Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 4 commits
- 18 files changed
- 3 contributors
Commits on Nov 8, 2021
-
ocsp: rewrite tests that rely on SHA1-RSA
This test suite should really be completely re-written, but for now we can just substitute the tests which relied on certificates that were signed with SHA1-RSA. Fixes #49443 Change-Id: Ibe4ae3b3062956a56e6e3579144312747df3ef9a Reviewed-on: https://go-review.googlesource.com/c/crypto/+/362334 Trust: Roland Shoemaker <[email protected]> Trust: Katie Hockman <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> TryBot-Result: Go Bot <[email protected]> Reviewed-by: Bryan C. Mills <[email protected]> Reviewed-by: Katie Hockman <[email protected]>
Commits on Nov 15, 2021
-
ssh: support RSA SHA-2 (RFC8332) signatures
This change adds support for RSA SHA-2 based signatures for host keys and certificates. It also switches the default certificate signature algorithm for RSA to use SHA-512. This is implemented by treating ssh.Signer specially when the key type is `ssh-rsa` by also allowing SHA-256 and SHA-512 signatures. Fixes golang/go#37278 Change-Id: I2ee1ac4ae4c9c1de441a2d6cf1e806357ef18910 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/220037 Trust: Jason A. Donenfeld <[email protected]> Run-TryBot: Jason A. Donenfeld <[email protected]> TryBot-Result: Go Bot <[email protected]> Reviewed-by: Jason A. Donenfeld <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
Commits on Nov 17, 2021
-
Update acme/autocert test to not depend on whether idna.Lookup uses transitional processing (Go 1.17 and earlier) or nontransitional processing (Go 1.18 and later). Change-Id: I29ca0aaca0ac75a932919a4c7cf8e9fca033b497 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/364014 Trust: Damien Neil <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]>
Commits on Dec 2, 2021
-
ssh: don't assume packet plaintext size
When reading GCM and ChaChaPoly1305 packets, don't make assumptions about the size of the enciphered plaintext. This fixes two panics caused by standards non-compliant malformed packets. Thanks to Rod Hynes, Psiphon Inc. for reporting this issue. Fixes golang/go#49932 Fixes CVE-2021-43565 Change-Id: I660cff39d197e0d04ec44d11d792b22d954df2ef Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1262659 Reviewed-by: Katie Hockman <[email protected]> Reviewed-by: Julie Qiu <[email protected]> Reviewed-on: https://go-review.googlesource.com/c/crypto/+/368814 Trust: Roland Shoemaker <[email protected]> Trust: Katie Hockman <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Julie Qiu <[email protected]> Reviewed-by: Katie Hockman <[email protected]>
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff 089bfa5...5770296