]> Cypherpunks.ru repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 368e2a9) | patch
[release-branch.go1.21] crypto/tls: align FIPS-only mode with BoringSSL policy
authorFilippo Valsorda <filippo@golang.org>
Thu, 14 Dec 2023 21:13:29 +0000 (22:13 +0100)
committerGopher Robot <gobot@golang.org>
Thu, 4 Jan 2024 23:16:07 +0000 (23:16 +0000)
commitd2cb1401946f683a73779e6ac4e30108a9b67c5c
tree2b331b66817f99b0344af3d024f1b7989b391ecctree
parent368e2a9461a7452d272b039e8882791e45fb70b8commit | diff
[release-branch.go1.21] crypto/tls: align FIPS-only mode with BoringSSL policy

This enables TLS 1.3, disables P-521, and disables non-ECDHE suites.

Updates #64717
Updates #62372
Fixes #64719

Change-Id: I3a65b239ef0198bbdbe5e55e0810e7128f90a091
Reviewed-on: https://go-review.googlesource.com/c/go/+/549975
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Than McIntosh <thanm@google.com>
Reviewed-on: https://go-review.googlesource.com/c/go/+/553856
Auto-Submit: Matthew Dempsky <mdempsky@google.com>
Reviewed-by: Matthew Dempsky <mdempsky@google.com>
src/crypto/internal/boring/aes.go diff | blob | history
src/crypto/internal/boring/notboring.go diff | blob | history
src/crypto/tls/boring.go diff | blob | history
src/crypto/tls/boring_test.go diff | blob | history
src/crypto/tls/cipher_suites.go diff | blob | history
src/crypto/tls/handshake_client.go diff | blob | history
src/crypto/tls/handshake_client_tls13.go diff | blob | history
src/crypto/tls/handshake_server_test.go diff | blob | history
src/crypto/tls/handshake_server_tls13.go diff | blob | history
src/crypto/tls/notboring.go diff | blob | history
src/crypto/x509/boring.go diff | blob | history
Go GOST TLS 1.3