1
0
mirror of https://github.com/golang/go synced 2024-11-17 22:14:43 -07:00
Commit Graph

33274 Commits

Author SHA1 Message Date
Russ Cox
d724c60b4d [dev.boringcrypto] misc/boring: update README
Change-Id: I17158d73f2541d49188daa2e4e02ca389f1c395d
Reviewed-on: https://go-review.googlesource.com/65992
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
2017-09-25 19:27:58 +00:00
Russ Cox
70bada9db3 [dev.boringcrypto] misc/boring: add go1.9b4 release
Change-Id: I3848a207fde43598ec77d88cd9be93cca8d3ded3
Reviewed-on: https://go-review.googlesource.com/65473
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
2017-09-22 19:08:23 +00:00
Russ Cox
e6ad24cde7 [dev.boringcrypto] all: merge go1.9 into dev.boringcrypto
Previously we were at Go 1.9 rc2.

Change-Id: I9bea028d7078676b0f1f1408e45e7e1d5e349d23
2017-09-22 14:27:50 -04:00
Russ Cox
431e071eed [dev.boringcrypto] misc/boring: add go1.9rc2b4 release
Change-Id: Ib3b035909a060d304e42d87b7de8c35626183d39
Reviewed-on: https://go-review.googlesource.com/65470
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
2017-09-22 18:27:10 +00:00
Russ Cox
cc6e26b2e1 [dev.boringcrypto] api: add crypto/x509.VerifyOptions.IsBoring to make release builder happy
Change-Id: I5ee574a04c1ec9b8f60c0b74ecd0301809671cb3
Reviewed-on: https://go-review.googlesource.com/65430
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
2017-09-22 17:21:11 +00:00
Russ Cox
bac02b14b5 [dev.boringcrypto] misc/boring: update VERSION
Change-Id: I805422f3bc4a8a64e55b7453da25c9d1e18f063f
Reviewed-on: https://go-review.googlesource.com/65394
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
2017-09-22 16:00:45 +00:00
Russ Cox
3ed08db261 [dev.boringcrypto] crypto/tls/fipsonly: new package to force FIPS-allowed TLS settings
Change-Id: I3268cab2de8aed9e2424e9c3bc7667083bc5e1ce
Reviewed-on: https://go-review.googlesource.com/65250
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-22 15:58:43 +00:00
Russ Cox
2ba76155cd [dev.boringcrypto] crypto/internal/boring: fix finalizer-induced crashes
All the finalizer-enabled C wrappers must be careful to use
runtime.KeepAlive to ensure the C wrapper object (a Go object)
lives through the end of every C call using state that the
wrapper's finalizer would free.

This CL makes the wrappers appropriately careful.

The test proves that this is the bug I was chasing in a
separate real program, and that the KeepAlives fix it.
I did not write a test of every possible operation.

Change-Id: I627007e480f16adf8396e7f796b54e5525d9ea80
Reviewed-on: https://go-review.googlesource.com/64870
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-09-20 18:01:53 +00:00
Russ Cox
32dc9b247f [dev.boringcrypto] cmd/go: exclude SysoFiles when using -msan
There's no way for a *.syso file to be compiled to work both in
normal mode and in msan mode. Assume they are compiled in
normal mode and drop them in msan mode.

Packages with syso files currently fail in -msan mode because
the syso file calls out to a routine like memcmp which then
falsely reports uninitialized memory. After this CL, they will fail
in -msan with link errors, because the syso will not be used.
But then it will at least be possible for package authors to write
fallback code in the package that avoids the syso in -msan mode,
so that the package with the syso can at least run in both modes.
Without this CL, that's not possible.

See #21884.

Change-Id: I77340614c4711325032484e65fa9c3f8332741d5
Reviewed-on: https://go-review.googlesource.com/63917
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-09-18 00:33:34 +00:00
Russ Cox
9f025cbdeb [dev.boringcrypto] crypto/internal/boring: fall back to standard crypto when using -msan
The syso is not compiled with -fsanitize=memory, so don't try to use it.
Otherwise the first time it calls out to memcmp, memcmp complains
that it is being asked to compare uninitialized memory.

Change-Id: I85ab707cfbe64eded8e110d4d6b40d1b75f50541
Reviewed-on: https://go-review.googlesource.com/63916
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-18 00:32:27 +00:00
Russ Cox
89ba9e3541 [dev.boringcrypto] crypto/aes: panic on invalid dst, src overlap
I've now debugged multiple mysterious "inability to communicate"
bugs that manifest as a silent unexplained authentication failure but are
really crypto.AEAD.Open being invoked with badly aligned buffers.
In #21624 I suggested using a panic as the consequence of bad alignment,
so that this kind of failure is loud and clearly different from, say, a
corrupted or invalid message signature. Adding the panic here made
my failure very easy to track down, once I realized that was the problem.
I don't want to debug another one of these.

Also using this CL as an experiment to get data about the impact of
maybe applying this change more broadly in the master branch.

Change-Id: Id2e2d8e980439f8acacac985fc2674f7c96c5032
Reviewed-on: https://go-review.googlesource.com/63915
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-18 00:32:06 +00:00
Russ Cox
a929f3a04d [dev.boringcrypto] crypto/rsa: fix boring GenerateKey to set non-nil Precomputed.CRTValues
This matches the standard GenerateKey and more importantly Precompute,
so that if you generate a key and then store it, read it back, call Precompute
on the new copy, and then do reflect.DeepEqual on the two copies, they
will match. Before this CL, the original key had CRTValues == nil and the
reconstituted key has CRTValues != nil (but len(CRTValues) == 0).

Change-Id: I1ddc64342a50a1b65a48d827e4d564f1faab1945
Reviewed-on: https://go-review.googlesource.com/63914
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-18 00:31:43 +00:00
Russ Cox
aa4a4a80ff [dev.boringcrypto] crypto/internal/boring: fix detection of tests to allow *.test and *_test
When using the go command, test binaries end in .test,
but when using Bazel, test binaries conventionally end in _test.

Change-Id: Ic4cac8722fd93ae316169f87b321f68e0b71f0c3
Reviewed-on: https://go-review.googlesource.com/63913
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-18 00:27:12 +00:00
Russ Cox
c9e2d9eb06 [dev.boringcrypto] crypto/rsa: add test for, fix observable reads from custom randomness
In routines like GenerateKey, where bits from the randomness source have a
visible effect on the output, we bypass BoringCrypto if given a non-standard
randomness source (and also assert that this happens only during tests).

In the decryption paths, the randomness source is only for blinding and has
no effect on the output, so we unconditionally invoke BoringCrypto, letting it
use its own randomness source as it sees fit. This in turn lets us verify that
the non-BoringCrypto decryption function is never called, not even in tests.

Unfortunately, while the randomness source has no visible effect on the
decrypt operation, the decrypt operation does have a visible effect on
the randomness source. If decryption doesn't use the randomness source,
and it's a synthetic stream, then a future operation will read a different
position in the stream and may produce different output. This happens
in tests more often than you'd hope.

To keep behavior of those future operations unchanged while still
ensuring that the original decrypt is never called, this CL adds a
simulation of the blinding preparation, to discard the right amount
from the random source before invoking BoringCrypto.

Change-Id: If2f87b856c811b59b536187c93efa99a97721419
Reviewed-on: https://go-review.googlesource.com/63912
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-18 00:26:15 +00:00
Russ Cox
e773ea9aa3 [dev.boringcrypto] crypto/hmac: add test for Write/Sum after Sum
This is documented to work (in hash.Hash's definition)
and existing code assumes it works. Add a test.

Change-Id: I63546f3b2d66222683a4f268a4eaff835fd836fe
Reviewed-on: https://go-review.googlesource.com/63911
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-18 00:16:06 +00:00
Russ Cox
8fa8f42cb3 [dev.boringcrypto] crypto/internal/boring: allow hmac operations after Sum
hmac.New returns a hash.Hash, which defines Sum as:

	// Sum appends the current hash to b and returns the resulting slice.
	// It does not change the underlying hash state.
	Sum(b []byte) []byte

I've now seen two different pieces of code that make
use of the assumption that Sum has no effect on the
internal state, so make it so.

Test in next CL in stack, so that it can be cherry-picked
to master.

Change-Id: Iad84ab3e2cc12dbecef25c3fc8f2662d157b0d0b
Reviewed-on: https://go-review.googlesource.com/63910
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-18 00:15:39 +00:00
Russ Cox
07f6ce9d39 [dev.boringcrypto] crypto/internal/boring: handle RSA verification of short signatures
The standard Go crypto/rsa allows signatures to be shorter
than the RSA modulus and assumes leading zeros.
BoringCrypto does not, so supply the leading zeros explicitly.

This fixes the golang.org/x/crypto/openpgp tests.

Change-Id: Ic8b18d6beb0e02992a0474f5fdb2b73ccf7098cf
Reviewed-on: https://go-review.googlesource.com/62170
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-18 00:07:51 +00:00
Russ Cox
e8eec3fbdb [dev.boringcrypto] cmd/compile: refine BoringCrypto kludge
Did not consider these fields being embedded or adopted
into structs defined in other packages, but that's possible too.
Refine the import path check to account for that.

Fixes 'go test -short golang.org/x/crypto/ssh' but also
adds a new test in internal/boring for the same problem.

Change-Id: Ied2d04fe2b0ac3b0a34f07bc8dfc50fc203abb9f
Reviewed-on: https://go-review.googlesource.com/62152
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-09-14 23:40:36 +00:00
Russ Cox
7b49445d0f [dev.boringcrypto] cmd/compile: hide new boring fields from reflection
This is terrible but much simpler, cleaner, and more effective
than all the alternatives I have come up with.

Lots of code assumes that reflect.DeepEqual is meaningful
on rsa.PublicKey etc, because previously they consisted only of
exported meaningful fields.

Worse, there exists code that assumes asn1.Marshal can be
passed an rsa.PublicKey, because that struct has historically
matched exactly the form that would be needed to produce
the official ASN.1 DER encoding of an RSA public key.

Instead of tracking down and fixing all of that code
(and probably more), we can limit the BoringCrypto-induced
damage by ensliting the compiler to hide the new field
from reflection. Then nothing can get at it and nothing can
be disrupted by it.

Kill two birds with one cannon ball.

I'm very sorry.

Change-Id: I0ca4d6047c7e98f880cbb81904048c1952e278cc
Reviewed-on: https://go-review.googlesource.com/60271
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-08-30 19:23:53 +00:00
Russ Cox
81b9d733b0 [dev.boringcrypto] crypto/hmac: test empty key
This happens in the scrypt and pbkdf unit tests.

Change-Id: I1eda944d7c01d28c7a6dd9f428f5fdd1cbd58939
Reviewed-on: https://go-review.googlesource.com/59771
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-30 19:23:48 +00:00
Russ Cox
f6358bdb6c [dev.boringcrypto] crypto/internal/boring: fix NewHMAC with empty key
Test is in a separate CL for easier cherry-picking to master branch.

Change-Id: Ia4a9032892d2896332010fe18a3216f8c4a58d1c
Reviewed-on: https://go-review.googlesource.com/59770
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-30 19:23:44 +00:00
Russ Cox
9c307d8039 [dev.boringcrypto] crypto/internal/cipherhw: fix AESGCMSupport for BoringCrypto
The override was not commented and was in the wrong file.

Change-Id: I739db561acff6d91b0f3559c8bb45437f11c0b04
Reviewed-on: https://go-review.googlesource.com/59250
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-30 19:23:39 +00:00
Russ Cox
f48a9fb815 [dev.boringcrypto] misc/boring: release packaging
Add scripts and docs for packaging releases.

Change-Id: I0682c92bbb2e229d2636762e49fe73513852d351
Reviewed-on: https://go-review.googlesource.com/57890
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-26 01:28:12 +00:00
Russ Cox
94fb8224b2 [dev.boringcrypto] crypto/internal/boring: disable for android & non-cgo builds
Change-Id: Ia4458090118c4391a73cf1ae65bc8d187f03eca0
Reviewed-on: https://go-review.googlesource.com/59051
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-08-25 17:08:22 +00:00
Russ Cox
7ff9fcafbd [dev.boringcrypto] crypto/internal/boring: clear "executable stack" bit from syso
Change-Id: Ie9dd13f3ae78a423a231f47e746a38f96768b93c
Reviewed-on: https://go-review.googlesource.com/58830
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-08-25 15:08:00 +00:00
Chris Broadfoot
c8aec4095e [release-branch.go1.9] go1.9
Change-Id: I0899ec0150f2a051b7572879b446a8548f742ae0
Reviewed-on: https://go-review.googlesource.com/58731
Run-TryBot: Chris Broadfoot <cbro@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-08-24 20:52:14 +00:00
Chris Broadfoot
b8c9ef9f09 [release-branch.go1.9] doc: add go1.9 to golang.org/project
Pre-emptive. Go 1.9 is expected to be released in August.

Change-Id: I0f58c012c4110bf490022dc2c1d69c0988d73bfa
Reviewed-on: https://go-review.googlesource.com/52351
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-on: https://go-review.googlesource.com/58730
Reviewed-by: Chris Broadfoot <cbro@golang.org>
2017-08-24 19:57:08 +00:00
Chris Broadfoot
136f4a6b2a [release-branch.go1.9] doc: document go1.9
Change-Id: I97075f24319a4b96cbeb9e3ff2e7b2056ff59e32
Reviewed-on: https://go-review.googlesource.com/58651
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-on: https://go-review.googlesource.com/58710
Reviewed-by: Chris Broadfoot <cbro@golang.org>
2017-08-24 19:55:44 +00:00
Ryuji IWATA
867be4c60c [release-branch.go1.9] doc/go1.9: fix typo in Moved GOROOT
Change-Id: I71bfff6a3462e6dfd7a65ef76ec56644bae37c34
Reviewed-on: https://go-review.googlesource.com/57272
Reviewed-by: Avelino <t@avelino.xxx>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-on: https://go-review.googlesource.com/58650
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-08-24 19:54:21 +00:00
Russ Cox
d1351fbc31 [dev.boringcrypto] cmd/link: allow internal linking for crypto/internal/boring
Change-Id: I5b122ad23f75296dab8cec89a4e50dcca7fa9b3f
Reviewed-on: https://go-review.googlesource.com/57944
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-08-24 18:37:31 +00:00
Russ Cox
991652dcf0 [dev.boringcrypto] cmd/link: work around DWARF symbol bug
The DWARF code is mishandling the case when the host object files
define multiple (distinct) symbols with the same name. They are mapped
to the same DWARF debug symbol, which then appears on the dwarfp
list multiple times, which then breaks the code that processes the list.
Detect duplicates and skip them, because that's trivial, instead of fixing
the underlying problem.

See #21566.

Change-Id: Ib5a34c891d7c15f4c7bb6239d8f31a1ec767b8bc
Reviewed-on: https://go-review.googlesource.com/57943
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-08-24 18:37:26 +00:00
Josh Bleecher Snyder
9a4e7942ea [release-branch.go1.9] cmd/compile: remove gc.Sysfunc calls from 387 backend
[This is a cherry-pick of CL 54090 to the 1.9 release branch.]

gc.Sysfunc must not be called concurrently.
We set up runtime routines used by the backend
prior to doing any backend compilation.
I missed the 387 ones; fix that.

Sysfunc should have been unexported during 1.9.
I will rectify that in a subsequent CL.

Fixes #21352

Change-Id: I485bb1867b46d8e5cf64bc820b8963576dc16174
Reviewed-on: https://go-review.googlesource.com/55970
Run-TryBot: Josh Bleecher Snyder <josharian@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Keith Randall <khr@golang.org>
2017-08-22 18:24:54 +00:00
Ian Lance Taylor
ff38035a62 [release-branch.go1.9] doc/go1.9: fix typo in crypto/x509 of "Minor changes to the library".
Backport of https://golang.org/cl/57390 to 1.9 release branch.

Change-Id: Ieea5a048732db7ee5dc5cf13f06e11ca4f5313cc
Reviewed-on: https://go-review.googlesource.com/57450
Reviewed-by: Keith Randall <khr@golang.org>
2017-08-22 18:21:23 +00:00
Russ Cox
7e9e3a06cb [dev.boringcrypto] crypto/rsa: use BoringCrypto
Change-Id: Ibb92f0f8cb487f4d179b069e588e1cb266599384
Reviewed-on: https://go-review.googlesource.com/55479
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-19 03:16:59 +00:00
Russ Cox
bc38fda367 [dev.boringcrypto] crypto/ecdsa: use unsafe.Pointer instead of atomic.Value
Using atomic.Value causes vet errors in code copying
PublicKey or PrivateKey structures. I don't think the errors
are accurate, but it's easier to work around them than
to change vet or change atomic.Value.

See #21504.

Change-Id: I3a3435c1fc664cc5166c81674f6f7c58dab35f21
Reviewed-on: https://go-review.googlesource.com/56671
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-19 03:16:44 +00:00
Austin Clements
42046e8989 [release-branch.go1.9] runtime: fix false positive race in profile label reading
Because profile labels are copied from the goroutine into the tag
buffer by the signal handler, there's a carefully-crafted set of race
detector annotations to create the necessary happens-before edges
between setting a goroutine's profile label and retrieving it from the
profile tag buffer.

Given the constraints of the signal handler, we have to approximate
the true synchronization behavior. Currently, that approximation is
too weak.

Ideally, runtime_setProfLabel would perform a store-release on
&getg().labels and copying each label into the profile would perform a
load-acquire on &getg().labels. This would create the necessary
happens-before edges through each individual g.labels object.

Since we can't do this in the signal handler, we instead synchronize
on a "labelSync" global. The problem occurs with the following
sequence:

1. Goroutine 1 calls setProfLabel, which does a store-release on
   labelSync.

2. Goroutine 2 calls setProfLabel, which does a store-release on
   labelSync.

3. Goroutine 3 reads the profile, which does a load-acquire on
   labelSync.

The problem is that the load-acquire only synchronizes with the *most
recent* store-release to labelSync, and the two store-releases don't
synchronize with each other. So, once goroutine 3 touches the label
set by goroutine 1, we report a race.

The solution is to use racereleasemerge. This is like a
read-modify-write, rather than just a store-release. Each RMW of
labelSync in runtime_setProfLabel synchronizes with the previous RMW
of labelSync, and this ultimately carries forward to the load-acquire,
so it synchronizes with *all* setProfLabel operations, not just the
most recent.

Change-Id: Iab58329b156122002fff12cfe64fbeacb31c9613
Reviewed-on: https://go-review.googlesource.com/57190
Run-TryBot: Austin Clements <austin@google.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-08-18 23:07:14 +00:00
Ian Lance Taylor
fbf7e1f295 [release-branch.go1.9] testing: don't fail all tests after racy test failure
The code was adding race.Errors to t.raceErrors before checking
Failed, but Failed was using t.raceErrors+race.Errors. We don't want
to change Failed, since that would affect tests themselves, so modify
the harness to not unnecessarily change t.raceErrors.

Updates #19851
Fixes #21338

Change-Id: I483f27c68c340928f1cbdef160abc0a5716efb5d
Reviewed-on: https://go-review.googlesource.com/57151
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-08-18 21:10:46 +00:00
Ian Lance Taylor
21312a4b5e [release-branch.go1.9] cmd/dist: update deps.go for current dependencies
Fixes #21456

Change-Id: I7841d816e8c1c581e61db4f24124f99f5184fead
Reviewed-on: https://go-review.googlesource.com/57170
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2017-08-18 21:10:29 +00:00
Cherry Zhang
5927854f7d [release-branch.go1.9] cmd/compile: add rules handling unsigned div/mod by constant 1<<63
Cherry-pick CL 56890.

Normally 64-bit div/mod is turned into runtime calls on 32-bit
arch, but the front end leaves power-of-two constant division
and hopes the SSA backend turns into a shift or AND. The SSA rule is

(Mod64u <t> n (Const64 [c])) && isPowerOfTwo(c) -> (And64 n (Const64 <t> [c-1]))

But isPowerOfTwo returns true only for positive int64, which leaves
out 1<<63 unhandled. Add a special case for 1<<63.

Fixes #21517.

Change-Id: Ic91f86fd5e035a8bb64b937c15cb1c38fec917d6
Reviewed-on: https://go-review.googlesource.com/57070
Run-TryBot: Cherry Zhang <cherryyz@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-08-18 18:43:00 +00:00
pvoicu
65717b2dca [release-branch.go1.9] runtime: fix usleep by correctly setting nanoseconds parameter for pselect6
Fixes #21518

Change-Id: Idd67e3f0410d0ce991b34dcc0c8f15e0d5c529c9
Reviewed-on: https://go-review.googlesource.com/56891
Run-TryBot: Austin Clements <austin@google.com>
Reviewed-by: Petrica Voicu <pvoicu@paypal.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-08-18 14:14:39 +00:00
Russ Cox
b1f201e951 [dev.boringcrypto] crypto/ecdsa: use BoringCrypto
Change-Id: I108e0a527bddd673b16582d206e0697341d0a0ea
Reviewed-on: https://go-review.googlesource.com/55478
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-17 20:23:31 +00:00
Russ Cox
2efded1cd2 [dev.boringcrypto] crypto/tls: use TLS-specific AES-GCM mode if available
Change-Id: Ide00c40c0ca8d486f3bd8968e1d301c8b0ed6d05
Reviewed-on: https://go-review.googlesource.com/56011
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-17 19:39:04 +00:00
Russ Cox
335a0f87bf [dev.boringcrypto] crypto/aes: implement TLS-specific AES-GCM mode from BoringCrypto
Change-Id: I8407310e7d00eafe9208879228dbf4ac3d26a907
Reviewed-on: https://go-review.googlesource.com/55477
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-17 19:38:34 +00:00
Russ Cox
8d05ec9e58 [dev.boringcrypto] crypto/aes: use BoringCrypto
Change-Id: If83fdeac31f65aba818bbc7edd2f215b16814021
Reviewed-on: https://go-review.googlesource.com/55476
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-17 19:38:05 +00:00
Russ Cox
74e33c43e9 [dev.boringcrypto] crypto/hmac: use BoringCrypto
Change-Id: Id4019d601c615b4835b0337d82be3d508292810e
Reviewed-on: https://go-review.googlesource.com/55475
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-17 19:32:23 +00:00
Russ Cox
96d6718e4f [dev.boringcrypto] crypto/sha1,sha256,sha512: use BoringCrypto
Change-Id: I80a764971b41f75c3b699797bfed71f509e3407d
Reviewed-on: https://go-review.googlesource.com/55474
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-17 19:31:45 +00:00
Russ Cox
e0e2bbdd00 [dev.boringcrypto] runtime/race: move TestRaceIssue5567 from sha1 to crc32
If we substitute a SHA1 implementation where the entirety of the
reading of the buffer is done in assembly (or C called from cgo),
then the race detector cannot observe the race.

Change to crc32 with a fake polynomial, in the hope that it will
always be handled by Go code, not optimized assembly or cgo calls.

Change-Id: I34e90b14ede6bc220ef686f6aef16b8e464b5cde
Reviewed-on: https://go-review.googlesource.com/56510
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
2017-08-17 18:57:21 +00:00
Russ Cox
fe02ba30f1 [dev.boringcrypto] crypto/rand: use BoringCrypto
Change-Id: Ie630eff90f7fee9b359683930aec2daf96c1bdfe
Reviewed-on: https://go-review.googlesource.com/55473
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-17 15:23:06 +00:00
Russ Cox
6e70f88f84 [dev.boringcrypto] crypto/internal/boring: add initial BoringCrypto access
Right now the package doesn't do anything useful, but it will.
This CL is about the machinery for building goboringcrypto_linux_amd64.syso
and then running the self-test and checking FIPS_mode from Go init.

Change-Id: I4ec0f5efaa88ccfb506b9818d24a7f1cbcc5a7d6
Reviewed-on: https://go-review.googlesource.com/55472
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-17 15:22:22 +00:00
Russ Cox
dcdcc38440 [dev.boringcrypto] add README.boringcrypto.md, update VERSION
Change-Id: I415fcc23b62666d78aed3ddc7d2731127c810be3
Reviewed-on: https://go-review.googlesource.com/55471
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
2017-08-16 00:07:52 +00:00