diff options
author | Russ Cox <rsc@golang.org> | 2022-04-27 09:02:53 -0400 |
---|---|---|
committer | Russ Cox <rsc@golang.org> | 2022-04-29 14:23:29 +0000 |
commit | 0184fe5ece4f84fda9db04d2472b76efcaa8ef55 (patch) | |
tree | 46d2538ae712570da44013bf6301403bbecda4a3 /src/crypto/tls/notboring.go | |
parent | 9e9c7a0aec0f821b54006681d4fdfba8a0cd6679 (diff) | |
download | go-0184fe5ece4f84fda9db04d2472b76efcaa8ef55.tar.gz go-0184fe5ece4f84fda9db04d2472b76efcaa8ef55.zip |
[dev.boringcrypto] crypto/x509: remove VerifyOptions.IsBoring
This API was added only for BoringCrypto, never shipped in standard
Go. This API is also not compatible with the expected future evolution
of crypto/x509, as we move closer to host verifiers on macOS and Windows.
If we want to merge BoringCrypto into the main tree, it is best not to
have differing API. So instead of a hook set by crypto/tls, move the
actual check directly into crypto/x509, eliminating the need for
exposed API.
For #51940.
Change-Id: Ia2ae98c745de818d39501777014ea8166cab0b03
Reviewed-on: https://go-review.googlesource.com/c/go/+/395878
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Diffstat (limited to 'src/crypto/tls/notboring.go')
-rw-r--r-- | src/crypto/tls/notboring.go | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/src/crypto/tls/notboring.go b/src/crypto/tls/notboring.go index d79ea21a0b4..7d85b39c593 100644 --- a/src/crypto/tls/notboring.go +++ b/src/crypto/tls/notboring.go @@ -6,18 +6,15 @@ package tls -import "crypto/x509" - func needFIPS() bool { return false } func supportedSignatureAlgorithms() []SignatureScheme { return defaultSupportedSignatureAlgorithms } -func fipsMinVersion(c *Config) uint16 { panic("fipsMinVersion") } -func fipsMaxVersion(c *Config) uint16 { panic("fipsMaxVersion") } -func fipsCurvePreferences(c *Config) []CurveID { panic("fipsCurvePreferences") } -func fipsCipherSuites(c *Config) []uint16 { panic("fipsCipherSuites") } -func isBoringCertificate(c *x509.Certificate) bool { panic("isBoringCertificate") } +func fipsMinVersion(c *Config) uint16 { panic("fipsMinVersion") } +func fipsMaxVersion(c *Config) uint16 { panic("fipsMaxVersion") } +func fipsCurvePreferences(c *Config) []CurveID { panic("fipsCurvePreferences") } +func fipsCipherSuites(c *Config) []uint16 { panic("fipsCipherSuites") } var fipsSupportedSignatureAlgorithms []SignatureScheme |