chore: sync fork with upstream #30
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Since CL 402595, the Go compiler no longer uses any package under crypto, so there is no need to explicitly exclude boring from the go bootstrap build. Change-Id: Ib71349fffaab151c6e1fb42a9684151439b70cc8 Reviewed-on: https://go-review.googlesource.com/c/go/+/508402 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Run-TryBot: Quim Muntal <[email protected]> Reviewed-by: Bryan Mills <[email protected]>
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. Limit this by restricting the size of RSA keys transmitted during handshakes to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable. Thanks to Mateusz Poliwczak for reporting this issue. Fixes #61460 Fixes CVE-2023-29409 Change-Id: Ie35038515a649199a36a12fc2c5df3af855dca6c Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1912161 Reviewed-by: Damien Neil <[email protected]> Reviewed-by: Tatiana Bradley <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> Reviewed-on: https://go-review.googlesource.com/c/go/+/515257 TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: David Chase <[email protected]> Run-TryBot: David Chase <[email protected]>
To allow for future evolution of the API, make QUICConn.SendSessionTicket take a QUICSessionTicketOptions rather than a single bool. For #60107 Change-Id: I798fd0feec5c7581e3c3574e2de99611c81df47f Reviewed-on: https://go-review.googlesource.com/c/go/+/514997 Reviewed-by: Roland Shoemaker <[email protected]> Run-TryBot: Damien Neil <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Marten Seemann <[email protected]>
This CL add's the following instructions,useful for cipher and message digest operations: * KM - cipher message * KMC - cipher message with chaining * KLMD - compute last message digest * KIMD - compute intermediate message digest Fixes #61163 Change-Id: Ib0636430c3e4888ed61b86c5acae45ee596463ff Reviewed-on: https://go-review.googlesource.com/c/go/+/509075 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Keith Randall <[email protected]> Reviewed-by: Cherry Mui <[email protected]> Run-TryBot: Cherry Mui <[email protected]> Reviewed-by: Keith Randall <[email protected]>
* Use two ADDL instead of LEAL * Keep ones in R11 * Use XORL with lower latency instead of NOTL * Remove loads and load the correct value in the previous round * Reduce dependency chain in round 2. * Remove MOVL in round 3. name old time/op new time/op delta Hash8Bytes-32 104ns ± 0% 96ns ± 1% -7.83% (p=0.000 n=9+10) Hash64-32 169ns ± 0% 155ns ± 0% -7.97% (p=0.000 n=10+10) Hash128-32 244ns ± 0% 224ns ± 0% -8.16% (p=0.000 n=9+10) Hash256-32 396ns ± 0% 360ns ± 1% -9.01% (p=0.000 n=10+10) Hash512-32 700ns ± 1% 634ns ± 1% -9.43% (p=0.000 n=10+10) Hash1K-32 1.30µs ± 0% 1.18µs ± 1% -9.32% (p=0.000 n=9+10) Hash8K-32 9.77µs ± 0% 8.81µs ± 0% -9.78% (p=0.000 n=9+10) Hash1M-32 1.24ms ± 1% 1.12ms ± 1% -9.54% (p=0.000 n=10+10) Hash8M-32 10.0ms ± 1% 9.0ms ± 1% -10.04% (p=0.000 n=10+10) Hash8BytesUnaligned-32 104ns ± 0% 96ns ± 0% -7.50% (p=0.000 n=10+10) Hash1KUnaligned-32 1.32µs ± 1% 1.18µs ± 1% -10.42% (p=0.000 n=10+10) Hash8KUnaligned-32 9.80µs ± 0% 8.79µs ± 1% -10.29% (p=0.000 n=10+10) name old speed new speed delta Hash8Bytes-32 77.1MB/s ± 0% 83.6MB/s ± 1% +8.49% (p=0.000 n=9+10) Hash64-32 379MB/s ± 0% 412MB/s ± 0% +8.66% (p=0.000 n=10+10) Hash128-32 525MB/s ± 0% 572MB/s ± 0% +8.89% (p=0.000 n=9+10) Hash256-32 646MB/s ± 0% 710MB/s ± 1% +9.90% (p=0.000 n=10+10) Hash512-32 732MB/s ± 1% 808MB/s ± 1% +10.41% (p=0.000 n=10+10) Hash1K-32 786MB/s ± 0% 866MB/s ± 1% +10.30% (p=0.000 n=9+10) Hash8K-32 839MB/s ± 0% 930MB/s ± 0% +10.79% (p=0.000 n=10+10) Hash1M-32 849MB/s ± 1% 938MB/s ± 1% +10.54% (p=0.000 n=10+10) Hash8M-32 841MB/s ± 1% 935MB/s ± 1% +11.16% (p=0.000 n=10+10) Hash8BytesUnaligned-32 77.1MB/s ± 0% 83.4MB/s ± 0% +8.12% (p=0.000 n=10+10) Hash1KUnaligned-32 778MB/s ± 1% 869MB/s ± 1% +11.64% (p=0.000 n=10+10) Hash8KUnaligned-32 836MB/s ± 0% 932MB/s ± 1% +11.47% (p=0.000 n=10+10) Change-Id: I02b31229b857e9257dc9d36538883eb3af4ad993 This PR will be imported into Gerrit with the title and first comment (this text) used to generate the subject and body of the Gerrit change. Change-Id: I02b31229b857e9257dc9d36538883eb3af4ad993 GitHub-Last-Rev: ec8b15d789181d0dac57bf0ba5041ee7aeb305c9 GitHub-Pull-Request: golang/go#43690 Reviewed-on: https://go-review.googlesource.com/c/go/+/283538 Run-TryBot: Joel Sing <[email protected]> Reviewed-by: Matthew Dempsky <[email protected]> Reviewed-by: David Chase <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Joel Sing <[email protected]>
sysctl kern.arandom has been supported since NetBSD 4.0, works inside a chroot, has no confusing bells and whistles like Linux getrandom, requires no complicated querying to avoid SIGSYS traps, and is what NetBSD 10 will usee for the getentropy(3) library routine soon to appear in POSIX. Change-Id: I23bd84ecd5ff3e33e8958c60896db842c44667ba GitHub-Last-Rev: 5db094c85ae14bbd9f80247d46d90e00061187cc GitHub-Pull-Request: golang/go#61441 Reviewed-on: https://go-review.googlesource.com/c/go/+/511036 Run-TryBot: Ian Lance Taylor <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]> Reviewed-by: Michael Knyszek <[email protected]> Run-TryBot: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]>
Add a new GODEBUG setting, tlsmaxrsasize, which allows controlling the maximum RSA key size we will accept during TLS handshakes. Change-Id: I52f060be132014d219f4cd438f59990011a35c96 Reviewed-on: https://go-review.googlesource.com/c/go/+/517495 Auto-Submit: Roland Shoemaker <[email protected]> Reviewed-by: Russ Cox <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
KDSA(Compute Digital Signature Authentication) instruction provides support for the signing and verification of elliptic curves Change-Id: I19996a307162dd4f476a1cfe4f8d1a74a609e6c1 Reviewed-on: https://go-review.googlesource.com/c/go/+/503215 Reviewed-by: Cherry Mui <[email protected]> Reviewed-by: David Chase <[email protected]> Run-TryBot: Cherry Mui <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
This provides an assembly implementation of addMulVVW* for riscv64,
processing four words per loop, resulting in a performance gain
of 23%+ for RSA decryption/signing on a StarFive VisionFive 2:
│ rsa1 │ rsa2 │
│ sec/op │ sec/op vs base │
DecryptPKCS1v15/2048-4 24.29m ± 0% 18.65m ± 0% -23.24% (p=0.000 n=10)
DecryptPKCS1v15/3072-4 73.28m ± 0% 54.08m ± 0% -26.20% (p=0.000 n=10)
DecryptPKCS1v15/4096-4 163.5m ± 0% 119.1m ± 0% -27.17% (p=0.000 n=10)
EncryptPKCS1v15/2048-4 1.505m ± 0% 1.446m ± 0% -3.93% (p=0.000 n=10)
DecryptOAEP/2048-4 24.37m ± 0% 18.72m ± 0% -23.17% (p=0.000 n=10)
EncryptOAEP/2048-4 1.570m ± 0% 1.510m ± 0% -3.84% (p=0.000 n=10)
SignPKCS1v15/2048-4 24.52m ± 0% 18.80m ± 0% -23.36% (p=0.000 n=10)
VerifyPKCS1v15/2048-4 1.491m ± 0% 1.431m ± 0% -4.00% (p=0.000 n=10)
SignPSS/2048-4 24.60m ± 0% 18.89m ± 0% -23.21% (p=0.000 n=10)
VerifyPSS/2048-4 1.565m ± 0% 1.504m ± 0% -3.87% (p=0.000 n=10)
geomean 10.90m 9.066m -16.79%
Change-Id: I8414ba0028b0781a945610abe02c285d2387aef3
Reviewed-on: https://go-review.googlesource.com/c/go/+/516536
Reviewed-by: Mark Ryan <[email protected]>
Reviewed-by: Filippo Valsorda <[email protected]>
Reviewed-by: Dmitri Shuralyov <[email protected]>
Reviewed-by: M Zhuo <[email protected]>
Reviewed-by: Michael Knyszek <[email protected]>
Run-TryBot: Joel Sing <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
Change-Id: I603051a3174b139ffb81d20d42979c7f3f04a09a Reviewed-on: https://go-review.googlesource.com/c/go/+/521136 Run-TryBot: Filippo Valsorda <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> Run-TryBot: Ian Lance Taylor <[email protected]> Reviewed-by: Bryan Mills <[email protected]> Run-TryBot: shuang cui <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
The check for fragmentary post-handshake messages in QUICConn.HandleData was reversed, resulting in a potential panic when HandleData receives a partial message. In addition, HandleData wasn't checking the size of buffered post-handshake messages. Produce an error when a post-handshake message is larger than maxHandshake. TestQUICConnectionState was using an onHandleCryptoData hook in runTestQUICConnection that was never being called. (I think it was inadvertently removed at some point while the CL was in review.) Fix this test while making the hook more general. Fixes #62266 Change-Id: I210b70634e50beb456ab3977eb11272b8724c241 Reviewed-on: https://go-review.googlesource.com/c/go/+/522595 Run-TryBot: Damien Neil <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Marten Seemann <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
The edwards25519 tests can be quite slow on platforms without a well-optimized implementation, especially if the race detector is also enabled. Since these tests aren't checking for specific inputs anyway, the extra coverage of a more aggressive quick.Config does not seem worth wasting extra time on slow CI builders and TryBots. For #60109. Change-Id: I530e75a0b76725585df5a2f5ded6705ab1b9da51 Reviewed-on: https://go-review.googlesource.com/c/go/+/522715 Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Bryan Mills <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Bryan Mills <[email protected]> Reviewed-by: Joedian Reid <[email protected]>
Several of the tests in crypto/des were using the unexported desCipher type and other unexported functions to test the package, leaving desCipher.Encrypt and desCipher.Decrypt only partially tested. This CL changes the tests to use the public API, except for TestInitialPermute and TestFinalPermute, which are testing implementation details on purpose. Change-Id: I0bc13cea06b79b29425412b9bf36b997871518ac Reviewed-on: https://go-review.googlesource.com/c/go/+/520495 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Run-TryBot: Quim Muntal <[email protected]> Reviewed-by: Bryan Mills <[email protected]>
This CL is to add assembly instruction mnemonics for the following instructions, mainly used in crypto packages. * KMA - cipher message with authentication * KMCTR - cipher message with counter Fixes #61163 Change-Id: Iff9a69911aeb4fab4bca8755b23a106eaebb2332 Reviewed-on: https://go-review.googlesource.com/c/go/+/515195 Reviewed-by: Carlos Amedee <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Cherry Mui <[email protected]> Run-TryBot: Cherry Mui <[email protected]>
Change-Id: Id2079f7012392dea8dfe2386bb9fb1ea3f487a4a Reviewed-on: https://go-review.googlesource.com/c/go/+/526015 Reviewed-by: Matthew Dempsky <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: qiulaidongfeng <[email protected]>
Change-Id: I8787458f9ccd3b5cdcdda820d8a45deb4f77eade GitHub-Last-Rev: be865d67ef68815b8c1c2a9ad222fff594620e66 GitHub-Pull-Request: golang/go#63165 Reviewed-on: https://go-review.googlesource.com/c/go/+/530120 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]> Reviewed-by: Than McIntosh <[email protected]>
When running crypto/tls tests with GOEXPERIMENT=boringcrypto, some tests are embedded with unreadable hexadecimal values: === RUN TestBoringServerSignatureAndHash/5053...3536 This corresponds to a string representation of SignatureScheme as it implements fmt.Stringer. With this change, the above will be printed as: === RUN TestBoringServerSignatureAndHash/PSSWithSHA256 Change-Id: I953c0bb35c68e77a7f01e7f1fceda203c272faf7 GitHub-Last-Rev: 19700d53a8578d335dc803ac94cc7c6c72e9920a GitHub-Pull-Request: golang/go#63175 Reviewed-on: https://go-review.googlesource.com/c/go/+/530715 Reviewed-by: Heschi Kreinick <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Than McIntosh <[email protected]>
This is a follow up of CL 530120. Change-Id: Ifa0bd1c3bb9bb1202568eaae27500bcea376f56b GitHub-Last-Rev: b4154fa1fc205a6a1af050ab49a4738f73b3c32a GitHub-Pull-Request: golang/go#63228 Reviewed-on: https://go-review.googlesource.com/c/go/+/531136 Auto-Submit: Bryan Mills <[email protected]> Reviewed-by: Bryan Mills <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]>
User can trust new CA on android but it seems that go build package are not able to use it. This PR will add the folder where user CA trusted certificate is added to. Change-Id: I9ea7801b35847ea3eb4eedd875227743ba99af00 GitHub-Last-Rev: c49ffd270b6483b750d97e422b76237b112e508c GitHub-Pull-Request: golang/go#50240 Reviewed-on: https://go-review.googlesource.com/c/go/+/473035 Reviewed-by: Emmanuel Odeke <[email protected]> Reviewed-by: Than McIntosh <[email protected]> Run-TryBot: Emmanuel Odeke <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
Updates #58922 Change-Id: I0eb2c97babb05b2d9bc36ed8af03579094bc02ac Reviewed-on: https://go-review.googlesource.com/c/go/+/531878 LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> Reviewed-by: Ingo Oeser <[email protected]>
This makes some improvements to the xorBytes assembler implementation for PPC64 targets. The loops to process large streams of bytes has been changed to do 64 bytes at a time. Other changes were made to prevent degradations in some of the common sizes like 8, 16. The case for < 8 bytes on power10 has been modified to use the LXVL and STXVL instructions. Change-Id: I7477d12d5375d484af8c274443d595ccdafbda7c Reviewed-on: https://go-review.googlesource.com/c/go/+/530877 Reviewed-by: Paul Murphy <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Jayanth Krishnamurthy <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Michael Pratt <[email protected]> Reviewed-by: Benny Siegert <[email protected]> Run-TryBot: Lynn Boger <[email protected]>
This adds more variations for sizes of the input text to the gcm tests. Change-Id: I39dba5f08c77f04f94278200c3ce9234f977506f Reviewed-on: https://go-review.googlesource.com/c/go/+/532635 Run-TryBot: Lynn Boger <[email protected]> Reviewed-by: Than McIntosh <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
This improves performance for AES-GCM. The function
counterCrypt is written in assembler so the loop can
be unrolled and the stitched approach used for the
encryption.
This implementation works on ppc64le and ppc64. The use
of GOPPC64=power9 generates the best performance,
goos: linux
goarch: ppc64le
pkg: crypto/cipher
cpu: POWER10
│ gcmx8.cpu1.out │ gcmx8.new.cpu1.out │
│ sec/op │ sec/op vs base │
AESGCM/Open-128-64 180.5n ± 0% 152.7n ± 1% -15.43% (p=0.000 n=8)
AESGCM/Seal-128-64 166.8n ± 0% 147.2n ± 0% -11.72% (p=0.000 n=8)
AESGCM/Open-256-64 194.9n ± 0% 156.6n ± 1% -19.65% (p=0.000 n=8)
AESGCM/Seal-256-64 183.7n ± 0% 157.0n ± 0% -14.51% (p=0.000 n=8)
AESGCM/Open-128-1350 1769.5n ± 0% 454.5n ± 0% -74.31% (p=0.000 n=8)
AESGCM/Seal-128-1350 1759.0n ± 0% 453.7n ± 0% -74.21% (p=0.000 n=8)
AESGCM/Open-256-1350 2104.0n ± 0% 504.4n ± 1% -76.03% (p=0.000 n=8)
AESGCM/Seal-256-1350 2092.0n ± 0% 503.0n ± 0% -75.96% (p=0.000 n=8)
AESGCM/Open-128-8192 10.054µ ± 0% 1.961µ ± 0% -80.50% (p=0.000 n=8)
AESGCM/Seal-128-8192 10.050µ ± 0% 1.965µ ± 0% -80.45% (p=0.000 n=8)
AESGCM/Open-256-8192 12.080µ ± 0% 2.232µ ± 0% -81.52% (p=0.000 n=8)
AESGCM/Seal-256-8192 12.069µ ± 0% 2.238µ ± 0% -81.46% (p=0.000 n=8)
geomean 1.566µ 535.5n -65.80%
│ gcmx8.cpu1.out │ gcmx8.new.cpu1.out │
│ B/s │ B/s vs base │
AESGCM/Open-128-64 338.1Mi ± 0% 399.8Mi ± 1% +18.27% (p=0.000 n=8)
AESGCM/Seal-128-64 366.1Mi ± 0% 414.6Mi ± 0% +13.28% (p=0.000 n=8)
AESGCM/Open-256-64 313.1Mi ± 0% 389.7Mi ± 0% +24.47% (p=0.000 n=8)
AESGCM/Seal-256-64 332.3Mi ± 0% 388.5Mi ± 0% +16.93% (p=0.000 n=8)
AESGCM/Open-128-1350 727.6Mi ± 0% 2832.8Mi ± 0% +289.33% (p=0.000 n=8)
AESGCM/Seal-128-1350 732.0Mi ± 0% 2837.8Mi ± 0% +287.70% (p=0.000 n=8)
AESGCM/Open-256-1350 611.9Mi ± 0% 2552.6Mi ± 0% +317.18% (p=0.000 n=8)
AESGCM/Seal-256-1350 615.3Mi ± 0% 2559.6Mi ± 0% +315.97% (p=0.000 n=8)
AESGCM/Open-128-8192 777.1Mi ± 0% 3983.5Mi ± 0% +412.63% (p=0.000 n=8)
AESGCM/Seal-128-8192 777.3Mi ± 0% 3975.9Mi ± 0% +411.47% (p=0.000 n=8)
AESGCM/Open-256-8192 646.7Mi ± 0% 3500.6Mi ± 0% +441.27% (p=0.000 n=8)
AESGCM/Seal-256-8192 647.3Mi ± 0% 3491.1Mi ± 0% +439.30% (p=0.000 n=8)
geomean 542.7Mi 1.550Gi +192.42%
Change-Id: I3600831a263ec8a99b5e3bdd495eb36e966d8075
Reviewed-on: https://go-review.googlesource.com/c/go/+/484575
Reviewed-by: Roland Shoemaker <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Run-TryBot: Lynn Boger <[email protected]>
Reviewed-by: Paul Murphy <[email protected]>
Reviewed-by: Than McIntosh <[email protected]>
Change-Id: Ifc669399dde7d6229c6ccdbe29611ed1f8698fb1 Reviewed-on: https://go-review.googlesource.com/c/go/+/534778 Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> Run-TryBot: shuang cui <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]>
Running 'go fix' on the cmd+std packages handled much of this change. Also update code generators to use only the new go:build lines, not the old +build ones. For #41184. For #60268. Change-Id: If35532abe3012e7357b02c79d5992ff5ac37ca23 Cq-Include-Trybots: luci.golang.try:gotip-linux-386-longtest,gotip-linux-amd64-longtest,gotip-windows-amd64-longtest Reviewed-on: https://go-review.googlesource.com/c/go/+/536237 Reviewed-by: Ian Lance Taylor <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Auto-Submit: Dmitri Shuralyov <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
RtlGenRandom is a semi-undocumented API, also known as SystemFunction036, which we use to generate random data on Windows. It's definition, in cryptbase.dll, is an opaque wrapper for the documented API ProcessPrng. Instead of using RtlGenRandom, switch to using ProcessPrng, since the former is simply a wrapper for the latter, there should be no practical change on the user side, other than a minor change in the DLLs we load. Change-Id: Ie6891bf97b1d47f5368cccbe92f374dba2c2672a Reviewed-on: https://go-review.googlesource.com/c/go/+/536235 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Quim Muntal <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
The new noescape and nocallback directives can be used instead of the C wrapper functions that are there just to avoid some parameters being escaped to the heap. This CL also helps demonstrate the use of the new directives in real code. I've added some benchmarks to demonstrate that this CL doesn't introduce new heap allocations when using boringcrypto: ``` goos: linux goarch: amd64 pkg: crypto/aes cpu: AMD EPYC 7763 64-Core Processor BenchmarkGCMSeal-32 8378692 143.3 ns/op 111.65 MB/s 0 B/op 0 allocs/op BenchmarkGCMOpen-32 8383038 142.7 ns/op 112.11 MB/s 0 B/op 0 allocs/op ``` Change-Id: Ifd775484eb9a105afc5c3d4e75a6c6655cbadc53 Reviewed-on: https://go-review.googlesource.com/c/go/+/525035 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Bryan Mills <[email protected]> Run-TryBot: Quim Muntal <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
…tives" This reverts CL 525035. Reason for revert: breaks many Google-internal tests (#63739), suspected miscompilation Change-Id: I8cbebca0a187d12e16c405b2373c754e4a397ef4 Reviewed-on: https://go-review.googlesource.com/c/go/+/537598 Reviewed-by: Bryan Mills <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Auto-Submit: Bryan Mills <[email protected]>
goos: linux
goarch: amd64
pkg: crypto/subtle
cpu: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHz
│ master │ HEAD │
│ sec/op │ sec/op vs base │
XORBytes/8Bytes-8 10.90n ± 1% 10.96n ± 5% ~ (p=0.617 n=10)
XORBytes/128Bytes-8 14.85n ± 2% 12.05n ± 2% -18.82% (p=0.000 n=10)
XORBytes/2048Bytes-8 88.30n ± 2% 72.64n ± 1% -17.73% (p=0.000 n=10)
XORBytes/32768Bytes-8 1.489µ ± 2% 1.442µ ± 1% -3.12% (p=0.000 n=10)
geomean 67.91n 60.99n -10.19%
│ master │ HEAD │
│ B/s │ B/s vs base │
XORBytes/8Bytes-8 700.5Mi ± 1% 696.5Mi ± 5% ~ (p=0.631 n=10)
XORBytes/128Bytes-8 8.026Gi ± 2% 9.890Gi ± 2% +23.22% (p=0.000 n=10)
XORBytes/2048Bytes-8 21.60Gi ± 2% 26.26Gi ± 1% +21.55% (p=0.000 n=10)
XORBytes/32768Bytes-8 20.50Gi ± 2% 21.16Gi ± 1% +3.21% (p=0.000 n=10)
geomean 7.022Gi 7.819Gi +11.34%
For #63678
Change-Id: I3996873773748a6f78acc6575e70e09bb6aea979
GitHub-Last-Rev: d9129cb8eae363792b6a6236d597465fcf8d4d6b
GitHub-Pull-Request: golang/go#63754
Reviewed-on: https://go-review.googlesource.com/c/go/+/537856
Reviewed-by: David Chase <[email protected]>
Reviewed-by: Keith Randall <[email protected]>
Auto-Submit: Keith Randall <[email protected]>
Reviewed-by: Keith Randall <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Fixes #60665 Change-Id: I814b7d4b26b964f74443584fb2048b3e27e3b675 GitHub-Last-Rev: 693c741c76e6369e36aa2a599ee6242d632573c7 GitHub-Pull-Request: golang/go#62096 Reviewed-on: https://go-review.googlesource.com/c/go/+/520535 TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Mateusz Poliwczak <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Cherry Mui <[email protected]>
The loop should be terminated immediately when `algo` has been found Fixes #52955 Change-Id: Ib3865c4616a0c1af9b72daea45f5a1750f84562f GitHub-Last-Rev: 721322725fb2d3a3ea410d09fd8320dfef865d8d GitHub-Pull-Request: golang/go#52987 Reviewed-on: https://go-review.googlesource.com/c/go/+/407215 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: David Chase <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]>
CL 520535 added the new OID type, and the Certificate field Policies to
replace PolicyIdentifiers. During review I missed three problems: (1)
the marshaling of Certificate didn't take into account the case where
both fields were populated with the same OIDs (which would be the case
if you parsed a certificate and used it as a template), (2)
buildCertExtensions only generated the certificate policies extension if
PolicyIdentifiers was populated, and (3) how we would marshal an empty
OID (i.e. OID{}).
This change makes marshaling a certificate with an empty OID an error,
and only adds a single copy of any OID that appears in both Policies and
PolicyIdentifiers to the certificate policies extension. This should
make the round trip behavior for certificates reasonable.
Additionally this change documents that CreateCertificate uses the
Policies field from the template, and fixes buildCertExtensions to
populate the certificate policies extension if _either_
PolicyIdentifiers or Policies is populated, not just PolicyIdentifiers.
Fixes #63909
Change-Id: I0fcbd3ceaab7a376e7e991ff8b37e2145ffb4a61
Reviewed-on: https://go-review.googlesource.com/c/go/+/539297
Reviewed-by: Mateusz Poliwczak <[email protected]>
Reviewed-by: Damien Neil <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Support for boring has been extended to include linux/arm64. This change updates the docs to reflect that. Fixes #63920 Change-Id: If8d6eca713e8245dcc222c3e38d140874d48725d Reviewed-on: https://go-review.googlesource.com/c/go/+/539298 Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Cherry Mui <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
Use ADD with constants, instead of ADDI. Also use SUB with a positive constant rather than ADD with a negative constant. The resulting assembly is still the same. Change-Id: Ife10bf5ae4122e525f0e7d41b5e463e748236a9c Reviewed-on: https://go-review.googlesource.com/c/go/+/540136 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: M Zhuo <[email protected]> Reviewed-by: Cherry Mui <[email protected]> Reviewed-by: Mark Ryan <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Run-TryBot: Joel Sing <[email protected]>
Adds the CertPool method AddCertWithConstraint, which allows adding a certificate to a pool with an arbitrary constraint which cannot be otherwise expressed in the certificate. Fixes #57178 Change-Id: Ic5b0a22a66aefa5ba5d8ed5ef11389996b59862b Reviewed-on: https://go-review.googlesource.com/c/go/+/519315 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Tatiana Bradley <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]>
Updates the default from 1.0 -> 1.2 for servers, bringing it in line with clients. Add a GODEBUG setting, tls10server, which lets users revert this change. Fixes #62459 Change-Id: I2b82f85b1c2d527df1f9afefae4ab30a8f0ceb41 Reviewed-on: https://go-review.googlesource.com/c/go/+/541516 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Damien Neil <[email protected]>
Removes the RSA KEX based ciphers from the default list. This can be reverted using the tlsrsakex GODEBUG. Fixes #63413 Change-Id: Id221be3eb2f6c24b91039d380313f0c87d339f98 Reviewed-on: https://go-review.googlesource.com/c/go/+/541517 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Damien Neil <[email protected]>
Fixes #43922 Change-Id: Idaad7daa6784807ae3a5e4d944e88e13d01fd0b2 Reviewed-on: https://go-review.googlesource.com/c/go/+/544155 Reviewed-by: Michael Knyszek <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]>
According to RFC 9001 Section 4.2, the client MUST NOT offer any TLS version older than 1.3. Fixes #63723. Change-Id: Ia92f98274ca784e2bc151faf236380af51f699c1 Reviewed-on: https://go-review.googlesource.com/c/go/+/537576 Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Damien Neil <[email protected]>
We should call Value as late as possible to allow programs to set GODEBUG with os.Setenv, and IncNonDefault only when (and every time) the GODEBUG has an effect on a connection (that we'd have regularly rejected). Change-Id: If7a1446de407db7ca2d904d41dda13558b684dda Reviewed-on: https://go-review.googlesource.com/c/go/+/544335 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: David Chase <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]>
Updates #63413 Change-Id: I31fc2f9728582524cac5d101d0011093dbd05ed3 Reviewed-on: https://go-review.googlesource.com/c/go/+/544336 Auto-Submit: Filippo Valsorda <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: David Chase <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
KMCTR encoding arguments incorrect way, which leading illegal instruction wherver we call KMCTR instruction.IBM z13 machine test's TestAESGCM test using gcmASM implementation, which uses KMCTR instruction to encrypt using AES in counter mode and the KIMD instruction for GHASH. z14+ machines onwards uses gcmKMA implementation for the same. Fixes #63387 Change-Id: I86aeb99573c3f636a71908c99e06a9530655aa5d Reviewed-on: https://go-review.googlesource.com/c/go/+/535675 Reviewed-by: Vishwanatha HD <[email protected]> Reviewed-by: Keith Randall <[email protected]> Reviewed-by: Cherry Mui <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Keith Randall <[email protected]>
Don't marshal Policies field. Updates #64248 Change-Id: I7e6d8b9ff1b3698bb4f585fa82fc4050eff3ae4d Reviewed-on: https://go-review.googlesource.com/c/go/+/546915 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Damien Neil <[email protected]>
Use a GODEBUG to choose which certificate policy field to use. If x509usepolicies=1 is set, use the Policies field, otherwise use the PolicyIdentifiers field. Fixes #64248 Change-Id: I3f0b56102e0bac4ebe800497717c61c58ef3f092 Reviewed-on: https://go-review.googlesource.com/c/go/+/546916 Reviewed-by: Damien Neil <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
Fixes the gating of TestIssue51759 by shelling out to sw_vers to check what version of macOS we are on. Fixes #64677 Change-Id: I5eef4fa39e5449e7b2aa73864625c3abf002aef8 Reviewed-on: https://go-review.googlesource.com/c/go/+/549195 Reviewed-by: Bryan Mills <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
Also, add EVP_aead_aes_*_gcm_tls13 to the build, which we will need in a following CL, to avoid rebuilding the syso twice. Updates #64717 Updates #62372 Change-Id: Ie4d853ad9b914c1095cad60694a1ae6f77dc22ce Cq-Include-Trybots: luci.golang.try:gotip-linux-amd64-boringcrypto Reviewed-on: https://go-review.googlesource.com/c/go/+/549695 Reviewed-by: Than McIntosh <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
This enables TLS 1.3, disables P-521, and disables non-ECDHE suites. Fixes #64717 Updates #62372 Change-Id: I3a65b239ef0198bbdbe5e55e0810e7128f90a091 Reviewed-on: https://go-review.googlesource.com/c/go/+/549975 Reviewed-by: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Than McIntosh <[email protected]>
Now, this is embarrassing. For the whole Go 1.20 and Go 1.21 cycles, we based RSA public key operation (verification and decryption) benchmarks on the keys in rsa_test.go, which had E = 3. Most keys in use, including all those generated by GenerateKey, have E = 65537. This significantly skewed even relative benchmarks, because the new constant-time algorithms would incur a larger slowdown for larger exponents. I noticed this only because I got a production profile for an application that does a lot of RSA verifications, saw ExpShort show up, made ExpShort faster, and the crypto/rsa profiles didn't move. We were measuring the wrong thing, and the slowdown was worse than we thought. My apologies. (If E had not been parametrized, it would have avoided issues like this one, too. Grumble. https://words.filippo.io/parameters/#fn9) goos: darwin goarch: arm64 pkg: crypto/rsa │ g35222eeb78 │ new │ │ sec/op │ sec/op vs base │ DecryptPKCS1v15/2048-8 1.414m ± 2% 1.417m ± 1% ~ (p=0.971 n=10) DecryptPKCS1v15/3072-8 4.107m ± 0% 4.160m ± 1% +1.29% (p=0.000 n=10) DecryptPKCS1v15/4096-8 9.363m ± 1% 9.305m ± 1% ~ (p=0.143 n=10) EncryptPKCS1v15/2048-8 162.8µ ± 2% 212.1µ ± 0% +30.34% (p=0.000 n=10) DecryptOAEP/2048-8 1.460m ± 4% 1.413m ± 1% ~ (p=0.105 n=10) EncryptOAEP/2048-8 161.7µ ± 0% 213.4µ ± 0% +31.99% (p=0.000 n=10) SignPKCS1v15/2048-8 1.419m ± 1% 1.476m ± 1% +4.05% (p=0.000 n=10) VerifyPKCS1v15/2048-8 160.6µ ± 0% 212.6µ ± 3% +32.38% (p=0.000 n=10) SignPSS/2048-8 1.419m ± 0% 1.477m ± 2% +4.07% (p=0.000 n=10) VerifyPSS/2048-8 163.9µ ± 8% 212.3µ ± 0% +29.50% (p=0.000 n=10) geomean 802.5µ 899.1µ +12.04% Updates #63516 Change-Id: Iab4a0684d8101ae07dac8462908d8058fe5e9f3d Reviewed-on: https://go-review.googlesource.com/c/go/+/552895 Reviewed-by: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Than McIntosh <[email protected]>
Most libraries don't consider N secret, but it's arguably useful for
privacy applications. However, E should generally be fixed, and there is
a lot of performance to be gained by using variable-time exponentiation.
The threshold trick is from BoringSSL.
goos: linux
goarch: amd64
pkg: crypto/rsa
cpu: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
│ old │ new │
│ sec/op │ sec/op vs base │
DecryptPKCS1v15/2048-4 1.398m ± 0% 1.396m ± 4% ~ (p=0.853 n=10)
DecryptPKCS1v15/3072-4 3.640m ± 0% 3.652m ± 1% ~ (p=0.063 n=10)
DecryptPKCS1v15/4096-4 7.756m ± 0% 7.764m ± 0% ~ (p=0.853 n=10)
EncryptPKCS1v15/2048-4 175.50µ ± 0% 39.37µ ± 0% -77.57% (p=0.000 n=10)
DecryptOAEP/2048-4 1.375m ± 0% 1.371m ± 1% ~ (p=0.089 n=10)
EncryptOAEP/2048-4 177.64µ ± 0% 41.17µ ± 1% -76.82% (p=0.000 n=10)
SignPKCS1v15/2048-4 1.419m ± 0% 1.393m ± 1% -1.84% (p=0.000 n=10)
VerifyPKCS1v15/2048-4 173.70µ ± 1% 38.28µ ± 2% -77.96% (p=0.000 n=10)
SignPSS/2048-4 1.437m ± 1% 1.413m ± 0% -1.64% (p=0.000 n=10)
VerifyPSS/2048-4 176.83µ ± 1% 43.08µ ± 5% -75.64% (p=0.000 n=10)
This finally makes everything in crypto/rsa faster than it was in Go 1.19.
goos: linux
goarch: amd64
pkg: crypto/rsa
cpu: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
│ go1.19.txt │ go1.20.txt │ go1.21.txt │ new.txt │
│ sec/op │ sec/op vs base │ sec/op vs base │ sec/op vs base │
DecryptPKCS1v15/2048-4 1.458m ± 0% 1.597m ± 1% +9.50% (p=0.000 n=10) 1.395m ± 1% -4.30% (p=0.000 n=10) 1.396m ± 4% -4.25% (p=0.002 n=10)
DecryptPKCS1v15/3072-4 4.023m ± 1% 5.332m ± 1% +32.53% (p=0.000 n=10) 3.649m ± 1% -9.30% (p=0.000 n=10) 3.652m ± 1% -9.23% (p=0.000 n=10)
DecryptPKCS1v15/4096-4 8.710m ± 1% 11.937m ± 1% +37.05% (p=0.000 n=10) 7.564m ± 1% -13.16% (p=0.000 n=10) 7.764m ± 0% -10.86% (p=0.000 n=10)
EncryptPKCS1v15/2048-4 51.79µ ± 0% 267.68µ ± 0% +416.90% (p=0.000 n=10) 176.42µ ± 0% +240.67% (p=0.000 n=10) 39.37µ ± 0% -23.98% (p=0.000 n=10)
DecryptOAEP/2048-4 1.461m ± 0% 1.613m ± 1% +10.37% (p=0.000 n=10) 1.415m ± 0% -3.13% (p=0.000 n=10) 1.371m ± 1% -6.18% (p=0.000 n=10)
EncryptOAEP/2048-4 54.24µ ± 0% 269.19µ ± 0% +396.28% (p=0.000 n=10) 177.31µ ± 0% +226.89% (p=0.000 n=10) 41.17µ ± 1% -24.10% (p=0.000 n=10)
SignPKCS1v15/2048-4 1.510m ± 0% 1.705m ± 0% +12.93% (p=0.000 n=10) 1.423m ± 1% -5.78% (p=0.000 n=10) 1.393m ± 1% -7.76% (p=0.000 n=10)
VerifyPKCS1v15/2048-4 50.87µ ± 0% 266.41µ ± 1% +423.71% (p=0.000 n=10) 174.38µ ± 0% +242.79% (p=0.000 n=10) 38.28µ ± 2% -24.75% (p=0.000 n=10)
SignPSS/2048-4 1.513m ± 1% 1.709m ± 0% +12.97% (p=0.000 n=10) 1.461m ± 0% -3.42% (p=0.000 n=10) 1.413m ± 0% -6.58% (p=0.000 n=10)
VerifyPSS/2048-4 53.45µ ± 1% 268.56µ ± 0% +402.48% (p=0.000 n=10) 177.29µ ± 0% +231.72% (p=0.000 n=10) 43.08µ ± 5% -19.39% (p=0.000 n=10)
geomean 514.6µ 1.094m +112.65% 801.6µ +55.77% 442.1µ -14.08%
Fixes #63516
Change-Id: If40e596a2e4b3ab7a202ff34591cf9cffecfcc1b
Reviewed-on: https://go-review.googlesource.com/c/go/+/552935
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Than McIntosh <[email protected]>
Reviewed-by: Roland Shoemaker <[email protected]>
…e to fips-20220613" +1
This reverts commit 7383b2a4db5dc93c9b875b42d5add73d27cc4b9f
("crypto/internal/boring: upgrade module to fips-20220613") and commit
4106de901a8efe914cda6f6c4e8d45ff8c115da4 ("crypto/tls: align FIPS-only
mode with BoringSSL policy").
Fixes #65324
Updates #65321
Updates #64717
Updates #62372
Change-Id: I0938b97e5b4904e6532448b8ae76e920d03d0508
Reviewed-on: https://go-review.googlesource.com/c/go/+/558796
Reviewed-by: Michael Knyszek <[email protected]>
Reviewed-by: Roland Shoemaker <[email protected]>
Auto-Submit: Filippo Valsorda <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
(cherry picked from commit 09b5de48e64e67db92b31eaca054c5d096e3c057)
Reviewed-on: https://go-review.googlesource.com/c/go/+/558797
Reviewed-by: Dmitri Shuralyov <[email protected]>
…ore interface conversion alreadyInChain assumes all keys fit a interface which contains the Equal method (which they do), but this ignores that certificates may have a nil key when PublicKeyAlgorithm is UnknownPublicKeyAlgorithm. In this case alreadyInChain panics. Check that the key is non-nil as part of considerCandidate (we are never going to build a chain containing UnknownPublicKeyAlgorithm anyway). For #65390 Fixes #65831 Fixes CVE-2024-24783 Change-Id: Ibdccc0a487e3368b6812be35daad2512220243f3 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2137282 Reviewed-by: Damien Neil <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> Reviewed-by: Tatiana Bradley <[email protected]> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2174343 Reviewed-by: Carlos Amedee <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-on: https://go-review.googlesource.com/c/go/+/569235 LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Michael Knyszek <[email protected]> Reviewed-by: Carlos Amedee <[email protected]>
…le again The OID type is not exported data like most of the other x509 structs. Using it in x509.Certificate made Certificate not gob-compatible anymore, which breaks real-world code. As a temporary fix, make gob ignore that field, making it work as well as it did in Go 1.21. For Go 1.23, we anticipate adding a proper fix and removing the gob workaround. See #65633 and #66249 for more details. For #66249. For #65633. Fixes #66273. Change-Id: Idd1431d15063b3009e15d0565cd3120b9fa13f61 Reviewed-on: https://go-review.googlesource.com/c/go/+/571095 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Rob Pike <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-on: https://go-review.googlesource.com/c/go/+/571715 Reviewed-by: David Chase <[email protected]>
36 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This diff syncs the oohttp fork with go1.22.2 upstream. Here's the diff between us and upstream.