Minimal amount of changes needed to switch to GO 1.11
* crypto/internal/cipherhw was removed and internal/cpu was introduced
* wrong code formatting in handhsake_server_test.go was breaking
the build
* includes AD in authentication check of TLS records
As per 5.2 of TLS 1.3 draft-28, the additional data is record header.
* tests: Update tests in order to support draft-28
* Interoperability: Updates NSS and BoringSSL versions to the
one supporting draft-28
* Bogo: Updates revision number to use tests for draft-28
* FIX: makefile was using test-compat target instead of
test-interop
* DC test: constify
* Use binary interface to encode in big-endian
* Changes tests so that they pass with draft-23
* BoringSSL interoperability: uses code at most recent commit. It uses
"-tls13-variant draft23" flag to indicate compatibility with draft23
* NSS interoperability: Uses release 3.35
* PicoTLS interoperability: blocked. Doesn't seem to implement draft23
* Uses updated bogo from
https://github.com/henrydcase/crypto-tls-bogo-shim
Following things where added/changed:
* Builds correctly tls-tris. Previously go had a problem with
a symbolic link resulting in not building tls-tris at all. I've
used `rsync' instead.
* Can build for selected platform with "ARCH=platform make -f Makefile"
* Possible to build from any directory. Previously ``cd _dev; make``
was required, it's possible to ``cd /whever/you/want; make -f /tris/Makefile``
Over time the amount of custom Go patches reduced, and tris got less
tangled to the underlying Go. Finally sever the link.
This allows more flexibility in what base Go is used (the system one),
doesn't require coordinating two repositories, and simplifies the black
magic considerably.
Make sure to use tris with Go 1.9.X.
Force boringssl client and server to use draft 22 instead of draft 18.
Other clients (tstclnt from NSS, picotls) support only draft 22.
Disable mint, it only supports draft 21.
