Test Merging TLSv1.3 Branch

.github/dependabot.yml

@@ -0,0 +1,17 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
+
+  - package-ecosystem: "gomod" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
+

.github/workflows/go.yml

@@ -14,12 +14,12 @@ jobs:
     steps:
 
     - name: Set up Go
-      uses: actions/setup-go@v2
+      uses: actions/setup-go@v5
       with:
         go-version: ^1.16
 
     - name: Check out code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     - name: Build
       run: go build -v ./...

.github/workflows/gofmt.yml

@@ -14,10 +14,10 @@ jobs:
     steps:
 
     - name: Check out code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     - name: Check gofmt
-      uses: Jerome1337/[email protected].4
+      uses: Jerome1337/[email protected].5
       with:
         gofmt-path: './'
         gofmt-flags: -l -s

.github/workflows/psl-update.yml

@@ -11,10 +11,10 @@ jobs:
     steps:
 
       - name: Check out code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Set up Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v5
         with:
           go-version: ^1.16
 
@@ -23,7 +23,7 @@ jobs:
         run: echo "::set-output name=now::$(date +'%Y-%m-%dT%H:%M:%S %Z')"
 
       - name: Update publicsuffix-go
-        run: go get -u github.com/weppos/publicsuffix-go@master
+        run: go get -u github.com/weppos/publicsuffix-go@main
 
       - name: Run go mod tidy
         run: go mod tidy
@@ -36,7 +36,7 @@ jobs:
 
       - name: Create pull-request
         id: cpr
-        uses: peter-evans/create-pull-request@v3
+        uses: peter-evans/create-pull-request@v7
         with:
           commit-message: "deps: update publicsuffix-go for ${{ steps.get-date.outputs.now }}"
           title: "deps: update weppos/publicsuffix-go for ${{ steps.get-date.outputs.now }}"

cryptobyte/asn1.go

@@ -750,3 +750,42 @@ func (s *String) readASN1(out *String, outTag *asn1.Tag, skipHeader bool) bool {
 
 	return true
 }
+
+const defaultUTCTimeFormatStr = "060102150405Z0700"
+
+// ReadASN1UTCTime decodes an ASN.1 UTCTime into out and advances.
+// It reports whether the read was successful.
+func (s *String) ReadASN1UTCTime(out *time.Time) bool {
+	var bytes String
+	if !s.ReadASN1(&bytes, asn1.UTCTime) {
+		return false
+	}
+	t := string(bytes)
+
+	formatStr := defaultUTCTimeFormatStr
+	var err error
+	res, err := time.Parse(formatStr, t)
+	if err != nil {
+		// Fallback to minute precision if we can't parse second
+		// precision. If we are following X.509 or X.690 we shouldn't
+		// support this, but we do.
+		formatStr = "0601021504Z0700"
+		res, err = time.Parse(formatStr, t)
+	}
+	if err != nil {
+		return false
+	}
+
+	if serialized := res.Format(formatStr); serialized != t {
+		return false
+	}
+
+	if res.Year() >= 2050 {
+		// UTCTime interprets the low order digits 50-99 as 1950-99.
+		// This only applies to its use in the X.509 profile.
+		// See https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1
+		res = res.AddDate(-100, 0, 0)
+	}
+	*out = res
+	return true
+}

cryptobyte/builder.go

@@ -106,13 +106,13 @@ func (b *Builder) AddBytes(v []byte) {
 // supplied to them. The child builder passed to the continuation can be used
 // to build the content of the length-prefixed sequence. For example:
 //
-//   parent := cryptobyte.NewBuilder()
-//   parent.AddUint8LengthPrefixed(func (child *Builder) {
-//     child.AddUint8(42)
-//     child.AddUint8LengthPrefixed(func (grandchild *Builder) {
-//       grandchild.AddUint8(5)
-//     })
-//   })
+//	parent := cryptobyte.NewBuilder()
+//	parent.AddUint8LengthPrefixed(func (child *Builder) {
+//	  child.AddUint8(42)
+//	  child.AddUint8LengthPrefixed(func (grandchild *Builder) {
+//	    grandchild.AddUint8(5)
+//	  })
+//	})
 //
 // It is an error to write more bytes to the child than allowed by the reserved
 // length prefix. After the continuation returns, the child must be considered

ct/asn1/asn1.go

@@ -5,7 +5,7 @@
 // Package asn1 implements parsing of DER-encoded ASN.1 data structures,
 // as defined in ITU-T Rec X.690.
 //
-// See also ``A Layman's Guide to a Subset of ASN.1, BER, and DER,''
+// See also “A Layman's Guide to a Subset of ASN.1, BER, and DER,”
 // http://luca.ntop.org/Teaching/Appunti/asn1.html.
 //
 // START CT CHANGES

ct/asn1/marshal.go

@@ -18,7 +18,9 @@ import (
 // A forkableWriter is an in-memory buffer that can be
 // 'forked' to create new forkableWriters that bracket the
 // original.  After
-//    pre, post := w.fork();
+//
+//	pre, post := w.fork();
+//
 // the overall sequence of bytes represented is logically w+pre+post.
 type forkableWriter struct {
 	*bytes.Buffer
@@ -562,6 +564,9 @@ func marshalField(out *forkableWriter, v reflect.Value, params fieldParameters)
 			length:     bodyLen + tags.Len(),
 			isCompound: true,
 		})
+		if err != nil {
+			return
+		}
 	}
 
 	return nil

ct/client/logclient.go

@@ -375,12 +375,18 @@ func (c *LogClient) GetEntries(start, end int64) ([]ct.LogEntry, error) {
 	entries := make([]ct.LogEntry, len(resp.Entries))
 	for index, entry := range resp.Entries {
 		leafBytes, err := base64.StdEncoding.DecodeString(entry.LeafInput)
+		if err != nil {
+			return nil, err
+		}
 		leaf, err := ct.ReadMerkleTreeLeaf(bytes.NewBuffer(leafBytes))
 		if err != nil {
 			return nil, err
 		}
 		entries[index].Leaf = *leaf
 		chainBytes, err := base64.StdEncoding.DecodeString(entry.ExtraData)
+		if err != nil {
+			return nil, err
+		}
 
 		var chain []ct.ASN1Cert
 		switch leaf.TimestampedEntry.EntryType {

ct/types.go

@@ -21,7 +21,8 @@ const (
 ///////////////////////////////////////////////////////////////////////////////
 
 // LogEntryType represents the LogEntryType enum from section 3.1 of the RFC:
-//   enum { x509_entry(0), precert_entry(1), (65535) } LogEntryType;
+//
+//	enum { x509_entry(0), precert_entry(1), (65535) } LogEntryType;
 type LogEntryType uint16
 
 func (e LogEntryType) String() string {

ct/x509/pkcs8_test.go

@@ -12,7 +12,8 @@ import (
 var pkcs8RSAPrivateKeyHex = `30820278020100300d06092a864886f70d0101010500048202623082025e02010002818100cfb1b5bf9685ffa97b4f99df4ff122b70e59ac9b992f3bc2b3dde17d53c1a34928719b02e8fd17839499bfbd515bd6ef99c7a1c47a239718fe36bfd824c0d96060084b5f67f0273443007a24dfaf5634f7772c9346e10eb294c2306671a5a5e719ae24b4de467291bc571014b0e02dec04534d66a9bb171d644b66b091780e8d020301000102818100b595778383c4afdbab95d2bfed12b3f93bb0a73a7ad952f44d7185fd9ec6c34de8f03a48770f2009c8580bcd275e9632714e9a5e3f32f29dc55474b2329ff0ebc08b3ffcb35bc96e6516b483df80a4a59cceb71918cbabf91564e64a39d7e35dce21cb3031824fdbc845dba6458852ec16af5dddf51a8397a8797ae0337b1439024100ea0eb1b914158c70db39031dd8904d6f18f408c85fbbc592d7d20dee7986969efbda081fdf8bc40e1b1336d6b638110c836bfdc3f314560d2e49cd4fbde1e20b024100e32a4e793b574c9c4a94c8803db5152141e72d03de64e54ef2c8ed104988ca780cd11397bc359630d01b97ebd87067c5451ba777cf045ca23f5912f1031308c702406dfcdbbd5a57c9f85abc4edf9e9e29153507b07ce0a7ef6f52e60dcfebe1b8341babd8b789a837485da6c8d55b29bbb142ace3c24a1f5b54b454d01b51e2ad03024100bd6a2b60dee01e1b3bfcef6a2f09ed027c273cdbbaf6ba55a80f6dcc64e4509ee560f84b4f3e076bd03b11e42fe71a3fdd2dffe7e0902c8584f8cad877cdc945024100aa512fa4ada69881f1d8bb8ad6614f192b83200aef5edf4811313d5ef30a86cbd0a90f7b025c71ea06ec6b34db6306c86b1040670fd8654ad7291d066d06d031`
 
 // Generated using:
-//   openssl ecparam -genkey -name secp521r1 | openssl pkcs8 -topk8 -nocrypt
+//
+//	openssl ecparam -genkey -name secp521r1 | openssl pkcs8 -topk8 -nocrypt
 var pkcs8ECPrivateKeyHex = `3081ed020100301006072a8648ce3d020106052b810400230481d53081d20201010441850d81618c5da1aec74c2eed608ba816038506975e6427237c2def150c96a3b13efbfa1f89f1be15cdf4d0ac26422e680e65a0ddd4ad3541ad76165fbf54d6e34ba18189038186000400da97bcedba1eb6d30aeb93c9f9a1454598fa47278df27d6f60ea73eb672d8dc528a9b67885b5b5dcef93c9824f7449ab512ee6a27e76142f56b94b474cfd697e810046c8ca70419365245c1d7d44d0db82c334073835d002232714548abbae6e5700f5ef315ee08b929d8581383dcf2d1c98c2f8a9fccbf79c9579f7b2fd8a90115ac2`
 
 func TestPKCS8(t *testing.T) {

ct/x509/root_bsd.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build dragonfly || freebsd || netbsd || openbsd
 // +build dragonfly freebsd netbsd openbsd
 
 package x509

ct/x509/root_cgo_darwin.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build cgo && !arm && !arm64 && !ios
 // +build cgo,!arm,!arm64,!ios
 
 package x509

ct/x509/root_darwin.go

@@ -38,21 +38,21 @@ func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate
 //
 // The strategy is as follows:
 //
-// 1. Run "security trust-settings-export" and "security
-//    trust-settings-export -d" to discover the set of certs with some
-//    user-tweaked trust policy. We're too lazy to parse the XML (at
-//    least at this stage of Go 1.8) to understand what the trust
-//    policy actually is. We just learn that there is _some_ policy.
+//  1. Run "security trust-settings-export" and "security
+//     trust-settings-export -d" to discover the set of certs with some
+//     user-tweaked trust policy. We're too lazy to parse the XML (at
+//     least at this stage of Go 1.8) to understand what the trust
+//     policy actually is. We just learn that there is _some_ policy.
 //
-// 2. Run "security find-certificate" to dump the list of system root
-//    CAs in PEM format.
+//  2. Run "security find-certificate" to dump the list of system root
+//     CAs in PEM format.
 //
-// 3. For each dumped cert, conditionally verify it with "security
-//    verify-cert" if that cert was in the set discovered in Step 1.
-//    Without the Step 1 optimization, running "security verify-cert"
-//    150-200 times takes 3.5 seconds. With the optimization, the
-//    whole process takes about 180 milliseconds with 1 untrusted root
-//    CA. (Compared to 110ms in the cgo path)
+//  3. For each dumped cert, conditionally verify it with "security
+//     verify-cert" if that cert was in the set discovered in Step 1.
+//     Without the Step 1 optimization, running "security verify-cert"
+//     150-200 times takes 3.5 seconds. With the optimization, the
+//     whole process takes about 180 milliseconds with 1 untrusted root
+//     CA. (Compared to 110ms in the cgo path)
 func execSecurityRoots() (*CertPool, error) {
 	hasPolicy, err := getCertsWithTrustPolicy()
 	if err != nil {

ct/x509/root_darwin_arm_gen.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build ignore
 // +build ignore
 
 // Generates root_darwin_armx.go.

ct/x509/root_darwin_armx.go

@@ -4,6 +4,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build cgo && darwin && (arm || arm64 || ios)
 // +build cgo
 // +build darwin
 // +build arm arm64 ios

ct/x509/root_js.go

@@ -0,0 +1,19 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build js && wasm
+// +build js,wasm
+
+package x509
+
+// Possible certificate files; stop after finding one.
+var certFiles = []string{}
+
+func loadSystemRoots() (*CertPool, error) {
+	return NewCertPool(), nil
+}
+
+func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
+	return nil, nil
+}

ct/x509/root_nocgo_darwin.go

@@ -4,6 +4,9 @@
 
 // Use non-cgo on Darwin to prevent duplicate symbols on cgo
 
+//go:build !arm && !arm64 && !ios
+// +build !arm,!arm64,!ios
+
 package x509
 
 func loadSystemRoots() (*CertPool, error) {

ct/x509/root_plan9.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build plan9
 // +build plan9
 
 package x509

ct/x509/root_unix.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build dragonfly || freebsd || linux || nacl || netbsd || openbsd || solaris
 // +build dragonfly freebsd linux nacl netbsd openbsd solaris
 
 package x509

ct/x509/root_unix_test.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build dragonfly || freebsd || linux || netbsd || openbsd || solaris
 // +build dragonfly freebsd linux netbsd openbsd solaris
 
 package x509

ct/x509/sec1.go

@@ -19,8 +19,10 @@ const ecPrivKeyVersion = 1
 
 // ecPrivateKey reflects an ASN.1 Elliptic Curve Private Key Structure.
 // References:
-//   RFC5915
-//   SEC1 - http://www.secg.org/download/aid-780/sec1-v2.pdf
+//
+//	RFC5915
+//	SEC1 - http://www.secg.org/download/aid-780/sec1-v2.pdf
+//
 // Per RFC5915 the NamedCurveOID is marked as ASN.1 OPTIONAL, however in
 // most cases it is not.
 type ecPrivateKey struct {

ct/x509/sec1_test.go

@@ -11,7 +11,8 @@ import (
 )
 
 // Generated using:
-//   openssl ecparam -genkey -name secp384r1 -outform PEM
+//
+//	openssl ecparam -genkey -name secp384r1 -outform PEM
 var ecPrivateKeyHex = `3081a40201010430bdb9839c08ee793d1157886a7a758a3c8b2a17a4df48f17ace57c72c56b4723cf21dcda21d4e1ad57ff034f19fcfd98ea00706052b81040022a16403620004feea808b5ee2429cfcce13c32160e1c960990bd050bb0fdf7222f3decd0a55008e32a6aa3c9062051c4cba92a7a3b178b24567412d43cdd2f882fa5addddd726fe3e208d2c26d733a773a597abb749714df7256ead5105fa6e7b3650de236b50`
 
 func TestParseECPrivateKey(t *testing.T) {