]> Cypherpunks.ru repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 7383b2a) | patch
crypto/tls: align FIPS-only mode with BoringSSL policy
authorFilippo Valsorda <filippo@golang.org>
Thu, 14 Dec 2023 21:13:29 +0000 (22:13 +0100)
committerRoland Shoemaker <roland@golang.org>
Mon, 18 Dec 2023 23:29:17 +0000 (23:29 +0000)
commit4106de901a8efe914cda6f6c4e8d45ff8c115da4
treebdf90e2ad915fdc1c9dd066661f56e88fea74620tree
parent7383b2a4db5dc93c9b875b42d5add73d27cc4b9fcommit | diff
crypto/tls: align FIPS-only mode with BoringSSL policy

This enables TLS 1.3, disables P-521, and disables non-ECDHE suites.

Fixes #64717
Updates #62372

Change-Id: I3a65b239ef0198bbdbe5e55e0810e7128f90a091
Reviewed-on: https://go-review.googlesource.com/c/go/+/549975
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Than McIntosh <thanm@google.com>
src/crypto/internal/boring/aes.go diff | blob | history
src/crypto/internal/boring/notboring.go diff | blob | history
src/crypto/tls/boring.go diff | blob | history
src/crypto/tls/boring_test.go diff | blob | history
src/crypto/tls/cipher_suites.go diff | blob | history
src/crypto/tls/handshake_client.go diff | blob | history
src/crypto/tls/handshake_client_tls13.go diff | blob | history
src/crypto/tls/handshake_server_test.go diff | blob | history
src/crypto/tls/handshake_server_tls13.go diff | blob | history
src/crypto/tls/notboring.go diff | blob | history
src/crypto/x509/boring.go diff | blob | history
Go GOST TLS 1.3