Fork of golang.org/x/crypto with my patches. http://git.kilabit.info/go-x-crypto/atom?h=main 2026-03-26T19:56:30Z 2026-03-26T19:56:30Z Shulhan ms@kilabit.info 2025-01-27T10:27:48Z urn:sha1:f88a1e842ae6c96508e445694e94e1b7d84415a5 The Is method allow the returned error checked using errors.Is againts PassphraseMissingError. 2025-11-12T18:42:48Z Santhanam santhanambr2002@gmail.com 2025-11-09T18:35:21Z urn:sha1:b4f2b62076abeee4e43fb59544dac565715fbf1e Until now, when ssh keys using one of these[1] ciphers were passed, we were giving a parse error "ssh: parse error in message type 0". With this fix, we parse it successfully and return the correct error message. [1] aes{128,256}-gcm@openssh.com and chacha20-poly1305@openssh.com Fixes golang/go#52135 Change-Id: I3010fff43c48f29f21edb8d63f44e167861a054e GitHub-Last-Rev: 14ac7e97306d41cba48053b9c60f2ffc7caded45 GitHub-Pull-Request: golang/crypto#324 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/709275 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Michael Pratt <mpratt@google.com> Reviewed-by: Junyang Shao <shaojunyang@google.com> Auto-Submit: Nicola Murino <nicola.murino@gmail.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> 2025-09-16T06:32:56Z Nicola Murino nicola.murino@gmail.com 2025-08-12T05:59:34Z urn:sha1:f4d47b0db5875e61dd52acdb63be800177ab48bb ParsePublicKey now returns a more specific error when a signature algorithm like rsa-sha2-256 is mistakenly provided as a key format Change-Id: Ic08286a5b2b326e99dd3e61594919203f0c36791 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/695075 Reviewed-by: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Mark Freeman <markfreeman@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> 2025-06-30T16:02:50Z Nicola Murino nicola.murino@gmail.com 2025-06-04T10:39:12Z urn:sha1:c6fce028266aa1271946a7dfde94cd71cf077d5e According to draft-miller-ssh-cert-01, Section 2.1.1, certificates with certificate keys as signature keys are invalid Change-Id: I474524ea444deb78f2fa7c2682e47c0fd057f0b8 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/678716 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> 2024-07-26T16:39:19Z Ilia Mirkin imirkin@alum.mit.edu 2024-07-16T19:48:14Z urn:sha1:3375612bf41a8cdb0cdfdc21e6ca2c7ae0f764b5 The original SSH RFC 4253 explicitly disallows padding. This applies to ssh-rsa signatures. The updated SSH RFC 8332 which defines the SHA2 RSA signature variants explicitly calls out the existence of signers who produce short signatures and specifies that verifiers may allow this behavior. In practice, PuTTY 0.81 and prior versions, as well as SSH.NET prior to 2024.1.0 always generated short signatures. Furthermore, PuTTY is embedded in other software like WinSCP and FileZilla, which are updated on their own schedules as well. This leads to occasional unexplained login errors, when using RSA keys. OpenSSH server allows these short signatures for all RSA algorithms. Fixes golang/go#68286 Change-Id: Ia60ece21bf9c111c490fac0c066443ed5ff7dd29 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/598534 Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Nicola Murino <nicola.murino@gmail.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> 2024-05-29T18:20:30Z Mariano Cano mariano.cano@gmail.com 2023-09-08T01:54:31Z urn:sha1:349231f7e4e437ea89847c5dfce63eed67949f86 This commit implements the CryptoPublicKey interface for the skECDSAPublicKey and skEd25519PublicKey types. Fixes golang/go#62518 Change-Id: I2b8ac89196fbb3614bf5c675127bed23f1cf6b26 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/526875 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Matthew Dempsky <mdempsky@google.com> Reviewed-by: Than McIntosh <thanm@google.com> Auto-Submit: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Nicola Murino <nicola.murino@gmail.com> 2024-02-14T13:16:51Z Nicola Murino nicola.murino@gmail.com 2024-02-08T17:59:26Z urn:sha1:1c981e6f81fc4d43487d6ad84d6b499fa55099e8 on RHEL 9 OpenSSH does not support DSA keys and RSA keys with size less than 2048 bits, furthermore signing with ssh-rsa (SHA-1 signatures) and ssh-dss is not allowed, therefore: 1) replaced the 1024-bit RSA key used in the test with a new 2048-bit one 2) removed DSA key from itegration tests 3) allowed signature errors using ssh-rsa in agent integration tests, we also check SHA-2 variants that are not skipped Fixes golang/go#65581 Change-Id: I54bf997b61ef4d91d38eb624275737ba7291bb20 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/562755 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> Auto-Submit: Nicola Murino <nicola.murino@gmail.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> 2023-11-08T18:01:48Z Nicola Murino nicola.murino@gmail.com 2023-10-31T17:02:46Z urn:sha1:42c83fffffc70640068263e765db9c9b09cd2ba2 Because of deficiencies in the format, DecryptPEMBlock does not always detect an incorrect password. In these cases decrypted DER bytes is random noise. If the parsing of the key returns an asn1.StructuralError we return x509.IncorrectPasswordError. Fixes golang/go#62265 Change-Id: Ib8b845f2bd01662c1f1421d35859a32ac5b78da7 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/538835 Reviewed-by: Heschi Kreinick <heschi@google.com> Reviewed-by: Filippo Valsorda <filippo@golang.org> Auto-Submit: Filippo Valsorda <filippo@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Cherry Mui <cherryyz@google.com> 2023-09-27T14:30:17Z Sebastiaan van Stijn github@gone.nl 2023-09-25T17:15:31Z urn:sha1:b665ba6f6f9abc2ab124f8ec2cb44de0e44ce077 This is a follow-up to CL 317169, which dropped go1.12 compatibility, and made the golang.org/x/crypto/ed25519 package an alias / wrapper for crypto/ed25519 in stdlib. This patch updates uses within this repository to use stdlib instead of depending on the wrapper. With this patch applied, the only remaining use of the wrapper is in ed25519_test, which appears to be in place to verify compatibility of the wrapper itself. Change-Id: I0195396102a75ae20bdd82ca8ab59855c0eb5cea GitHub-Last-Rev: 24dbec563cbd84bc47bdc7736b0245fc83dd3353 GitHub-Pull-Request: golang/crypto#238 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448238 Reviewed-by: Bryan Mills <bcmills@google.com> Run-TryBot: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Nicola Murino <nicola.murino@gmail.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Joedian Reid <joedian@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Than McIntosh <thanm@google.com> 2023-09-20T18:10:30Z Nicola Murino nicola.murino@gmail.com 2023-07-08T13:39:11Z urn:sha1:28c53ff63c09fc7df7793600caa30989bc69e194 MultiAlgorithmSigner allows to restrict client-side, server-side and certificate signing algorithms. Fixes golang/go#52132 Fixes golang/go#36261 Change-Id: I295092f1bba647327aaaf294f110e9157d294159 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/508398 Reviewed-by: Filippo Valsorda <filippo@golang.org> Run-TryBot: Filippo Valsorda <filippo@golang.org> Reviewed-by: Ian Lance Taylor <iant@google.com> Auto-Submit: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Matthew Dempsky <mdempsky@google.com>