Cypherpunks repositories - gostls13.git/commit

]> Cypherpunks repositories - gostls13.git/commit

author	Daniel McCarney <daniel@binaryparadox.net>
	Mon, 18 Nov 2024 21:18:56 +0000 (22:18 +0100)
committer	Gopher Robot <gobot@golang.org>
	Thu, 21 Nov 2024 16:34:27 +0000 (16:34 +0000)
commit	4671276c5d5f2e51dd43e856267eac44cff18652
tree	875f481688b84fc6d1c2342c72b06964def30d3b	tree
parent	21b5f2637a37fe2fece7e6bf3d5f97a9520693ba	commit \| diff

crypto/tls: FIPS 140-3 mode

Consolidates handling of FIPS 140-3 considerations for the tls package.
Considerations specific to certificates are now handled in tls instead
of x509 to limit the area-of-effect of FIPS as much as possible.
Boringcrypto specific prefixes are renamed as appropriate.

For #69536

Co-authored-by: Filippo Valsorda <filippo@golang.org>
Change-Id: I1b1fef83c3599e4c9b98ad81db582ac93253030b
Reviewed-on: https://go-review.googlesource.com/c/go/+/629675
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

19 files changed:

src/crypto/internal/boring/fipstls/stub.s	[deleted file]	blob \| history
src/crypto/internal/boring/fipstls/tls.go	[deleted file]	blob \| history
src/crypto/tls/auth.go		diff \| blob \| history
src/crypto/tls/boring.go	[deleted file]	blob \| history
src/crypto/tls/common.go		diff \| blob \| history
src/crypto/tls/defaults.go		diff \| blob \| history
src/crypto/tls/fips_test.go	[moved from src/crypto/tls/boring_test.go with 81% similarity]	diff \| blob \| history
src/crypto/tls/fipsonly/fipsonly.go		diff \| blob \| history
src/crypto/tls/fipsonly/fipsonly_test.go		diff \| blob \| history
src/crypto/tls/handshake_client.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/handshake_server_tls13.go		diff \| blob \| history
src/crypto/tls/internal/fips140tls/fipstls.go	[new file with mode: 0644]	blob
src/crypto/tls/notboring.go	[deleted file]	blob \| history
src/crypto/x509/boring.go	[deleted file]	blob \| history
src/crypto/x509/boring_test.go	[deleted file]	blob \| history
src/crypto/x509/notboring.go	[deleted file]	blob \| history
src/crypto/x509/verify.go		diff \| blob \| history
src/go/build/deps_test.go		diff \| blob \| history

Go GOST TLS 1.3

RSS Atom