)]}' { "log": [ { "commit": "75b288015ac94e66e3d6715fb68a9b41bf046ec2", "tree": "4bc4d2400014aa7fc204a1ab115e0279d433b420", "parents": [ "70a84ac30bf957c7df57edd1935d2081871515e1" ], "author": { "name": "Julian Kornberger", "email": "jk+github@digineo.de", "time": "Mon Jun 22 20:02:02 2020 +0000" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Mon Jun 22 21:36:23 2020 +0000" }, "message": "ssh: Make error message deterministic\n\nBy using a slice instead of a map for tried authentication methods the order is always the same. Small slices are also faster than maps.\n\nBefore the change sometimes I get the error:\n\n ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain\n\nand sometimes:\n\n ssh: handshake failed: ssh: unable to authenticate, attempted methods [publickey none], no supported methods remain\n\nChange-Id: I06507d57e9eef497ff05bce088d52607e69dde3e\nGitHub-Last-Rev: 3a46aae4c6e3e5f52ca4b04384b3cc4efc039aa6\nGitHub-Pull-Request: golang/crypto#142\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/239171\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "70a84ac30bf957c7df57edd1935d2081871515e1", "tree": "0d89ec31751c497960b667f74769112d8646f524", "parents": [ "279210d13fedf5be6d476bad5df6a015042bb905" ], "author": { "name": "Roland Shoemaker", "email": "rolandshoemaker@gmail.com", "time": "Wed May 20 16:32:26 2020 -0700" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Thu Jun 04 20:27:06 2020 +0000" }, "message": "internal/wycheproof: add tests for hmac generation\n\nRequired updating wycheproofModVer to pull the most recent test\nvectors. Tests against SHA1, SHA224, SHA256, SHA384, and SHA512\nconstructions but not the SHA3 variants.\n\nChange-Id: I5b66632ac0c7106bd9b405f6636922a6383d8b9e\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/234718\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n" }, { "commit": "279210d13fedf5be6d476bad5df6a015042bb905", "tree": "38f8157090ddf4f06cd1240f98c8f861557b2c95", "parents": [ "06a226fb4e3765ef3f48aa2852b401bc7b98e981" ], "author": { "name": "Erick Tryzelaar", "email": "etryzelaar@google.com", "time": "Tue Jun 02 17:54:51 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Tue Jun 02 18:02:16 2020 +0000" }, "message": "ssh: don\u0027t err out on channel request msgs to unknown channels\n\nrfc4254 section 5.4 states that channel request messages sent to an\nunrecognized channel should be replied with a `SSH_MSG_CHANNEL_FAILURE`,\nrather than erring out and closing the mux. This can occur with servers\nlike openssh-portable, which can begin to close a channel and also use\nthat channel for keepalives before it has received a closed response\nfrom the client.\n\nFixes golang/go#38908\n\nChange-Id: Id68b77e16b2889d3a21d505ed8018f9f457e067a\nGitHub-Last-Rev: 8a92f87dc30697d9e3805af695efdf1b1dc8409b\nGitHub-Pull-Request: golang/crypto#136\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/232659\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "06a226fb4e3765ef3f48aa2852b401bc7b98e981", "tree": "5730171c325662c946888d2c18b8ba0784a5ebb7", "parents": [ "4b2356b1ed79e6be3deca3737a3db3d132d2847a" ], "author": { "name": "Pasi Tähkäpää", "email": "pasi.tahkapaa@gmail.com", "time": "Sun May 10 12:17:48 2020 +0000" }, "committer": { "name": "Adam Langley", "email": "agl@golang.org", "time": "Sun May 10 22:35:06 2020 +0000" }, "message": "Use boolean tag (0x01) for boolean type.\n\nFix for problem with ReadASN1Boolean, which uses invalid tag (Integer / 0x02) when trying to read boolean value. This is a fix for the one case mentioned in \"x/crypto/cryptobyte: cannot read boolean values #26565\"\nThis is specified in ITU-T X.690, section 8.2, with DER additions specified in 11.1.\n\nChange-Id: I3c9406bd6febb6112f380224fec1d42a6cd64ed4\nGitHub-Last-Rev: fd7d01c897d8aa32d92115be9017f84d75fc4467\nGitHub-Pull-Request: golang/crypto#137\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/233161\nReviewed-by: Adam Langley \u003cagl@golang.org\u003e\nRun-TryBot: Adam Langley \u003cagl@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "4b2356b1ed79e6be3deca3737a3db3d132d2847a", "tree": "fda1cab226f0a36537a006ca0b87df54d9c655dc", "parents": [ "729f1e841bcca28c2cd9f4034d6f7672604dbeda" ], "author": { "name": "Michael Munday", "email": "mike.munday@ibm.com", "time": "Thu Apr 23 06:34:55 2020 -0700" }, "committer": { "name": "Michael Munday", "email": "mike.munday@ibm.com", "time": "Wed Apr 29 18:30:12 2020 +0000" }, "message": "poly1305: modify s390x assembly to implement MAC interface\n\nThe vector (vx) implementation has been updated to read in the\nstate and update it - as opposed to being a single shot function.\nThis has allowed the new MAC interface can be implemented.\n\nFor performance reasons s390x uses a larger buffer than the generic\nimplementation. There is a relatively high fixed cost to read the\nstate, calculate the key coefficients and serialize the state, so\nit makes sense to buffer more blocks before calling it.\n\nFor now I\u0027ve had to remove the faster VMSL implementation. It is\ntoo complex for me to update in time for Go 1.15. At some point\nI\u0027d like to revisit it but for now it looks like using the MAC\ninterface is more of a win than using VMSL.\n\nThe benchmarks show considerable improvements when using the MAC\ninterface. The Sum benchmarks show slowdown due to a combination\nof the removal of the VMSL implementation and also the added\noverhead from splitting the summation function into multiple parts.\n\npoly1305:\n\nname old speed new speed delta\n64 1.33GB/s ± 0% 0.80GB/s ± 1% -39.51% (p\u003d0.000 n\u003d16+20)\n1K 4.04GB/s ± 0% 2.97GB/s ± 0% -26.46% (p\u003d0.000 n\u003d19+19)\n2M 5.32GB/s ± 1% 3.63GB/s ± 0% -31.76% (p\u003d0.000 n\u003d20+19)\n64Unaligned 1.33GB/s ± 0% 0.80GB/s ± 0% -39.80% (p\u003d0.000 n\u003d19+18)\n1KUnaligned 4.09GB/s ± 1% 2.94GB/s ± 0% -28.23% (p\u003d0.000 n\u003d19+18)\n2MUnaligned 5.33GB/s ± 1% 3.52GB/s ± 0% -34.04% (p\u003d0.000 n\u003d20+19)\nWrite64 1.03GB/s ± 1% 1.49GB/s ± 1% +44.34% (p\u003d0.000 n\u003d20+20)\nWrite1K 1.21GB/s ± 0% 3.24GB/s ± 0% +169.02% (p\u003d0.000 n\u003d20+17)\nWrite2M 1.24GB/s ± 1% 3.63GB/s ± 0% +192.36% (p\u003d0.000 n\u003d20+19)\nWrite64Unaligned 1.04GB/s ± 1% 1.50GB/s ± 0% +44.16% (p\u003d0.000 n\u003d19+14)\nWrite1KUnaligned 1.21GB/s ± 0% 3.20GB/s ± 0% +164.55% (p\u003d0.000 n\u003d20+16)\nWrite2MUnaligned 1.24GB/s ± 1% 3.51GB/s ± 0% +183.96% (p\u003d0.000 n\u003d20+19)\n\nchacha20poly1305 (this vs. using generic MAC interface - post CL 206977):\n\nname old speed new speed delta\nOpen-64 147MB/s ± 2% 156MB/s ± 1% +6.15% (p\u003d0.000 n\u003d20+19)\nSeal-64 151MB/s ± 0% 164MB/s ± 1% +8.86% (p\u003d0.000 n\u003d19+16)\nOpen-64-X 104MB/s ± 2% 111MB/s ± 1% +6.24% (p\u003d0.000 n\u003d20+20)\nSeal-64-X 109MB/s ± 2% 111MB/s ± 1% +2.11% (p\u003d0.000 n\u003d20+19)\nOpen-1350 555MB/s ± 0% 751MB/s ± 1% +35.19% (p\u003d0.000 n\u003d20+20)\nSeal-1350 557MB/s ± 0% 759MB/s ± 0% +36.23% (p\u003d0.000 n\u003d20+20)\nOpen-1350-X 517MB/s ± 1% 683MB/s ± 1% +31.97% (p\u003d0.000 n\u003d20+20)\nSeal-1350-X 511MB/s ± 0% 683MB/s ± 0% +33.77% (p\u003d0.000 n\u003d18+19)\nOpen-8192 672MB/s ± 0% 1013MB/s ± 0% +50.65% (p\u003d0.000 n\u003d19+19)\nSeal-8192 674MB/s ± 0% 1018MB/s ± 0% +50.98% (p\u003d0.000 n\u003d18+20)\nOpen-8192-X 663MB/s ± 0% 979MB/s ± 0% +47.57% (p\u003d0.000 n\u003d20+20)\nSeal-8192-X 658MB/s ± 0% 985MB/s ± 0% +49.62% (p\u003d0.000 n\u003d18+20)\n\nname old allocs/op new allocs/op delta\nOpen-64 0.00 0.00 ~ (all equal)\nSeal-64 0.00 0.00 ~ (all equal)\nOpen-64-X 0.00 0.00 ~ (all equal)\nSeal-64-X 0.00 0.00 ~ (all equal)\nOpen-1350 0.00 0.00 ~ (all equal)\nSeal-1350 0.00 0.00 ~ (all equal)\nOpen-1350-X 0.00 0.00 ~ (all equal)\nSeal-1350-X 0.00 0.00 ~ (all equal)\nOpen-8192 0.00 0.00 ~ (all equal)\nSeal-8192 0.00 0.00 ~ (all equal)\nOpen-8192-X 0.00 0.00 ~ (all equal)\nSeal-8192-X 0.00 0.00 ~ (all equal)\n\nchacha20poly1305 (this vs. using asm Sum interface - pre CL 206977):\n\nname old speed new speed delta\nOpen-64 144MB/s ± 0% 156MB/s ± 1% +8.16% (p\u003d0.000 n\u003d20+19)\nSeal-64 150MB/s ± 0% 164MB/s ± 1% +9.35% (p\u003d0.000 n\u003d20+16)\nOpen-64-X 104MB/s ± 1% 111MB/s ± 1% +6.15% (p\u003d0.000 n\u003d19+20)\nSeal-64-X 109MB/s ± 1% 111MB/s ± 1% +1.43% (p\u003d0.000 n\u003d19+19)\nOpen-1350 702MB/s ± 1% 751MB/s ± 1% +6.98% (p\u003d0.000 n\u003d20+20)\nSeal-1350 715MB/s ± 0% 759MB/s ± 0% +6.09% (p\u003d0.000 n\u003d19+20)\nOpen-1350-X 642MB/s ± 0% 683MB/s ± 1% +6.37% (p\u003d0.000 n\u003d19+20)\nSeal-1350-X 639MB/s ± 0% 683MB/s ± 0% +6.98% (p\u003d0.000 n\u003d20+19)\nOpen-8192 994MB/s ± 0% 1013MB/s ± 0% +1.85% (p\u003d0.000 n\u003d20+19)\nSeal-8192 1.00GB/s ± 0% 1.02GB/s ± 0% +1.90% (p\u003d0.000 n\u003d20+20)\nOpen-8192-X 965MB/s ± 0% 979MB/s ± 0% +1.43% (p\u003d0.000 n\u003d19+20)\nSeal-8192-X 962MB/s ± 0% 985MB/s ± 0% +2.39% (p\u003d0.000 n\u003d20+20)\n\nname old allocs/op new allocs/op delta\nOpen-64 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nSeal-64 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nOpen-64-X 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nSeal-64-X 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nOpen-1350 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nSeal-1350 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nOpen-1350-X 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nSeal-1350-X 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nOpen-8192 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nSeal-8192 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nOpen-8192-X 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\nSeal-8192-X 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d20+20)\n\nUpdates golang/go#25219.\n\nChange-Id: Ib491e3a47b6b3ec8bbbe1f41f7bf42ad82f5c249\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/219057\nRun-TryBot: Michael Munday \u003cmike.munday@ibm.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "729f1e841bcca28c2cd9f4034d6f7672604dbeda", "tree": "8a90d1fc14a939a8638ba9a9856449946e368cd0", "parents": [ "4bdfaf469ed5a1194e0ec57ec7b1af73991a7ee3" ], "author": { "name": "Lily Chung", "email": "lilithkchung@gmail.com", "time": "Sun Apr 26 17:01:02 2020 -0700" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Apr 27 16:56:52 2020 +0000" }, "message": "ssh: improve docs on Certificate.SignCert\n\nDocument the fact that SignCert sets the Nonce field. This makes it\nclear that callers need not set it themselves.\n\nOriginal change by Jakob Weisblat \u003cjakobw@mit.edu\u003e in CL 57051.\n\nFixes golang/go#21384\n\nChange-Id: I161e0909ba6c8d07be5f8e68dc6e0f0392bea63f\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/230212\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "4bdfaf469ed5a1194e0ec57ec7b1af73991a7ee3", "tree": "af68368f85a7cfa491e603f1b126171507b35520", "parents": [ "18b771bd64f19baf6611ce73e30afe2e1a50082c" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Mar 20 03:42:32 2020 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Apr 23 21:15:02 2020 +0000" }, "message": "chacha20: don\u0027t panic encrypting the final blocks\n\nCertain operations with counter values close to overflowing were causing\nan unnecessary panic, which was reachable due to the SetCounter API and\nactually observed in QUIC.\n\nTests by lukechampine \u003cluke.champine@gmail.com\u003e from CL 220591.\n\nFixes golang/go#37157\n\nRelanding of CL 224279, which was broken on multi-block buffers.\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/224279\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n\nChange-Id: Ia382c6f62ae49ffe257b67f7b794e8d7124d981e\n(cherry picked from commit 1c2c788b11ecf76cd7fbd7bba62146eb7082bdd8)\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/229119\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n" }, { "commit": "18b771bd64f19baf6611ce73e30afe2e1a50082c", "tree": "503c32fe7ca9e98d18edc23df7aa6baa821cdc62", "parents": [ "44a6062868251b249d52ec1c39797568f724bdca" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Wed Apr 22 12:39:06 2020 -0400" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Thu Apr 23 19:51:18 2020 +0000" }, "message": "cryptobyte: handle AddASN1BigInt with -1\n\nFixes golang/go#38510\n\nChange-Id: Ie52db22bf85a5f79046fad95e5bbe2788c3bec92\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/229457\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "44a6062868251b249d52ec1c39797568f724bdca", "tree": "c5a5f9bfa1a2b2b9d4eb042e145656e6b39f2835", "parents": [ "3c4aac89819a5fdc28d906456729d3423fd46969" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Wed Nov 06 18:01:18 2019 -0500" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Wed Apr 22 19:42:13 2020 +0000" }, "message": "poly1305: add (*MAC).Verify API and use it in chacha20poly1305\n\nAlso, make sure New inlines so it does not cause an allocation. With\nthis, we have a zero allocation poly1305 flow and a zero allocation\ngeneric chacha20poly1305 composition! \\o/\n\nWhile at it, remove some redundant code, and prepare to drop some\ncomplexity once the last assembly implementation of sum is dropped.\n\nBenchstat with \"-tags purego\" on amd64\n\nname old time/op new time/op delta\nOpen-64-8 461ns ± 2% 415ns ± 1% -9.93% (p\u003d0.000 n\u003d10+8)\nSeal-64-8 450ns ± 3% 412ns ± 3% -8.41% (p\u003d0.000 n\u003d10+10)\nOpen-64-X-8 603ns ± 2% 544ns ± 2% -9.84% (p\u003d0.000 n\u003d10+10)\nSeal-64-X-8 580ns ± 3% 553ns ± 1% -4.56% (p\u003d0.000 n\u003d9+8)\nOpen-1350-8 3.98µs ± 2% 3.65µs ± 2% -8.28% (p\u003d0.000 n\u003d9+10)\nSeal-1350-8 3.95µs ± 2% 3.64µs ± 1% -7.93% (p\u003d0.000 n\u003d9+10)\nOpen-1350-X-8 4.06µs ± 1% 3.68µs ± 3% -9.31% (p\u003d0.000 n\u003d9+10)\nSeal-1350-X-8 4.08µs ± 4% 3.64µs ± 1% -10.71% (p\u003d0.000 n\u003d9+10)\nOpen-8192-8 21.7µs ± 3% 18.9µs ± 2% -13.10% (p\u003d0.000 n\u003d9+10)\nSeal-8192-8 21.5µs ± 3% 18.8µs ± 1% -12.51% (p\u003d0.000 n\u003d9+9)\nOpen-8192-X-8 21.4µs ± 1% 19.1µs ± 2% -10.88% (p\u003d0.000 n\u003d10+10)\nSeal-8192-X-8 21.3µs ± 2% 19.0µs ± 3% -10.92% (p\u003d0.000 n\u003d10+10)\n\nname old speed new speed delta\nOpen-64-8 139MB/s ± 2% 154MB/s ± 2% +11.05% (p\u003d0.000 n\u003d10+8)\nSeal-64-8 142MB/s ± 3% 155MB/s ± 3% +9.11% (p\u003d0.000 n\u003d10+10)\nOpen-64-X-8 106MB/s ± 2% 118MB/s ± 2% +10.93% (p\u003d0.000 n\u003d10+10)\nSeal-64-X-8 110MB/s ± 3% 116MB/s ± 1% +4.75% (p\u003d0.000 n\u003d9+8)\nOpen-1350-8 339MB/s ± 2% 370MB/s ± 2% +9.04% (p\u003d0.000 n\u003d9+10)\nSeal-1350-8 342MB/s ± 2% 371MB/s ± 1% +8.60% (p\u003d0.000 n\u003d9+10)\nOpen-1350-X-8 333MB/s ± 1% 367MB/s ± 3% +10.30% (p\u003d0.000 n\u003d9+10)\nSeal-1350-X-8 331MB/s ± 4% 371MB/s ± 2% +11.96% (p\u003d0.000 n\u003d9+10)\nOpen-8192-8 377MB/s ± 3% 434MB/s ± 2% +15.07% (p\u003d0.000 n\u003d9+10)\nSeal-8192-8 381MB/s ± 3% 436MB/s ± 1% +14.29% (p\u003d0.000 n\u003d9+9)\nOpen-8192-X-8 383MB/s ± 1% 429MB/s ± 2% +12.21% (p\u003d0.000 n\u003d10+10)\nSeal-8192-X-8 385MB/s ± 2% 432MB/s ± 3% +12.26% (p\u003d0.000 n\u003d10+10)\n\nname old alloc/op new alloc/op delta\nOpen-64-8 96.0B ± 0% 0.0B -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-64-8 96.0B ± 0% 0.0B -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-64-X-8 96.0B ± 0% 0.0B -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-64-X-8 96.0B ± 0% 0.0B -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-1350-8 1.41kB ± 0% 0.00kB -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-1350-8 1.41kB ± 0% 0.00kB -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-1350-X-8 1.41kB ± 0% 0.00kB -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-1350-X-8 1.41kB ± 0% 0.00kB -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-8192-8 9.47kB ± 0% 0.00kB -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-8192-8 9.47kB ± 0% 0.00kB -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-8192-X-8 9.47kB ± 0% 0.00kB -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-8192-X-8 9.47kB ± 0% 0.00kB -100.00% (p\u003d0.000 n\u003d10+10)\n\nname old allocs/op new allocs/op delta\nOpen-64-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-64-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-64-X-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-64-X-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-1350-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-1350-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-1350-X-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-1350-X-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-8192-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-8192-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nOpen-8192-X-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\nSeal-8192-X-8 1.00 ± 0% 0.00 -100.00% (p\u003d0.000 n\u003d10+10)\n\nChange-Id: I2c30ddc960a889b49c8ee8ff8073ffc4e75f43af\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/206977\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n" }, { "commit": "3c4aac89819a5fdc28d906456729d3423fd46969", "tree": "c3d9a234c841dd434fc6000aabe118cc9a159608", "parents": [ "a76a400e302568c342acfdbe6e92c6531be3eb86" ], "author": { "name": "Andy Wang", "email": "cbeuw.andy@gmail.com", "time": "Sat Apr 18 01:52:37 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Apr 20 20:11:42 2020 +0000" }, "message": "chacha20: improve generic implementation performance\n\nSome small changes to improve computation throughput of noasm chacha20 by between 4-11%.\n\nname old time/op new time/op delta\nChaCha20/64-12 142ns ± 1% 132ns ± 1% -7.09% (p\u003d0.000 n\u003d20+20)\nChaCha20/256-12 485ns ± 1% 441ns ± 1% -9.08% (p\u003d0.000 n\u003d20+20)\nChaCha20/10x25-12 822ns ± 1% 785ns ± 1% -4.42% (p\u003d0.000 n\u003d20+20)\nChaCha20/4096-12 484ns ± 1% 442ns ± 1% -8.80% (p\u003d0.000 n\u003d20+19)\nChaCha20/100x40-12 8.65µs ± 1% 8.08µs ± 1% -6.54% (p\u003d0.000 n\u003d19+20)\nChaCha20/65536-12 118µs ± 1% 106µs ± 1% -10.04% (p\u003d0.000 n\u003d19+20)\nChaCha20/1000x65-12 120µs ± 1% 108µs ± 0% -9.84% (p\u003d0.000 n\u003d19+19)\n\nname old speed new speed delta\nChaCha20/64-12 450MB/s ± 1% 484MB/s ± 1% +7.61% (p\u003d0.000 n\u003d19+19)\nChaCha20/256-12 527MB/s ± 1% 580MB/s ± 1% +10.03% (p\u003d0.000 n\u003d20+20)\nChaCha20/10x25-12 304MB/s ± 1% 318MB/s ± 1% +4.62% (p\u003d0.000 n\u003d20+20)\nChaCha20/4096-12 529MB/s ± 1% 580MB/s ± 1% +9.70% (p\u003d0.000 n\u003d19+20)\nChaCha20/100x40-12 463MB/s ± 1% 495MB/s ± 1% +7.00% (p\u003d0.000 n\u003d19+20)\nChaCha20/65536-12 556MB/s ± 1% 618MB/s ± 1% +11.16% (p\u003d0.000 n\u003d19+20)\nChaCha20/1000x65-12 542MB/s ± 1% 602MB/s ± 0% +10.92% (p\u003d0.000 n\u003d19+19)\n\nRedundant bound checks on loading key and nonce as uint32s in newUnauthenticatedCipher\nare eliminated.\n\nIn the main block loop, two changes were made:\n1. Specialise the xor function to addXor, so the final block state variables don\u0027t need to be\nseparately incremented by the initial block state before XORing with the input block.\n2. Change the loop condition to be bound by len(src) \u003e\u003d64 and len(dst) \u003e\u003d 64.\nThis eliminates all bound checks later in the load-xor-store stage.\nAs a result, src and dst are resliced in-place after each block.\n\nChange-Id: Ic3165a556bf7cb2d71349d534cdd21d06d9a7a2c\nGitHub-Last-Rev: b3b1a185004c551919a8984547a5bac0283919a1\nGitHub-Pull-Request: golang/crypto#131\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/228618\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "a76a400e302568c342acfdbe6e92c6531be3eb86", "tree": "30f618380b480db4344f935cd126fd913d8971f5", "parents": [ "1c2c788b11ecf76cd7fbd7bba62146eb7082bdd8" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Apr 20 19:27:44 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Apr 20 19:28:32 2020 +0000" }, "message": "Revert \"chacha20: don\u0027t panic encrypting the final blocks\"\n\nThis reverts CL 224279.\n\nReason for revert: broken on arm64, ppc64le and s390x 😢\n\nChange-Id: I8632ee78a79696a3117c81729904797233e0071d\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/229118\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n" }, { "commit": "1c2c788b11ecf76cd7fbd7bba62146eb7082bdd8", "tree": "4b8989e380d1b56fae23c0d7326972f59e183ad0", "parents": [ "884d27f42877f544ba37fd9a6651180096180731" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Mar 20 03:42:32 2020 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Apr 20 19:18:34 2020 +0000" }, "message": "chacha20: don\u0027t panic encrypting the final blocks\n\nCertain operations with counter values close to overflowing were causing\nan unnecessary panic, which was reachable due to the SetCounter API and\nactually observed in QUIC.\n\nTests by lukechampine \u003cluke.champine@gmail.com\u003e from CL 220591.\n\nFixes golang/go#37157\n\nChange-Id: Iba52edb1ba36af391b8fe4ee615c5c41d7e64f48\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/224279\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n" }, { "commit": "884d27f42877f544ba37fd9a6651180096180731", "tree": "30f618380b480db4344f935cd126fd913d8971f5", "parents": [ "0848c9571904fcbcb24543358ca8b5a7dbfde875" ], "author": { "name": "Bob McNaughton", "email": "bobmcn@gmail.com", "time": "Thu Apr 16 20:40:09 2020 +0000" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Mon Apr 20 10:45:11 2020 +0000" }, "message": "Update reference to CBC vulnerability in cipher.go\n\nThe original referenced paper is no longer available. I contacted the author, and this is the reference he supplied.\n\nChange-Id: Ib5ad88932f2bfc12ff62639f7fb7c3ee568610d6\nGitHub-Last-Rev: 2cf7d15c63a114952c90a018ea5afe085965202e\nGitHub-Pull-Request: golang/crypto#132\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/228638\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "0848c9571904fcbcb24543358ca8b5a7dbfde875", "tree": "b82aa3937b1e5f2550f60e218d821c53749586d4", "parents": [ "4f8f47aa7992c1b4e3e3e3504645a9e4e075fc81" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Apr 10 21:31:37 2020 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Tue Apr 14 17:38:20 2020 +0000" }, "message": "chacha20poly1305: improve ExampleNewX\n\nThe example was failing to direct users on what to do with the nonce,\nwhich should be almost universally prepended to the ciphertext.\n\nAlso, leaving key out of the function was pulling the entire file into\nthe example.\n\nUpdates golang/go#38369\n\nChange-Id: I3a13342fff02e1a5d6f9c4ef2a8bddf0b1097707\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/227937\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n" }, { "commit": "4f8f47aa7992c1b4e3e3e3504645a9e4e075fc81", "tree": "e283479da88c045cf96a73a4b650faf0fa150312", "parents": [ "056763e48d71961566155f089ac0f02f1dda9b5a" ], "author": { "name": "Hana (Hyang-Ah) Kim", "email": "hyangah@gmail.com", "time": "Tue Apr 14 11:39:45 2020 -0400" }, "committer": { "name": "Hyang-Ah Hana Kim", "email": "hyangah@gmail.com", "time": "Tue Apr 14 15:58:20 2020 +0000" }, "message": "ssh/terminal: handle ctrl+C, ctrl+F, ctrl+B\n\nctrl+C: terminate readline, which may result in application termination.\nctrl+F: keyRight\nctrl+B: keyLeft\n\nUpdate golang/go#27147\n\nChange-Id: If319ef79708b98c030cbce102400a785d15137f8\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/228223\nReviewed-by: Daniel Martí \u003cmvdan@mvdan.cc\u003e\nRun-TryBot: Daniel Martí \u003cmvdan@mvdan.cc\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "056763e48d71961566155f089ac0f02f1dda9b5a", "tree": "3f98e551431c09fe25d6e7856883b55a3631f657", "parents": [ "baeed622b8d86045ff442b324772b0ad306a2b3f" ], "author": { "name": "Alex Gaynor", "email": "alex.gaynor@gmail.com", "time": "Fri Apr 03 16:45:00 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Apr 06 17:35:13 2020 +0000" }, "message": "ssh/agent: handle ed25519.PrivateKey by value in AddedKey\n\nAlso document that ed25519 is supported.\n\nChange-Id: Ibc4f44069eae4ff1aad27f22fc651a2f7611679d\nGitHub-Last-Rev: ee2ce0ae9900b11e1fa891e3587b111168f708c9\nGitHub-Pull-Request: golang/crypto#119\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/219506\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "baeed622b8d86045ff442b324772b0ad306a2b3f", "tree": "27beafaacc1d4f77929361e123e2639cc95729b2", "parents": [ "0ec3e9974c59449edd84298612e9f16fa13368e8" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Wed Apr 01 17:43:50 2020 -0400" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Fri Apr 03 20:14:58 2020 +0000" }, "message": "blake2b,blake2s: clarify difference between blake2b and blake2s\n\nFixes golang/go#37784\n\nChange-Id: I2fdaf96979390f3744ba8135da78107a15f5e9a8\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/226845\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "0ec3e9974c59449edd84298612e9f16fa13368e8", "tree": "15dc73e96a4ef086ecf3fedfa821cffc5a2fa9b9", "parents": [ "891825fb96dfc23279b4a42f710d49e78e05b333" ], "author": { "name": "Ross Kinsey", "email": "rossikinsey@gmail.com", "time": "Sun Mar 22 14:36:50 2020 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Mar 23 16:52:09 2020 +0000" }, "message": "ssh: support aes256-cbc for passphrase-protected OpenSSH keys\n\nThe existing code for decrypting OpenSSH-format keys only allows aes256-ctr, the current ssh-keygen default.\nHowever, the default encryption scheme was aes256-cbc until relatively recently, and some of these keys are still in use.\nSupport for aes256-cbc has been added.\n\nFixes golang/go#37939\n\nChange-Id: I3730347109c5dd18e4cbe61b48bbca9566ad61d2\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/224817\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "891825fb96dfc23279b4a42f710d49e78e05b333", "tree": "dd9622d3cb96911a131941a654c8a73a6f5a25f1", "parents": [ "97fc981609bed3eb7ea949807ec2c3a271ef4086" ], "author": { "name": "Yannic Bonenberger", "email": "contact@yannic-bonenberger.com", "time": "Fri Mar 20 07:35:11 2020 +0100" }, "committer": { "name": "Ian Lance Taylor", "email": "iant@golang.org", "time": "Fri Mar 20 18:11:02 2020 +0000" }, "message": "gitignore: remove obsolete reference to .hgignore in comment\n\nChange-Id: Ie2b79a1132b3d59e5bedc71cb5aa8d9aafeb8c68\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/224297\nReviewed-by: Ian Lance Taylor \u003ciant@golang.org\u003e\n" }, { "commit": "97fc981609bed3eb7ea949807ec2c3a271ef4086", "tree": "ab5f439f25e35d6f55a9bbb8a2d1b8329edae8ec", "parents": [ "1b76d66859c6111b3d5c3ea6600ea44dc188bf12" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Mon Feb 24 16:46:38 2020 -0500" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Fri Mar 20 14:53:29 2020 +0000" }, "message": "internal/wycheproof: update TestEcdsa to use ecdsa.VerifyASN1\n\nChange-Id: Ibd6ce156550615cb85c06e734641c34fca0cfcd0\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/220697\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "1b76d66859c6111b3d5c3ea6600ea44dc188bf12", "tree": "6e09026bb42003d3dfd70963098b437ffaa3956b", "parents": [ "f7b00557c8c46a1ea4b035cae84f52028c2c0564" ], "author": { "name": "Lucas Bremgartner", "email": "lucas@bremis.ch", "time": "Fri Mar 06 19:01:14 2020 +0000" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Tue Mar 17 14:21:12 2020 +0000" }, "message": "ssh: fix data race in dh group exchange sha256\n\nFixes golang/go#37607\n\nChange-Id: Iedf6522ec9b9a676ac51c054407a6aef894885f5\nGitHub-Last-Rev: 8cb2460c59d2e32bc3f0480bcd7867a113361c67\nGitHub-Pull-Request: golang/crypto#126\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/222078\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "f7b00557c8c46a1ea4b035cae84f52028c2c0564", "tree": "4697768aae38d0d37aa9e9996ea46e3586ec81d6", "parents": [ "78000ba7a073cafc0278790f6bce552a0f25850e" ], "author": { "name": "Bryan C. Mills", "email": "bcmills@google.com", "time": "Wed Mar 11 09:15:05 2020 -0400" }, "committer": { "name": "Bryan C. Mills", "email": "bcmills@google.com", "time": "Wed Mar 11 17:13:14 2020 +0000" }, "message": "sha3: mark xorInUnaligned with go:nocheckptr\n\nIt is unclear whether unaligned reads should be allowed, or if they\nare even actually a good idea here. However, while we figure that out,\nwe should un-break \u0027go test -race\u0027 for users of this package.\n\nUpdates golang/go#37644\nUpdates golang/go#37298\nUpdates golang/go#37715\nUpdates golang/go#34972\nUpdates golang/go#35128\n\nChange-Id: I088f5703023e4f05ee274a6753e925973f12ac1b\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/222855\nRun-TryBot: Bryan C. Mills \u003cbcmills@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Matthew Dempsky \u003cmdempsky@google.com\u003e\n" }, { "commit": "78000ba7a073cafc0278790f6bce552a0f25850e", "tree": "9b7d9a947b8497ec007e3b3d43089208fd26b6ce", "parents": [ "32487eceac714ab927b55a454631e9d449a81b55" ], "author": { "name": "Andrew Louis", "email": "alouis@digitalocean.com", "time": "Mon Mar 02 20:51:17 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Mar 02 21:09:43 2020 +0000" }, "message": "acme: make WaitAuthorization return authorization errors consistently\n\nFixes golang/go#37340\n\nChange-Id: I19c4f150b8607ad4a1613cf97ad3362f4b779d7c\nGitHub-Last-Rev: 4215964b4a680b135301695ccd56cff88a8ffb26\nGitHub-Pull-Request: golang/crypto#121\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/220343\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "32487eceac714ab927b55a454631e9d449a81b55", "tree": "b6ddbb3bd95d39c1bd8c5f635f06d4b5b9bda96d", "parents": [ "2aa609cf4a9d7d1126360de73b55b6002f9e052a" ], "author": { "name": "Ian Lance Taylor", "email": "iant@golang.org", "time": "Fri Jun 07 06:28:59 2019 -0700" }, "committer": { "name": "Ian Lance Taylor", "email": "iant@golang.org", "time": "Mon Mar 02 21:01:49 2020 +0000" }, "message": "openpgp/packet: ensure that first partial packet is 512 bytes\n\nThis requirement is from RFC 4880 4.2.2.4.\n\nAlso simplify the partialLengthWriter loop. The old code worked but\nwas written in a confusing way, with a loop whose terminating condition\ndidn\u0027t make sense and was never true in practice.\nRewrite it to more clearly do a set of partial writes of decreasing size.\n\nFixes golang/go#32474\n\nChange-Id: Ia53ceb39a34f1d6f2ea7c60190d52948bb0db59b\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/181121\nRun-TryBot: Ian Lance Taylor \u003ciant@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Emmanuel Odeke \u003cemm.odeke@gmail.com\u003e\n" }, { "commit": "2aa609cf4a9d7d1126360de73b55b6002f9e052a", "tree": "7c8a8e33b4191f59cd8ecf564e256bc8e8d62b83", "parents": [ "eddbd5da4704b10e6e0fed8557625dcdbc8eb6c6" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Sun Jan 19 20:10:41 2020 -0500" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Feb 21 23:15:18 2020 +0000" }, "message": "chacha20,poly1305,chacha20poly1305: set consistent build tags\n\nappengine was only necessary for the legacy system based on Go 1.9, drop\nthat. Add purego tags instead. Remove redundant architecture tags.\n\nChange-Id: Ib1f65a4837511e63e08c1aa43163a79cfe868e0c\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/215498\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\nReviewed-by: Dmitri Shuralyov \u003cdmitshur@golang.org\u003e\n" }, { "commit": "eddbd5da4704b10e6e0fed8557625dcdbc8eb6c6", "tree": "0e5f185f8335b886ae09c56ee1e0cf2bb4fa3913", "parents": [ "0f24fbd83dfbb33be4b41327d5a857464b89e3cd" ], "author": { "name": "lukechampine", "email": "luke.champine@gmail.com", "time": "Fri Feb 07 21:49:02 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Feb 21 23:14:36 2020 +0000" }, "message": "chacha20: add SetCounter method\n\nFixes golang/go#35506\n\nChange-Id: I5cfc6b4dc07ab368e370edaee11841c2c1377f82\nGitHub-Last-Rev: 16147a1668a903532f2d3777b873ddad8f0f26f5\nGitHub-Pull-Request: golang/crypto#108\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/206638\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "0f24fbd83dfbb33be4b41327d5a857464b89e3cd", "tree": "11f67badaf7fadbdc7b6ea3fffdad483f1c3fe61", "parents": [ "bac4c82f69751a6dd76e702d54b3ceb88adab236" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Tue Jan 14 17:48:21 2020 -0500" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Fri Feb 21 17:05:53 2020 +0000" }, "message": "internal/wycheproof: add test for ChaCha20-Poly1305 AEAD encryption/decryption\n\nChange-Id: I71d62f95954a39c476bee55e22b6fcf96a196de1\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/214939\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "bac4c82f69751a6dd76e702d54b3ceb88adab236", "tree": "d72fe5ba5bb205a707bdca2f59e35dbb8f043c48", "parents": [ "1ad67e1f0ef495d4014b6ffd8f2cf80f91fffbce" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Tue Feb 11 18:53:37 2020 -0500" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Feb 20 18:36:23 2020 +0000" }, "message": "ssh: return an error for malformed ed25519 public keys rather than panic\n\nAn attacker can craft an ssh-ed25519 or sk-ssh-ed25519@openssh.com\npublic key, such that the library will panic when trying to verify a\nsignature with it. Clients can deliver such a public key and signature\nto any golang.org/x/crypto/ssh server with a PublicKeyCallback, and\nservers can deliver them to any golang.org/x/crypto/ssh client.\n\nThis issue was discovered and reported by Alex Gaynor, Fish in a Barrel,\nand is tracked as CVE-2020-9283.\n\nChange-Id: Ie25b78a0b0181fbbc8cc7de4f4e27d908777529c\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/220357\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "1ad67e1f0ef495d4014b6ffd8f2cf80f91fffbce", "tree": "e55c36dcc4fd631288972c20105d504203e75a40", "parents": [ "1d94cc7ab1c630336ab82ccb9c9cda72a875c382" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Wed Feb 19 17:24:18 2020 -0500" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Wed Feb 19 23:42:26 2020 +0000" }, "message": "internal/wycheproof: add test for CBC decryption with PKCS#5 padding\n\nChange-Id: Ie60bdc10065018e193271b4f90f50298f1272396\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/218323\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "1d94cc7ab1c630336ab82ccb9c9cda72a875c382", "tree": "77b56f4d02e303b173cf1d67fff6b2bf0633ce27", "parents": [ "86ce3cb696783b739e41e834e2eead3e1b4aa3fb" ], "author": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Wed Feb 12 10:29:22 2020 -0800" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Fri Feb 14 03:40:16 2020 +0000" }, "message": "acme/autocert: remove unused listener struct field\n\nChange-Id: Ie7f4848d7388811bdcf1937eab9d603de64d6e96\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/219220\nRun-TryBot: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "86ce3cb696783b739e41e834e2eead3e1b4aa3fb", "tree": "8c7901ba5e0e035a46aee7d209355770fa5e37b4", "parents": [ "6ca56c2f2e2b26dc733347707d0e75d8eb050ee1" ], "author": { "name": "Jason Baker", "email": "jason-baker@users.noreply.github.com", "time": "Mon Feb 10 22:12:59 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Feb 10 22:22:08 2020 +0000" }, "message": "acme/autocert: fix TLS-ALPN identifier in tests\n\nCL 204177 broke autocert tests because they expected the old OID.\n\nFixes golang/go#37160\n\nChange-Id: Id732d4d249bbe5107fa0a3ba4829012600d8a52d\nGitHub-Last-Rev: 77e8d1ff0072866d8466c56885d01d3b91d5baef\nGitHub-Pull-Request: golang/crypto#117\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/218941\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "6ca56c2f2e2b26dc733347707d0e75d8eb050ee1", "tree": "400a6add40ac6c76a1384e2818f1515f7a3d1433", "parents": [ "ecb85df213405b7d32e4d73cb5bbaace2ec88881" ], "author": { "name": "Jason Baker", "email": "thebaker@google.com", "time": "Mon Feb 10 19:01:28 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Feb 10 19:18:31 2020 +0000" }, "message": "acme: update TLS-ALPN identifier to the latest IANA assignment\n\nIt looks like the source code has fallen out of date with the draft spec.\nThe latest version https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-05 has a different OID 1.3.6.1.5.5.7.1.31 assigned.\n\nYou can test that you\u0027re using the correct OID by performing a TLS-ALPN-01 challenge against a Pebble (https://github.com/letsencrypt/pebble) ACME server running with the -strict argument. This implementation will reject the obsolete OID.\n\nChange-Id: I58c52eaed487949e9071d3b9772f7acfdcc91201\nGitHub-Last-Rev: 4cacc0723c431a29aec77d4fb3320d91c66c1ff5\nGitHub-Pull-Request: golang/crypto#91\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/204177\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nReviewed-by: Alex Vaghin \u003calex@cloudware.io\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "ecb85df213405b7d32e4d73cb5bbaace2ec88881", "tree": "d24b29610eff1945c3f6cfd3ce68452689fdfe79", "parents": [ "a95e85b341fd3d114b379054ba41d2d1006beee4" ], "author": { "name": "Alex Brainman", "email": "alex.brainman@gmail.com", "time": "Sun Jan 19 09:47:15 2020 +1100" }, "committer": { "name": "Alex Brainman", "email": "alex.brainman@gmail.com", "time": "Sat Feb 08 06:05:01 2020 +0000" }, "message": "ssh/terminal: adjust ReadConsole rules on windows\n\nCL 212377 changed end of input character on windows - from \\n to \\r.\nBut CL 212377 did not adjust ReadConsole accordingly. For example,\nafter CL 212377 \\n was still used to end of password processing,\nand \\r was ignored.\n\nThis CL swaps these rules - \\r is now used to end password processing,\nand \\n are ignored. The change only affects windows, all non windows\ncode should work as before.\n\nThis CL also adjusts TestReadPasswordLineEnd to fit new rules.\n\nFixes golang/go#36609\n\nChange-Id: I027bf80d10e7d4d4b17ff0264935d14b8bea9097\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/215417\nRun-TryBot: Alex Brainman \u003calex.brainman@gmail.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "a95e85b341fd3d114b379054ba41d2d1006beee4", "tree": "797fa8829fe5adbaeb18f5dbf92d8d815fb14f4d", "parents": [ "a0c6ece9d31a0ebfbd3ddf2d290cfb1265ba47c7" ], "author": { "name": "Mariano Cano", "email": "mariano@smallstep.com", "time": "Fri Feb 07 20:41:00 2020 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Feb 07 20:58:29 2020 +0000" }, "message": "ssh: support ECDSA private keys in OpenSSH format\n\nThis adds support for parsing OpenSSH ECDSA private keys. It\nimplements parsing for P-256, P-384, and P-521 keys.\n\nFixes golang/go#36722\n\nChange-Id: I77c8e0a23ed6353f6667686cc79ec14661cb10db\nGitHub-Last-Rev: 2324b920d080fc7ac35fbcf0a79e25161b6a7f82\nGitHub-Pull-Request: golang/crypto#114\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/215540\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "a0c6ece9d31a0ebfbd3ddf2d290cfb1265ba47c7", "tree": "848e5682896118d83cbfff4e03b36ca5ecef35b9", "parents": [ "c9f3fb736b729628ec1e9c1a6b4313e883f452f9" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Mon Jan 13 17:19:10 2020 -0500" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Thu Feb 06 16:14:12 2020 +0000" }, "message": "internal/wycheproof: add test for hkdf key extraction\n\nChange-Id: I501bcc2f4bd8107937756087d20e849e3a4bc182\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/214584\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "c9f3fb736b729628ec1e9c1a6b4313e883f452f9", "tree": "d5dcfd4233702b16bce7d489876fcf43b6166731", "parents": [ "69ecbb4d6d5dab05e49161c6e77ea40a030884e1" ], "author": { "name": "Filippo Valsorda", "email": "hi@filippo.io", "time": "Sun Nov 17 18:16:46 2019 -0500" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Tue Feb 04 10:40:54 2020 +0000" }, "message": "ssh: support encrypted OpenSSH private keys\n\nIncludes the bcrypt_pbkdf package by Dmitry Chestnykh,\nsubmitted with permission on his behalf under the CLA:\nhttps://go-review.googlesource.com/c/crypto/+/207600/2#message-6a035dd62ff76f6c9367299b911076a1be237fb8\n\nFixes golang/go#18692\n\nChange-Id: I74e3ab355a8d720948d64d87adc009783a9d9732\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/207600\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\n" }, { "commit": "69ecbb4d6d5dab05e49161c6e77ea40a030884e1", "tree": "844c120ad80e0145967f4245a4c5bb3d56b9008b", "parents": [ "530e935923ad688be97c15eeb8e5ee42ebf2b54a" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Wed Jan 22 16:59:53 2020 -0500" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Tue Jan 28 17:40:31 2020 +0000" }, "message": "cryptobyte: fix panic due to malformed ASN.1 inputs on 32-bit archs\n\nWhen int is 32 bits wide (on 32-bit architectures like 386 and arm), an\noverflow could occur, causing a panic, due to malformed ASN.1 being\npassed to any of the ASN1 methods of String.\n\nTested on linux/386 and darwin/amd64.\n\nThis fixes CVE-2020-7919 and was found thanks to the Project Wycheproof\ntest vectors.\n\nChange-Id: I8c9696a8bfad1b40ec877cd740dba3467d66ab54\nReviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/645211\nReviewed-by: Katie Hockman \u003ckatiehockman@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/216677\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nReviewed-by: Dmitri Shuralyov \u003cdmitshur@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "530e935923ad688be97c15eeb8e5ee42ebf2b54a", "tree": "2d9c1133d06e595713460a4b72fe23ad61b47d76", "parents": [ "6d4e4cb37c7d6416dfea8472e751c7b6615267a6" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Thu Jan 16 14:12:49 2020 -0500" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Fri Jan 17 16:03:49 2020 +0000" }, "message": "openpgp/armor: allow armored PGP signature without a CRC\n\nRFC 4800, Section 6 specifies that the CRC at the end of the\narmor is optional, so do not fail to decode signatures missing\nthe CRC.\n\nCredit: armor.go patch from engineer at Google\n\nChange-Id: I39b04e0afaaafdf7aa86577fe4a35c50e7cf0b2b\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/215022\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "6d4e4cb37c7d6416dfea8472e751c7b6615267a6", "tree": "cb4c077553fe8c831e07e1c4a65941c0300a9b4f", "parents": [ "61a87790db17894570dfb32dbaa0a4af9ce60cb4" ], "author": { "name": "Yasuhiro Matsumoto", "email": "mattn.jp@gmail.com", "time": "Sun Dec 22 03:38:13 2019 +0900" }, "committer": { "name": "Alex Brainman", "email": "alex.brainman@gmail.com", "time": "Wed Jan 15 08:54:10 2020 +0000" }, "message": "ssh/terminal: stop using ENABLE_LINE_INPUT\n\nReadConsole does not read more than 254 bytes when ENABLE_LINE_INPUT is\nenabled.\n\nFixes golang/go#36071\n\nChange-Id: If5c160404b855387a80f1d57638aac3f2db1a097\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/212377\nRun-TryBot: Alex Brainman \u003calex.brainman@gmail.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Alex Brainman \u003calex.brainman@gmail.com\u003e\n" }, { "commit": "61a87790db17894570dfb32dbaa0a4af9ce60cb4", "tree": "7a2710186d4eca6d9f6450577ec686d9778e404c", "parents": [ "5d647ca1575777a812e903a7e98177174d8c295a" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Wed Jan 08 20:59:31 2020 -0500" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Jan 09 15:21:10 2020 +0000" }, "message": "poly1305: drop broken arm assembly\n\nThe ARM assembly uses the reserved G register. This started causing\nfrequent crashes due to async preemption, but it was already broken in\nthe presence of signals, including SIGPROF.\n\nname old speed new speed delta\nChacha20Poly1305/Open-64 2.88MB/s ± 0% 1.85MB/s ± 0% -35.76% (p\u003d0.008 n\u003d6+7)\nChacha20Poly1305/Seal-64 3.17MB/s ± 1% 1.97MB/s ± 0% -37.78% (p\u003d0.000 n\u003d10+8)\nChacha20Poly1305/Open-64-X 2.41MB/s ± 0% 1.61MB/s ± 0% -33.29% (p\u003d0.000 n\u003d9+9)\nChacha20Poly1305/Seal-64-X 2.55MB/s ± 0% 1.64MB/s ± 0% -35.61% (p\u003d0.000 n\u003d10+9)\nChacha20Poly1305/Open-1350 8.43MB/s ± 0% 4.15MB/s ± 0% -50.78% (p\u003d0.000 n\u003d10+10)\nChacha20Poly1305/Seal-1350 8.55MB/s ± 0% 4.18MB/s ± 0% -51.12% (p\u003d0.000 n\u003d9+9)\nChacha20Poly1305/Open-1350-X 8.16MB/s ± 0% 4.06MB/s ± 0% -50.18% (p\u003d0.000 n\u003d10+10)\nChacha20Poly1305/Seal-1350-X 8.24MB/s ± 1% 4.08MB/s ± 1% -50.53% (p\u003d0.000 n\u003d10+10)\nChacha20Poly1305/Open-8192 9.73MB/s ± 1% 4.56MB/s ± 0% -53.15% (p\u003d0.000 n\u003d9+10)\nChacha20Poly1305/Seal-8192 9.57MB/s ± 0% 4.52MB/s ± 0% -52.77% (p\u003d0.000 n\u003d9+9)\nChacha20Poly1305/Open-8192-X 9.65MB/s ± 0% 4.54MB/s ± 0% -52.95% (p\u003d0.000 n\u003d10+7)\nChacha20Poly1305/Seal-8192-X 9.47MB/s ± 1% 4.50MB/s ± 0% -52.50% (p\u003d0.000 n\u003d10+9)\n\nFixes golang/go#35511\n\nChange-Id: I5e5ca3a0499f04c5fece5bc669a417e32d2656c6\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/213880\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nReviewed-by: Cherry Zhang \u003ccherryyz@google.com\u003e\n" }, { "commit": "5d647ca1575777a812e903a7e98177174d8c295a", "tree": "a25d8e0957c2e491b714a4c12741bca2c7bdf39a", "parents": [ "53104e6ec876ad4e22ad27cce588b01392043c1b" ], "author": { "name": "Michael Munday", "email": "mike.munday@ibm.com", "time": "Wed Jan 08 21:34:17 2020 +0000" }, "committer": { "name": "Michael Munday", "email": "mike.munday@ibm.com", "time": "Wed Jan 08 21:55:11 2020 +0000" }, "message": "sha3: fix SHA-3 on s390x when using KIMD instruction\n\nAn illegal instruction would occur due to a bug in the way input\nslices were rounded down in size to a multiple of the rate for a\ngiven hash type. This would only occur when the Write function\nwas called with more than ~3KiB of data and the length of the data\nwas not a multiple of the rate.\n\nFixes golang/go#36459.\n\nChange-Id: I621ef8d75602bcd59bb44491e17f721050001e6d\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/213857\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nRun-TryBot: Michael Munday \u003cmike.munday@ibm.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "53104e6ec876ad4e22ad27cce588b01392043c1b", "tree": "e39b8d71532b6633dca81a65f63060c1a91fd9ad", "parents": [ "becbf705a91575484002d598f87d74f0002801e7" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Fri Dec 27 10:16:44 2019 -0500" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Fri Dec 27 16:37:50 2019 +0000" }, "message": "internal/wycheproof: skip failing test on 32-bit arm\n\nFixes golang/go#36164\n\nChange-Id: I4248cb3e25346f6859c473b729811b36ac6cf872\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/212625\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "becbf705a91575484002d598f87d74f0002801e7", "tree": "6c42d36b442a1c77b4777e7b7efb0895503d8134", "parents": [ "e9b2fee46413994441b28dfca259d911d963dfed" ], "author": { "name": "Ben Toews", "email": "mastahyeti@gmail.com", "time": "Wed Dec 04 20:12:52 2019 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Dec 19 19:50:13 2019 +0000" }, "message": "nacl/box: support anonymous seal/open\n\nThis adds SealAnonymous and OpenAnonymous functions that implement the\nlibsodium \"sealed box\" functionality.\n\nFixes golang/go#35346\n\nChange-Id: I22455f1b83595ec8a68d1861e635bd6cb0573f44\nGitHub-Last-Rev: 7d334cf861942ec63ad613b7f28fb6dd7a1f9992\nGitHub-Pull-Request: golang/crypto#107\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/205241\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "e9b2fee46413994441b28dfca259d911d963dfed", "tree": "1e5336b823f7dc36485030ea2d29666ffd9a8a14", "parents": [ "e7c4368fe9ddd156b5f1463283cb51c5b400c373" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Wed Nov 27 15:17:25 2019 -0500" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Fri Dec 06 17:25:30 2019 +0000" }, "message": "internal/wycheproof: add Wycheproof tests for verifying signatures\n\nhttps://github.com/google/wycheproof provides test vectors exposing\nvulnerabilities in crypto packages. This change creates a new package\ncalled internal/wycheproof that runs these Wycheproof tests against\na number of pacakages in the standard library (and in the future,\nx/crypto).\n\nDirectory structure:\n - interal/wycheproof/internal/ecdsa: internal version of ecdsa package which\nincludes a new function that verifies ASN encoded signatures directly\n - interal/wycheproof/internal/dsa: internal version of dsa package which\nincludes a new function that verifies ASN encoded signatures directly\n - internal/wycheproof: all tests\n\ninternal/wycheproof/wycheproof_test.go provides utility functions that are\ncommon to many tests in the package, and contains the TestMain which\nfetches github.com/google/wycheproof from the source.\n\nThis change includes tests for signature verification with dsa, ecdsa,\neddsa, and rsa (both PKCS#1 v1.5 and PSS signatures).\n\nNote that these tests download testdata from github.com/google/wycheproof\nby running `go mod download` in the TestMain. This means that internet\naccess will be necessary in order to run these tests if the testdata is\nnot already in your module cache.\n\nMore tests will be added incrementally.\n\nChange-Id: I0378d4be24b5679fdc186e9fc94c1cc0068e81f7\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/209221\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "e7c4368fe9ddd156b5f1463283cb51c5b400c373", "tree": "18e8bd8babdf5bc186f31d39e1f5ded814395799", "parents": [ "0a08dada0ff98d02f3864a23ae8d27cb8fba5303" ], "author": { "name": "edef", "email": "edef@edef.eu", "time": "Mon Nov 25 19:39:25 2019 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Dec 05 18:06:55 2019 +0000" }, "message": "acme: expect standard ASN.1 signatures from ECDSA Client.Key\n\nPreviously, an ECDSA crypto.Signer would have been expected to return a\nsignature in RFC7518 format, which violates crypto.Signer\u0027s interface\ncontract.\n\nFixes golang/go#35829\n\nChange-Id: Id0cc2d9296cfb9f89925ab9ac02e12d68eec734b\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/209537\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "0a08dada0ff98d02f3864a23ae8d27cb8fba5303", "tree": "52bdafe97d3886509ad71575af7fbb8a7efc119b", "parents": [ "86a70503ff7e82ffc18c7b0de83db35da4791e6a" ], "author": { "name": "Filippo Valsorda", "email": "hi@filippo.io", "time": "Sun Nov 17 18:43:54 2019 -0500" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Dec 05 16:18:47 2019 +0000" }, "message": "ssh: reject unencrypted keys from ParsePrivateKeyWithPassphrase\n\nThe behavior of ParsePrivateKeyWithPassphrase when the key is\nunencrypted is unspecified. Currently, it just parses them like\nParsePrivateKey, which is unlikely to be what anyone wants: for us to\nignore a passphrase that they explicitly passed. It also makes the\nimplementation of encrypted OpenSSH keys in the next CL more confused.\n\nInstead, make ParsePrivateKey return a PassphraseNeededError, so the\napplication logic can be ParsePrivateKey -\u003e detect encrypted key -\u003e\nobtain passphrase -\u003e ParsePrivateKeyWithPassphrase. That error will also\nlet us return the public key for OpenSSH keys.\n\nChange-Id: Ife4fb2499ae538bef36e353adf9bc8e902662386\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/207599\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\n" }, { "commit": "86a70503ff7e82ffc18c7b0de83db35da4791e6a", "tree": "118c514102c6a224235723cc757d3bdf4cfc465f", "parents": [ "b544559bb6d1b5c62fba4af5e843ff542174f079" ], "author": { "name": "Sebastian Kinne", "email": "skinne@google.com", "time": "Tue Nov 19 16:30:15 2019 -0800" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Mon Dec 02 14:38:27 2019 +0000" }, "message": "ssh: add sk-ecdsa-sha2-nistp256 and sk-ed25519\n\nThis adds server-side support for the newly introduced OpenSSH\nkeytypes sk-ecdsa-sha2-nistp256@openssh.com and sk-ed25519@openssh.com\n(including their corresponding certificates), which are backed\nby U2F/FIDO2 tokens.\n\nChange-Id: I53d5ed3d0457ae4758ee986055e187ee5787a2d1\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/208017\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "b544559bb6d1b5c62fba4af5e843ff542174f079", "tree": "ab8e14c8ebe710d934ab6156aa4b8a96d1a828fc", "parents": [ "ac88ee75c92c889b97e05591e9a39b6480c538b3" ], "author": { "name": "Fazlul Shahriar", "email": "fshahriar@gmail.com", "time": "Thu Nov 28 01:18:39 2019 -0500" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Thu Nov 28 16:05:24 2019 +0000" }, "message": "ssh/agent: fix TestServerResponseTooLarge on Plan 9\n\nFirst, modify the test to report a better error by waiting for the\nMarshal+Write goroutine to finish before returning from the test. If we\nreturn too early, a failure inside that goroutine can generate a panic.\n\nSecond, we workaround plan9 not returning the actual number of bytes\nwritten on the connection in case of a hangup (due to closed\nconnection). I\u0027ve verified that syscall.Pwrite returns -1 on hangup in\nthis particular case even when some data did get written.\n\nFixes golang/go#35888\n\nChange-Id: I7998cff926295f0d577b125c137021a9adc1be5a\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/209298\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "ac88ee75c92c889b97e05591e9a39b6480c538b3", "tree": "c108222ae33f157f7b81a66182fc028a3e63f73f", "parents": [ "4f8c1d86b1ba699e7a66cd649947ed270a74e0bb" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Nov 22 16:49:02 2019 -0500" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Nov 22 22:04:53 2019 +0000" }, "message": "ssh/agent: fix example\n\nSince there is no ClientAgent identifier, ExampleClientAgent wasn\u0027t\ndisplayed as an example by godoc.\n\nChange-Id: Ied8df7d8412c4aa483d42315986af49ba8fdbcef\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/208480\nReviewed-by: Dmitri Shuralyov \u003cdmitshur@golang.org\u003e\n" }, { "commit": "4f8c1d86b1ba699e7a66cd649947ed270a74e0bb", "tree": "ed914e0d5e0827ef823de8d91a7f8b848804d50a", "parents": [ "497ca9f6d64f9bb73048a960b4098309edcd2205" ], "author": { "name": "Bryan C. Mills", "email": "bcmills@google.com", "time": "Tue Nov 19 16:07:44 2019 -0500" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Tue Nov 19 21:36:27 2019 +0000" }, "message": "ssh/agent: clear the environment when starting ssh-agent in client_test\n\nCertain environment variables can influence the behavior of ssh-agent,\ncausing the test to fail. Avoid that influence by using a consistent\nenvironment.\n\nThis fixes a locally-observed test failure for me.\n\nChange-Id: I0f5e8d643199519f88e80825335ee8e6eb08e3af\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/207901\nRun-TryBot: Bryan C. Mills \u003cbcmills@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\n" }, { "commit": "497ca9f6d64f9bb73048a960b4098309edcd2205", "tree": "854eaa80096b0ebf9ff5209f5bf13b808048d5c2", "parents": [ "e1110fd1c708ef015366ea01799a23c459593c47" ], "author": { "name": "Lars Lehtonen", "email": "lars.lehtonen@gmail.com", "time": "Fri Nov 15 14:31:24 2019 -0800" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Sun Nov 17 06:32:00 2019 +0000" }, "message": "ssh/test: fix test goroutine error handling\n\nAdds an error channel to the test helper function\ntestPortForward() to collect errors that happen inside\na goroutine.\n\nChange-Id: I6db1d24b935fdfad637c971581ae80beaebd8a1f\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/207462\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "e1110fd1c708ef015366ea01799a23c459593c47", "tree": "41f11940d34eb42434c4a643feca0ef33f7e93ca", "parents": [ "16651526fdb40c41f6e4da1ad8138f08f012e842" ], "author": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Tue Oct 15 12:39:39 2019 -0400" }, "committer": { "name": "Katie Hockman", "email": "katie@golang.org", "time": "Tue Nov 12 22:21:19 2019 +0000" }, "message": "openpgp/elgamal: prevent bad key from causing panic in Decrypt\n\nIf the mod inverse of the private key\u0027s P value does not exist,\nreturn an error in Decrypt rather than panic.\n\nChange-Id: Ia075a60108863b14ba98bb62364a17131423b819\nReviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/573976\nReviewed-by: Filippo Valsorda \u003cvalsorda@google.com\u003e\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/205502\nRun-TryBot: Katie Hockman \u003ckatie@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "16651526fdb40c41f6e4da1ad8138f08f012e842", "tree": "898f1fe4ccfed6ceff6411ba73e402a4084d920d", "parents": [ "e0829623afd464429396234eeac9277b0135e15f" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Sat Jul 13 12:52:33 2019 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Nov 11 21:39:47 2019 +0000" }, "message": "chacha20: implement XChaCha20\n\nSimply add the NonceSizeX constant, and accept 24 bytes nonces in\nNewUnauthenticatedCipher. Based on draft-irtf-cfrg-xchacha-01 and\nlibsodium\u0027s implementation.\n\nFixes golang/go#24485\n\nChange-Id: I551c8ace258bd54b95bb204c8bb34bccd1c4b615\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/185991\nReviewed-by: Michael Munday \u003cmike.munday@ibm.com\u003e\n" }, { "commit": "e0829623afd464429396234eeac9277b0135e15f", "tree": "76b862cc2f6eb934770daa5aa288cbd950d4e52e", "parents": [ "9b708ad8e1a3fb29b81d7e722d70a4226e2acf7a" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Jul 12 12:29:02 2019 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Nov 11 21:38:06 2019 +0000" }, "message": "chacha20: expose internal/chacha20 package\n\nconst KeySize \u003d 32\nconst NonceSize \u003d 12\nfunc HChaCha20(key, nonce []byte) ([]byte, error)\ntype Cipher struct {}\nfunc NewUnauthenticatedCipher(key, nonce []byte) (*Cipher, error)\nfunc (s *Cipher) XORKeyStream(dst, src []byte)\n\nSmall performance hit in chacha20poly1305, probably due to the loss\nof the Advance API, which we might consider adding later. No new\nallocations, thanks to the mid-stack inliner.\n\nname old time/op new time/op delta\nChacha20Poly1305/Open-64-8 1.60µs ± 0% 1.68µs ± 1% +4.94% (p\u003d0.000 n\u003d9+10)\nChacha20Poly1305/Seal-64-8 1.56µs ± 0% 1.64µs ± 1% +5.21% (p\u003d0.000 n\u003d8+10)\nChacha20Poly1305/Open-64-X-8 2.10µs ± 1% 2.22µs ± 1% +5.81% (p\u003d0.000 n\u003d10+10)\nChacha20Poly1305/Seal-64-X-8 2.07µs ± 1% 2.17µs ± 0% +4.88% (p\u003d0.000 n\u003d10+10)\nChacha20Poly1305/Open-1350-8 15.4µs ± 0% 15.7µs ± 1% +1.65% (p\u003d0.000 n\u003d10+10)\nChacha20Poly1305/Seal-1350-8 15.6µs ± 2% 15.9µs ± 1% +1.58% (p\u003d0.028 n\u003d10+9)\nChacha20Poly1305/Open-1350-X-8 16.0µs ± 1% 16.3µs ± 2% +2.00% (p\u003d0.000 n\u003d10+10)\nChacha20Poly1305/Seal-1350-X-8 15.9µs ± 0% 16.3µs ± 1% +1.91% (p\u003d0.000 n\u003d10+8)\nChacha20Poly1305/Open-8192-8 85.6µs ± 0% 86.6µs ± 1% +1.21% (p\u003d0.000 n\u003d10+10)\nChacha20Poly1305/Seal-8192-8 85.7µs ± 0% 86.3µs ± 0% +0.68% (p\u003d0.001 n\u003d9+9)\nChacha20Poly1305/Open-8192-X-8 86.4µs ± 1% 87.1µs ± 1% +0.76% (p\u003d0.035 n\u003d10+9)\nChacha20Poly1305/Seal-8192-X-8 86.0µs ± 0% 87.0µs ± 1% +1.14% (p\u003d0.000 n\u003d9+9)\n\nUpdates golang/go#24485\n\nChange-Id: I2ec2ef487a03f013049915d9063751c75a78408b\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/185980\nReviewed-by: Michael Munday \u003cmike.munday@ibm.com\u003e\n" }, { "commit": "9b708ad8e1a3fb29b81d7e722d70a4226e2acf7a", "tree": "548ac5a33973a14fffe1ee0396db74c79cbb7936", "parents": [ "85e5e33df3ab4a4c7fcfc67d04bbeb97fc2d8e89" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Tue Jul 09 20:38:07 2019 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Nov 11 21:36:26 2019 +0000" }, "message": "internal/chacha20: cache first round across XORKeyStream invocations\n\nname old speed new speed delta\nChaCha20/64-4 428MB/s ± 1% 432MB/s ± 1% ~ (p\u003d0.089 n\u003d10+10)\nChaCha20/256-4 497MB/s ± 1% 507MB/s ± 2% +1.94% (p\u003d0.000 n\u003d9+10)\nChaCha20/10x25-4 273MB/s ± 1% 285MB/s ± 3% +4.37% (p\u003d0.000 n\u003d10+10)\nChaCha20/4096-4 495MB/s ± 1% 508MB/s ± 1% +2.51% (p\u003d0.000 n\u003d8+10)\nChaCha20/100x40-4 407MB/s ± 1% 439MB/s ± 1% +7.92% (p\u003d0.000 n\u003d9+9)\nChaCha20/65536-4 521MB/s ± 2% 537MB/s ± 1% +3.00% (p\u003d0.000 n\u003d10+10)\nChaCha20/1000x65-4 498MB/s ± 2% 521MB/s ± 2% +4.70% (p\u003d0.000 n\u003d10+10)\n\nCuriously, even if we omit the critical s.precompDone \u003d true step, we\nsee a significant performance improvement across the board, maybe due to\nreduced register pressure. (See below. Actually using the precomputed\nvalues only impacts the 10x25, 100x40 and 1000x65 benchmarks, as\nexpected.)\n\nname old speed new speed delta\nChaCha20/64-4 428MB/s ± 1% 428MB/s ± 1% ~ (p\u003d0.912 n\u003d10+10)\nChaCha20/256-4 497MB/s ± 1% 510MB/s ± 1% +2.64% (p\u003d0.000 n\u003d9+10)\nChaCha20/10x25-4 273MB/s ± 1% 277MB/s ± 2% +1.36% (p\u003d0.003 n\u003d10+10)\nChaCha20/4096-4 495MB/s ± 1% 507MB/s ± 2% +2.28% (p\u003d0.000 n\u003d8+10)\nChaCha20/100x40-4 407MB/s ± 1% 418MB/s ± 1% +2.69% (p\u003d0.000 n\u003d9+10)\nChaCha20/65536-4 521MB/s ± 2% 536MB/s ± 1% +2.76% (p\u003d0.000 n\u003d10+8)\nChaCha20/1000x65-4 498MB/s ± 2% 519MB/s ± 1% +4.15% (p\u003d0.000 n\u003d10+9)\n\nUpdates golang/go#24485\n\nChange-Id: I117fab938787819aae1cc4371354888701e4e54b\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/185440\nReviewed-by: Michael Munday \u003cmike.munday@ibm.com\u003e\n" }, { "commit": "85e5e33df3ab4a4c7fcfc67d04bbeb97fc2d8e89", "tree": "23001ca65f99757e5946f0da913d0662ae123925", "parents": [ "2dbfe9001fa8e8b979ff80a1c88b888d48e1b575" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Tue Jul 09 20:00:25 2019 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Nov 11 21:34:50 2019 +0000" }, "message": "internal/chacha20: refactor for readability and consistency\n\nSeparated the complex buffering logic from key stream generation more\nclearly, added plenty of comments and generally refactored the Go\nimplementation for readability. Made the interface with the\ngeneric/assembly cores smaller and more consistent, according to\ngolang.org/wiki/TargetSpecific.\n\nWe will recover the lost performance on unaligned calls by caching 3/4\nof the first round across XORKeyStream invocations, which we now have\ncomplexity budget for.\n\nname old speed new speed delta\nChaCha20/64-4 435MB/s ± 2% 429MB/s ± 2% -1.47% (p\u003d0.013 n\u003d10+9)\nChaCha20/256-4 496MB/s ± 1% 493MB/s ± 2% ~ (p\u003d0.280 n\u003d10+10)\nChaCha20/10x25-4 283MB/s ± 1% 274MB/s ± 2% -3.13% (p\u003d0.000 n\u003d10+10)\nChaCha20/4096-4 494MB/s ± 1% 493MB/s ± 5% ~ (p\u003d0.631 n\u003d10+10)\nChaCha20/100x40-4 421MB/s ± 3% 408MB/s ± 1% -3.14% (p\u003d0.003 n\u003d9+9)\nChaCha20/65536-4 515MB/s ± 1% 519MB/s ± 3% ~ (p\u003d0.161 n\u003d7+10)\nChaCha20/1000x65-4 501MB/s ± 2% 501MB/s ± 3% ~ (p\u003d0.497 n\u003d9+10)\n\nAlso applied a fix for a lingering bug in the ppc64le assembly written\nby Lynn Boger \u003claboger@linux.vnet.ibm.com\u003e.\n\nUpdates golang/go#24485\n\nChange-Id: I10cf24a7f10359b1b4ae63c9bb1946735b98ac9b\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/185439\nReviewed-by: Michael Munday \u003cmike.munday@ibm.com\u003e\n" }, { "commit": "2dbfe9001fa8e8b979ff80a1c88b888d48e1b575", "tree": "de45872e0734c93f0e6f2668799b274cca52272e", "parents": [ "bd318be0434a57050ed475e0f45c3dbb16c09c2e" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Sat Mar 23 01:45:20 2019 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Nov 11 21:33:42 2019 +0000" }, "message": "poly1305: rewrite the Go implementation with 64-bit limbs\n\nThe new code is meant to be readable without external references for\nPoly1305, and explains the field logic. The generic code is now 30-50%\nfaster on a Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz, and even better\non a 3.1 GHz i7 MacBook.\n\nname old time/op new time/op delta\n64-48 126ns ± 0% 80ns ± 1% -36.24% (p\u003d0.000 n\u003d16+20)\n1K-48 1.07µs ± 0% 0.81µs ± 2% -23.63% (p\u003d0.000 n\u003d19+20)\n2M-48 2.07ms ± 0% 1.61ms ± 1% -22.31% (p\u003d0.000 n\u003d20+20)\nWrite64-48 79.3ns ± 0% 58.0ns ± 1% -26.89% (p\u003d0.000 n\u003d20+19)\nWrite1K-48 1.02µs ± 0% 0.79µs ± 1% -22.91% (p\u003d0.000 n\u003d19+19)\nWrite2M-48 2.07ms ± 0% 1.61ms ± 2% -22.33% (p\u003d0.000 n\u003d17+20)\n\nname old speed new speed delta\n64-48 508MB/s ± 0% 797MB/s ± 1% +56.95% (p\u003d0.000 n\u003d16+20)\n1K-48 960MB/s ± 0% 1257MB/s ± 2% +30.94% (p\u003d0.000 n\u003d18+20)\n2M-48 1.01GB/s ± 0% 1.30GB/s ± 1% +28.73% (p\u003d0.000 n\u003d20+20)\nWrite64-48 807MB/s ± 0% 1104MB/s ± 1% +36.78% (p\u003d0.000 n\u003d18+19)\nWrite1K-48 1.00GB/s ± 0% 1.30GB/s ± 1% +29.71% (p\u003d0.000 n\u003d18+19)\nWrite2M-48 1.01GB/s ± 0% 1.31GB/s ± 2% +28.77% (p\u003d0.000 n\u003d17+20)\n\nThe assembly is still 50-90% faster on the Xeon, 30-60% on the MacBook.\nThe Go code does not use all the arithmetic tricks the assembly does,\nand it does not have access to the three operand wide shift instruction.\n\nname old time/op new time/op delta\n64-48 80.3ns ± 1% 54.2ns ± 0% -32.50% (p\u003d0.000 n\u003d20+17)\n1K-48 815ns ± 2% 446ns ± 1% -45.27% (p\u003d0.000 n\u003d20+20)\n2M-48 1.61ms ± 1% 0.86ms ± 0% -46.54% (p\u003d0.000 n\u003d20+17)\nWrite64-48 58.0ns ± 1% 34.0ns ± 0% -41.34% (p\u003d0.000 n\u003d19+20)\nWrite1K-48 790ns ± 1% 427ns ± 0% -45.92% (p\u003d0.000 n\u003d19+17)\nWrite2M-48 1.61ms ± 2% 0.86ms ± 0% -46.51% (p\u003d0.000 n\u003d20+20)\n\nname old speed new speed delta\n64-48 797MB/s ± 1% 1180MB/s ± 0% +48.09% (p\u003d0.000 n\u003d20+19)\n1K-48 1.26GB/s ± 2% 2.30GB/s ± 1% +82.71% (p\u003d0.000 n\u003d20+20)\n2M-48 1.30GB/s ± 1% 2.44GB/s ± 0% +87.04% (p\u003d0.000 n\u003d20+17)\nWrite64-48 1.10GB/s ± 1% 1.88GB/s ± 0% +70.52% (p\u003d0.000 n\u003d19+18)\nWrite1K-48 1.30GB/s ± 1% 2.40GB/s ± 0% +84.84% (p\u003d0.000 n\u003d19+18)\nWrite2M-48 1.31GB/s ± 2% 2.44GB/s ± 0% +86.93% (p\u003d0.000 n\u003d20+20)\n\nHopefully this will also avoid the need for an arm64 implementation.\n\nSince now the Go and the amd64/ppc64le assembly use the same limb\nschedule, drop the assembly initialize and finalize implementations,\nand make the wrapper code match. It comes with a minor slowdown.\n\nname old time/op new time/op delta\n64-48 50.3ns ± 0% 54.2ns ± 0% +7.73% (p\u003d0.000 n\u003d20+17)\n1K-48 441ns ± 0% 446ns ± 1% +1.10% (p\u003d0.000 n\u003d19+20)\n2M-48 860µs ± 0% 859µs ± 0% ~ (p\u003d0.178 n\u003d19+17)\nWrite64-48 34.0ns ± 0% 34.0ns ± 0% ~ (all equal)\nWrite1K-48 424ns ± 0% 427ns ± 0% +0.71% (p\u003d0.000 n\u003d17+17)\nWrite2M-48 860µs ± 0% 859µs ± 0% -0.04% (p\u003d0.000 n\u003d19+20)\n\nname old speed new speed delta\n64-48 1.27GB/s ± 0% 1.18GB/s ± 0% -7.20% (p\u003d0.000 n\u003d20+19)\n1K-48 2.32GB/s ± 0% 2.30GB/s ± 1% -1.07% (p\u003d0.000 n\u003d18+20)\n2M-48 2.44GB/s ± 0% 2.44GB/s ± 0% ~ (p\u003d0.173 n\u003d19+17)\nWrite64-48 1.88GB/s ± 0% 1.88GB/s ± 0% +0.04% (p\u003d0.000 n\u003d19+18)\nWrite1K-48 2.41GB/s ± 0% 2.40GB/s ± 0% -0.67% (p\u003d0.000 n\u003d19+18)\nWrite2M-48 2.44GB/s ± 0% 2.44GB/s ± 0% +0.04% (p\u003d0.000 n\u003d19+20)\n\nSince poly1305/sum_generic.go was almost entirely rewritten, it\u0027s\nprobably best reviewed on gitiles.\n\nThis is the implementation published at\nhttps://blog.filippo.io/a-literate-go-implementation-of-poly1305/\n\nUpdates #31470\n\nChange-Id: I74f9011d3ee317a43b05ae7f05d96081d08bffd3\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/169037\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n" }, { "commit": "bd318be0434a57050ed475e0f45c3dbb16c09c2e", "tree": "3304537e086d206f37c9a848773409771d7b3c11", "parents": [ "6e5058baadf9730b334298ee694a1784b617eb21" ], "author": { "name": "Lars Lehtonen", "email": "lars.lehtonen@gmail.com", "time": "Tue Nov 05 07:52:03 2019 -0800" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Fri Nov 08 23:40:33 2019 +0000" }, "message": "pkcs12: fix dropped error\n\nThis fixes a dropped error in Decode().\n\nChange-Id: Iae5cac72f63a80dd5230034a3cfe1d6e76cc3415\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/205421\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nRun-TryBot: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "6e5058baadf9730b334298ee694a1784b617eb21", "tree": "982a5d34b505dc69d4580ff32cab2421ef7bd191", "parents": [ "0a56756db3fad06b0fa979a3188e73901e218265" ], "author": { "name": "Lars Lehtonen", "email": "lars.lehtonen@gmail.com", "time": "Tue Nov 05 07:47:13 2019 -0800" }, "committer": { "name": "Emmanuel Odeke", "email": "emm.odeke@gmail.com", "time": "Fri Nov 08 23:12:17 2019 +0000" }, "message": "ssh: fix dropped error\n\nThis fixes an error variable that was being dropped\nprior to the return of dhGroup.Server().\n\nChange-Id: I8ddef1832cd7a62a69b61bb1c98bc1ceb561f985\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/205420\nRun-TryBot: Emmanuel Odeke \u003cemm.odeke@gmail.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Emmanuel Odeke \u003cemm.odeke@gmail.com\u003e\n" }, { "commit": "0a56756db3fad06b0fa979a3188e73901e218265", "tree": "35ac3fdb8ee488c875e606d4d390055c12ada83c", "parents": [ "f4817d981bb690635456c5c1c6aa0585e5d45891" ], "author": { "name": "Lars Lehtonen", "email": "lars.lehtonen@gmail.com", "time": "Fri Nov 08 14:37:52 2019 -0800" }, "committer": { "name": "Emmanuel Odeke", "email": "emm.odeke@gmail.com", "time": "Fri Nov 08 22:47:45 2019 +0000" }, "message": "acme/internal/acmeprobe: fix dropped error variable\n\nThis fixes a dropped err in runPreauthz().\n\nChange-Id: I46f98d0a21e037a49e4b779895214538d1162376\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/206237\nReviewed-by: Emmanuel Odeke \u003cemm.odeke@gmail.com\u003e\nRun-TryBot: Emmanuel Odeke \u003cemm.odeke@gmail.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "f4817d981bb690635456c5c1c6aa0585e5d45891", "tree": "ef18b6a475a7486ef7184cb692d28e6e076d030a", "parents": [ "fe70532ba32e024e51cfd718fbd66067c012d234" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Nov 07 16:07:46 2019 -0500" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Nov 07 22:22:54 2019 +0000" }, "message": "curve25519: implement new X25519 API and deprecate ScalarMult\n\n const ScalarSize \u003d 32\n const PointSize \u003d 32\n var Basepoint []byte\n func X25519(scalar, point []byte) ([]byte, error)\n\nFixes golang/go#32670\n\nChange-Id: I6b08932e4123949355610b16b6053559b399516c\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/205157\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\nReviewed-by: Adam Langley \u003cagl@golang.org\u003e\n" }, { "commit": "fe70532ba32e024e51cfd718fbd66067c012d234", "tree": "fb55b01b6b618699b7cf881d948f9728787d5a0d", "parents": [ "ed6320f186d4e69b2ba748dd0084746281301a8e" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Nov 07 16:06:22 2019 -0500" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Nov 07 22:13:45 2019 +0000" }, "message": "curve25519: update package structure per golang.org/wiki/TargetSpecific\n\nThis was extracted from CL 205157.\n\nUpdates golang/go#31470\n\nChange-Id: I8109b874d4c3897ffc920bb4e12c71836da9d44a\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/205861\nReviewed-by: Katie Hockman \u003ckatie@golang.org\u003e\n" }, { "commit": "ed6320f186d4e69b2ba748dd0084746281301a8e", "tree": "e6bc4bfbcc2754eeccad6bc3a7529fba76339345", "parents": [ "c7e5f84aec591254278750bee18f39e5dd19cdb5" ], "author": { "name": "Lynn Boger", "email": "laboger@linux.vnet.ibm.com", "time": "Wed Nov 06 13:31:00 2019 -0500" }, "committer": { "name": "Lynn Boger", "email": "laboger@linux.vnet.ibm.com", "time": "Wed Nov 06 20:26:28 2019 +0000" }, "message": "internal/chacha20: fix minor naming issue\n\nThis corrects a compile error due to a mismatch between function\ndescription and the assembler code that first appeared when running\nTryBots on the change to vendor this code. This fixes that problem\nand adds and minor change based on a comment in CL 195959.\n\nChange-Id: I42cbd3f75e281913f12f74850deaedf14eb21989\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/205659\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "c7e5f84aec591254278750bee18f39e5dd19cdb5", "tree": "97933ef08194279b99addfcdb28f254bce15345a", "parents": [ "8986dd9e96cf0a6f74da406c005ba3df38527c04" ], "author": { "name": "Bryan C. Mills", "email": "bcmills@google.com", "time": "Mon Oct 28 10:19:14 2019 -0400" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Tue Nov 05 03:41:35 2019 +0000" }, "message": "sha3: align (*state).storage\n\nEven on platforms that allow unaligned reads, the Go runtime assumes\nthat a pointer to a given type has the alignment required by that\ntype.\n\nFixes golang/go#35173\nUpdates golang/go#34972\nUpdates golang/go#34964\n\nChange-Id: I90361e096e59162e42ebde2914985af92f777ece\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/203837\nRun-TryBot: Bryan C. Mills \u003cbcmills@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "8986dd9e96cf0a6f74da406c005ba3df38527c04", "tree": "c54ea57e9eaa45e89efeb9f56b89631773e9a83a", "parents": [ "f83a4685e1528a5ebee78469d2a3262e2d505b0b" ], "author": { "name": "Dmitri Shuralyov", "email": "dmitshur@golang.org", "time": "Mon Oct 28 12:10:41 2019 -0400" }, "committer": { "name": "Dmitri Shuralyov", "email": "dmitshur@golang.org", "time": "Tue Oct 29 03:18:24 2019 +0000" }, "message": "acme/autocert: always pass AuthzURLs from AuthorizeOrder to deactivatePendingAuthz\n\nPreviously, the o.AuthzURLs slice was sometimes used from the call to\nclient.WaitOrder at the bottom of the for loop.\n\nBy that point, o may be nil if client.WaitOrder returned an error,\nwhich would cause a nil pointer dereference panic inside the deferred\nfunction call. If client.WaitOrder did not return an error, then the\ncall to deactivatePendingAuthz would use its AuthzURLs slice instead\nof the one from client.AuthorizeOrder.\n\nFixes golang/go#35225\nUpdates golang/go#21081\n\nChange-Id: I7db055ee1149871b6e5d34a8618526899c68f827\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/203919\nReviewed-by: Alex Vaghin \u003cddos@google.com\u003e\n" }, { "commit": "f83a4685e1528a5ebee78469d2a3262e2d505b0b", "tree": "c0c1c7fb6e7d9f61ca4eed93f0170962202b9608", "parents": [ "87dc89f01550277dc22b74ffcf4cd89fa2f40f4c" ], "author": { "name": "Bryan C. Mills", "email": "bcmills@google.com", "time": "Mon Oct 28 10:20:50 2019 -0400" }, "committer": { "name": "Bryan C. Mills", "email": "bcmills@google.com", "time": "Mon Oct 28 14:50:41 2019 +0000" }, "message": "go.mod: set go version\n\nChange-Id: I45f1816a359ad6fab548338fd3a6b01dda32d01f\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/203838\nRun-TryBot: Bryan C. Mills \u003cbcmills@google.com\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "87dc89f01550277dc22b74ffcf4cd89fa2f40f4c", "tree": "f1673b3fe24222aa629d49b60953bc8f88c6f932", "parents": [ "0e8c3a9068a2fb325459490d2ce7baa4ffe2d00f" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Fri Oct 11 20:31:21 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Fri Oct 11 19:15:35 2019 +0000" }, "message": "acme/autocert: give tokensMu a better name\n\nThe Manager\u0027s internal tokensMu is a bit overloaded and needs\na better name. This came up in golang.org/cl/199520.\n\nChange-Id: I9b3c17cf0b64a35aea372738a1d1fad4a24cecb6\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/200680\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "0e8c3a9068a2fb325459490d2ce7baa4ffe2d00f", "tree": "4b1e4bb8c52b37e288d946e3eef186ddfcdc26a7", "parents": [ "a950601f39e69382d60ea46fa15cecc9d9b70ec6" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Thu Sep 26 16:26:22 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Fri Oct 11 19:05:13 2019 +0000" }, "message": "acme/autocert: support ACME RFC 8555\n\nThe Manager now uses RFC 8555 implementation of Let\u0027s Encrypt by default.\nExisting users need not do any manual upgrades. If you vendor\nacme/autocert, it is enough to just rebuild your binaries at this CL.\n\nIf there\u0027s an account key stored in Manager\u0027s cache which has been used\nwith an earlier Let\u0027s Encrypt implementation (aka v1 or draft-02),\nit will be automatically re-registered with the new endpoint.\n\nOne notable change is the CAServer from internal/acmetest was amended\nto simulate a CA implementing RFC 8555, replacing draft-02.\nSupport for both RFC and draft-02 seemed too complicated and not worth\nthe benefits: the old pre-RFC bits will be removed from both acme and\nacme/autocert packages at some point.\n\nFixes golang/go#21081\n\nChange-Id: Id530758ac612b1c20f9df51c4d10f770e5f41ecf\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/199520\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "a950601f39e69382d60ea46fa15cecc9d9b70ec6", "tree": "e751c216c1a252963067ddb6c30d98634cea8303", "parents": [ "1f99b0ed1509a6c1a86af95b21f2a7059905b028" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Fri Oct 11 13:06:28 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Fri Oct 11 16:18:58 2019 +0000" }, "message": "acme: update Directory URL to Let\u0027s Encrypt v2\n\nThis updates the default Directory URL to Let\u0027s Encrypt v2.\nTheir v1 has been deprecated and new account registrations\nwill be disabled in Nov 2019. See the following for details:\nhttps://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430\n\nThere\u0027s no good reason to keep the default URL pointing to v1\nany longer.\n\nUpdates golang/go#21081\n\nChange-Id: I34520e4dfb04a30d82a50559369bac819076d49c\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/200638\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "1f99b0ed1509a6c1a86af95b21f2a7059905b028", "tree": "060ecaf4642cbc5ae5cca2b5ccd82a2bab53800b", "parents": [ "af544f31c8ac5794d2134b792e9eb714d9d8f9ce" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Fri Oct 11 12:55:55 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Fri Oct 11 16:18:19 2019 +0000" }, "message": "acme: prevent discovery network roundtrips in tests\n\nClient\u0027s FetchCert now requires to do the discovery before\nfetching a cert from RFC 8555 compliant CA using POST-as-GET\nrequests.\n\nSome tests initialized the client without providing a directory\nmetadata, making it do network roundtrips to the default CA.\n\nThis CL sets a non-nil directory metadata to prevent unnecessary\nnetwork roundtrips to an actual CA during tests.\n\nChange-Id: Icaa6c2c2fd25ae8e5b1b44c6c3dafa246e6bdbb0\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/200637\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "af544f31c8ac5794d2134b792e9eb714d9d8f9ce", "tree": "c15b578a13f05f35ad3c0367e836d30dfafaae7a", "parents": [ "34f69633bfdcf9db92f698f8487115767eebef81" ], "author": { "name": "Lynn Boger", "email": "laboger@linux.vnet.ibm.com", "time": "Tue Sep 17 10:14:02 2019 -0400" }, "committer": { "name": "Lynn Boger", "email": "laboger@linux.vnet.ibm.com", "time": "Thu Oct 10 18:54:27 2019 +0000" }, "message": "internal/chacha20: improve chacha20 performance on ppc64le\n\nThis improves the performance of the asm implementation for\nchacha20 on ppc64le by updating to the vsx implementation\nprovided in cryptogams. The previous implementation was found to\nnot perform as well as possible on power9. This implementation\nimproves performance on both power8 and power9.\n\nPower9 improvement with this change as compared to current:\n\nname old time/op new time/op delta\nChaCha20/32-64 361ns ± 0% 225ns ± 0% -37.67% (p\u003d1.000 n\u003d1+1)\nChaCha20/63-64 364ns ± 0% 229ns ± 0% -37.09% (p\u003d1.000 n\u003d1+1)\nChaCha20/64-64 364ns ± 0% 231ns ± 0% -36.54% (p\u003d1.000 n\u003d1+1)\nChaCha20/256-64 332ns ± 0% 199ns ± 0% -40.06% (p\u003d1.000 n\u003d1+1)\nChaCha20/1024-64 1.24µs ± 0% 0.70µs ± 0% -43.23% (p\u003d1.000 n\u003d1+1)\nChaCha20/1350-64 1.89µs ± 0% 1.03µs ± 0% -45.35% (p\u003d1.000 n\u003d1+1)\nChaCha20/65536-64 77.0µs ± 0% 42.5µs ± 0% -44.83% (p\u003d1.000 n\u003d1+1)\n\nThis is discussed in issue golang/go#25051.\n\nA few asm instructions vmrgew and vmrgow were just added in Go 1.14\nso have been encoded using WORD at this point.\n\nChange-Id: I2b192a63cf46b0b20195e60e4412c43c5dd14ad8\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/195959\nRun-TryBot: Lynn Boger \u003claboger@linux.vnet.ibm.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Carlos Eduardo Seo \u003ccseo@linux.vnet.ibm.com\u003e\n" }, { "commit": "34f69633bfdcf9db92f698f8487115767eebef81", "tree": "b6f4845fd34cdba4785bc020a76c33d30f62744a", "parents": [ "f9e2070545dcd4128a854a97ddf10fbfc3c4b6e4" ], "author": { "name": "Scott Ragan", "email": "ragansa@fb.com", "time": "Wed Oct 02 19:15:13 2019 +0000" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Wed Oct 02 19:21:27 2019 +0000" }, "message": "openpgp/packet: support crypto.Decrypter in EncryptedKey.Decrypt\n\nFixes golang/go#33301\n\nChange-Id: I74a389367d34d4718d70349794027ed9f1eca370\nGitHub-Last-Rev: 6d95cdf63248a54b134027ed49641c204187f188\nGitHub-Pull-Request: golang/crypto#94\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/189497\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "f9e2070545dcd4128a854a97ddf10fbfc3c4b6e4", "tree": "4939e889b9121c2a5b60ddfd79a0fcc45e2ee394", "parents": [ "4663e185863a1aee50d0486b326769f0bd22eb30" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Wed Sep 11 10:47:38 2019 -0400" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Tue Oct 01 17:07:39 2019 +0000" }, "message": "acme/internal: add a prober program\n\nWhile working on the RFC 8555 implementation for golang/go#21081,\nI\u0027ve been also manually verifying the functionality against\nvarious CAs both draft-02 and RFC versions.\n\nThis does not of course replace automated tests\nyet it might be useful to others.\n\nIt is not a _test.go file because the program may require\ninteractive user input for dns-01 challenge types and needs\nto flush logs to stderr during its run.\n\nChange-Id: Ia324b08b30308441cc0705648e30c0112b0fa0c8\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/194681\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "4663e185863a1aee50d0486b326769f0bd22eb30", "tree": "59106be85fcd53272dc7e676876767fdfc748f71", "parents": [ "88343688bb370571259f1a6c98274757b61e3bb1" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Mon Sep 09 15:54:00 2019 -0400" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Tue Oct 01 14:10:32 2019 +0000" }, "message": "acme: update existing methods for RFC 8555\n\nThis adds RFC support to the existing methods which,\nin conjunction with the new order based methods\nimplemented in golang.org/cl/192779, completes a Client\ncapable of obtaining certificates from RFC compliant CAs.\n\nUpdates golang/go#21081\n\nChange-Id: I3aabc50928d3e4e49ee202eb6695135d5ad86821\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/194379\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "88343688bb370571259f1a6c98274757b61e3bb1", "tree": "c849714fc223608cb5b6f99f3449d36aaa1e61dc", "parents": [ "a832865fa7ada6126f4c6124ac49f71be71bff2a" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Sat Aug 31 21:44:59 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Tue Oct 01 10:37:51 2019 +0000" }, "message": "acme: implement new order-based issuance methods\n\nThe order based issuance flow is different from pre-authorization\nin that users tell upfront which identifiers they want a future\ncertificate to contain and the CA responds with a set of authorizations\nto satisfy.\n\nSimilar to pre-authorization where users start with Client\u0027s\nAuthorize method, fulfill challenges and then call GetAuthorization\nor WaitAuthorization, the order based flow starts with AuthorizeOrder\nand then GetOrder or WaitOrder.\n\nOnce all order authorizations are satisfied, users can call\nCreateOrderCert, as opposed to the old CreateCert, and FetchCert as before.\nThe new method implementation and updates to the existing methods\nis in golang.org/cl/194379.\n\nMore on order based flow can be found in\nhttps://tools.ietf.org/html/rfc8555#section-7.4.\n\nUpdates golang/go#21081\n\nChange-Id: I37c37203b50785d7681f65f815d7b19d9c15b96d\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/192779\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\n" }, { "commit": "a832865fa7ada6126f4c6124ac49f71be71bff2a", "tree": "683f7ecf5a9efcaf0cae28e8a37cdec64ad9e9bf", "parents": [ "cea2066c64117dea9cba47afc7c35e4d2299107d" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Wed Aug 28 23:16:55 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Fri Sep 27 12:36:31 2019 +0000" }, "message": "acme: support RFC 8555 account management\n\nMost important change in this CL is that Client is now able\nto correctly format and sign requests in KID form with a valid\n\"kid\" value.\n\nAccording to the RFC, most requests must include KID field\nin the protected head of JWS requests. The KID value is the account\nidentity provided by the CA during registration.\n\nThe KID value is also the Account URL. Hence, the CL is tied to\naccount management.\n\nUpdates golang/go#21081\n\nChange-Id: I13f51e1fc52db7596eb933b47fa2014beb93c1ab\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/191602\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "cea2066c64117dea9cba47afc7c35e4d2299107d", "tree": "2a86fbb1b47ba6af611615facb754063f4bf0463", "parents": [ "fa1a291087948aa85c6e20c1b3749a02403ffc1b" ], "author": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Thu Sep 26 17:54:57 2019 +0000" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Thu Sep 26 18:03:35 2019 +0000" }, "message": "Revert \"ssh/terminal: account for win32 api changes\"\n\nThis reverts commit CL 196897 (commit 9ee001bba3923)\n\nReason for revert: we\u0027re reverting the API change instead\nin https://go-review.googlesource.com/c/sys/+/197597\n\nChange-Id: I41741c85bb7a07b9ce13264ebb26ee3f968772fa\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/197598\nReviewed-by: Bryan C. Mills \u003cbcmills@google.com\u003e\nRun-TryBot: Bryan C. Mills \u003cbcmills@google.com\u003e\n" }, { "commit": "fa1a291087948aa85c6e20c1b3749a02403ffc1b", "tree": "093ad24af203c3d7d00509b29c22dca226954dd0", "parents": [ "2682ddc9f58f9f50377039b35d26007c68521f28" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Fri Aug 23 16:55:35 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Thu Sep 26 11:49:37 2019 +0000" }, "message": "acme: add KID variant to jwsEncodeJSON\n\nRFC8555 requires that most requests contain \"kid\" field in the\nprotected header. The JWK version is still used for new account\ncreation and certificate revocation requests. Previously,\nin earlier drafts JWK variant was used exclusively.\n\nWhile JWK is computed based off the account public key,\nthe new \"kid\" field takes literal value of the Account URL\nprovided by the CA during a new registration. The actual support\nfor KID-based JWS requests in Client will be added in a follow up CL.\n\nFor what concerns the existing behaviour of JWS requests,\na new field \"url\" is added to the protected header.\nBefore:\n\n {\"alg\":\"...\", \"jwk\":\"...\", \"nonce\":\"...\"}\n\nAfter:\n\n {\"alg\":\"...\", \"jwk\":\"...\", \"nonce\":\"...\", \"url\":\"...\"}\n\nwhere the new field takes a value of the target request URL.\nThis still works for CAs supporting pre-RFC protocol versions.\n\nUpdates golang/go#21081\n\nChange-Id: I460cfcd3dfdfe7fe3009a92a0a8a709fa07d0e7a\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/191601\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "2682ddc9f58f9f50377039b35d26007c68521f28", "tree": "de2ffa8a93aeb08c5923bf1cf02f7175f1062473", "parents": [ "2afe7c4bde1bf8be2ca50c448b6b8142970faf3e" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Wed Aug 21 01:03:43 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Thu Sep 26 11:24:57 2019 +0000" }, "message": "acme: fetch fresh nonces from newNonce resource\n\nPreviously, nonce values were fetched from Directory URL.\nRFC8555 and some recent drafts provide specific URL to fetch\nnew nonce values from.\n\nThis CL makes the client always use new nonce URL when available\nand fall back to the previous behavior otherwise.\n\nUpdates golang/go#21081\n\nChange-Id: I6442004b01d46aa015c193ca4c80daa712b78790\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/191603\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "2afe7c4bde1bf8be2ca50c448b6b8142970faf3e", "tree": "4a09dbd18cb9d4acb614e95f09d05e68d4ee4f4e", "parents": [ "9ee001bba392397c76f100a2d5b13afc86f167f1" ], "author": { "name": "x1ddos", "email": "alex@cloudware.io", "time": "Tue Aug 20 17:44:11 2019 +0200" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Thu Sep 26 11:24:10 2019 +0000" }, "message": "acme: add support for RFC8555 compliant discovery\n\nThis CL is part of many to extend existing acme package\nfunctionality to support RFC8555 without breaking existing users\nof both this client package and CA implementations which haven\u0027t\ncaught up to the RFC spec.\n\nUpdates golang/go#21081\n\nChange-Id: I20eb339ede019930c3482286cd13a3ba6f2b3cd6\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/182937\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "9ee001bba392397c76f100a2d5b13afc86f167f1", "tree": "36b3e9ad78d0d34f6723a3cae5aea992f886b725", "parents": [ "227b76d455e791cb042b03e633e2f7fbcfdf74a5" ], "author": { "name": "Jason A. Donenfeld", "email": "Jason@zx2c4.com", "time": "Sun Sep 22 23:01:56 2019 +0200" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Mon Sep 23 03:51:54 2019 +0000" }, "message": "ssh/terminal: account for win32 api changes\n\nThe API changed for this function, since the call always succeeds.\nUpdate this user of it accordingly.\n\nFixes: golang/go#34461\n\nChange-Id: I9d19b70767fc6b1b9292ad8732dd8e54bb6a8ae0\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/196897\nRun-TryBot: Jason A. Donenfeld \u003cJason@zx2c4.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "227b76d455e791cb042b03e633e2f7fbcfdf74a5", "tree": "1d3547001d08af5cc8ab781bf30d97b7e3bdfa7d", "parents": [ "094676da4a83be5288d281081bba63a173ce6772" ], "author": { "name": "Alex Vaghin", "email": "alex@cloudware.io", "time": "Tue Sep 10 22:06:19 2019 -0400" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Wed Sep 11 03:14:32 2019 +0000" }, "message": "acme/autocert: remove tls-sni-xx challenge support\n\nThese challenge types have been deprecated by popular ACME providers\ndue to security issues in the ecosystem.\n\nFixes golang/go#28370\n\nChange-Id: I3270a6f5d3e5fbc53e4347a9a802df5f603c87de\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/194658\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "094676da4a83be5288d281081bba63a173ce6772", "tree": "af037279e26f0c7ff4ac438b5cc760709e93970f", "parents": [ "71b5226ff73902d121cd9dbbdfdb67045a805845" ], "author": { "name": "Eric Brown", "email": "browne@vmware.com", "time": "Thu Jul 12 08:07:55 2018 -0700" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Mon Sep 09 09:17:59 2019 +0000" }, "message": "ssh: drop dh-group1-sha1 from default key exchanges\n\nThis removes diffie-hellman-group1-sha1 from the list of default\nkey exchange algorithms. This kex is considered weak and potentially\nvulnerable to the Logjam attack.\n\nNote: This is a backwards incompatible change: if you connect to ssh\nservers that do not support any key exchanges except for dh-group1-sha1,\nyou must now specify config.KeyExchanges explicity.\n\nSee also:\nhttps://www.openssh.com/legacy.html\nhttps://blog.gdssecurity.com/labs/2015/8/3/ssh-weak-diffie-hellman-group-identification-tool.html\n\nFixes golang/go#12955\n\nChange-Id: I032d5175d63ab5d1912de72957a80200eb396bc9\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/123595\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\n" }, { "commit": "71b5226ff73902d121cd9dbbdfdb67045a805845", "tree": "4a950f6e506bf738fb466fe847f89d04841ca7bc", "parents": [ "9756ffdc24725223350eb3266ffb92590d28f278" ], "author": { "name": "Tobias Klauser", "email": "tklauser@distanz.ch", "time": "Fri Sep 06 11:30:51 2019 +0200" }, "committer": { "name": "Tobias Klauser", "email": "tobias.klauser@gmail.com", "time": "Sat Sep 07 12:14:10 2019 +0000" }, "message": "sha3: add a space before +build in build tag comments\n\nAdd a space before build tag comments so it corresponds to the format\ndocumented at https://golang.org/pkg/go/build/.\n\nChange-Id: Ic29df4660a0968f58f721ec61943c0b277d4aaad\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/193777\nRun-TryBot: Tobias Klauser \u003ctobias.klauser@gmail.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "9756ffdc24725223350eb3266ffb92590d28f278", "tree": "7cf3b3c0272bb690ea1db16c4dbe399e2217ffd8", "parents": [ "60c769a6c58655dab1b9adac0d58967dd517cfba" ], "author": { "name": "Michael Hudson-Doyle", "email": "michael.hudson@canonical.com", "time": "Thu Aug 29 11:00:48 2019 +1200" }, "committer": { "name": "Michael Hudson-Doyle", "email": "michael.hudson@canonical.com", "time": "Thu Aug 29 04:30:50 2019 +0000" }, "message": "ssh/test: delete TestInvalidTerminalMode\n\nThis test just tests the behaviour of the host sshd in the face of\ninvalid terminal modes, and the RFCs say that the server \"MAY\" ignore\nsuch modes (and newer openssh does in fact ignore these modes rather\nthan terminating the connection).\n\nFixes golang/go#33919\n\nChange-Id: I3f915aed22651e2eb33ec34044af8b125aeb82fa\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/192217\nRun-TryBot: Michael Hudson-Doyle \u003cmichael.hudson@canonical.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "60c769a6c58655dab1b9adac0d58967dd517cfba", "tree": "ef7daf2895ee7b7d0549147ed4582ef256917d05", "parents": [ "4def268fd1a49955bfb3dda92fe3db4f924f2285" ], "author": { "name": "yuanhh", "email": "yuan415030@gmail.com", "time": "Tue Aug 20 16:16:47 2019 +0000" }, "committer": { "name": "Alex Vaghin", "email": "ddos@google.com", "time": "Tue Aug 20 16:24:20 2019 +0000" }, "message": "acme/autocert: remove tempfile after dircache write failed\n\nPer https://golang.org/pkg/io/ioutil/#TempFile description, caller should remove the file when no longer needed.\n\nChange-Id: I4c2a83c1c9bbd89f423d1a3334751e86f35b1cf6\nGitHub-Last-Rev: fac91d1a59baf9abafa98add195515ec78513819\nGitHub-Pull-Request: golang/crypto#92\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/189337\nRun-TryBot: Alex Vaghin \u003cddos@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Alex Vaghin \u003cddos@google.com\u003e\n" }, { "commit": "4def268fd1a49955bfb3dda92fe3db4f924f2285", "tree": "c2a8f94d2b3499904086ae0e1e69ec9ec511edd9", "parents": [ "cc06ce4a13d484c0101a9e92913248488a75786d" ], "author": { "name": "Agniva De Sarker", "email": "agnivade@yahoo.co.in", "time": "Mon Jul 01 14:29:26 2019 +0530" }, "committer": { "name": "Agniva De Sarker", "email": "agniva.quicksilver@gmail.com", "time": "Mon Jul 01 09:49:42 2019 +0000" }, "message": "ssh: skip testHandshakeErrorHandlingN on js/wasm\n\nThe wasm runtime cannot schedule a GC run on tight loops.\nTherefore it runs out of memory if such a loop allocates memory.\n\nSkip such a test for now.\n\nUpdates golang/go#32840\n\nChange-Id: I922b6e02710915776d2820573fd1584a5941185b\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/184397\nRun-TryBot: Agniva De Sarker \u003cagniva.quicksilver@gmail.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\n" }, { "commit": "cc06ce4a13d484c0101a9e92913248488a75786d", "tree": "bf9cc79d0367b2f5bb18e90278e362eedd04733b", "parents": [ "ea8f1a30c4438cc8b13f05538385ad8dc6049b43" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Thu Jun 20 17:50:31 2019 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Fri Jun 21 22:22:07 2019 +0000" }, "message": "acme: send User-Agent and add Client.UserAgent\n\nThis is useful to CAs, to identify and reach out to problematic clients.\n\nFixes golang/go#24496\n\nChange-Id: I944fc8178c8fa8acaf3854e9c125d3af0364a4fb\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/183267\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "ea8f1a30c4438cc8b13f05538385ad8dc6049b43", "tree": "844f496952e51f5268830a62d78ab36b095070c2", "parents": [ "57b3e21c3d5606066a87e63cfe07ec6b9f0db000" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon Jun 17 18:25:17 2019 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Tue Jun 18 22:25:45 2019 +0000" }, "message": "ed25519: turn into a wrapper for crypto/ed25519 beginning with Go 1.13\n\nUpdates golang/go#25355\n\nChange-Id: Id077d96749194943914d956bd8e79e5272477d7e\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/182698\nReviewed-by: Russ Cox \u003crsc@golang.org\u003e\n" }, { "commit": "57b3e21c3d5606066a87e63cfe07ec6b9f0db000", "tree": "25e55a3d5edc507700a1fc6476abd17c4dcb4ed5", "parents": [ "5c40567a22f818bd14a1ea7245dad9f8ef0691aa" ], "author": { "name": "Lucas Bremgartner", "email": "lucas@bremis.ch", "time": "Mon Jun 03 19:41:45 2019 +0000" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Mon Jun 17 13:33:40 2019 +0000" }, "message": "ssh: add diffie-hellman-group-exchange-sha256\n\nAdd the diffie-hellman-group-exchange-sha256 defined in RFC 4419 to\nthe list of supported key exchange algorithms for ssh.\nThe server half is only a minimal implementation to satisfy the automated tests.\n\nFixes golang/go#17230\n\nChange-Id: I25880a564347fd9b4738dd2ed1e347cd5d2e21bb\nGitHub-Last-Rev: 9f0b8d02c0c96e9baf00cdf1cf063ff834245443\nGitHub-Pull-Request: golang/crypto#87\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/174257\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\n" }, { "commit": "5c40567a22f818bd14a1ea7245dad9f8ef0691aa", "tree": "3da48acbb23c5deb23dac98428f81d152eae0452", "parents": [ "f99c8df09eb5bff426315721bfa5f16a99cad32c" ], "author": { "name": "Carlos Eduardo Seo", "email": "cseo@linux.vnet.ibm.com", "time": "Tue Jun 11 15:31:17 2019 -0300" }, "committer": { "name": "Lynn Boger", "email": "laboger@linux.vnet.ibm.com", "time": "Tue Jun 11 18:44:40 2019 +0000" }, "message": "internal/chacha20: fix variable naming\n\nWrong variable naming was causing \u0027go vet\u0027 to fail. This change fixes that.\n\nChange-Id: I71e1842ece098198773fb326a725b57fad02f82f\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/181720\nRun-TryBot: Lynn Boger \u003claboger@linux.vnet.ibm.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Lynn Boger \u003claboger@linux.vnet.ibm.com\u003e\n" }, { "commit": "f99c8df09eb5bff426315721bfa5f16a99cad32c", "tree": "bf6065e606b84170088d78e2dca090666289a8e7", "parents": [ "20be4c3c3ed52bfccdb2d59a412ee1a936d175a7" ], "author": { "name": "Lynn Boger", "email": "laboger@linux.vnet.ibm.com", "time": "Thu Apr 11 15:51:25 2019 -0400" }, "committer": { "name": "Lynn Boger", "email": "laboger@linux.vnet.ibm.com", "time": "Wed Jun 05 12:30:33 2019 +0000" }, "message": "poly1305: improve performance with asm for ppc64le\n\nThis adds an asm implementation for poly1305 on ppc64le, based on\nthe amd64 asm implementation using the mac interface.\n\nThe improvements on a power8 based on the poly1305 benchmarks are:\n\n name old time/op new time/op delta\n 64 172ns ± 0% 78ns ± 0% -54.77% (p\u003d1.000 n\u003d1+1)\n 1K 1.47µs ± 0% 0.59µs ± 0% -59.69% (p\u003d1.000 n\u003d1+1)\n 2M 2.84ms ± 0% 1.12ms ± 0% -60.47% (p\u003d1.000 n\u003d1+1)\n 64Unaligned 172ns ± 0% 78ns ± 0% -54.59% (p\u003d1.000 n\u003d1+1)\n 1KUnaligned 1.47µs ± 0% 0.59µs ± 0% -59.69% (p\u003d1.000 n\u003d1+1)\n 2MUnaligned 2.84ms ± 0% 1.13ms ± 0% -60.23% (p\u003d1.000 n\u003d1+1)\n Write64 100ns ± 0% 46ns ± 0% -53.80% (p\u003d1.000 n\u003d1+1)\n Write1K 1.40µs ± 0% 0.56µs ± 0% -59.90% (p\u003d1.000 n\u003d1+1)\n Write2M 2.84ms ± 0% 1.12ms ± 0% -60.46% (p\u003d1.000 n\u003d1+1)\n Write64Unaligned 100ns ± 0% 46ns ± 0% -53.60% (p\u003d1.000 n\u003d1+1)\n Write1KUnaligned 1.40µs ± 0% 0.56µs ± 0% -59.90% (p\u003d1.000 n\u003d1+1)\n Write2MUnaligned 2.84ms ± 0% 1.13ms ± 0% -60.22% (p\u003d1.000 n\u003d1+1)\n\nChange-Id: I77cc9bb3645a6b1a6edc414b5651dc37ae4a7410\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/173421\nRun-TryBot: Lynn Boger \u003claboger@linux.vnet.ibm.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Michael Munday \u003cmike.munday@ibm.com\u003e\n" }, { "commit": "20be4c3c3ed52bfccdb2d59a412ee1a936d175a7", "tree": "187ba0d06307d9e5ac95e9453f2640ed6e3e2740", "parents": [ "22d7a77e9e5f409e934ed268692e56707cd169e5" ], "author": { "name": "Carlos Eduardo Seo", "email": "cseo@linux.vnet.ibm.com", "time": "Mon Apr 15 21:04:41 2019 -0300" }, "committer": { "name": "Lynn Boger", "email": "laboger@linux.vnet.ibm.com", "time": "Thu May 30 12:26:14 2019 +0000" }, "message": "internal/chacha20: improve performance for ppc64le\n\nAdd asm implementation for chacha20 using vector instructions on ppc64le.\nBelow, the difference using the new code:\n\nname old speed new speed delta\nChaCha20/32-16 167MB/s ± 0% 129MB/s ± 0% -22.60% (p\u003d0.008 n\u003d5+5)\nChaCha20/63-16 308MB/s ± 0% 249MB/s ± 0% -19.00% (p\u003d0.008 n\u003d5+5)\nChaCha20/64-16 357MB/s ± 0% 251MB/s ± 0% -29.57% (p\u003d0.008 n\u003d5+5)\nChaCha20/256-16 398MB/s ± 0% 1199MB/s ± 0% +201.20% (p\u003d0.008 n\u003d5+5)\nChaCha20/1024-16 413MB/s ± 0% 1398MB/s ± 0% +238.67% (p\u003d0.008 n\u003d5+5)\nChaCha20/1350-16 395MB/s ± 0% 1189MB/s ± 0% +200.71% (p\u003d0.008 n\u003d5+5)\nChaCha20/65536-16 420MB/s ± 0% 1489MB/s ± 0% +254.10% (p\u003d0.008 n\u003d5+5)\n\nSmall sizes are slower due the fact that it always calculates using\n256 bytes of key stream.\n\nThis change was originally from Paulo Flabiano Smorigo \u003cpfsmorigo@linux.vnet.ibm.com\u003e\nand started as CL 108999 (https://go-review.googlesource.com/c/crypto/+/108999).\n\nFixes golang/go#25051\n\nChange-Id: Ie510494249b227379e23d993467256b3d4088035\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/172177\nRun-TryBot: Carlos Eduardo Seo \u003ccseo@linux.vnet.ibm.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Ian Lance Taylor \u003ciant@golang.org\u003e\nReviewed-by: Lynn Boger \u003claboger@linux.vnet.ibm.com\u003e\n" }, { "commit": "22d7a77e9e5f409e934ed268692e56707cd169e5", "tree": "f58b91b63b0830cd976c6e6538a56eb696ddaf5e", "parents": [ "cbcb750295291b33242907a04be40e80801d0cfc" ], "author": { "name": "Conrado P. L. Gouvea", "email": "conradoplg@gmail.com", "time": "Fri Apr 19 13:04:53 2019 -0300" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Mon May 13 17:29:03 2019 +0000" }, "message": "sha3: fix bug in cSHAKE Clone()\n\nClone() made a copy of the Keccak state after invoking clone(), which is not\nsupported, since the \"buf\" slice in the Keccak state must point to the \"storage\"\narray, and if the state is copied directly it will keep pointing to the storage\nreturned by clone().\n\nFix it by embedding a pointer to the Keccak state instead of the state itself.\n\nChange-Id: I7d392963ec65d784a360f6c12a7935a9a9a788b5\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/173018\nReviewed-by: Filippo Valsorda \u003cfilippo@golang.org\u003e\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "cbcb750295291b33242907a04be40e80801d0cfc", "tree": "6c6be0958710f6d2cb3f4298821071e817284a47", "parents": [ "e1dfcc566284e143ba8f9afbb3fa563f2a0d212b" ], "author": { "name": "yanweizhi", "email": "yanweizhi@bytedance.com", "time": "Mon Apr 08 11:37:34 2019 +0800" }, "committer": { "name": "Han-Wen Nienhuys", "email": "hanwen@google.com", "time": "Fri May 10 10:41:15 2019 +0000" }, "message": "ssh/gss: support kerberos authentication for ssh server and client\n\nChange-Id: I20e3356476dc50402dd34d2b39ad030c1e63a9ef\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/170919\nRun-TryBot: Han-Wen Nienhuys \u003chanwen@google.com\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\nReviewed-by: Han-Wen Nienhuys \u003chanwen@google.com\u003e\n" }, { "commit": "e1dfcc566284e143ba8f9afbb3fa563f2a0d212b", "tree": "74359a584c6c5f9168aee89fedcc0866b88acf64", "parents": [ "a29dc8fdc73485234dbef99ebedb95d2eced08de" ], "author": { "name": "Matthew Dempsky", "email": "mdempsky@google.com", "time": "Mon May 06 13:23:43 2019 -0700" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Mon May 06 20:42:51 2019 +0000" }, "message": "openpgp: replace \"currentTime\" with \"creationTime\" as appropriate\n\nRFC 4880 uses the term \"creation time\" to refer to when keys and\nsignatures are created, and this is partially followed already. This\nCL applies it to the rest of places that were using \"currentTime\"\ninstead.\n\nChange-Id: I8a83604b53a240689327defd89e22ddbebe3b679\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/175446\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nRun-TryBot: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "a29dc8fdc73485234dbef99ebedb95d2eced08de", "tree": "a2f61c64a65e49f9abf4d64ac0e5b2e0f6956b72", "parents": [ "f162ad860cc521c71b15d01a1176c2e151233e6d" ], "author": { "name": "Udalov Max", "email": "re.udalov@gmail.com", "time": "Fri Apr 26 17:07:02 2019 +0300" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Fri Apr 26 14:53:43 2019 +0000" }, "message": "scrypt: use math.bits rotate functions instead of ad-hoc implementation\n\nThis makes code more readable and idiomatic. No change in benchmarks.\n\nUpdates golang/go#31456\n\nChange-Id: I010bbff33580350019ce2b0ff13847261905d32f\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/174137\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\n" }, { "commit": "f162ad860cc521c71b15d01a1176c2e151233e6d", "tree": "c6a00d1edeab9fdf273afadb7edaf23e950f14bb", "parents": [ "c05e17bb3b2dca130fc919668a96b4bec9eb9442" ], "author": { "name": "chigotc", "email": "clement.chigot@atos.net", "time": "Fri Apr 12 10:57:18 2019 +0200" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Fri Apr 26 14:52:10 2019 +0000" }, "message": "ssh/test: add port for aix/ppc64\n\nFixes golang/go#31413\n\nChange-Id: I52105280a2237f23cd91b8ec92fd89cf62564572\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/171917\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nRun-TryBot: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "c05e17bb3b2dca130fc919668a96b4bec9eb9442", "tree": "04ff3b2029564ba5aef3931b25f74712f4f86578", "parents": [ "d864b10871cd4370fe574816b489c819c675ccc7" ], "author": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Tue Apr 23 15:32:34 2019 -0400" }, "committer": { "name": "Filippo Valsorda", "email": "filippo@golang.org", "time": "Wed Apr 24 20:35:55 2019 +0000" }, "message": "openpgp/clearsign: reject potentially misleading headers and messages\n\nAida Mynzhasova of SEC Consult Vulnerability Lab reported that the\nclearsign package accepts some malformed messages, which can make it\npossible for an attacker to trick a human user (but not a Go program)\ninto thinking unverified text is part of the message.\n\nFor example, if in the following message the vertical tab character is\nprinted as a new line, a human observer could believe that the\nunverified header text is part of the signed message.\n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\\x0b\\x0bThis text is part of the header.\n\nHello world!\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niJwEAQECAAYFAk8kMuEACgkQO9o98PRieSpMsAQAhmY/vwmNpflrPgmfWsYhk5O8\n[...]\nMyTpno24AjIAGb+mH1U\u003d\n\u003dhIJ6\n-----END PGP SIGNATURE-----\n\nThe OpenPGP specs are delightfully vague about purpose and validation of\nthese headers. RFC 4880, Section 7 says\n\n The cleartext signed message consists of:\n\n - The cleartext header \u0027-----BEGIN PGP SIGNED MESSAGE-----\u0027 on a\n single line,\n\n - One or more \"Hash\" Armor Headers,\n\n - Exactly one empty line not included into the message digest,\n [...]\n\nbut also\n\n If MD5 is the only hash used, then an\n implementation MAY omit this header for improved V2.x compatibility.\n\nand\n\n If more than one message digest is used in the signature, the \"Hash\"\n armor header contains a comma-delimited list of used message digests.\n\nwhich seems to suggest that there can be zero or more Hash headers, each\nwith one or more algorithms, and no other header types.\n\nAnyway, it\u0027s entirely unclear what security purpose, if any, the Hash\nheader accomplishes. If the hash is too weak to be secure or\nunsupported, the verification will fail. Otherwise, the user shouldn\u0027t\ncare. Given its dubious function, avoid breaking abstractions to check\nthat it matches the signature, and just document it as unverified.\n\nAs for valid characters, RFC 4880 is silent, except reluctantly\nmentioning that the Comment header can be UTF-8, but I am going to\nassume that all hash algorithms will have ASCII names, because come on.\n\nEven more importantly, reject non-Hash SIGNED MESSAGE headers (as opposed\nto the SIGNATURE headers), to prevent a \"Thank you!\" message turning into\n\n-----BEGIN PGP SIGNED MESSAGE-----\nReminder: I need you to wire $100k to 12345566 as soon as possible.\n\nThank you!\n-----BEGIN PGP SIGNATURE-----\n[...]\n\nWhile at it, also check for trailing characters after the signed message\ndelimiter, as they are invalid and can be similarly used to confuse humans.\n\nThe Decode API is also unfortunate in that it doesn\u0027t return an error,\nso we can\u0027t tell the user what\u0027s wrong with the message, but that\u0027s what\nwe\u0027ve got.\n\nChange-Id: I8a72c4851075337443d7a27e0b49a6b6e39f5a41\nReviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/453011\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/173778\nRun-TryBot: Filippo Valsorda \u003cfilippo@golang.org\u003e\nReviewed-by: Adam Langley \u003cagl@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" }, { "commit": "d864b10871cd4370fe574816b489c819c675ccc7", "tree": "da405115db4f8d97cc870e94c18697175f108855", "parents": [ "f8560614bab07ea1beea7bfb204cfa9d521d2484" ], "author": { "name": "Udalov Max", "email": "re.udalov@gmail.com", "time": "Mon Apr 22 20:19:08 2019 +0300" }, "committer": { "name": "Brad Fitzpatrick", "email": "bradfitz@golang.org", "time": "Mon Apr 22 18:39:09 2019 +0000" }, "message": "blake2s: use math.bits rotate functions instead of ad-hoc implementation\n\nThis makes code more readable and idiomatic.\n\nUpdates golang/go#31456\n\nBenchstat:\nname old time/op new time/op delta\nWrite64-8 211ns ± 6% 205ns ± 2% ~ (p\u003d0.243 n\u003d10+9)\nWrite1K-8 3.26µs ± 3% 3.12µs ± 2% -4.44% (p\u003d0.000 n\u003d9+9)\nSum64-8 227ns ± 5% 217ns ± 6% -4.58% (p\u003d0.009 n\u003d10+10)\nSum1K-8 3.28µs ± 2% 3.31µs ± 4% ~ (p\u003d0.412 n\u003d10+9)\n\nname old speed new speed delta\nWrite64-8 303MB/s ± 6% 312MB/s ± 1% ~ (p\u003d0.203 n\u003d10+8)\nWrite1K-8 314MB/s ± 3% 329MB/s ± 2% +4.64% (p\u003d0.000 n\u003d9+9)\nSum64-8 281MB/s ± 5% 295MB/s ± 5% +4.93% (p\u003d0.009 n\u003d10+10)\nSum1K-8 313MB/s ± 2% 310MB/s ± 4% ~ (p\u003d0.447 n\u003d10+9)\n\nChange-Id: Iee0e88f4405d4da1feacddaf24835e86d8ddeff7\nReviewed-on: https://go-review.googlesource.com/c/crypto/+/173278\nReviewed-by: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nRun-TryBot: Brad Fitzpatrick \u003cbradfitz@golang.org\u003e\nTryBot-Result: Gobot Gobot \u003cgobot@golang.org\u003e\n" } ], "next": "f8560614bab07ea1beea7bfb204cfa9d521d2484" }