chore(deps): update module golang.org/x/crypto to v0.36.0 (#5)

Reviewed-on: #5
Co-authored-by: renovate[bot] <renovate@rgst.io>
Co-committed-by: renovate[bot] <renovate@rgst.io>

.gitignore

@@ -31,4 +31,4 @@ sigtool
 *.pub
 *.key
 *.sig
-
+releases/*

.mise.toml

@@ -0,0 +1,2 @@
+[tools]
+golang = "1.24"

README.md

@@ -40,7 +40,7 @@ You need two things:
 
 Next, build sigtool:
 
-    git clone https://github.com/opencoff/sigtool
+    git clone https://git.rgst.io/homelab/sigtool/v3
     cd sigtool
     make
 

build

@@ -19,6 +19,7 @@ Progs="src:sigtool"
 # e.g. src/foo/a.proto
 Protobufs="internal/pb/hdr.proto"
 
+#set -x
 
 # -- DO NOT CHANGE ANYTHING AFTER THIS --
 
@@ -28,8 +29,10 @@ PWD=`pwd`
 Static=0
 Dryrun=0
 Prodver=""
+Repover=""
 Verbose=0
 Go=`which go`
+Bindir=$PWD/bin
 
 die() {
     echo "$Z: $@" 1>&2
@@ -47,18 +50,56 @@ case $BASH_VERSION in
         ;;
 esac
 
+getvcs_version() {
+    local rev=
+    local prodv=
+    local git=`which git`
+    local hg=`which hg`
 
+    if [ -n "$git" ]; then
+        local xrev=$(git describe --always --dirty --long --abbrev=12) || exit 1
+        rev="git:$xrev"
+        prodv=$(git tag --list | sort -V | tail -1)
+    elif [ -n "$hg" ]; then
+        local xrev=$(hg id --id) || exit 1
+        local brev=${xrev%+}
+        if [ "$brev" != "$xrev" ]; then
+            rev="hg:${brev}-dirty"
+        else
+            rev="hg:${brev}"
+        fi
+        prodv=$(hg log -r "branch(stable) and tag()" -T "{tags}\n" | sort -V | tail -1)
+    else
+        warn "no git or hg found; can't get VCS info"
+        rev="UNKNOWN-VER"
+    fi
+
+    [ -n "$Prodver" ] && prodv=$Prodver
+
+    echo "$rev $prodv"
+    return 0
+}
+
+read -r Repover Prodver <<< $(getvcs_version)
 
 
 usage() {
+    declare -a progv=($Progs)
+    declare n=${#progv[@]}
+    declare pstr=
+
+    for ((i=0; i < n; i++)); do
+        local ent=${progv[$i]}
+        local dir=${ent%%:*}
+        local tool=${ent##*:}
+        pstr=$(printf "$pstr\n\t%s $Prodver $Repover (from ./%s)" $tool $dir)
+    done
 
     cat <<EOF
 $0 - A Go production build tool that adds git-repository information,
 product version, build-timestamp etc. It supports cross-compilation,
 static linking and generating protobuf output.
 
-If needed, it uses the gogo-slick protobuf compiler [github.com/gogo/protobuf].
-
 Build output is in bin/\$OS-\$CPU for a given OS, CPU combination.
 
 Usage: $0
@@ -67,13 +108,14 @@ Usage: $0
 Where OS-ARCH denotes one of the valid OS, ARCH combinations supported by 'go'.
 And, PROGS is one or more go programs.
 
-With no arguments, $0 builds: $Progs (source in ./src/)
+With no arguments, $0 builds: $pstr
 
 The repository's latest tag is used as the default version of the software being
-built.
+built. The current repository version is $Repover.
 
 Options:
     -h, --help          Show this help message and quit
+    -b D, --bindir=D    Put the binaries in the directory 'D' [$Bindir]
     -s, --static        Build a statically linked binary [False]
     -V N, --version=N   Use 'N' as the product version string [$Prodver]
     -a X, --arch=X      Cross compile for OS-CPU 'X' [$hostos-$hostcpu]
@@ -156,6 +198,14 @@ do
             ac_prev=Arch
             ;;
 
+        -b|--bindir)
+            ac_prev=Bindir
+            ;;
+
+        --bindir=*)
+            Bindir=$ac_optarg
+            ;;
+
         --version=*)
             Prodver=$ac_optarg
             ;;
@@ -280,6 +330,7 @@ buildproto() {
     return 0
 }
 
+
 # the rest has to execute in the context of main shell (not funcs)
 
 hostos=$($Go  env GOHOSTOS)      || exit 1
@@ -336,36 +387,13 @@ fi
 
 
 # This is where build outputs go
-Bindir=$PWD/bin/$cross
-Hostbindir=$PWD/bin/$hostos-$hostcpu
+Outdir=$Bindir/$cross
+Hostbindir=$Bindir/$hostos-$hostcpu
 export PATH=$Hostbindir:$PATH
 
-[ -d $Bindir ]     || mkdir -p $Bindir
+[ -d $Outdir ]     || mkdir -p $Outdir
 [ -d $Hostbindir ] || mkdir -p $Hostbindir
 
-# Get git/hg version info for the build
-if [ -d "./.hg" ]; then
-    xrev=$(hg id --id) || exit 1
-    brev=${xrev%+}
-    if [ "$brev" != "$xrev" ]; then
-        rev="hg:${brev}-dirty"
-    else
-        rev="hg:${brev}"
-    fi
-    if [ -z "$Prodver" ]; then
-        Prodver=$(hg log -r "branch(stable) and tag()" -T "{tags}\n" | tail -1)
-    fi
-elif [ -d "./.git" ]; then
-    xrev=$(git describe --always --dirty --long --abbrev=12) || exit 1
-    rev="git:$xrev"
-    if [ -z "$Prodver" ]; then
-        Prodver=$(git tag --list | tail -1)
-    fi
-else
-    rev="UNKNOWN-VER"
-    echo "$0: Can't find version info" 1>&2
-fi
-
 
 # Do Protobufs if needed
 if [ -n "$Protobufs" ]; then
@@ -374,10 +402,10 @@ if [ -n "$Protobufs" ]; then
     set -e
 fi
 
-repover="main.RepoVersion=$rev"
+# Get git/hg version info for the build
+repover="main.RepoVersion=$Repover"
 prodver="main.ProductVersion=$Prodver"
-date="main.Buildtime=`date -u '+%Y-%m-%dT%H:%M.%SZ'`"
-ldflags="-ldflags \"-X $repover -X $prodver -X $date $ldflags\""
+ldflags="-ldflags \"-X $repover -X $prodver $ldflags -buildid=\""
 vflag=""
 
 [ $Verbose -gt 0 ] && vflag="-v"
@@ -406,7 +434,9 @@ case $Tool in
             all="$@"
         fi
 
-        echo "Building $Prodver ($rev), $cross $msg .."
+        [ -z "$all" ] && die "No programs specified. Try '$Z --help'"
+
+        echo "Building $Prodver ($Repover), $cross $msg .."
 
         for p in $all; do
             if echo $p | grep -q ':' ; then
@@ -424,7 +454,7 @@ case $Tool in
             fi
 
             echo "   $dir: $out .. "
-            $e eval $Go build $vflag -o $Bindir/$out $isuffix "$ldflags" ./$dir || exit 1
+            $e eval $Go build $vflag -trimpath -o $Outdir/$out $isuffix "$ldflags" ./$dir || exit 1
         done
         ;;
 esac

go.mod

@@ -1,20 +1,24 @@
-module github.com/opencoff/sigtool
+module git.rgst.io/homelab/sigtool/v3
 
-go 1.21.1
+go 1.24.0
 
 require (
 	github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a
-	github.com/opencoff/go-mmap v0.1.2
-	github.com/opencoff/go-utils v0.9.3
-	github.com/opencoff/pflag v1.0.6-sh1
-	golang.org/x/crypto v0.21.0
-	google.golang.org/protobuf v1.33.0
-	gopkg.in/yaml.v2 v2.4.0
+	github.com/opencoff/go-fio v0.5.14
+	github.com/opencoff/go-mmap v0.1.5
+	github.com/opencoff/go-utils v1.0.2
+	github.com/opencoff/pflag v1.0.7
+	github.com/planetscale/vtprotobuf v0.6.0
+	golang.org/x/crypto v0.36.0
+	google.golang.org/protobuf v1.36.5
+	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
-	golang.org/x/sys v0.18.0 // indirect
-	golang.org/x/term v0.18.0 // indirect
+	github.com/pkg/xattr v0.4.10 // indirect
+	github.com/puzpuzpuz/xsync/v3 v3.5.1 // indirect
+	golang.org/x/sys v0.31.0 // indirect
+	golang.org/x/term v0.30.0 // indirect
 )
 
 //replace github.com/opencoff/go-mmap => ../go-mmap

go.sum

@@ -2,23 +2,38 @@ github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFn
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/opencoff/go-mmap v0.1.2 h1:2yrYleq0x9cBruDRTafs7GZt4tCYmsUlvyN77HnY9hA=
-github.com/opencoff/go-mmap v0.1.2/go.mod h1:+UjRnKQ3l5dLqSNAczz7zKI8LJ7mBhJhaSqU4S91tFs=
-github.com/opencoff/go-utils v0.9.3 h1:Gdx1uB6QZ9/8FNU4h+94xGJ+onu8bQLRE4gyKRrrDD8=
-github.com/opencoff/go-utils v0.9.3/go.mod h1:nNx572v21m3AkY9JomSXUG8iruY56Fm2zceNKNJDJaU=
-github.com/opencoff/pflag v1.0.6-sh1 h1:6RO8GgnpH928yu6earGDD01FnFT//bDJ1hCovcVVqY4=
-github.com/opencoff/pflag v1.0.6-sh1/go.mod h1:2bXtpAD/5h/2LarkbsRwiUxqnvB1nZBzn9Xjad1P41A=
-golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
-golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
-golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
-golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
-golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
+github.com/opencoff/go-fio v0.5.14 h1:PGi4XLLO4RSuc3m5exY0G2vweov6w3UThhScehBfM8c=
+github.com/opencoff/go-fio v0.5.14/go.mod h1:hoSySYpavRnfQUsxzUgadk31kYiNQhMDvA2MObsXKf8=
+github.com/opencoff/go-mmap v0.1.5 h1:RKPtevC4mOW5bi9skBPPo4nFTIH4lVWAL20Tff+FjLg=
+github.com/opencoff/go-mmap v0.1.5/go.mod h1:y/6Jk/tDUc00k3oSQpiJX++20Nw7xFSlc5kLkhGnRXw=
+github.com/opencoff/go-utils v1.0.2 h1:BANRL8ZxgHpuo8gQBAzT3M9Im3aNFhaWW28jhc86LNs=
+github.com/opencoff/go-utils v1.0.2/go.mod h1:eZkEVQVzNfuE8uGepyhscMsqcXq7liGbBHYYwgYaoy8=
+github.com/opencoff/pflag v1.0.7 h1:o5cQIuX75bDcdJ6AXl68gzpA72a3CJ2MPStaMnEuwi4=
+github.com/opencoff/pflag v1.0.7/go.mod h1:2bXtpAD/5h/2LarkbsRwiUxqnvB1nZBzn9Xjad1P41A=
+github.com/pkg/xattr v0.4.10 h1:Qe0mtiNFHQZ296vRgUjRCoPHPqH7VdTOrZx3g0T+pGA=
+github.com/pkg/xattr v0.4.10/go.mod h1:di8WF84zAKk8jzR1UBTEWh9AUlIZZ7M/JNt8e9B6ktU=
+github.com/planetscale/vtprotobuf v0.6.0 h1:nBeETjudeJ5ZgBHUz1fVHvbqUKnYOXNhsIEabROxmNA=
+github.com/planetscale/vtprotobuf v0.6.0/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8=
+github.com/puzpuzpuz/xsync/v3 v3.5.1 h1:GJYJZwO6IdxN/IKbneznS6yPkVC+c3zyY/j19c++5Fg=
+github.com/puzpuzpuz/xsync/v3 v3.5.1/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA=
+golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs=
+golang.org/x/crypto v0.35.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ=
+golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34=
+golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc=
+golang.org/x/sys v0.0.0-20220408201424-a24fb2fb8a0f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
+golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
+golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU=
+golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s=
+golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y=
+golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
-google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
+google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
-gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

internal/pb/hdr.pb.go

@@ -1,6 +1,6 @@
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.28.1
+// 	protoc-gen-go v1.32.0
 // 	protoc        v3.21.12
 // source: internal/pb/hdr.proto
 

internal/pb/hdr_vtproto.pb.go

@@ -1,14 +1,14 @@
 // Code generated by protoc-gen-go-vtproto. DO NOT EDIT.
-// protoc-gen-go-vtproto version: v0.5.0
+// protoc-gen-go-vtproto version: v0.6.0
 // source: internal/pb/hdr.proto
 
 package pb
 
 import (
 	fmt "fmt"
+	protohelpers "github.com/planetscale/vtprotobuf/protohelpers"
 	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
 	io "io"
-	bits "math/bits"
 )
 
 const (
@@ -55,7 +55,7 @@ func (m *Header) MarshalToSizedBufferVT(dAtA []byte) (int, error) {
 				return 0, err
 			}
 			i -= size
-			i = encodeVarint(dAtA, i, uint64(size))
+			i = protohelpers.EncodeVarint(dAtA, i, uint64(size))
 			i--
 			dAtA[i] = 0x2a
 		}
@@ -63,26 +63,26 @@ func (m *Header) MarshalToSizedBufferVT(dAtA []byte) (int, error) {
 	if len(m.Sender) > 0 {
 		i -= len(m.Sender)
 		copy(dAtA[i:], m.Sender)
-		i = encodeVarint(dAtA, i, uint64(len(m.Sender)))
+		i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.Sender)))
 		i--
 		dAtA[i] = 0x22
 	}
 	if len(m.Pk) > 0 {
 		i -= len(m.Pk)
 		copy(dAtA[i:], m.Pk)
-		i = encodeVarint(dAtA, i, uint64(len(m.Pk)))
+		i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.Pk)))
 		i--
 		dAtA[i] = 0x1a
 	}
 	if len(m.Salt) > 0 {
 		i -= len(m.Salt)
 		copy(dAtA[i:], m.Salt)
-		i = encodeVarint(dAtA, i, uint64(len(m.Salt)))
+		i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.Salt)))
 		i--
 		dAtA[i] = 0x12
 	}
 	if m.ChunkSize != 0 {
-		i = encodeVarint(dAtA, i, uint64(m.ChunkSize))
+		i = protohelpers.EncodeVarint(dAtA, i, uint64(m.ChunkSize))
 		i--
 		dAtA[i] = 0x8
 	}
@@ -122,31 +122,20 @@ func (m *WrappedKey) MarshalToSizedBufferVT(dAtA []byte) (int, error) {
 	if len(m.Nonce) > 0 {
 		i -= len(m.Nonce)
 		copy(dAtA[i:], m.Nonce)
-		i = encodeVarint(dAtA, i, uint64(len(m.Nonce)))
+		i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.Nonce)))
 		i--
 		dAtA[i] = 0x12
 	}
 	if len(m.DKey) > 0 {
 		i -= len(m.DKey)
 		copy(dAtA[i:], m.DKey)
-		i = encodeVarint(dAtA, i, uint64(len(m.DKey)))
+		i = protohelpers.EncodeVarint(dAtA, i, uint64(len(m.DKey)))
 		i--
 		dAtA[i] = 0xa
 	}
 	return len(dAtA) - i, nil
 }
 
-func encodeVarint(dAtA []byte, offset int, v uint64) int {
-	offset -= sov(v)
-	base := offset
-	for v >= 1<<7 {
-		dAtA[offset] = uint8(v&0x7f | 0x80)
-		v >>= 7
-		offset++
-	}
-	dAtA[offset] = uint8(v)
-	return base
-}
 func (m *Header) SizeVT() (n int) {
 	if m == nil {
 		return 0
@@ -154,24 +143,24 @@ func (m *Header) SizeVT() (n int) {
 	var l int
 	_ = l
 	if m.ChunkSize != 0 {
-		n += 1 + sov(uint64(m.ChunkSize))
+		n += 1 + protohelpers.SizeOfVarint(uint64(m.ChunkSize))
 	}
 	l = len(m.Salt)
 	if l > 0 {
-		n += 1 + l + sov(uint64(l))
+		n += 1 + l + protohelpers.SizeOfVarint(uint64(l))
 	}
 	l = len(m.Pk)
 	if l > 0 {
-		n += 1 + l + sov(uint64(l))
+		n += 1 + l + protohelpers.SizeOfVarint(uint64(l))
 	}
 	l = len(m.Sender)
 	if l > 0 {
-		n += 1 + l + sov(uint64(l))
+		n += 1 + l + protohelpers.SizeOfVarint(uint64(l))
 	}
 	if len(m.Keys) > 0 {
 		for _, e := range m.Keys {
 			l = e.SizeVT()
-			n += 1 + l + sov(uint64(l))
+			n += 1 + l + protohelpers.SizeOfVarint(uint64(l))
 		}
 	}
 	n += len(m.unknownFields)
@@ -186,22 +175,16 @@ func (m *WrappedKey) SizeVT() (n int) {
 	_ = l
 	l = len(m.DKey)
 	if l > 0 {
-		n += 1 + l + sov(uint64(l))
+		n += 1 + l + protohelpers.SizeOfVarint(uint64(l))
 	}
 	l = len(m.Nonce)
 	if l > 0 {
-		n += 1 + l + sov(uint64(l))
+		n += 1 + l + protohelpers.SizeOfVarint(uint64(l))
 	}
 	n += len(m.unknownFields)
 	return n
 }
 
-func sov(x uint64) (n int) {
-	return (bits.Len64(x|1) + 6) / 7
-}
-func soz(x uint64) (n int) {
-	return sov(uint64((x << 1) ^ uint64((int64(x) >> 63))))
-}
 func (m *Header) UnmarshalVT(dAtA []byte) error {
 	l := len(dAtA)
 	iNdEx := 0
@@ -210,7 +193,7 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 		var wire uint64
 		for shift := uint(0); ; shift += 7 {
 			if shift >= 64 {
-				return ErrIntOverflow
+				return protohelpers.ErrIntOverflow
 			}
 			if iNdEx >= l {
 				return io.ErrUnexpectedEOF
@@ -238,7 +221,7 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 			m.ChunkSize = 0
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
-					return ErrIntOverflow
+					return protohelpers.ErrIntOverflow
 				}
 				if iNdEx >= l {
 					return io.ErrUnexpectedEOF
@@ -257,7 +240,7 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 			var byteLen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
-					return ErrIntOverflow
+					return protohelpers.ErrIntOverflow
 				}
 				if iNdEx >= l {
 					return io.ErrUnexpectedEOF
@@ -270,11 +253,11 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 				}
 			}
 			if byteLen < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			postIndex := iNdEx + byteLen
 			if postIndex < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
@@ -291,7 +274,7 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 			var byteLen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
-					return ErrIntOverflow
+					return protohelpers.ErrIntOverflow
 				}
 				if iNdEx >= l {
 					return io.ErrUnexpectedEOF
@@ -304,11 +287,11 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 				}
 			}
 			if byteLen < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			postIndex := iNdEx + byteLen
 			if postIndex < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
@@ -325,7 +308,7 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 			var byteLen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
-					return ErrIntOverflow
+					return protohelpers.ErrIntOverflow
 				}
 				if iNdEx >= l {
 					return io.ErrUnexpectedEOF
@@ -338,11 +321,11 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 				}
 			}
 			if byteLen < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			postIndex := iNdEx + byteLen
 			if postIndex < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
@@ -359,7 +342,7 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 			var msglen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
-					return ErrIntOverflow
+					return protohelpers.ErrIntOverflow
 				}
 				if iNdEx >= l {
 					return io.ErrUnexpectedEOF
@@ -372,11 +355,11 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 				}
 			}
 			if msglen < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			postIndex := iNdEx + msglen
 			if postIndex < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
@@ -388,12 +371,12 @@ func (m *Header) UnmarshalVT(dAtA []byte) error {
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
-			skippy, err := skip(dAtA[iNdEx:])
+			skippy, err := protohelpers.Skip(dAtA[iNdEx:])
 			if err != nil {
 				return err
 			}
 			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			if (iNdEx + skippy) > l {
 				return io.ErrUnexpectedEOF
@@ -416,7 +399,7 @@ func (m *WrappedKey) UnmarshalVT(dAtA []byte) error {
 		var wire uint64
 		for shift := uint(0); ; shift += 7 {
 			if shift >= 64 {
-				return ErrIntOverflow
+				return protohelpers.ErrIntOverflow
 			}
 			if iNdEx >= l {
 				return io.ErrUnexpectedEOF
@@ -444,7 +427,7 @@ func (m *WrappedKey) UnmarshalVT(dAtA []byte) error {
 			var byteLen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
-					return ErrIntOverflow
+					return protohelpers.ErrIntOverflow
 				}
 				if iNdEx >= l {
 					return io.ErrUnexpectedEOF
@@ -457,11 +440,11 @@ func (m *WrappedKey) UnmarshalVT(dAtA []byte) error {
 				}
 			}
 			if byteLen < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			postIndex := iNdEx + byteLen
 			if postIndex < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
@@ -478,7 +461,7 @@ func (m *WrappedKey) UnmarshalVT(dAtA []byte) error {
 			var byteLen int
 			for shift := uint(0); ; shift += 7 {
 				if shift >= 64 {
-					return ErrIntOverflow
+					return protohelpers.ErrIntOverflow
 				}
 				if iNdEx >= l {
 					return io.ErrUnexpectedEOF
@@ -491,11 +474,11 @@ func (m *WrappedKey) UnmarshalVT(dAtA []byte) error {
 				}
 			}
 			if byteLen < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			postIndex := iNdEx + byteLen
 			if postIndex < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			if postIndex > l {
 				return io.ErrUnexpectedEOF
@@ -507,12 +490,12 @@ func (m *WrappedKey) UnmarshalVT(dAtA []byte) error {
 			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
-			skippy, err := skip(dAtA[iNdEx:])
+			skippy, err := protohelpers.Skip(dAtA[iNdEx:])
 			if err != nil {
 				return err
 			}
 			if (skippy < 0) || (iNdEx+skippy) < 0 {
-				return ErrInvalidLength
+				return protohelpers.ErrInvalidLength
 			}
 			if (iNdEx + skippy) > l {
 				return io.ErrUnexpectedEOF
@@ -527,88 +510,3 @@ func (m *WrappedKey) UnmarshalVT(dAtA []byte) error {
 	}
 	return nil
 }
-
-func skip(dAtA []byte) (n int, err error) {
-	l := len(dAtA)
-	iNdEx := 0
-	depth := 0
-	for iNdEx < l {
-		var wire uint64
-		for shift := uint(0); ; shift += 7 {
-			if shift >= 64 {
-				return 0, ErrIntOverflow
-			}
-			if iNdEx >= l {
-				return 0, io.ErrUnexpectedEOF
-			}
-			b := dAtA[iNdEx]
-			iNdEx++
-			wire |= (uint64(b) & 0x7F) << shift
-			if b < 0x80 {
-				break
-			}
-		}
-		wireType := int(wire & 0x7)
-		switch wireType {
-		case 0:
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return 0, ErrIntOverflow
-				}
-				if iNdEx >= l {
-					return 0, io.ErrUnexpectedEOF
-				}
-				iNdEx++
-				if dAtA[iNdEx-1] < 0x80 {
-					break
-				}
-			}
-		case 1:
-			iNdEx += 8
-		case 2:
-			var length int
-			for shift := uint(0); ; shift += 7 {
-				if shift >= 64 {
-					return 0, ErrIntOverflow
-				}
-				if iNdEx >= l {
-					return 0, io.ErrUnexpectedEOF
-				}
-				b := dAtA[iNdEx]
-				iNdEx++
-				length |= (int(b) & 0x7F) << shift
-				if b < 0x80 {
-					break
-				}
-			}
-			if length < 0 {
-				return 0, ErrInvalidLength
-			}
-			iNdEx += length
-		case 3:
-			depth++
-		case 4:
-			if depth == 0 {
-				return 0, ErrUnexpectedEndOfGroup
-			}
-			depth--
-		case 5:
-			iNdEx += 4
-		default:
-			return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
-		}
-		if iNdEx < 0 {
-			return 0, ErrInvalidLength
-		}
-		if depth == 0 {
-			return iNdEx, nil
-		}
-	}
-	return 0, io.ErrUnexpectedEOF
-}
-
-var (
-	ErrInvalidLength        = fmt.Errorf("proto: negative length found during unmarshaling")
-	ErrIntOverflow          = fmt.Errorf("proto: integer overflow")
-	ErrUnexpectedEndOfGroup = fmt.Errorf("proto: unexpected end of group")
-)

mk-rel.sh

@@ -3,7 +3,7 @@
 Z=`basename $0`
 die() {
     echo "$Z: $@" 1>&2
-    exit 0
+    exit 1
 }
 
 warn() {
@@ -18,6 +18,8 @@ case $BASH_VERSION in
 esac
 
 Rel=$PWD/releases
+Bindir=$Rel/bin
+mkdir -p $Bindir || die "can't make $Bindir"
 
 pkgit() {
     local os=$1
@@ -25,28 +27,26 @@ pkgit() {
     local rev=$3
     local arch="$os-$cpu"
     local tgz="$Rel/sigtool-${rev}_${arch}.tar.gz"
-    local bindir=./bin/$arch
+    local bindir=$Bindir/$arch
     local bin=sigtool
 
     if [ "$os" = "windows" ]; then
         bin=${bin}.exe
     fi
 
-    ./build -V $rev -s -a $arch || die "can't build $arch"
+    ./build -V $rev -b $Bindir -s -a $arch || die "can't build $arch"
     (cd $bindir && tar cf - $bin)  | gzip -9 > $tgz || die "can't tar $tgz"
 }
 
 xrev=$(git describe --always --dirty --abbrev=12) || exit 1
 if echo $xrev | grep -q dirty; then
-    #die "won't build releases; repo dirty!"
+    die "won't build releases; repo dirty!"
     true
 fi
 
 os="linux windows openbsd darwin"
 arch="amd64 arm64"
 
-mkdir -p $Rel
-
 for xx in $os; do
     for yy in $arch; do
         pkgit $xx $yy $xrev

renovate.json

@@ -0,0 +1,3 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json"
+}

sign/README.md

@@ -1,10 +1,10 @@
-[![GoDoc](https://godoc.org/github.com/opencoff/sigtool/sign?status.svg)](https://godoc.org/github.com/opencoff/sigtool/sign)
+[![GoDoc](https://godoc.org/git.rgst.io/homelab/sigtool/v3/sign?status.svg)](https://godoc.org/git.rgst.io/homelab/sigtool/v3/sign)
 
 # sigtool/sign - Ed25519 signature calculation and verification
 
 This is a small library that makes it easier to create and serialize Ed25519 keys, and sign,
 verify files using those keys. The library uses mmap(2) to read and process very large files.
 
-The companion program [sigtool](https://github.com/opencoff/sigtool) uses this library.
+The companion program [sigtool](https://git.rgst.io/homelab/sigtool/v3) uses this library.
 ## License
 GPL v2.0

sign/encrypt.go

@@ -70,13 +70,14 @@ import (
 	"crypto/subtle"
 	"encoding/binary"
 	"fmt"
-	"golang.org/x/crypto/curve25519"
-	"golang.org/x/crypto/hkdf"
 	"hash"
 	"io"
 	"os"
 
-	"github.com/opencoff/sigtool/internal/pb"
+	"golang.org/x/crypto/curve25519"
+	"golang.org/x/crypto/hkdf"
+
+	"git.rgst.io/homelab/sigtool/v3/internal/pb"
 )
 
 // Encryption chunk size = 4MB

sign/iomisc.go

@@ -16,8 +16,8 @@ package sign
 import (
 	"encoding/binary"
 	"fmt"
+	"github.com/opencoff/go-fio"
 	"github.com/opencoff/go-mmap"
-	"github.com/opencoff/go-utils"
 	"hash"
 	"os"
 )
@@ -28,9 +28,9 @@ import (
 func writeFile(fn string, b []byte, ovwrite bool, mode uint32) error {
 	var opts uint32
 	if ovwrite {
-		opts |= utils.OPT_OVERWRITE
+		opts |= fio.OPT_OVERWRITE
 	}
-	sf, err := utils.NewSafeFile(fn, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.FileMode(mode))
+	sf, err := fio.NewSafeFile(fn, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.FileMode(mode))
 	if err != nil {
 		return err
 	}

sign/keys.go

@@ -30,8 +30,9 @@ import (
 	"math/big"
 
 	Ed "crypto/ed25519"
+
 	"golang.org/x/crypto/scrypt"
-	"gopkg.in/yaml.v2"
+	"gopkg.in/yaml.v3"
 )
 
 // Private Ed25519 key
@@ -179,14 +180,14 @@ func makePrivateKeyFromBytes(sk *PrivateKey, buf []byte) error {
 	return nil
 }
 
-/*
 // Make a private key from 64-bytes of extended Ed25519 key
 func PrivateKeyFromBytes(buf []byte) (*PrivateKey, error) {
 	var sk PrivateKey
-
-	return makePrivateKeyFromBytes(&sk, buf)
+	if err := makePrivateKeyFromBytes(&sk, buf); err != nil {
+		return nil, err
+	}
+	return &sk, nil
 }
-*/
 
 // Given a secret key, return the corresponding Public Key
 func (sk *PrivateKey) PublicKey() *PublicKey {
@@ -404,14 +405,14 @@ func makePublicKeyFromBytes(pk *PublicKey, b []byte) error {
 	return nil
 }
 
-/*
 // Make a public key from a byte string
 func PublicKeyFromBytes(b []byte) (*PublicKey, error) {
 	var pk PublicKey
-
-	makePublicKeyFromBytes(&pk, b)
+	if err := makePublicKeyFromBytes(&pk, b); err != nil {
+		return nil, err
+	}
+	return &pk, nil
 }
-*/
 
 // Serialize a PublicKey into file 'fn' with a human readable 'comment'.
 // If 'ovwrite' is true, overwrite the file if it exists.

sign/sign.go

@@ -27,7 +27,8 @@ import (
 	"io/ioutil"
 
 	Ed "crypto/ed25519"
-	"gopkg.in/yaml.v2"
+
+	"gopkg.in/yaml.v3"
 )
 
 // An Ed25519 Signature

src/crypt.go

@@ -20,9 +20,10 @@ import (
 	"os"
 	"strings"
 
+	"git.rgst.io/homelab/sigtool/v3/sign"
+	"github.com/opencoff/go-fio"
 	"github.com/opencoff/go-utils"
 	flag "github.com/opencoff/pflag"
-	"github.com/opencoff/sigtool/sign"
 )
 
 // sigtool encrypt [-i|--identity my.key] to.pub [to.pub] [ssh.pub] inputfile|- [-o output]
@@ -142,9 +143,9 @@ func encrypt(args []string) {
 
 		var opts uint32
 		if force {
-			opts |= utils.OPT_OVERWRITE
+			opts |= fio.OPT_OVERWRITE
 		}
-		sf, err := utils.NewSafeFile(outfile, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode)
+		sf, err := fio.NewSafeFile(outfile, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode)
 		if err != nil {
 			Die("%s", err)
 		}
@@ -308,9 +309,9 @@ func decrypt(args []string) {
 
 		var opts uint32
 		if force {
-			opts |= utils.OPT_OVERWRITE
+			opts |= fio.OPT_OVERWRITE
 		}
-		sf, err := utils.NewSafeFile(outfile, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode)
+		sf, err := fio.NewSafeFile(outfile, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode)
 		if err != nil {
 			Die("%s", err)
 		}

src/gen.go

@@ -18,9 +18,9 @@ import (
 	"os"
 	"path"
 
+	"git.rgst.io/homelab/sigtool/v3/sign"
 	"github.com/opencoff/go-utils"
 	flag "github.com/opencoff/pflag"
-	"github.com/opencoff/sigtool/sign"
 )
 
 // Run the generate command

src/sign.go

@@ -18,9 +18,10 @@ import (
 	"io"
 	"os"
 
+	"git.rgst.io/homelab/sigtool/v3/sign"
+	"github.com/opencoff/go-fio"
 	"github.com/opencoff/go-utils"
 	flag "github.com/opencoff/pflag"
-	"github.com/opencoff/sigtool/sign"
 )
 
 // Run the 'sign' command.
@@ -70,9 +71,9 @@ Options:
 	if outf != "-" {
 		var opts uint32
 		if force {
-			opts |= utils.OPT_OVERWRITE
+			opts |= fio.OPT_OVERWRITE
 		}
-		sf, err := utils.NewSafeFile(outf, opts, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644)
+		sf, err := fio.NewSafeFile(outf, opts, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644)
 		if err != nil {
 			Die("can't create sig file: %s", err)
 		}

src/sigtool.go

@@ -20,9 +20,9 @@ import (
 	"path"
 	"strings"
 
+	"git.rgst.io/homelab/sigtool/v3/sign"
 	"github.com/opencoff/go-utils"
 	flag "github.com/opencoff/pflag"
-	"github.com/opencoff/sigtool/sign"
 )
 
 var Z string = path.Base(os.Args[0])
@@ -38,7 +38,7 @@ func main() {
 	mf.Parse(os.Args[1:])
 
 	if ver {
-		fmt.Printf("%s - %s [%s; %s]\n", Z, ProductVersion, RepoVersion, Buildtime)
+		fmt.Printf("%s - %s [%s]\n", Z, ProductVersion, RepoVersion)
 		os.Exit(0)
 	}
 
@@ -124,7 +124,6 @@ func exists(nm string) bool {
 
 // This will be filled in by "build"
 var RepoVersion string = "UNDEFINED"
-var Buildtime string = "UNDEFINED"
 var ProductVersion string = "UNDEFINED"
 
 // vim: ft=go:sw=8:ts=8:noexpandtab:tw=98:

src/verify.go

@@ -17,8 +17,8 @@ import (
 	"fmt"
 	"os"
 
+	"git.rgst.io/homelab/sigtool/v3/sign"
 	flag "github.com/opencoff/pflag"
-	"github.com/opencoff/sigtool/sign"
 )
 
 func verify(args []string) {

tests.sh

@@ -84,8 +84,8 @@ $bin s --no-password $ssk1 -o $sig $0       || die "can't sign with $ssk1"
 $bin v -q $spk1 $sig $0                     || die "can't verify with $spk2"
 $bin v -q $spk1_str $sig $0                 || die "can't verify with $spk2_str"
 
-$bin e --no-password -o $encout $spk2 $0         || die "can't encrypt to $spk2 with $ssk1"
-$bin d --no-password -o $decout $ssk2 $encout    || die "can't decrypt with $ssk2"
+$bin e --no-password -o $encout $spk2 $0       || die "can't encrypt to $spk2 with $ssk1"
+$bin d --no-password -o $decout $ssk2 $encout  || die "can't decrypt with $ssk2"
 
 # cleanup state
 rm -f $sig $encout $decout
@@ -104,8 +104,8 @@ pk2_str=$(cat $pk2 | grep 'pk:' | sed -e 's/^pk: //g')
 $bin s -E FOO $sk $0 -o $sig            || die "can't sign $0"
 $bin v -q $pk $sig $0                   || die "can't verify signature of $0"
 $bin v -q $pk_str $sig $0               || die "can't verify signature of $0"
-$bin v -q $pk2 $sig $0 2>/dev/null && die "bad verification with wrong $pk2"
-$bin v -q $pk2_str $sig $0 2>/dev/null && die "bad verification with wrong $pk2"
+$bin v -q $pk2 $sig $0 2>/dev/null      && die "bad verification with wrong $pk2"
+$bin v -q $pk2_str $sig $0 2>/dev/null  && die "bad verification with wrong $pk2"
 
 # encrypt/decrypt
 $bin e -E FOO -o $encout $pk2 $0      || die "can't encrypt to $pk2"