Граф коммитов

953 Коммитов

Автор SHA1 Сообщение Дата
Dan Kortschak bba287dce9 ocsp: fix typo
Change-Id: Icd770cee9ce183f75c49c301f96a4aab73e80303
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/381674
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Trust: Cherry Mui <cherryyz@google.com>
2022-02-08 23:39:18 +00:00
Filippo Valsorda 20e1d8d225 ed25519: drop Go 1.12 compatibility
x/crypto/ed25519 moved to the standard library in Go 1.13. This change
drops the compatibility wrapper we were keeping around to make Go 1.12
and earlier work.

Change-Id: I860ed963a0660753d01c89014c21360b239a38ac
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/317169
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
Trust: Katie Hockman <katie@golang.org>
2022-02-08 05:03:32 +00:00
Roland Shoemaker 30dcbda588 acme: expose Client KID field
Expose the previously private KID field of the Client type. This allows
callers which have locally cached their key identity to avoid needing
to make a call to the ACME service every time they construct a new
client.

Fixes golang/go#46303

Change-Id: I219167c5b941f56a2028c4bc253ff56386845549
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/354697
Trust: Katie Hockman <katie@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
2022-01-31 19:55:33 +00:00
Filippo Valsorda 198e4374d7 acme/autocert: replace all ACME server stubs with acmetest
Change-Id: Ie5520f33674471b4a018feb9d0efaf6696ea38a2
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/381715
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
2022-01-28 20:06:15 +00:00
Filippo Valsorda aa10faf2a1 acme/autocert: renew Let's Encrypt certificates likely to get revoked
Let's Encrypt is revoking all certificates verified with TLS-ALPN-01
beofre January 26th due to a compliance issue. Detect them and force a
renewal.

Also, fix the tests which were not testing if expired certificates were
renewed anymore, as the test certificates were always invalid due to not
having SANs.

Change-Id: If9d0632b2edfe0b7fb70f6cfd7e65e46e2d047dc
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/381114
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2022-01-26 23:43:51 +00:00
Roland Shoemaker e04a8579fe ssh/agent: fix TestMalformedRequests
Use a net.Pipe, rather than setting up a local TCP connection,
for testing malformed SSH requests, since we don't need the
complex intricacies of a real connection to test this protocol
behavior.

Fixes golang/go#50161

Change-Id: I5e46c42041ddd03b06725469216b82b801990e64
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/371874
Reviewed-by: Bryan Mills <bcmills@google.com>
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
2022-01-26 17:37:29 +00:00
Bryan C. Mills 5e0467b6c7 acme: in TestFetchCertCancel, do not reply before the cancellation propagates
Fixes golang/go#44611

Change-Id: I81b3c3b7be25fe4e492695fa5935e70aa7b96c07
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/378074
Trust: Bryan Mills <bcmills@google.com>
Run-TryBot: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2022-01-12 18:07:41 +00:00
umlublin e495a2d5b3 cryptobyte: fix parsing of large ASN.1 OIDs
Fixes golang/go#49678

Change-Id: If8a40e25edd810a66165ab78dd68d9b7fc2699f8
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/365674
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Trust: Alex Rakoczy <alex@golang.org>
Trust: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2021-12-15 15:39:01 +00:00
Bryan C. Mills 4570a0811e internal/wycheproof: skip on builders with flaky network connections
This test downloads JSON test files from GitHub. If the network
connection flakes, the test may hang indefinitely, and builders with
flaky network connections might want to avoid unnecessary downloading
anyway.

Fixes golang/go#50076

Change-Id: I0655a34fce8a003794290c0c82ae75492eda4429
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/370659
Trust: Bryan Mills <bcmills@google.com>
Run-TryBot: Bryan Mills <bcmills@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
2021-12-09 19:36:57 +00:00
Roland Shoemaker 5770296d90 ssh: don't assume packet plaintext size
When reading GCM and ChaChaPoly1305 packets, don't make assumptions
about the size of the enciphered plaintext. This fixes two panics
caused by standards non-compliant malformed packets.

Thanks to Rod Hynes, Psiphon Inc. for reporting this issue.

Fixes golang/go#49932
Fixes CVE-2021-43565

Change-Id: I660cff39d197e0d04ec44d11d792b22d954df2ef
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1262659
Reviewed-by: Katie Hockman <katiehockman@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/368814
Trust: Roland Shoemaker <roland@golang.org>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Julie Qiu <julie@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-12-02 19:23:23 +00:00
Damien Neil ae814b36b8 all: upgrade x/net to latest
Update acme/autocert test to not depend on whether idna.Lookup uses
transitional processing (Go 1.17 and earlier) or nontransitional
processing (Go 1.18 and later).

Change-Id: I29ca0aaca0ac75a932919a4c7cf8e9fca033b497
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/364014
Trust: Damien Neil <dneil@google.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2021-11-17 18:39:48 +00:00
Hans Nielsen b4de73f9ec ssh: support RSA SHA-2 (RFC8332) signatures
This change adds support for RSA SHA-2 based signatures for host keys and certificates. It also switches the default certificate signature algorithm for RSA to use SHA-512. This is implemented by treating ssh.Signer specially when the key type is `ssh-rsa` by also allowing SHA-256 and SHA-512 signatures.

Fixes golang/go#37278

Change-Id: I2ee1ac4ae4c9c1de441a2d6cf1e806357ef18910
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/220037
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Run-TryBot: Jason A. Donenfeld <Jason@zx2c4.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-11-15 23:45:14 +00:00
Roland Shoemaker ceb1ce70b4 ocsp: rewrite tests that rely on SHA1-RSA
This test suite should really be completely re-written, but for now
we can just substitute the tests which relied on certificates that
were signed with SHA1-RSA.

Fixes #49443

Change-Id: Ibe4ae3b3062956a56e6e3579144312747df3ef9a
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/362334
Trust: Roland Shoemaker <roland@golang.org>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-11-08 22:10:36 +00:00
James Hartig 089bfa5675 acme: implement Client.ListCertAlternates
Let's Encrypt is defaulting to a longer cross-signed chain on May 4th,
2021 but will offer the ability to download the shorter chain via an
alternate URL via a link header [1]. The shorter chain can be selected
to workaround a validation bug in legacy versions of OpenSSL, GnuTLS,
and LibreSSL. The alternate relation is described in section 7.4.2 of
RFC 8555.

ListCertAlternates should be passed the original certificate chain URL
and will return a list of alternate chain URLs that can be passed to
FetchCert to download.

Fixes golang/go#42437

[1] https://community.letsencrypt.org/t/production-chain-changes/150739

Change-Id: Iaa32e49cb1322ac79ac1a5b4b7980d5401f4b86e
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/277294
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
2021-09-21 15:51:07 +00:00
Yasuhiro Matsumoto 84f357641f all: fix typos
Change-Id: Ie08e43ae603cf2c691d51be0bfb5d164c8fd45ff
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/337189
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Trust: Cherry Mui <cherryyz@google.com>
2021-09-20 02:37:35 +00:00
Filippo Valsorda c084706c22 poly1305: deprecate public package
Fixes golang/go#36646

Change-Id: Ic19dd2171c84472fc9d3f44803224b87fc5c0417
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/345649
Trust: Filippo Valsorda <filippo@golang.org>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-09-15 21:47:49 +00:00
Roland Shoemaker 32db794688 acme: fix deadlock when Client.Key is nil
When methods that use POSTs are called on a acme.Client which has a
nil Key field it will cause a deadlock due to an infinite loop in
the code that looks up the account KID. This change adds a check for
the key being nil, and errors out if that is the case. Also adds a
test for this behavior.

Fixes golang/go#38790

Change-Id: I65ff6bbbade7ed2d85306895904a976089730bbf
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/233164
Trust: Roland Shoemaker <roland@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2021-08-17 16:40:53 +00:00
Roland Shoemaker 0a44fdfbc1 openpgp: fix deprecation message
Fixes the referenced issue and removes an unnecessary word.

Change-Id: Icbf8bd26bccbc603e7dd360d817900ac2ca63a69
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/342049
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2021-08-13 21:11:28 +00:00
Filippo Valsorda 0ba0e8f031 openpgp: mark as deprecated
Finally.

Fixes golang/go#44226

Change-Id: I73de5a49357f8891afef9094ab497f389b899943
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/341549
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-08-12 20:46:32 +00:00
HowJMay a769d52b0f sha3: fix typo in comment
Change-Id: I2cd8fe55a3918771744ca6b53b8335282b7d2b40
GitHub-Last-Rev: 34bf09adb2
GitHub-Pull-Request: golang/crypto#189
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/333429
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Trust: Keith Randall <khr@golang.org>
2021-07-11 02:07:23 +00:00
Bryan C. Mills 5ff15b2933 all: upgrade x/sys to latest
Fixes golang/go#46761

Change-Id: I510532f98c66db1ca1a2288665c571e86d605770
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/328149
Trust: Bryan C. Mills <bcmills@google.com>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
2021-06-16 21:35:33 +00:00
Filippo Valsorda c07d793c2f curve25519/internal/field: fix generator module reference to x/crypto
The generator submodule needs a module dependency on golang.org/x/crypto
to find the type information it needs.

This removes the Comment call from CL 319469 because it does not seem to
generate the intended output. See golang/go#46155.

Fixes golang/go#46133

Change-Id: Iec21c6379d81271047ebf370a76329ed3fdac85c
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/319471
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
2021-05-13 16:48:29 +00:00
Tobias Klauser cd7d49e622 all: add //go:build lines to assembly files
For golang/go#41184

Change-Id: Ica67fdbf2745ad2eef63dbb9ef70136e9e6fd348
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/319469
Trust: Tobias Klauser <tobias.klauser@gmail.com>
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2021-05-13 12:29:33 +00:00
povsister 38f3c27a63 ssh: return missing user field in NewClientConn
Fix golang/go#45249

Change-Id: I27ef2976586ad481d832c6e46695a91f1bb50373
GitHub-Last-Rev: 9f631b8092
GitHub-Pull-Request: golang/crypto#180
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/304990
Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com>
Reviewed-by: Katie Hockman <katie@golang.org>
Trust: Emmanuel Odeke <emmanuel@orijtech.com>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Emmanuel Odeke <emmanuel@orijtech.com>
TryBot-Result: Go Bot <gobot@golang.org>
2021-05-06 14:59:44 +00:00
Filippo Valsorda 3497b51f5e curve25519: replace field implementation with filippo.io/edwards25519
This imports the crypto/ed25519/internal/edwards25519/field package from
CL 276272, and uses it in x/crypto/curve25519.

The ScalarMult code was ported 1:1 from curve25519_generic.go.

                                old code lines     new code lines

Go                              896                463
Assembly (manually written)     1772 (1772)        362 (34)

43% performance loss on amd64, 33% loss on 386, and 45% gain on arm64.
Feels worth it to remove 1700 lines of manually written assembly.

Apple M1

name               old time/op  new time/op  delta
X25519Basepoint-8  85.0µs ± 1%  46.4µs ± 0%  -45.39%  (p=0.000 n=10+9)
X25519-8           84.4µs ± 0%  46.7µs ± 2%  -44.76%  (p=0.000 n=8+9)

Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz

name               old time/op  new time/op  delta
X25519Basepoint-4  42.6µs ± 1%  60.9µs ± 1%  +43.22%  (p=0.000 n=9+10)
X25519-4           42.5µs ± 1%  60.9µs ± 0%  +43.17%  (p=0.000 n=9+9)

Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz [GOARCH=386]

name               old time/op  new time/op  delta
X25519Basepoint-4   530µs ± 1%   703µs ± 1%  +32.81%  (p=0.000 n=10+10)
X25519-4            530µs ± 1%   706µs ± 1%  +33.18%  (p=0.000 n=10+10)

Change-Id: I1dc62a6a3a3e417a1366ff873c475087a0395124
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/315269
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
Trust: Katie Hockman <katie@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-05-05 21:26:54 +00:00
Bryan C. Mills e9a32991a8 go.mod: upgrade to go 1.17
This change was produced using 'go mod tidy -go=1.17'
with a go command built at CL 315210.

This activates lazy loading, and updates the go.mod file to maintain
the lazy-loading invariants (namely, including an explicit requirement
for every package transitively imported by the main module).

Note that this does *not* prevent users with earlier go versions from
successfully building packages from this module.

For golang/go#36460.

Change-Id: I28a6f54b1e41e9e18b726cacba25a52069b8a4e9
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/316109
Trust: Bryan C. Mills <bcmills@google.com>
Run-TryBot: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Alexander Rakoczy <alex@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
2021-05-03 19:58:02 +00:00
Roland Shoemaker 83a5a9bb28 acme: add support for subproblems
Add support for RFC 8555 subproblems. The type naming is real bike-shed
territory, but I think I've mostly matched the existing style of the
package. In a similar vein the format of how to print subproblems
when stringing an acme.Error is up for debate (it could just be
completely ignored, and require clients to inspect Error.Subproblems
themselves).

Fixes golang/go#38978

Change-Id: Ice803079bab621ae9410de79e7e75e11c1af21b6
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/233165
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
2021-04-21 17:06:49 +00:00
Paul E. Murphy 5bf0f12bab poly1305: cleanup ppc64le R0/$0 usage
There is some implicit R0 == $0 here which may not be desired.

"CMP $0, Rx" translates to "cmpd r0, rX" which is less preferred
than "cmpdi r0, 0".  Likewise, "ADDE $0, Rx" also turns into
"adde R0, Rx, Rx" which can be simplified to a similar instruction
which adds to zero with carry, "ADDZE Rx, Rx".

Change-Id: I5de17ff5b02c7c9d57daf014c7fe9420bfbeeeab
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/311372
Reviewed-by: Carlos Eduardo Seo <carlos.seo@linaro.org>
Trust: Carlos Eduardo Seo <carlos.seo@linaro.org>
Trust: Lynn Boger <laboger@linux.vnet.ibm.com>
2021-04-21 14:28:44 +00:00
Roland Shoemaker 4f45737414 cryptobyte: add support for UTCTime
Mostly cribbed from encoding/asn1.parseUTCTime.

Fixes golang/go#45411

Change-Id: I6c6ab2a2ad7c05a7f8bd81ecce4fcbb4e608e8db
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/273286
Trust: Roland Shoemaker <roland@golang.org>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2021-04-15 15:40:28 +00:00
Trevor Dixon 0c34fe9e7d acme/autocert: include the domain in the SAN of the CSR
More compliant with the spec and allows autocert to work
with Pebble (see letsencrypt/pebble#304).

Fixes golang/go#39746.

Change-Id: I0f41d5b41800d57eb53055cad248e50573c6070f
GitHub-Last-Rev: 777115c545
GitHub-Pull-Request: golang/crypto#143
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/294389
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Dmitri Shuralyov <dmitshur@golang.org>
2021-03-22 15:32:48 +00:00
Andreas Auernhammer 513c2a44f6 scrypt: use encoding/binary to simplify smix
This CL simplifies the smix implementation.
It:
 - replaces the manual byte-int conversion
   with functionality from encoding/binary.
 - pre-computes the range `r * 32` as `R`.

Change-Id: Ife4920089c011fec82b234fb56df33e94204e0f8
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/253357
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Tobias Klauser <tobias.klauser@gmail.com>
2021-03-17 15:28:58 +00:00
Radek Simko e6e6c4f2bb go.mod: bump golang.org/x/net to e18ecbb05110
This upgrades golang.org/x/net to the latest revision
which itself depends on (upgraded) golang.org/x/text v0.3.3
which in turn addresses CVE-2020-14040.

Change-Id: I67bd552f4a7ce3392bb9dfde28af4b99a2525c54
GitHub-Last-Rev: 34e9c2c16b
GitHub-Pull-Request: golang/crypto#157
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/259778
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
Trust: Emmanuel Odeke <emmanuel@orijtech.com>
2021-03-14 15:42:23 +00:00
Russ Cox 5ea612d1eb all: go fmt ./...
Make all our package sources use Go 1.17 gofmt format
(adding //go:build lines).

Not strictly necessary but will avoid spurious changes
as files are edited.

Part of //go:build change (#41184).
See https://golang.org/design/draft-gobuild

Change-Id: I70526bf588bf4078887e567795867ece785d666b
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/294415
Trust: Russ Cox <rsc@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2021-02-20 03:31:48 +00:00
Russ Cox b8e89b74b9 blake2s: fix 386 assembly not to smash SP
For golang/go#44269.

Change-Id: I92e168674612af390bcb80a0579df5c777c26970
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/292052
Trust: Russ Cox <rsc@golang.org>
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-02-18 14:52:15 +00:00
Russ Cox 1f2b32a52c blake2b: fix amd64 assembly not to smash SP
For golang/go#44269.

Change-Id: I7e405afd0b55c96ce0a4c6058ba01e8be1173a8c
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/292051
Trust: Russ Cox <rsc@golang.org>
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-02-18 14:52:09 +00:00
Russ Cox 042588c79f salsa20/salsa: fix amd64 assembly not to smash SP
For golang/go#44269.

Change-Id: Ica352261d696317addbdd422d4cde5bf07fef839
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/292050
Trust: Russ Cox <rsc@golang.org>
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-02-18 14:52:05 +00:00
Russ Cox 86c0c3e7f9 blake2s: fix amd64 assembly not to smash SP
For golang/go#44269.

Change-Id: I877a8056dbd8ab1dedadb562aa1b3d9e1e0d55da
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/292049
Trust: Russ Cox <rsc@golang.org>
Trust: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Jason A. Donenfeld <Jason@zx2c4.com>
2021-02-18 14:51:59 +00:00
Filippo Valsorda eec23a3978 acme: hardcode and remove ExternalAccountBinding.Algorithm
HMAC-SHA256 is a perfectly fine MAC algorithm, and there is no need to
ask the user to choose one.

This does break compatibility with the previous API, but it had been
live only for a weekend, so hopefully still in a window in which we can
make changes with a limited blast radius.

Updates golang/go#41430

Change-Id: I03741a545b25b9fcc147760cd20e9d7029844a6c
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/279453
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: James Kasten <jdkasten@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2020-12-21 18:15:55 +00:00
James Kasten 9d13527586 acme: add external account binding support
Implements https://tools.ietf.org/html/rfc8555#section-7.3.4

Fixes golang/go#41430

Co-authored-by: James Munnelly <james@munnelly.eu>
Change-Id: Icd0337fddbff49e7e79fb9105c2679609f990285
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/269279
Run-TryBot: Katie Hockman <katie@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Trust: Katie Hockman <katie@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
2020-12-17 01:42:55 +00:00
Roland Shoemaker 8b5274cf68 ssh: disallow gssapi-with-mic if GSSAPIWithMICConfig is not set
The ability to trigger the 'gssapi-with-mic' authentication method is
not properly gated by the presence of the GSSAPIWithMICConfig field of
the ServerConfig type. If this field is not set and a client sends a
'gssapi-with-mic' request, regardless of if the server advertises it,
the server will panic.

This issue was discovered and reported by Joern Schneewesiz, GitLab
Security Research Team.

Fixes CVE-2020-29652

Change-Id: Ie25de2766e442c8ab46680aae3ac89b0823cdeed
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/278852
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
2020-12-16 22:30:49 +00:00
Julie Qiu 5f87f3452a README.md: add badge to pkg.go.dev
A badge linking to https://pkg.go.dev/golang.org/x/crypto is added.

Change-Id: Ifa07c0c04e3dd30503f196179f6883cc569e7908
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/275873
Trust: Julie Qiu <julie@golang.org>
Run-TryBot: Julie Qiu <julie@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
2020-12-08 17:14:46 +00:00
Tamir Duberstein be400aefbc all: build tags: appengine,!gccgo => purego,gc
appengine is obsolete and superseded by purego, and gc is a more
precise tag for files that use gc-syntax assembly.

Change-Id: I716f59de772ebeee4adf4d2a432edf300122cef0
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/269920
Trust: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
2020-12-03 16:30:18 +00:00
Roland Shoemaker c8d3bf9c53 x/crypto/chacha20: fix typo in benchmark
Change-Id: I003c389585a42089fc9cc595d1f5f1027cd482f2
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/272306
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2020-11-24 20:17:22 +00:00
Filippo Valsorda c1f2f97bff ssh/terminal: bump x/term dependency to fix js/nacl
Brings in CL 258002 which should fix builds for unsupported targets.

Change-Id: I06e6b79347f9081834ad85699ec66d1903fbdaca
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/270817
Trust: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
2020-11-17 14:41:27 +00:00
Filippo Valsorda 4be66e5b65 ssh/terminal: replace with a golang.org/x/term wrapper
The package moved to x/term in CL 258001.

Fixes golang/go#31044

Change-Id: I9d39bfb6f54f09de60e2669fb0d939968af79b40
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/258003
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
Trust: Filippo Valsorda <filippo@golang.org>
2020-11-16 15:36:03 +00:00
Mahdi Hosseini Moghaddam 0c6587e931 ssh/terminal: add support for zos
Fixes golang/go#42496

Change-Id: Iae2ddb916904d9b3947bec9638c9fbf892df7b7c
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/269177
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
Trust: Tobias Klauser <tobias.klauser@gmail.com>
Trust: Michael Munday <mike.munday@ibm.com>
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
2020-11-12 15:50:50 +00:00
Aidan Coyle 9e8e0b3908 ssh: improve error message for KeyboardInteractiveChallenge
Fixes golang/go#41823

Change-Id: I4653f23239bdf2ab472d3d15c6653b89ebf7ccd4
GitHub-Last-Rev: 179b3ee0ef
GitHub-Pull-Request: golang/crypto#158
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/259902
Trust: Roland Shoemaker <roland@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
2020-10-16 22:06:09 +00:00
Emmanuel T Odeke 84dcc777aa crypto/ssh: add Client.Close in Dial example
Fixes golang/go#41906

Change-Id: I2eee82160a4450f531f11d5ba7bd6ed19c019992
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/261417
Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Kevin Burke <kev@inburke.com>
Trust: Roland Shoemaker <roland@golang.org>
2020-10-12 17:37:05 +00:00
Roland Shoemaker 7f63de1d35 internal/wycheproof: add RSA OAEP decryption tests
Uses only the test vectors that use the same MGF and label hashes.

Change-Id: I971f78556e7b8fdbc785978dca7a613728676697
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/234917
Trust: Roland Shoemaker <roland@golang.org>
Trust: Katie Hockman <katie@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Katie Hockman <katie@golang.org>
2020-10-02 17:02:05 +00:00
woat c90954cbb9 nacl/auth: use Size instead of KeySize for Sum output
Fixes golang/go#41692

Change-Id: If6e885ca2e016dfecf534093c989356142ec7823
GitHub-Last-Rev: fe67c18f18
GitHub-Pull-Request: golang/crypto#154
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/258357
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Trust: Roland Shoemaker <roland@golang.org>
2020-10-02 09:40:18 +00:00