Replace custom append functions in the hash functions with the implementation of the encoding/binary package that do the same thing.
The binary bigendian functions are already used in other parts of the code in the crypto package.
Change-Id: I76d2dbe143fc72a3b4ac06be312caf72bd71378a
GitHub-Last-Rev: 1c6c68279e
GitHub-Pull-Request: golang/go#55085
Reviewed-on: https://go-review.googlesource.com/c/go/+/431035
Run-TryBot: Ian Lance Taylor <iant@google.com>
Reviewed-by: Keith Randall <khr@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
MarshalPKIXPublicKey, CreateCertificate, CreateCertificateRequest,
MarshalECPrivateKey, and MarshalPKCS8PrivateKey started raising a panic
when encoding an invalid ECDSA key in Go 1.19. Since they have an error
return value, they should return an error instead.
Fixes#54288
Change-Id: Iba132cd2f890ece36bb7d0396eb9a9a77bdb81df
Reviewed-on: https://go-review.googlesource.com/c/go/+/422298
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Update the version of BoringCrypto to boringssl tag
fips-20210429, for which FIPS approval is "in process".
Add GOARCH=arm64 BoringCrypto support.
Shuffle build to run as distinct steps in Docker so that
we can rerun later parts like build-goboring.sh without
rerunning all the setup.
Strip unnecessary parts of the syso using --strip-unneeded,
which cuts the amd64 syso from 10MB to 2.5MB.
The new arm64 syso is 2MB, so even though we added a new
architecture, we have half as much syso to distribute.
Change-Id: I0f7327389a3a485b82577abea9153d006418298f
Reviewed-on: https://go-review.googlesource.com/c/go/+/423362
Reviewed-by: Cherry Mui <cherryyz@google.com>
Auto-Submit: Russ Cox <rsc@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
Generics lets us write Cache[K, V] instead of using unsafe.Pointer,
which lets us remove all the uses of package unsafe around the
uses of the cache.
I tried to do Cache[*K, *V] instead of Cache[K, V] but that was not possible.
Change-Id: If3b54cf4c8d2a44879a5f343fd91ecff096537e9
Reviewed-on: https://go-review.googlesource.com/c/go/+/423357
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Auto-Submit: Russ Cox <rsc@golang.org>
Export cipher.xorBytes as subtle.XORBytes, for proposal #53021,
to provide fast XOR to cryptography libraries outside crypto/cipher.
Along with the move, implement the alignment check TODO
in xor_generic.go, so that systems with neither unaligned
accesses nor custom assembly can still XOR a word at a time
in word-based algorithms like GCM. This removes the need
for the separate cipher.xorWords.
Fixes#53021.
Change-Id: I58f80a922f1cff671b5ebc6168eb046e702b5a4c
Reviewed-on: https://go-review.googlesource.com/c/go/+/421435
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Alan Donovan <adonovan@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
This avoids an import conflict with crypto/subtle.
CL 424175 does the same for x/crypto.
Change-Id: Id4a319b3283b8affaaf769062388325b31fe1715
Reviewed-on: https://go-review.googlesource.com/c/go/+/424194
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Auto-Submit: Russ Cox <rsc@golang.org>
If a program only uses ecdh.P256(), the implementation of the other
curves shouldn't end up in the binary. This mostly required moving some
operations from init() time. Small performance hit in uncompressed
Bytes/SetBytes, but not big enough to show up in higher-level
benchmarks. If it becomes a problem, we can fix it by pregenerating the
p-1 bytes representation in generate.go.
For #52182
Updates #52221
Change-Id: I64460973b59ee3df787d7e967a6c2bcbc114ba65
Reviewed-on: https://go-review.googlesource.com/c/go/+/402555
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Fernando Lobato Meeser <felobato@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
We use crypto/internal/edwards25519/field to implement X25519 directly,
so that golang.org/x/crypto/curve25519 can be dropped from the src
module dependencies, and eventually replaced with a crypto/ecdh wrapper,
removing the need to keep golang.org/x/crypto/curve25519/internal/field
in sync with crypto/internal/edwards25519/field.
In crypto/internal/nistec, we add BytesX to serialize only the x
coordinate, which we'll need for the horrible ECDSA x-coord-to-scalar
operation, too.
In crypto/tls, we replace the ECDHE implementation with crypto/ecdh,
dropping the X25519 special cases and related scaffolding.
Finally, FINALLY, we deprecate the ~white whale~ big.Int-based APIs of
the crypto/elliptic package. •_•) ( •_•)>⌐■-■ (⌐■_■)
Fixes#52182Fixes#34648Fixes#52221
Change-Id: Iccdda210319cc892e96bb28a0e7b7123551982c7
Reviewed-on: https://go-review.googlesource.com/c/go/+/398914
Reviewed-by: Fernando Lobato Meeser <felobato@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Change the type of Conn.handshakeStatus from an atomically
accessed uint32 to an atomic.Bool. Change its name to
Conn.isHandshakeComplete to indicate it is a boolean value.
Eliminate the handshakeComplete() helper function, which checks
for equality with 1, in favor of the simpler
c.isHandshakeComplete.Load().
Change-Id: I084c83956fff266e2145847e8645372bef6ae9df
Reviewed-on: https://go-review.googlesource.com/c/go/+/422296
Auto-Submit: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Than McIntosh <thanm@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
So we don't have to duplicate the logic to detect noopt builder in
multiple places.
Based on khr@'s suggestion in CL 422037.
Change-Id: Idb338e8bc08cdf00460574bfc0d2f7018c79bbd5
Reviewed-on: https://go-review.googlesource.com/c/go/+/422038
Reviewed-by: Than McIntosh <thanm@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Keith Randall <khr@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
Run-TryBot: Cuong Manh Le <cuong.manhle.vn@gmail.com>
As it can't appear in user package paths.
There is a hack for handling "go:buildid" and "type:*" on windows/386.
Previously, windows/386 requires underscore prefix on external symbols,
but that's only applied for SHOSTOBJ/SUNDEFEXT or cgo export symbols.
"go.buildid" is STEXT, "type.*" is STYPE, thus they are not prefixed
with underscore.
In external linking mode, the external linker can't resolve them as
external symbols. But we are lucky that they have "." in their name,
so the external linker see them as Forwarder RVA exports. See:
- https://docs.microsoft.com/en-us/windows/win32/debug/pe-format#export-address-table
- https://sourceware.org/git/?p=binutils-gdb.git;a=blob;f=ld/pe-dll.c;h=e7b82ba6ffadf74dc1b9ee71dc13d48336941e51;hb=HEAD#l972)
This CL changes "." to ":" in symbols name, so theses symbols can not be
found by external linker anymore. So a hacky way is adding the
underscore prefix for these 2 symbols. I don't have enough knowledge to
verify whether adding the underscore for all STEXT/STYPE symbols are
fine, even if it could be, that would be done in future CL.
Fixes#37762
Change-Id: I92eaaf24c0820926a36e0530fdb07b07af1fcc35
Reviewed-on: https://go-review.googlesource.com/c/go/+/317917
Reviewed-by: Than McIntosh <thanm@google.com>
Run-TryBot: Cuong Manh Le <cuong.manhle.vn@gmail.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Change-Id: I228a23754656b41843573bd4217de4df46c9df36
Reviewed-on: https://go-review.googlesource.com/c/go/+/417954
Run-TryBot: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Jenny Rakoczy <jenny@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Similar to certificate serial numbers, RFC 5280 restricts the length of
the CRL number field to no more than 20 octets. Enforce this in
CreateRevocationList.
Fixes#53543
Change-Id: If392ef6b0844db716ae9ee6ef317135fceab039c
Reviewed-on: https://go-review.googlesource.com/c/go/+/415134
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
When checking to see if a CRL entry has any extensions, attempt to read
them from the individual revokedCertificate, rather than from the parent
TBSCertList.
Additionally, crlEntryExtensions is not an EXPLICIT field (c.f.
crlExtension and Certificate extensions), so do not perform an extra
layer of unwrapping when parsing the field.
The added test case fails without the accompanying changes.
Fixes#53592
Change-Id: Icc00e4c911f196aef77e3248117de64ddc5ea27f
Reviewed-on: https://go-review.googlesource.com/c/go/+/414877
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
The x509.RevocationList type has two fields which correspond to
extensions, rather than native fields, of the underlying ASN.1 CRL:
the .Number field corresponds to the crlNumber extension, and
the .AuthorityKeyId field corresponds to the authorityKeyIdentifier
extension.
The x509.CreateRevocationList() function uses these fields to populate
their respective extensions in the resulting CRL. However, the
x509.ParseRevocationList() function does not perform the reverse
operation: the fields retain their zero-values even after parsing a CRL
which contains the relevant extensions.
Add code which populates these fields when parsing their extensions.
Add assertions to the existing tests to confirm that the values are
populated appropriately.
Fixes#53726
Change-Id: Ie5b71081e53034e0b5b9ff3c122065c62f15cf23
Reviewed-on: https://go-review.googlesource.com/c/go/+/416354
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
There was a deprecation message on RevokedCertificate which was
intended to be on CertificateList.
Change-Id: Ia378935afc75c36702e64cf33ea5c8a24c1488ca
Reviewed-on: https://go-review.googlesource.com/c/go/+/414754
Auto-Submit: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Requested by the maintainers of the OpenSSL-based fork of Go+BoringCrypto,
to make maintaining that fork easier.
Change-Id: I770e70ecc12b589034da31edecf59c73b2c6e1dd
Reviewed-on: https://go-review.googlesource.com/c/go/+/407135
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Russ Cox <rsc@golang.org>
This CL addresses the comments on CL 403154.
For #51940.
Change-Id: I99bb3530916d469077bfbd53095bfcd1d2aa82ef
Reviewed-on: https://go-review.googlesource.com/c/go/+/403976
Reviewed-by: Roland Shoemaker <roland@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Excluding vendor and testdata.
CL 384268 already reformatted most, but these slipped past.
The struct in the doc comment in debug/dwarf/type.go
was fixed up by hand to indent the first and last lines as well.
For #51082.
Change-Id: Iad020f83aafd671ff58238fe491907e85923d0c7
Reviewed-on: https://go-review.googlesource.com/c/go/+/407137
Run-TryBot: Russ Cox <rsc@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
As required by RFC 8446, section 4.6.1, ticket_age_add now holds a
random 32-bit value. Before this change, this value was always set
to 0.
This change also documents the reasoning for always setting
ticket_nonce to 0. The value ticket_nonce must be unique per
connection, but we only ever send one ticket per connection.
Fixes#52814
Fixes CVE-2022-30629
Change-Id: I6c2fc6ca0376b7b968abd59d6d3d3854c1ab68bb
Reviewed-on: https://go-review.googlesource.com/c/go/+/405994
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Tatiana Bradley <tatiana@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Change-Id: Iee18987c495d1d4bde9da888d454eea8079d3ebc
GitHub-Last-Rev: ff5e01599d
GitHub-Pull-Request: golang/go#52949
Reviewed-on: https://go-review.googlesource.com/c/go/+/406915
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Reviewed-by: Robert Griesemer <gri@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
There is no requirement for how the expanded keys are stored
in memory. They are only accessed by asm routines. If keys
are stored directly with stxvd2x, they can be loaded directly
with lxvd2x.
This speeds up ppc64le key expansion and crypting a bit too.
POWER9 aes benchmark delta:
name old time/op new time/op delta
Encrypt 15.0ns ± 0% 13.0ns ± 0% -13.17%
Decrypt 14.6ns ± 0% 13.0ns ± 0% -11.02%
Expand 49.1ns ± 0% 45.1ns ± 0% -8.01%
name old time/op new time/op delta
AESCBCEncrypt1K 1.08µs ± 0% 1.08µs ± 0% -0.46%
AESCBCDecrypt1K 744ns ± 0% 562ns ± 0% -24.46%
Change-Id: I91f3cdc770a178aee849301e4e6aa5a4a517ad10
Reviewed-on: https://go-review.googlesource.com/c/go/+/405135
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: Paul Murphy <murp@ibm.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Lynn Boger <laboger@linux.vnet.ibm.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
This reworks how we load/store vector registers using the new
bi-endian P9 instruction emulation macros. This also removes
quite a bit of asm used to align and reorder vector registers.
This is also a slight improvement on P9 ppc64le/linux:
name old speed new speed delta
AESCBCEncrypt1K 936MB/s ± 0% 943MB/s ± 0% +0.80%
AESCBCDecrypt1K 1.28GB/s ± 0% 1.37GB/s ± 0% +6.76%
Updates #18499
Change-Id: Ic5ff71d217d7302b6ae4e8d877c25004bfda5ecd
Reviewed-on: https://go-review.googlesource.com/c/go/+/405134
Run-TryBot: Paul Murphy <murp@ibm.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Lynn Boger <laboger@linux.vnet.ibm.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
In TestHybridPool attempt to prime to the windows root pool before
the real test actually happens. This is a bit of a band-aid, with
a better long term solution discussed in #52108.
Updates #51599
Change-Id: I406add8d9cd9e3fae37bfc20b97f5479c10a52c2
Reviewed-on: https://go-review.googlesource.com/c/go/+/405914
Reviewed-by: Bryan Mills <bcmills@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>
This adds the code to allow the gcm assembler code to work on
big endian ppc64.
Updates #18499
Change-Id: Iab1ffc9b8af38a0605a91f2621dd9f4a9397b945
Reviewed-on: https://go-review.googlesource.com/c/go/+/404795
Reviewed-by: Heschi Kreinick <heschi@google.com>
Reviewed-by: Paul Murphy <murp@ibm.com>
Run-TryBot: Lynn Boger <laboger@linux.vnet.ibm.com>
Reviewed-by: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Make some code more simple.
Change-Id: I801adf0dba5f6c515681345c732dbb907f945419
GitHub-Last-Rev: a505146bac
GitHub-Pull-Request: golang/go#49626
Reviewed-on: https://go-review.googlesource.com/c/go/+/364634
Run-TryBot: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
This does not enable GCM or CBC variants for ppc64, they
require more work to support bi-endian.
Updates #18499
Change-Id: Ic2bbe81c60107abc0a4803d8b9a833213286b1d0
Reviewed-on: https://go-review.googlesource.com/c/go/+/404395
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Paul Murphy <murp@ibm.com>
Reviewed-by: Lynn Boger <laboger@linux.vnet.ibm.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Filippo Valsorda <valsorda@google.com>
This unrolls the counter loop and simplifies the load/storing
of text/ciphertext and keys by using unaligned VSX memory
operations.
Performance delta on POWER9:
name old time/op new time/op delta
Encrypt 19.9ns ± 0% 14.9ns ± 0% -24.95%
Decrypt 19.8ns ± 0% 14.6ns ± 0% -26.12%
Change-Id: Iba98d5c1d88c6bead45bc04c97ae64bcb6fc9f21
Reviewed-on: https://go-review.googlesource.com/c/go/+/404354
Run-TryBot: Paul Murphy <murp@ibm.com>
Reviewed-by: Lynn Boger <laboger@linux.vnet.ibm.com>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Filippo Valsorda <valsorda@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
This race is benign, but it still trips up the race detector, so turn
this into an atomic read.
Fixes#52739.
Change-Id: Ib53362286b456513c8c69d6d2d73c6c90ec095f3
Reviewed-on: https://go-review.googlesource.com/c/go/+/404475
Auto-Submit: Jason Donenfeld <Jason@zx2c4.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Bryan Mills <bcmills@google.com>
Run-TryBot: Jason Donenfeld <Jason@zx2c4.com>
The path building rework broke the enforcement of EKU nesting, this
change goes back to using the old method of enforcement, since it ends
up being more efficient to check the chains after building, rather than
at each step during path building.
Fixes#52659
Change-Id: Ic7c3717a10c33905677cf7bc4bc0a20f5f15f259
Reviewed-on: https://go-review.googlesource.com/c/go/+/403554
Reviewed-by: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <valsorda@google.com>
Run-TryBot: Roland Shoemaker <roland@golang.org>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Add support for ppc64le assembler to p256. Most of the changes
are due to the change in nistec interfaces.
There is a change to p256MovCond based on a reviewer's comment.
LXVD2X replaces the use of LXVW4X in one function.
In addition, some refactoring has been done to this file to
reduce size and improve readability:
- Eliminate the use of defines to switch between V and VSX
registers. V regs can be used for instructions some that
previously required VSX.
- Use XXPERMDI instead of VPERM to swap bytes loaded and
stored with LXVD2X and STXVD2X instructions. This eliminates
the need to load the byte swap string into a vector.
- Use VMRGEW and VMRGOW instead of VPERM in the VMULT
macros. This also avoids the need to load byte strings to
swap the high and low values.
These changes reduce the file by about 10% and shows an
improvement of about 2% at runtime.
For #52182
Change-Id: Ic48050fc81bb273b7b4023e54864f4255dcc2a4f
Reviewed-on: https://go-review.googlesource.com/c/go/+/399755
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Filippo Valsorda <valsorda@google.com>
Reviewed-by: Paul Murphy <murp@ibm.com>
Use the batched reader to chunk large Read calls on windows to a max of
1 << 31 - 1 bytes. This prevents an infinite loop when trying to read
more than 1 << 32 -1 bytes, due to how RtlGenRandom works.
This change moves the batched function from rand_unix.go to rand.go,
since it is now needed for both windows and unix implementations.
Fixes#52561
Change-Id: Id98fc4b1427e5cb2132762a445b2aed646a37473
Reviewed-on: https://go-review.googlesource.com/c/go/+/402257
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Filippo Valsorda <valsorda@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
This will allow us to use crypto/internal/edwards25519/field from
crypto/ecdh to implement X25519, dropping the dependency on
golang.org/x/crypto/curve25519.
For #52182
Change-Id: I3be9debc6e13bf06944b98668f34313a975914d0
Reviewed-on: https://go-review.googlesource.com/c/go/+/402556
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
So it's reachable from crypto/ecdsa and the upcoming crypto/ecdh.
No code changes.
For #52182
Change-Id: Ie3216052f46c6ef7ec64d8b87a233a9c50c4b16a
Reviewed-on: https://go-review.googlesource.com/c/go/+/398674
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
cuiweixie
Erik Pellizzon
Tobias Klauser
Meng Zhuo
Filippo Valsorda
Russ Cox
Abirdcfly
Mike Faraponov
Ludi Rehak
Cuong Manh Le
Dan Kortschak
Roland Shoemaker
Aaron Gable
Tatiana Bradley
pooja shyamsundar
John Bampton
Paul E. Murphy
Lynn Boger
Ryan Leung
David Taylor
Jason A. Donenfeld