go-x-crypto, branch v0.1.0

go.mod: update golang.org/x dependencies

2022-10-19T16:43:05Z

Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: If840eea1cadc749ce55efd88eb7d9fc38472839e Reviewed-on: https://go-review.googlesource.com/c/crypto/+/443996 Auto-Submit: Gopher Robot Reviewed-by: Roland Shoemaker Reviewed-by: Heschi Kreinick TryBot-Result: Gopher Robot Run-TryBot: Gopher Robot

all: use automatic RFC linking

2022-10-12T13:47:37Z

pkgsite automatically links /RFC \d+/ to the mentioned RFC. Insert a bunch of spaces into doc-comments for that to match. Change-Id: I01834d7573428563f21c37e43316442e148dd8c4 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/442055 Reviewed-by: Joedian Reid Run-TryBot: Ian Lance Taylor TryBot-Result: Gopher Robot Reviewed-by: Ian Lance Taylor Auto-Submit: Ian Lance Taylor

all: fix a few function names on comments

2022-10-12T13:45:58Z

Change-Id: Iac9c8f06b874e62b56f634dede8757b87514f421 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/442135 Run-TryBot: Ian Lance Taylor Auto-Submit: Ian Lance Taylor Reviewed-by: Ian Lance Taylor TryBot-Result: Gopher Robot Reviewed-by: Joedian Reid

ssh: add ServerConfig.NoClientAuthCallback

2022-10-10T15:29:10Z

It was possible to accept auth type "none" before, but not dynamically at runtime as a function of the ConnMetadata like the other auth types' callback hooks. Fixes golang/go#51994 Change-Id: I83ea80901d4977d8f78523e3d1e16e0a7df5b172 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/395314 Reviewed-by: Roland Shoemaker Run-TryBot: Brad Fitzpatrick TryBot-Result: Gopher Robot Reviewed-by: Julie Qiu

all: replace bytes.Compare with bytes.Equal

2022-10-05T02:52:14Z

Change-Id: I911366b91ff2a1d02d7de202a166d876fb873142 GitHub-Last-Rev: f50e00376856fb9da36bb98ed0cdfd96c2f3b304 GitHub-Pull-Request: golang/crypto#233 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/438536 TryBot-Result: Gopher Robot Reviewed-by: Dmitri Shuralyov Reviewed-by: Ian Lance Taylor Run-TryBot: Ian Lance Taylor Auto-Submit: Ian Lance Taylor

acme/autocert: remove TestRenewFromCache skips

2022-09-26T16:16:30Z

Removes the skips from TestRenewFromCache and TestRenewFromCacheAlreadyRenewed, which were added due to flakes which may have been fixed by the renewal timer change. Updates golang/go#51080 Change-Id: Ib953a24e610e89dfbbea450a4c257c105055ce7e Reviewed-on: https://go-review.googlesource.com/c/crypto/+/433815 Run-TryBot: Roland Shoemaker Auto-Submit: Roland Shoemaker TryBot-Result: Gopher Robot Reviewed-by: Bryan Mills

acme/autocert: fix renewal timer issue

2022-09-24T01:33:50Z

Block when creating the renewal timer, rather than doing it in a goroutine. This fixes an issue where startRenew and stopRenew are called very closely together, and due to lock ordering, stopRenew may be called before startRenew, resulting in the appearance that the renewal timer has been stopped before it has actually been created. This is only an issue in tests, as that is the only place stopRenew is actually used. In particular this issue manifests in TestGetCertiifcate sub-tests, where a httptest server reuses a port across two of the sub-tests. In this case, the renewal calls end up creating dirty state for the subsequent test, which can cause confusing behavior (such as attempting to register an account twice.) Another solution to this problem would be introducing a bool, protected by renewalMu, which indicates if renewal has been halted, and to check it in startRenew to check if stopRenew has already been called, which would allow us to continue calling startRenew in a goroutine and relying on renewalMu locking for ordering. That said I don't see a particularly strong reason to call startRenew concurrently, so this seems like the simplest solution for now. Fixes golang/go#52494 Change-Id: I95420d3fd877572a0b9e408d2f8cd353f6a4e80e Reviewed-on: https://go-review.googlesource.com/c/crypto/+/433016 TryBot-Result: Gopher Robot Run-TryBot: Roland Shoemaker Reviewed-by: Bryan Mills

all: replace io/ioutil with io and os package

2022-09-19T17:36:07Z

For golang/go#45557 Change-Id: I447530cc66896aef7a8d528ccb8d095b80e3cf47 GitHub-Last-Rev: 5f385ff46487ac318bd1147cdbbd26bb0ffd0426 GitHub-Pull-Request: golang/crypto#230 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/430797 Auto-Submit: Ian Lance Taylor Reviewed-by: Ian Lance Taylor Reviewed-by: Meng Zhuo Run-TryBot: Ian Lance Taylor TryBot-Result: Gopher Robot Reviewed-by: Cherry Mui

internal/wycheproof: add crypto/ecdh tests

2022-08-29T22:05:03Z

Alongside the existing ECDH tests, add tests that use the new crypto/ecdh package. The test vectors include a number of private that use non-standard sizes, which we reject, but aren't flagged, so we need to skip them. Change-Id: Iaaef225b0149a86833095f51748d230385d43bfe Reviewed-on: https://go-review.googlesource.com/c/crypto/+/424274 Reviewed-by: Russ Cox Run-TryBot: Roland Shoemaker Reviewed-by: Filippo Valsorda TryBot-Result: Gopher Robot Auto-Submit: Roland Shoemaker

ssh/agent: match OpenSSH extensionAgentMsg, not IETF draft

2022-08-26T18:10:53Z

The OpenSSH wire format just suffixes the raw extension body, without a nested string. Fixes golang/go#51689 Change-Id: Ic224cedb934ba0563abca9a45a6be1c67769ed6d Reviewed-on: https://go-review.googlesource.com/c/crypto/+/412154 Reviewed-by: Roland Shoemaker Run-TryBot: Filippo Valsorda Run-TryBot: hopehook Reviewed-by: Daniel Lublin Auto-Submit: Filippo Valsorda Reviewed-by: Filippo Valsorda TryBot-Result: Gopher Robot Reviewed-by: David Chase