Previously, the outer loop would continue until we selected the
client's least preferable ciphersuite.
R=golang-dev, r2
CC=golang-dev
https://golang.org/cl/4029056
Many recently issued certificates are chained: there's one or more
intermediate certificates between the host certificate and the root CA
certificate. This change causes the code to load any number of
certificates from the certificate file. This matches the behaviour of
common webservers, and the output of OpenSSL's command line tools.
R=golang-dev, r2
CC=golang-dev
https://golang.org/cl/4119057
Note that DSA public key support is nascent and the verification
functions clearly don't support it yet. I'm intending to get RSA keys
working first.
R=bradfitzgo
CC=golang-dev
https://golang.org/cl/3973054
Since nobody suggested major changes to the higher level API, I'm
splitting up the lower level code for review. This is the first of the
changes for the packet reading/writing code.
It deliberately doesn't include a Makefile because the package is
incomplete.
R=bradfitzgo
CC=golang-dev
https://golang.org/cl/4080051
* Don't require lines to be full.
* Don't forget to flush the line buffer.
* Update the test so that it doesn't happen to include only full lines
in order to test the above.
* Always write the line after the header as GNUPG expects it.
R=bradfitzgo
CC=golang-dev
https://golang.org/cl/4124043
OpenPGP changed its OCFB mode for more modern packets (for example, the
MDC symmetrically encrypted packet). This change adds a bool to
determine which mode is used.
R=bradfitzgo, r, rsc
CC=golang-dev
https://golang.org/cl/4126041
The crypto package is added as a common place to store identifiers for
hash functions. At the moment, the rsa package has an enumeration of
hash functions and knowledge of their digest lengths. This is an
unfortunate coupling and other high level crypto packages tend to need
to duplicate this enumeration and knowledge (i.e. openpgp).
crypto pulls this code out into a common location.
It would also make sense to add similar support for ciphers to crypto,
but the problem there isn't as acute that isn't done in this change.
R=bradfitzgo, r, rsc
CC=golang-dev
https://golang.org/cl/4080046
The docstring claims the function uses PSS message encoding,
when the function actually implements PKCS1-v1_5 encoding.
R=agl1, rsc
CC=danderson, golang-dev
https://golang.org/cl/4097042
error is needed by all the OpenPGP packages as they return a shared
family of error types.
armor implements OpenPGP armoring. It's very like PEM except:
a) it includes a CRC24 checksum
b) PEM values are small (a few KB) and so encoding/pem assumes that
they fit in memory. Armored data can be very large and so this
package presents a streaming interface.
R=r, nsz, rsc
CC=golang-dev
https://golang.org/cl/3786043
This is largely based on ality's CL 2747042.
crypto/rc4: API break in order to conform to crypto/cipher's
Stream interface
cipher/cipher: promote to the default build
Since CBC differs between TLS 1.0 and 1.1, we downgrade and
support only 1.0 at the current time. 1.0 is what most of the
world uses.
Given this CL, it would be trival to add support for AES 256,
SHA 256 etc, but I haven't in order to keep the change smaller.
R=rsc
CC=ality, golang-dev
https://golang.org/cl/3659041
The recent linker changes broke NaCl support
a month ago, and there are no known users of it.
The NaCl code can always be recovered from the
repository history.
R=adg, r
CC=golang-dev
https://golang.org/cl/3671042
One of my own experiments ended up getting mistakenly commited when
switching to Jacobian transformations.
R=rsc
CC=golang-dev
https://golang.org/cl/3473044
I have written a tool to verify Printf calls, and although it's not
ready to be reviewed yet it's already uncovered a spate of problems
in the repository. I'm sending this CL to break the changes into
pieces; as the tool improves it will find more, I'm sure.
R=rsc
CC=golang-dev
https://golang.org/cl/3427043
Changed all uses of bytes.Add (aside from those testing bytes.Add) to append(a, b...).
Also ran "gofmt -s" and made use of copy([]byte, string) in the fasta benchmark.
R=golang-dev, r, r2
CC=golang-dev
https://golang.org/cl/3302042
cipher is intended to replace crypto/block over time. This
change only adds basic parts: CBC and CTR mode and doesn't add
the package to the top-level Makefile.
R=r, rsc
CC=golang-dev
https://golang.org/cl/3069041
* Add support for certificate policy identifiers
* Fix the version number of generated certificates
* Fix the parsing of version numbers
* Fix the case of multiple name entries (it should have been a list of
tagged values, not a tagged list of values).
R=r
CC=golang-dev
https://golang.org/cl/3044041
Previously we checked the certificate chain from the leaf
upwards and expected to jump from the last cert in the chain to
a root certificate.
Although technically correct, there are a number of sites with
problems including out-of-order certs, superfluous certs and
missing certs.
The last of these requires AIA chasing, which is a lot of
complexity. However, we can address the more common cases by
using a pool building algorithm, as browsers do.
We build a pool of root certificates and a pool from the
server's chain. We then try to build a path to a root
certificate, using either of these pools.
This differs from the behaviour of, say, Firefox in that Firefox
will accumulate intermedite certificate in a persistent pool in
the hope that it can use them to fill in gaps in future chains.
We don't do that because it leads to confusing errors which only
occur based on the order to sites visited.
This change also enabled SNI for tls.Dial so that sites will return
the correct certificate chain.
R=rsc
CC=golang-dev
https://golang.org/cl/2916041
Previously all the functions took two arguments: src, dst. This is the
reverse of the usual Go style and worth changing sooner rather than
later.
Unfortunately, this is a change that the type system doesn't help
with. However, it's not a subtle change: any unittest worth the name
should catch this.
R=rsc, r
CC=golang-dev
https://golang.org/cl/2751042
CAST5 is the default OpenPGP cipher.
(This won't make Rob any happier about the size of crypto/, of course.)
It already has dst, src in that order but it doesn't have any users yet so I figure it's better than changing it later.
R=rsc, gri, r
CC=golang-dev
https://golang.org/cl/2762042
New logging interface simplifies and generalizes.
1) Loggers now have only one output.
2) log.Stdout, Stderr, Crash and friends are gone.
Logging is now always to standard error by default.
3) log.Panic* replaces log.Crash*.
4) Exiting and panicking are not part of the logger's state; instead
the functions Exit* and Panic* simply call Exit or panic after
printing.
5) There is now one 'standard logger'. Instead of calling Stderr,
use Print etc. There are now triples, by analogy with fmt:
Print, Println, Printf
What was log.Stderr is now best represented by log.Println,
since there are now separate Print and Println functions
(and methods).
6) New functions SetOutput, SetFlags, and SetPrefix allow global
editing of the standard logger's properties. This is new
functionality. For instance, one can call
log.SetFlags(log.Lshortfile|log.Ltime|log.Lmicroseconds)
to get all logging output to show file name, line number, and
time stamp.
In short, for most purposes
log.Stderr -> log.Println or log.Print
log.Stderrf -> log.Printf
log.Crash -> log.Panicln or log.Panic
log.Crashf -> log.Panicf
log.Exit -> log.Exitln or log.Exit
log.Exitf -> log.Exitf (no change)
This has a slight breakage: since loggers now write only to one
output, existing calls to log.New() need to delete the second argument.
Also, custom loggers with exit or panic properties will need to be
reworked.
All package code updated to new interface.
The test has been reworked somewhat.
The old interface will be removed after the new release.
For now, its elements are marked 'deprecated' in their comments.
Fixes#1184.
R=rsc
CC=golang-dev
https://golang.org/cl/2419042
Replace Marshal with MarshalToMemory
(no one was using old Marshal anyway).
Swap arguments to Unmarshal.
Fixes#1133.
R=agl1
CC=golang-dev
https://golang.org/cl/2249045
The key/value format of X.500 names means that it's possible to encode
a name with multiple values for, say, organisation. RFC5280
doesn't seem to consider this, but there are Verisign root
certificates which do this and, in order to find the correct
root certificate in some cases, we need to handle it.
Also, CA certificates should set the CA flag and we now check
this. After looking at the other X.509 extensions it appears
that they are universally ignored/bit rotted away so we ignore
them.
R=rsc
CC=golang-dev
https://golang.org/cl/2249042
asn1: add support for T61String because this is the string type which
several www.google.com certificates are now using for fields like
CommonName
tls: force a handshake in Dial so that certificates are ready
afterwards.
Fixes#1114.
R=rsc
CC=golang-dev
https://golang.org/cl/2216043
This changeset implements client certificate support in crypto/tls
for both handshake_server.go and handshake_client.go
The updated server implementation sends an empty CertificateAuthorities
field in the CertificateRequest, thus allowing clients to send any
certificates they wish. Likewise, the client code will only respond
with its certificate when the server requests a certificate with this
field empty.
R=agl, rsc, agl1
CC=golang-dev
https://golang.org/cl/1975042
RFC 5280, 4.2.1.2 says:
SubjectKeyIdentifier ::= KeyIdentifier
KeyIdentifier ::= OCTET STRING
Previously, we were failing to unwrap the second level of OCTET STRING
encoding.
Fixes#993.
R=rsc
CC=golang-dev
https://golang.org/cl/1917044
SNI (Server Name Indication) is a way for a TLS client to
indicate to the server which name it knows the server by. This
allows the server to have several names and return the correct
certificate for each (virtual hosting).
PeerCertificates returns the list of certificates presented by
server.
R=r
CC=golang-dev
https://golang.org/cl/1741053
OCSP is the preferred X.509 revocation mechanism. X.509 certificates
can contain a URL from which can be fetched a signed response saying
"this certificate is valid until $x" (where $x is usually 7 days in the
future). These are called OCSP responses and they can also be included
in the TLS handshake itself ("OCSP stapling")
R=rsc, r
CC=golang-dev
https://golang.org/cl/1875043
For generating non-self-signed certs we need to be able to specify a
public key (for the signee) which is different from the private key (of
the signer).
R=rsc
CC=golang-dev
https://golang.org/cl/1741045
- renamed Len -> BitLen, simplified implementation
- renamed old Div, Mod, DivMod -> Que, Rem, QuoRem
- implemented Div, Mod, DivMod (Euclidian definition, more
useful in a mathematical context)
- fixed a bug in Exp (-0 was possible)
- added extra tests to check normalized results everywhere
- uniformly set Int.neg flag at the end of computations
- minor cosmetic cleanups
- ran all tests
R=rsc
CC=golang-dev
https://golang.org/cl/1091041
note that sortmain.go has been run through hg gofmt;
only the formatting of the day initializers changed.
i'm happy to revert that formatting if you'd prefer.
stop on error in doc/progs/run
R=r
CC=golang-dev
https://golang.org/cl/850041
Previously we would require safe primes for our RSA key generation.
Since this took rather a long time, this removes the requirement that
the primes be safe.
OpenSSL doesn't use safe primes for RSA key generation either
(openssl-0.9.8l/crypto/rsa/rsa_gen.c:122)
Fixes#649.
R=rsc
CC=golang-dev
https://golang.org/cl/253041
- only manual changes are in src/pkg/go/printer/nodes.go
- use a heuristic to determine "outliers" such that not entire composites are
forced to align with them
- improves several places that were not unligned before due too simple heuristic
- unalignes some cases that contain "outliers"
- gofmt -w src misc
Fixes#644.
R=rsc, r
CC=golang-dev
https://golang.org/cl/241041
Marshalling:
* Fixes several silly bugs.
* Support the RawContents type.
* Support the RawValue type.
* Recurse into nested interface{}.
Both directions:
* Better handling of SETs. You can now tag an element in a
structure with "set" to get the correct tag for serialisation.
* For types that aren't in a structure, you can now name them
with "SET" on the end.
* SETs are no longer implicitly treated as SEQUENCEs.
R=rsc
CC=golang-dev
https://golang.org/cl/201049
(I was looking at this code accidentally because of some gofmt
issues and thought that one could write this more effectively.
You may have deliberately chosen not to use ranges here to make
the index range clearer. Just let me know.)
R=agl, agl1
CC=golang-dev
https://golang.org/cl/181084
Listener contains private members and 6g now enforces that private
members cannot be assigned outside of their package.
R=rsc
CC=golang-dev
https://golang.org/cl/183073
parsing and printing to new syntax.
Use -oldparser to parse the old syntax,
use -oldprinter to print the old syntax.
2) Change default gofmt formatting settings
to use tabs for indentation only and to use
spaces for alignment. This will make the code
alignment insensitive to an editor's tabwidth.
Use -spaces=false to use tabs for alignment.
3) Manually changed src/exp/parser/parser_test.go
so that it doesn't try to parse the parser's
source files using the old syntax (they have
new syntax now).
4) gofmt -w src misc test/bench
1st set of files.
R=rsc
CC=agl, golang-dev, iant, ken2, r
https://golang.org/cl/180047
this is the exact same thing issue #115 is about. fix makefiles to use relative
path to work in the case we have whitespaces as part of GOROOT.
R=rsc
https://golang.org/cl/162055
the bash scripts and makefiles for building go didn't take into account
the fact $GOROOT / $GOBIN could both be directories containing whitespaces,
and was not possible to build it in such a situation.
this commit adjusts the various makefiles/scripts to make it aware of that
possibility, and now it builds successfully when using a path with whitespaces
as well.
Fixes#115.
R=rsc, dsymonds1
https://golang.org/cl/157067
* add Marshal
* add BitString.RightAlign
* change to using a *time.Time (from time.Time) since that's what
the time package uses.
* return the unparsed data from Unmarshal.
R=rsc
CC=golang-dev
https://golang.org/cl/156047
We are dealing with the multiplicative group ℤ/pqℤ. Multiples of
either p or q are not members of the group since they cannot have an
inverse. (Such numbers are 0 in the subgroup ℤ/pℤ.)
With p and q of typical size (> 512 bits), the probability of a random
blind [1..pq-1] being a multiple of p or q is negligible. However, in
the unit tests, much smaller sizes are used and the event could occur.
This change checks the result of the ext GCD and deals with this case.
It also increases the size of p and q in the unit test as a large
number of the keys selected were p, q = 227,169.
R=rsc
CC=golang-dev
https://golang.org/cl/154141
Turn methods that don't store the result in their receiver into
functions in order to preserve the convention.
Re-jig Exp and Div by moving their guts into nat.go.
Add ProbablyPrime to perform Miller-Rabin primality tests.
crypto/rsa: reenable key generation since we now have ProbablyPrime.
R=gri
CC=go-dev
http://codereview.prom.corp.google.com/1024038
- enabled for function declarations (not just function literals)
- applied gofmt -w $GOROOT/src
(look for instance at src/pkg/debug/elf/elf.go)
R=r, rsc
CC=go-dev
http://go/go-review/1026006
Make RSA and X509 build by using big. (This involves commenting out
key generation for now since I haven't written Miller-Rabin in big
yet.)
Add entries to the Makefile.
R=rsc
CC=go-dev
http://go/go-review/1022005
(With hindsight, record_process might have been designed wrong, but it
works for now. It'll get redrawn when client support is added.)
R=rsc
CC=r
http://go/go-review/1018032
For testing it can be useful to use a null random source (one which
always returns zero) to remove non-determinism from the tests.
However, when performing RSA blinding, the random blind ends up being
zero and it's hard to reverse a multiplication by zero.
R=rsc
CC=go-dev
http://go/go-review/1018033
echo back context of call in error if likely to be useful.
For example, if os.Open("/etc/passwd", os.O_RDONLY)
fails with syscall.EPERM, it returns as the os.Error
&PathError{
Op: "open",
Path: "/etc/passwd"
Error: os.EPERM
}
which formats as
open /etc/passwd: permission denied
Not converted:
datafmt
go/...
google/...
regexp
tabwriter
template
R=r
DELTA=1153 (561 added, 156 deleted, 436 changed)
OCL=30738
CL=30781
remove io.ErrEOF.
rename io.FullRead to io.ReadFull, to match
ReadAtLeast and ReadAll.
remove io.FullReader, because it is now unused.
R=r
DELTA=295 (88 added, 105 deleted, 102 changed)
OCL=30544
CL=30588
