Fork of golang.org/x/crypto with my patches. http://git.kilabit.info/go-x-crypto/atom?h=client-wrap-error.mailed 2023-08-28T16:27:12Z 2023-08-28T16:27:12Z Shulhan m.shulhan@gmail.com 2023-08-28T16:22:54Z urn:sha1:e417676254617e1e2e7bc68700bbade116295b62 By returning error with %w, the caller can check and convert the error using errors.As, for example to knownhosts.KeyError. Change-Id: I0529e2e935cd8075f87aa6f6049cee3323f82c06 2023-08-04T16:57:07Z Gopher Robot gobot@golang.org 2023-08-04T16:27:49Z urn:sha1:b4ddeeda5bc71549846db71ba23e83ecb26f36ed Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: Id40feba36dfc31c7033c91b952ec824a38e048ee Reviewed-on: https://go-review.googlesource.com/c/crypto/+/515976 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Heschi Kreinick <heschi@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Gopher Robot <gobot@golang.org> 2023-07-31T18:14:41Z Nicola Murino nicola.murino@gmail.com 2023-07-29T03:33:00Z urn:sha1:edc325d13aa98b5b79708f7122a33bf392cdc1a7 Also fix some redundant type declarations. Change-Id: Iad2950b67b1ec2e2590c59393b8ad15421ed3add GitHub-Last-Rev: 41cf552f11387208491dee7b867050475043b25e GitHub-Pull-Request: golang/crypto#263 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/505798 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: David Chase <drchase@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Auto-Submit: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> Run-TryBot: Filippo Valsorda <filippo@golang.org> 2023-07-31T17:46:52Z Nicola Murino nicola.murino@gmail.com 2023-06-28T17:39:50Z urn:sha1:eab931596093977eaac68313fb6020a29ed7653e This group is disabled by default because it is a bit slower than the others. The group18-sha512 variant is too slow to include. Benchstat results including diffie-hellman-group18-sha512: name time/op Kexes/diffie-hellman-group-exchange-sha256-12 22.6ms ± 9% Kexes/diffie-hellman-group18-sha512-12 1.15s ±11% Kexes/ecdh-sha2-nistp384-12 3.91ms ± 6% Kexes/ecdh-sha2-nistp256-12 304µs ± 5% Kexes/curve25519-sha256@libssh.org-12 413µs ± 7% Kexes/ecdh-sha2-nistp521-12 11.6ms ±13% Kexes/curve25519-sha256-12 361µs ± 5% Kexes/diffie-hellman-group-exchange-sha1-12 22.9ms ± 9% Kexes/diffie-hellman-group1-sha1-12 3.59ms ± 6% Kexes/diffie-hellman-group14-sha1-12 22.1ms ±11% Kexes/diffie-hellman-group14-sha256-12 21.6ms ± 8% Kexes/diffie-hellman-group16-sha512-12 138ms ± 9% name alloc/op Kexes/diffie-hellman-group-exchange-sha256-12 67.8kB ± 1% Kexes/diffie-hellman-group18-sha512-12 243kB ± 9% Kexes/ecdh-sha2-nistp384-12 13.9kB ± 0% Kexes/ecdh-sha2-nistp256-12 12.1kB ± 0% Kexes/curve25519-sha256@libssh.org-12 8.22kB ± 0% Kexes/ecdh-sha2-nistp521-12 16.5kB ± 0% Kexes/curve25519-sha256-12 8.22kB ± 0% Kexes/diffie-hellman-group-exchange-sha1-12 67.5kB ± 0% Kexes/diffie-hellman-group1-sha1-12 34.9kB ± 0% Kexes/diffie-hellman-group14-sha1-12 61.9kB ± 0% Kexes/diffie-hellman-group14-sha256-12 62.0kB ± 0% Kexes/diffie-hellman-group16-sha512-12 117kB ± 0% name allocs/op Kexes/diffie-hellman-group-exchange-sha256-12 314 ± 0% Kexes/diffie-hellman-group18-sha512-12 271 ± 4% Kexes/ecdh-sha2-nistp384-12 243 ± 0% Kexes/ecdh-sha2-nistp256-12 213 ± 0% Kexes/curve25519-sha256@libssh.org-12 168 ± 0% Kexes/ecdh-sha2-nistp521-12 245 ± 0% Kexes/curve25519-sha256-12 168 ± 0% Kexes/diffie-hellman-group-exchange-sha1-12 314 ± 0% Kexes/diffie-hellman-group1-sha1-12 255 ± 0% Kexes/diffie-hellman-group14-sha1-12 255 ± 0% Kexes/diffie-hellman-group14-sha256-12 255 ± 0% Kexes/diffie-hellman-group16-sha512-12 256 ± 0% Change-Id: Id119401fda7e417675325f37e3d442e70585206c Reviewed-on: https://go-review.googlesource.com/c/crypto/+/506839 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> 2023-07-31T15:35:32Z Nicola Murino nicola.murino@gmail.com 2023-07-22T10:17:51Z urn:sha1:ddfa82138ec59f54c839f62c0e7661f865785a39 Tighter validation could cause backwards incompatibility issues, eg configurations with valid and invalid MACs, KEXs, ciphers currently work if a supported algorithm is negotiated and that's also the scenario of removing support for an existing algorithm. Fixes golang/go#39397 Change-Id: If90253ba89e1d8f732cc1e1c3d24fe0a1e2dac71 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/512175 Run-TryBot: Han-Wen Nienhuys <hanwen@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Han-Wen Nienhuys <hanwen@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> Reviewed-by: David Chase <drchase@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> 2023-07-25T17:50:45Z Gopher Robot gobot@golang.org 2023-07-24T16:01:23Z urn:sha1:d08e19beaccde615f2f1458b1b0df8fe75e20c8a This is an automated CL which updates the NSS root bundle. Change-Id: Ic70152e674c60e48e85d96eab244add9b4fa5eb8 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/512595 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Run-TryBot: Gopher Robot <gobot@golang.org> Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> 2023-07-18T15:17:25Z Dmitri Shuralyov dmitshur@golang.org 2023-07-18T15:04:05Z urn:sha1:12e1fcd8c0e66f2ad293bd33dc6cb973fb4ca7f4 The testdata for this package is around 8 MB and downloaded dynamically via 'go mod download' from its canonical source rather than being copied to this repository. We're moving towards disallowing all network use in short test mode, including proxy.golang.org, so add a corresponding test skip. Needing to lookup a go test flag is unfortunate, but I don't know of a less bad available option while the test does the download in TestMain. On balance, it becomes viable to no longer disable the checksum database since the test will only run on builders that permit internet use and so sum.golang.org should just work. Change-Id: Iaffe3899351da375928aaba114c4875f5438336b Reviewed-on: https://go-review.googlesource.com/c/crypto/+/510695 Run-TryBot: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Heschi Kreinick <heschi@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> 2023-07-14T16:27:34Z Nicola Murino nicola.murino@gmail.com 2023-07-01T18:00:24Z urn:sha1:3f8f0645c28700f4cb71c4f2e5678a0bb995a16d sha256 is more optimized than sha512 in Go and is secure enough so prefer sha256 over sha512. Change-Id: I3fcf7457791e3ef4539e97049aa905dcd293499d Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507556 Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> Run-TryBot: Filippo Valsorda <filippo@golang.org> Auto-Submit: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> 2023-07-13T13:29:36Z Nicola Murino nicola.murino@gmail.com 2023-07-12T11:21:21Z urn:sha1:5df3b5994134fe208c569a96dde7fc5f4d367ff6 ssh-agent is implemented as a Windows service and exposed on a named pipe. We don't currently support it. See golang/go#60981 Change-Id: Iebdc42db30b37a87ac0766231b16aff3f17b3f56 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/509035 Run-TryBot: Heschi Kreinick <heschi@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Reviewed-by: Heschi Kreinick <heschi@google.com> Auto-Submit: Heschi Kreinick <heschi@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> 2023-07-11T16:17:43Z Boshi Lian farmer1992@gmail.com 2023-07-06T12:44:57Z urn:sha1:2e82bdd1719d8f50d18bbb60acc52accc71330b1 add leading `echo` to have better compatibility before ``` go test -run ^TestValidTerminalMode -v === RUN TestValidTerminalMode session_test.go:261: echo SHELL $SHELL && stty -a && exit: Last login: Thu Jul 6 12:24:38 2023 from 192.168.200.1 SHELL /bin/bashubuntu:~$ speed 38400 baud; rows 80; columns 40; line = 0; intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>; eol2 = <undef>; swtch = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase = ^W; lnext = ^V; discard = ^O; min = 1; time = 0; -parenb -parodd -cmspar cs8 -hupcl -cstopb cread -clocal -crtscts -ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon -ixoff -iuclc -ixany -imaxbel -iutf8 opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0 isig icanon iexten -echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke -flusho -extproc logout session_test.go:266: missing output from echo SHELL $SHELL ``` after ``` go test -run ^TestValidTerminalMode -v === RUN TestValidTerminalMode session_test.go:261: echo SHELL $SHELL && stty -a && exit: Last login: Thu Jul 6 12:24:38 2023 from 192.168.200.1 bolian@ubuntu:~$ SHELL /bin/bash speed 38400 baud; rows 80; columns 40; line = 0; intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = <undef>; eol2 = <undef>; swtch = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase = ^W; lnext = ^V; discard = ^O; min = 1; time = 0; -parenb -parodd -cmspar cs8 -hupcl -cstopb cread -clocal -crtscts -ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon -ixoff -iuclc -ixany -imaxbel -iutf8 opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0 isig icanon iexten -echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke -flusho -extproc logout --- PASS: TestValidTerminalMode (0.06s) ``` Change-Id: If60c040edb8c78a7d86bf58a6be47636d9e8f173 GitHub-Last-Rev: a2cc1b1af09e47df82fcb8685d829dfed945e8b0 GitHub-Pull-Request: golang/crypto#264 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/508115 Reviewed-by: Heschi Kreinick <heschi@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Heschi Kreinick <heschi@google.com> Auto-Submit: Heschi Kreinick <heschi@google.com> Reviewed-by: Bryan Mills <bcmills@google.com>