Bump golang.org/x/sys from 0.0.0-20211030160813-b3129d9d1021 to 0.1.0 in /src/crypto/internal/bigmod/_asm #180
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Add README Co-authored-by: Peter Wu <[email protected]>
Include the `-cf` tag so this fork can be identified. Include the `devel` tag such that we can potentially add new APIs to the api/next.txt file in order to please the TestDependencies test.
This allows applications to use build tags to maintain compatibility with both this fork as well as standard Go. [ bas 2023-10-6: Fix cfgo build tag and add a test (#156) ]
Tests can be run from the repo with: `docker-compose run test`
[pwu: Go 1.22.0: resolve conflicts: git rm -r .github/ISSUE_TEMPLATE]
The "API check" test requires new APIs to be tracked in api/go1.X.txt or api/next/X.txt. Since Go 1.19 (commit b7041c7), every line in these files also need a comment with the approval issue number. To reduce development friction, we disable the requirement of updating these files when the `-cf` tag is present in the VERSION file.
Add basic support for handshake metrics: * Adds the ability to set a callback via the CFEventHandlerContextKey context value on the handshake context. It will be called at various points during the handshake to respond to various events. See #146. * Use this callback to expose client and server intra-handshake state machine durations, respectively. Each event records elapsed timestamps (durations) for relevant events during the course of a connection, such as reading and writing handshake messages of interest. This will be useful for recording intra-stack costs of TLS extensions such as ECH and KEMTLS. [pwu: Go 1.20.4: moved Config.CFEventHandler to context value] [pwu: Go 1.20.4: moved CFEvent code from tls_cf.go to cfevent.go]
This patch adds:
- X25519Kyber768Draft00, this is the de facto standard for early
deployment, see
https://mailarchive.ietf.org/arch/msg/tls/HAWpNpgptl--UZNSYuvsjB-Pc2k/
https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/02/
- X25519Kyber768Draft00Old, which is the same as the previous, but
under an old identifiers.
- X25519Kyber512Draft00. This should only be used for testing,
whether the smaller shares are advantageous.
- P256Kyber768Draft00. Uses a non-standard identifier. Should not be used.
Adds CFEvents to detect `HelloRetryRequest`s and to signal which
key agreement was used.
Co-authored-by: Christopher Wood <[email protected]>
Co-authored-by: Peter Wu <[email protected]>
To avoid having to regenerate all testdata files, add an option to control whether PQ signature algorithms are advertised. Tests were added for the client side. Since Go 1.19, FIPS-only mode must remain disabled to enable PQ sigalgs. [pwu: Go 1.17: moved parsePublicKey changes from x509/x509.go to x509/parser.go] [pwu: Go 1.22.5: add eddilithium2 support, fix eddilithium3, by Bas in #176] Co-authored-by: Christopher Patton <[email protected]> Co-authored-by: Peter Wu <[email protected]>
* Define API for delegated credentials so they are fetched using the same mechanisms used to fetch certificates * Allow the usage of other keyUsage when checking for the DC extension. * Add tool for generating delegated credentials. Co-authored-by: Jonathan Hoyland <[email protected]>
Adds support for draft 13 of the Encrypted ClientHello (ECH) extension for TLS. This requires CIRCL to implement draft 08 or later of the HPKE specification (draft-irtf-cfrg-hpke-08). Adds a CFEvent for reporting when ECH is offered or greased by the client, when ECH is accepted or rejected by the server, and when the outer SNI doesn't match the public name of the ECH config. Missing ECH features: * Record-level padding. * Proper validation of the public name by the client. * Retry after rejection. * PSKs are disabled when ECH is accepted.
…o send RTG-2919 [ Bas 1.21.3: Send empty keyshare extension instead of leaving it out ]
In contrast to upstream Go, we will send an HelloRetryRequest and accept an extra roundtrip if there is a more preferred group, than the one the client has provided a keyshare for in the initial ClientHello. Cf. https://datatracker.ietf.org/doc/draft-davidben-tls-key-share-prediction/
DummyKex is a key agreeement similar in size but purposefully incompatible with X25519. The goal is to have a key agreement that servers will not support, so we can test HelloRetryRquest.
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.0.0-20211030160813-b3129d9d1021 to 0.1.0. - [Commits](https://github.com/golang/sys/commits/v0.1.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps golang.org/x/sys from 0.0.0-20211030160813-b3129d9d1021 to 0.1.0.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.