]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 9e4abed) | patch
[release-branch.go1.20] crypto/tls: align FIPS-only mode with BoringSSL policy
authorFilippo Valsorda <filippo@golang.org>
Thu, 14 Dec 2023 21:13:29 +0000 (22:13 +0100)
committerGopher Robot <gobot@golang.org>
Thu, 4 Jan 2024 22:45:14 +0000 (22:45 +0000)
commit5c38c04957dd93db2f6f1d4a507031631976a122
tree0c1188bb2ff93a36e85e7b35064d3f744aa1142atree
parent9e4abed39bf75d37490e2c14737f32b1d7dc495bcommit | diff
[release-branch.go1.20] crypto/tls: align FIPS-only mode with BoringSSL policy

This enables TLS 1.3, disables P-521, and disables non-ECDHE suites.

Updates #64717
Updates #62372
Fixes #64718

Change-Id: I3a65b239ef0198bbdbe5e55e0810e7128f90a091
Reviewed-on: https://go-review.googlesource.com/c/go/+/549975
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Than McIntosh <thanm@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/553876
Run-TryBot: Matthew Dempsky <mdempsky@google.com>
Auto-Submit: Matthew Dempsky <mdempsky@google.com>
Reviewed-by: Matthew Dempsky <mdempsky@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
src/crypto/internal/boring/aes.go diff | blob | history
src/crypto/internal/boring/notboring.go diff | blob | history
src/crypto/tls/boring.go diff | blob | history
src/crypto/tls/boring_test.go diff | blob | history
src/crypto/tls/cipher_suites.go diff | blob | history
src/crypto/tls/handshake_client.go diff | blob | history
src/crypto/tls/handshake_client_tls13.go diff | blob | history
src/crypto/tls/handshake_server_test.go diff | blob | history
src/crypto/tls/handshake_server_tls13.go diff | blob | history
src/crypto/tls/notboring.go diff | blob | history
src/crypto/x509/boring.go diff | blob | history
Go GOST TLS 1.3