)]}'
{
  "commit": "788bf74188fd091b7e67f1ff4a5258bec653b1ea",
  "tree": "e15264486c945480eceb30a6d9f6399109cd9ecb",
  "parents": [
    "85a1e2e01c440953834fd739162bca8d25d0311c"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Mon Feb 13 15:00:09 2023 -0500"
  },
  "committer": {
    "name": "Boringssl LUCI CQ",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Thu Feb 23 15:56:52 2023 +0000"
  },
  "message": "Add more DSA consistency checks.\n\nDSA private keys cannot be zero. If they are, trying to sign an all\nzeros digest loops forever. Thanks to Guido Vranken who reported this in\nhttps://github.com/openssl/openssl/issues/20268\n\nAlong the way, because OpenSSL\u0027s bad API design made constructing DSA\nobjects such a mess, just move all the consistency checks to\ndsa_check_parameters (now dsa_check_key) so it is consistently checked\neverywhere.\n\nIdeally we\u0027d get a better handle on DSA state, like we hope to do for\nRSA state (though not there yet), so checks only happen once. But we\nconsider DSA deprecated so it\u0027s not worth putting much effort into it.\n\nUpdate-Note: Some invalid DSA keys will be rejected by the parser and at\nuse. Nothing should be using DSA anymore.\n\nChange-Id: I25d3faf145a85389c47abdd9db8e9b0056b37d8a\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/57227\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "0418e09887fd208a794ba0c2ee3f7a3cdeefc9ff",
      "old_mode": 33188,
      "old_path": "crypto/dsa/dsa.c",
      "new_id": "9f7bba7d7fa59422805532627bb19097f02a1b72",
      "new_mode": 33188,
      "new_path": "crypto/dsa/dsa.c"
    },
    {
      "type": "modify",
      "old_id": "3f3bd48866cb90356fb7532a15415d5a0075fd0b",
      "old_mode": 33188,
      "old_path": "crypto/dsa/dsa_asn1.c",
      "new_id": "1985bb4f6fd3ad28fce8b4b75befe5b3816cfc00",
      "new_mode": 33188,
      "new_path": "crypto/dsa/dsa_asn1.c"
    },
    {
      "type": "modify",
      "old_id": "878e67db6ff5002acac4fb2162ed27fea4a96535",
      "old_mode": 33188,
      "old_path": "crypto/dsa/dsa_test.cc",
      "new_id": "a4b6dfa122ca6a6bdc346427f9be28ece48b191b",
      "new_mode": 33188,
      "new_path": "crypto/dsa/dsa_test.cc"
    },
    {
      "type": "modify",
      "old_id": "2d86edb2dcb7020033cb2743e7937a6d66b6772b",
      "old_mode": 33188,
      "old_path": "crypto/dsa/internal.h",
      "new_id": "560ae7f3332fcbce1b96c5a887159f28396d260b",
      "new_mode": 33188,
      "new_path": "crypto/dsa/internal.h"
    },
    {
      "type": "modify",
      "old_id": "b86b2aa547850e000c7ba7956763bf874431fcf5",
      "old_mode": 33188,
      "old_path": "crypto/evp/evp_tests.txt",
      "new_id": "238a602eb13567b565293afe5d508209a9af2c0b",
      "new_mode": 33188,
      "new_path": "crypto/evp/evp_tests.txt"
    },
    {
      "type": "modify",
      "old_id": "8486e282e10a68112be2988544b4855eaa73299f",
      "old_mode": 33188,
      "old_path": "crypto/evp/p_dsa_asn1.c",
      "new_id": "fe0421081d111748bfec8aee507339abb5e121cc",
      "new_mode": 33188,
      "new_path": "crypto/evp/p_dsa_asn1.c"
    }
  ]
}