± 0%      1.00 ± 0%     ~     (all equal)
    8ByteSHA512Stream-8       0.00           0.00          ~     (all equal)
    64ByteSHA512Stream-8      1.00 ± 0%      1.00 ± 0%     ~     (all equal)
    
    Change-Id: I08e5deb7045ce9aa63428e0ac7ae6140226414b4
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/423414
    Reviewed-by: Roland Shoemaker <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Tatiana Bradley <[email protected]>
    ericlagergren authored and rolandshoemaker committed Oct 30, 2023
    Configuration menu
    Copy the full SHA
    74c2ba9 View commit details
    Browse the repository at this point in the history

Commits on Nov 7, 2023

  1. chacha20poly1305: guard PSHUFB usage with GOAMD64_v2

    The PSHUFB instruction is part of SSE which is only v2+ but it is being
    used without the GOAMD64_v2 guard.
    
    The ROL macros were copied from CL 516859 that adds internal/chacha8rand.
    
    Fixes golang/go#63871
    
    Change-Id: I3c8ba75ff284cda4fc788885643246936e617b85
    GitHub-Last-Rev: e235e8e
    GitHub-Pull-Request: golang#275
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/538786
    Reviewed-by: Keith Randall <[email protected]>
    Run-TryBot: Mauri de Souza Meneguzzo <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Keith Randall <[email protected]>
    Reviewed-by: Russ Cox <[email protected]>
    mauri870 authored and rsc committed Nov 7, 2023
    Configuration menu
    Copy the full SHA
    df0bc9e View commit details
    Browse the repository at this point in the history

Commits on Nov 8, 2023

  1. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    
    Change-Id: Ie3a6928d78080ff7d75d6813b1760f1317baa081
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/540537
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Carlos Amedee <[email protected]>
    gopherbot committed Nov 8, 2023
    Configuration menu
    Copy the full SHA
    e668aa9 View commit details
    Browse the repository at this point in the history
  2. ssh: try harder to detect incorrect passwords for legacy PEM encryption

    Because of deficiencies in the format, DecryptPEMBlock does not always
    detect an incorrect password. In these cases decrypted DER bytes is
    random noise. If the parsing of the key returns an asn1.StructuralError
    we return x509.IncorrectPasswordError.
    
    Fixes golang/go#62265
    
    Change-Id: Ib8b845f2bd01662c1f1421d35859a32ac5b78da7
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/538835
    Reviewed-by: Heschi Kreinick <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Cherry Mui <[email protected]>
    drakkan authored and gopherbot committed Nov 8, 2023
    Configuration menu
    Copy the full SHA
    42c83ff View commit details
    Browse the repository at this point in the history
  3. ssh: allow to configure public key auth algorithms on the server side

    Fixes golang/go#61244
    
    Change-Id: I29b43e379cf0cdb07b0d6935666491b997157e73
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/510775
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Bryan Mills <[email protected]>
    Commit-Queue: Nicola Murino <[email protected]>
    Run-TryBot: Nicola Murino <[email protected]>
    Auto-Submit: Nicola Murino <[email protected]>
    Reviewed-by: Han-Wen Nienhuys <[email protected]>
    drakkan authored and gopherbot committed Nov 8, 2023
    Configuration menu
    Copy the full SHA
    eb61739 View commit details
    Browse the repository at this point in the history

Commits on Nov 9, 2023

  1. ssh: eliminate some goroutine leaks in tests and examples

    This should fix the "Log in goroutine" panic seen in
    https://build.golang.org/log/e42bf69fc002113dbccfe602a6c67fd52e8f31df,
    as well as a few other related leaks. It also helps to verify that
    none of the functions under test deadlock unexpectedly.
    
    See https://go.dev/wiki/CodeReviewComments#goroutine-lifetimes.
    
    Updates golang/go#58901.
    
    Change-Id: Ica943444db381ae1accb80b101ea646e28ebf4f9
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/541095
    Auto-Submit: Bryan Mills <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    Reviewed-by: Heschi Kreinick <[email protected]>
    Bryan C. Mills authored and gopherbot committed Nov 9, 2023
    Configuration menu
    Copy the full SHA
    ff15cd5 View commit details
    Browse the repository at this point in the history
  2. cryptobyte: fix ReadOptionalASN1Boolean

    ReadOptionalASN1Boolean was completely broken, it would only work when
    there were two BOOLEAN fields in a row, with the first being OPTIONAL
    (which is itself invalid ASN.1 due to the ambiguity). This fixes it
    to properly expect a BOOLEAN wrapped in a context-specific tag, as is
    the case for all of the other ReadOptionalASN1* methods, and updates
    its doc string.
    
    This is a breaking change as it requires adding the tag field to
    properly support context-specific tags. Given the method would
    previously not work this seems like a reasonable breakage.
    
    Fixes golang/go#43019
    
    Change-Id: I42398256216c59988e249c90bc7aa668f64df945
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/274242
    Reviewed-by: Filippo Valsorda <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Auto-Submit: Roland Shoemaker <[email protected]>
    rolandshoemaker authored and gopherbot committed Nov 9, 2023
    Configuration menu
    Copy the full SHA
    a2edfb5 View commit details
    Browse the repository at this point in the history

Commits on Nov 11, 2023

  1. ssh: use the correct token from the client

    This fixes the case where AcceptSecContext is always called with the
    first token sent by the client instead of the most recently sent one.
    Previously, despite being being read from the client and unmarshalled,
    it was never actually used.
    
    Fixes golang/go#43875
    
    Change-Id: I1967d9a107af03d6778a9437b48e785d61710ee5
    GitHub-Last-Rev: 0d58e4d
    GitHub-Pull-Request: golang#176
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/286252
    Run-TryBot: Filippo Valsorda <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Matthew Dempsky <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Run-TryBot: Nicola Murino <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Reviewed-by: Than McIntosh <[email protected]>
    bodgit authored and gopherbot committed Nov 11, 2023
    Configuration menu
    Copy the full SHA
    1cf1811 View commit details
    Browse the repository at this point in the history

Commits on Nov 21, 2023

  1. curve25519/internal/field/_asm: go mod tidy to fix x/sys version

    Relates to CL 540537, which updated the dependency in the main module.
    
    Change-Id: I9a745f4e03b5cf14fa62c4de63363ddf663b19fd
    GitHub-Last-Rev: 836c393
    GitHub-Pull-Request: golang#277
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/541276
    Auto-Submit: Filippo Valsorda <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    thaJeztah authored and gopherbot committed Nov 21, 2023
    Configuration menu
    Copy the full SHA
    270bf25 View commit details
    Browse the repository at this point in the history

Commits on Nov 23, 2023

  1. ssh: fix certificate authentication with OpenSSH 7.2-7.7

    OpenSSH 7.2-7.7 advertises support for rsa-sha2-256 and rsa-sha2-512
    in the "server-sig-algs" extension but doesn't support these
    algorithms for certificate authentication, so if the server rejects
    the key try to use the obtained algorithm as if "server-sig-algs" had
    not been implemented.
    
    Fixes golang/go#58371
    
    Change-Id: Id49960d3dedd32a21e2c6c2689b1696e05398286
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/510155
    Reviewed-by: Filippo Valsorda <[email protected]>
    Run-TryBot: Nicola Murino <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Auto-Submit: Nicola Murino <[email protected]>
    drakkan authored and gopherbot committed Nov 23, 2023
    Configuration menu
    Copy the full SHA
    1c17e20 View commit details
    Browse the repository at this point in the history

Commits on Nov 27, 2023

  1. ssh: add (*Client).DialContext method

    This change adds DialContext to ssh.Client, which opens a TCP-IP
    connection tunneled over the SSH connection. This is useful for
    proxying network connections, e.g. setting
    (net/http.Transport).DialContext.
    
    Fixes golang/go#20288.
    
    Change-Id: I110494c00962424ea803065535ebe2209364ac27
    GitHub-Last-Rev: 3176984
    GitHub-Pull-Request: golang#260
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/504735
    Run-TryBot: Nicola Murino <[email protected]>
    Run-TryBot: Han-Wen Nienhuys <[email protected]>
    Auto-Submit: Nicola Murino <[email protected]>
    Reviewed-by: Han-Wen Nienhuys <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    Commit-Queue: Nicola Murino <[email protected]>
    ydnar authored and gopherbot committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    b2d7c26 View commit details
    Browse the repository at this point in the history
  2. go.mod: update golang.org/x dependencies

    Update golang.org/x dependencies to their latest tagged versions.
    
    Change-Id: I7fdfe509173c79a63d006b27d674f869a5baa2af
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/545098
    Reviewed-by: Heschi Kreinick <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Auto-Submit: Gopher Robot <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    gopherbot committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    1eadac5 View commit details
    Browse the repository at this point in the history
  3. ssh/test: skip TestSSHCLIAuth on Windows

    It's failing with a file permissions error:
    
    sign_and_send_pubkey: signing using rsa-sha2-512 SHA256:Anr3LjZK8YVpjrxu79myrW9Hrb/wpcMNpVvTq/RcBm8\r\nBad permissions. Try removing permissions for user: UNKNOWN\\\\UNKNOWN (S-1-15-2-2) on file C:/b/s/w/ir/x/t/TestSSHCLIAuth1586735692/001/rsa.
    
    For golang/go#64403
    
    Change-Id: Iece8eac4a1ac349f9f7a273ac7389315cb96568e
    Cq-Include-Trybots: luci.golang.try:x_crypto-gotip-windows-amd64-longtest,x_crypto-go1.21-windows-amd64-longtest,x_crypto-go1.20-windows-amd64-longtest
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/545135
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    Auto-Submit: Heschi Kreinick <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    heschi authored and gopherbot committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    325b735 View commit details
    Browse the repository at this point in the history
  4. argon2: avoid clobbering BP

    go vet was reporting
    
      blamka_amd64.s:203:1: [amd64] mixBlocksSSE2: invalid offset a+24(FP); expected a+8(FP)
      blamka_amd64.s:226:1: [amd64] xorBlocksSSE2: invalid offset a+24(FP); expected a+8(FP)
      blamka_amd64.s:204:1: frame pointer is clobbered before saving
      blamka_amd64.s:227:1: frame pointer is clobbered before saving
    
    Also fix a similar naming issue in sha3:
    
      sha3\keccakf_amd64.s:325:1: [amd64] keccakF1600: unknown variable state; offset 0 is a+0(FP)
    
    Updates golang/go#47027
    
    Change-Id: Ia74852cdb0721ae0216787054197b0cac9e1c0f8
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/332289
    Reviewed-by: Michael Knyszek <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Auto-Submit: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    egonelbre authored and gopherbot committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    bda2f3f View commit details
    Browse the repository at this point in the history
  5. ssh: wrap errors from client handshake

    When an error is returned by a user defined host key callback,
    it is now possible to handle it using standard Go mechanisms
    such as errors.Is or errors.As.
    
    Fixes golang/go#61309
    
    Change-Id: I4269c5f8eacd8e7e8d85070ad249f0e27777b15f
    GitHub-Last-Rev: d2a34d5
    GitHub-Pull-Request: golang#266
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/508876
    Run-TryBot: Nicola Murino <[email protected]>
    Auto-Submit: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Muhammad Shulhan <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    paxan authored and gopherbot committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    7e6fbd8 View commit details
    Browse the repository at this point in the history
  6. blake2b: drop Go 1.6, Go 1.8 compatibility

    Other packages already dropped compatibility with go < 1.12, so it
    should be safe to remove it for this package as well.
    
    Change-Id: I7e894fd11d2e7d1fe28c647bd921399a9a6e30d0
    GitHub-Last-Rev: 2b4f576
    GitHub-Pull-Request: golang#240
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448240
    Run-TryBot: Nicola Murino <[email protected]>
    Reviewed-by: Joedian Reid <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    Commit-Queue: Nicola Murino <[email protected]>
    Auto-Submit: Nicola Murino <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    thaJeztah authored and gopherbot committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    b8ffc16 View commit details
    Browse the repository at this point in the history
  7. ssh: defer channel window adjustment

    Sending a window adjustment after every read is unnecessarily chatty,
    especially with a series of small reads like with TTY interactions.
    
    Copy OpenSSH's logic for deferring these, which seemingly hasn't changed
    since 2007. Note that since channelWindowSize and c.maxIncomingPayload
    are currently constants here, the two checks could be combined into a
    single check for c.myWindow < 2 MiB - 96 KiB (with the current values
    of the constants).
    
    Fixes golang/go#57424.
    
    Change-Id: Ifcef5be76fcc3f0b1a6dc396096bed9c50d64f21
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/459915
    Reviewed-by: Nicola Murino <[email protected]>
    Reviewed-by: Michael Knyszek <[email protected]>
    Run-TryBot: Nicola Murino <[email protected]>
    Auto-Submit: Nicola Murino <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Commit-Queue: Nicola Murino <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Will Mortensen authored and gopherbot committed Nov 27, 2023
    Configuration menu
    Copy the full SHA
    fdfe1f8 View commit details
    Browse the repository at this point in the history

Commits on Nov 29, 2023

  1. x509roots/fallback: update bundle

    This is an automated CL which updates the NSS root bundle.
    
    Change-Id: Ib8c85dc815297de7b59c3e23b0ad029baaf948ec
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/543735
    Auto-Submit: Gopher Robot <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Dmitri Shuralyov <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    gopherbot committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    152cdb1 View commit details
    Browse the repository at this point in the history

Commits on Dec 14, 2023

  1. ssh: close net.Conn on all NewServerConn errors

    This PR ensures that the net.Conn passed to ssh.NewServerConn is closed
    on all error return paths, not just after a failed handshake. This matches
    the behavior of ssh.NewClientConn.
    
    Change-Id: Id8a51d10ae8d575cbbe26f2ef6b37de7cca840ec
    GitHub-Last-Rev: 81bb2e5
    GitHub-Pull-Request: golang#279
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/549095
    Run-TryBot: Nicola Murino <[email protected]>
    Auto-Submit: Nicola Murino <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Nicola Murino <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Michael Pratt <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    espadolini authored and gopherbot committed Dec 14, 2023
    Configuration menu
    Copy the full SHA
    4e5a261 View commit details
    Browse the repository at this point in the history

Commits on Dec 18, 2023

  1. ssh: implement strict KEX protocol changes

    Implement the "strict KEX" protocol changes, as described in section
    1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1).
    
    Namely this makes the following changes:
      * Both the server and the client add an additional algorithm to the
        initial KEXINIT message, indicating support for the strict KEX mode.
      * When one side of the connection sees the strict KEX extension
        algorithm, the strict KEX mode is enabled for messages originating
        from the other side of the connection. If the sequence number for
        the side which requested the extension is not 1 (indicating that it
        has already received non-KEXINIT packets), the connection is
        terminated.
      * When strict kex mode is enabled, unexpected messages during the
        handshake are considered fatal. Additionally when a key change
        occurs (on the receipt of the NEWKEYS message) the message sequence
        numbers are reset.
    
    Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr
    University Bochum for reporting this issue.
    
    Fixes CVE-2023-48795
    Fixes golang/go#64784
    
    Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715
    Reviewed-by: Nicola Murino <[email protected]>
    Reviewed-by: Tatiana Bradley <[email protected]>
    TryBot-Result: Gopher Robot <[email protected]>
    Run-TryBot: Roland Shoemaker <[email protected]>
    Reviewed-by: Damien Neil <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    rolandshoemaker committed Dec 18, 2023
    Configuration menu
    Copy the full SHA
    9d2ee97 View commit details
    Browse the repository at this point in the history

Commits on Jan 2, 2024

  1. internal/poly1305: drop Go 1.12 compatibility

    Other packages already dropped compatibility with go1.12, so it should be safe to remove it for this package as well.
    
    Change-Id: Ieecc7cd06a0a4e69e8c1c09ef6fefe95d78ceb75
    GitHub-Last-Rev: 1971e03
    GitHub-Pull-Request: golang#239
    Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448239
    Reviewed-by: Joedian Reid <[email protected]>
    Auto-Submit: Filippo Valsorda <[email protected]>
    LUCI-TryBot-Result: Go LUCI <[email protected]>
    Reviewed-by: Filippo Valsorda <[email protected]>
    Reviewed-by: Roland Shoemaker <[email protected]>
    Reviewed-by: Matthew Dempsky <[email protected]>
    thaJeztah authored and gopherbot committed Jan 2, 2024
    Configuration menu
    Copy the full SHA
    08396bb View commit details
    Browse the repository at this point in the history

Commits on Jan 4, 2024

  1. Configuration menu
    Copy the full SHA
    0355684 View commit details
    Browse the repository at this point in the history