Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump GitHub Actions versions and use Go 1.22 and 1.21 #477

Merged
merged 1 commit into from
Feb 9, 2024
Merged

Bump GitHub Actions versions and use Go 1.22 and 1.21 #477

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions .etc/golangci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,13 +39,28 @@ linters:
- whitespace

linters-settings:
depguard:
rules:
main:
files:
- $all
allow:
- $gostd
- github.com/bwesterb/go-ristretto
- github.com/cloudflare/circl
armfazh marked this conversation as resolved.
Show resolved Hide resolved
funlen:
lines: 120
statements: 80
nestif:
min-complexity: 6
goconst:
ignore-tests: true
armfazh marked this conversation as resolved.
Show resolved Hide resolved
govet:
check-shadowing: true
staticcheck:
# TODO: replace deprecated elliptic.Marshal, elliptic.GenerateKey,
# elliptic.Unmarshal, params.ScalarBaseMult before re-enabling SA1019.
checks: ["*", "-SA1019"]
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This whole staticcheck override needs to be removed once the necessary API changes are made. I believe @armfazh already started on making those, so I just ignored the linter warning for now.

A summary of errors can be found in the commit message. The original errors were:

::error file=kem/hybrid/ckem.go,line=106,col=9::SA1019: elliptic.Marshal has been deprecated since Go 1.21: for ECDH, use the crypto/ecdh package. This function returns an encoding equivalent to that of PublicKey.Bytes in crypto/ecdh.  (staticcheck)
::error file=kem/hybrid/ckem.go,line=125,col=20::SA1019: elliptic.GenerateKey has been deprecated since Go 1.21: for ECDH, use the GenerateKey methods of the [crypto/ecdh] package; for ECDSA, use the GenerateKey function of the crypto/ecdsa package.  (staticcheck)
::error file=kem/hybrid/ckem.go,line=196,col=10::SA1019: elliptic.Unmarshal has been deprecated since Go 1.21: for ECDH, use the crypto/ecdh package. This function accepts an encoding equivalent to that of the NewPublicKey methods in crypto/ecdh.  (staticcheck)
::error file=ecc/p384/point_test.go,line=18,col=24::SA1019: params.ScalarBaseMult has been deprecated since Go 1.21: the [CurveParams] methods are deprecated and are not guaranteed to provide any security property. For ECDH, use the [crypto/ecdh] package. For ECDSA, use the [crypto/ecdsa] package with a [Curve] value returned directly from [P224], [P256], [P384], or [P521].  (staticcheck)
::error file=group/short.go,line=231,col=9::SA1019: elliptic.Marshal has been deprecated since Go 1.21: for ECDH, use the crypto/ecdh package. This function returns an encoding equivalent to that of PublicKey.Bytes in crypto/ecdh.  (staticcheck)
::error file=group/short.go,line=257,col=11::SA1019: elliptic.Unmarshal has been deprecated since Go 1.21: for ECDH, use the crypto/ecdh package. This function accepts an encoding equivalent to that of the NewPublicKey methods in crypto/ecdh.  (staticcheck)
::error file=hpke/shortkem.go,line=79,col=19::SA1019: elliptic.GenerateKey has been deprecated since Go 1.21: for ECDH, use the GenerateKey methods of the [crypto/ecdh] package; for ECDSA, use the GenerateKey function of the crypto/ecdsa package.  (staticcheck)
::error file=hpke/shortkem.go,line=99,col=10::SA1019: elliptic.Unmarshal has been deprecated since Go 1.21: for ECDH, use the crypto/ecdh package. This function accepts an encoding equivalent to that of the NewPublicKey methods in crypto/ecdh.  (staticcheck)
::error file=hpke/shortkem.go,line=120,col=9::SA1019: elliptic.Marshal has been deprecated since Go 1.21: for ECDH, use the crypto/ecdh package. This function returns an encoding equivalent to that of PublicKey.Bytes in crypto/ecdh.  (staticcheck)


issues:
max-issues-per-linter: 0
Expand Down
40 changes: 20 additions & 20 deletions .github/workflows/ci-actions.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,18 +13,18 @@ jobs:
runs-on: ubuntu-22.04
strategy:
matrix:
GOVER: ['1.21.1', '1.20.8']
GOVER: ['1.22', '1.21']
steps:
- name: Setup Go-${{ matrix.GOVER }}
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.GOVER }}
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Linting
uses: golangci/golangci-lint-action@v3
with:
version: v1.51.2
version: v1.56.1
args: --config=./.etc/golangci.yml ./...
- name: Check shadowing
run: |
Expand All @@ -47,9 +47,9 @@ jobs:
runs-on: ubuntu-22.04
strategy:
matrix:
CFG: [[arm64, arm64v8, '1.21.1']]
CFG: [[arm64, arm64v8, '1.22']]
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Enabling Docker Experimental
run: |
echo $'{\n "experimental": true\n}' | sudo tee /etc/docker/daemon.json
Expand All @@ -68,11 +68,11 @@ jobs:
name: Testing Build Modes
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: '1.21.1'
go-version: '1.22'
- name: Build as Static
run: make circl_static
- name: Build as Plugin
Expand All @@ -84,15 +84,15 @@ jobs:
name: amd64/coverage
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: '1.21.1'
go-version: '1.22'
- name: Produce Coverage
run: go test -coverprofile=./coverage.txt ./...
- name: Upload Codecov
uses: codecov/codecov-action@v2
uses: codecov/codecov-action@v4
with:
file: ./coverage.txt
osCompat:
Expand All @@ -101,14 +101,14 @@ jobs:
name: Running on ${{ matrix.os }}
strategy:
matrix:
os: [macos-11, windows-2019]
os: [macos-latest, windows-latest]
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v3
uses: actions/setup-go@v5
with:
go-version: '1.21.1'
go-version: '1.22'
- name: Building
run: go build -v ./...
- name: Testing
Expand All @@ -123,12 +123,12 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@v3
with:
languages: go
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@v3
with:
category: "/language:go"
8 changes: 5 additions & 3 deletions blindsign/blindrsa/brsa_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ import (
)

// 2048-bit RSA private key
const testPrivateKey = `
-----BEGIN RSA PRIVATE KEY-----
var testPrivateKey = testingKey(`
armfazh marked this conversation as resolved.
Show resolved Hide resolved
-----BEGIN RSA TESTING KEY-----
MIIEowIBAAKCAQEAyxrta2qV9bHOATpM/KsluUsuZKIwNOQlCn6rQ8DfOowSmTrx
KxEZCNS0cb7DHUtsmtnN2pBhKi7pA1I+beWiJNawLwnlw3TQz+Adj1KcUAp4ovZ5
CPpoK1orQwyB6vGvcte155T8mKMTknaHl1fORTtSbvm/bOuZl5uEI7kPRGGiKvN6
Expand All @@ -47,7 +47,9 @@ IVEW06GXuhv46p0wt3zXx1dcbWX6LdJaDB4MHqevkiDAqHntmXLbmVd9pXCGn/a2
xznO3QKBgHkPJPEiCzRugzgN9UxOT5tNQCSGMOwJUd7qP0TWgvsWHT1N07JLgC8c
Yg0f1rCxEAQo5BVppiQFp0FA7W52DUnMEfBtiehZ6xArW7crO91gFRqKBWZ3Jjyz
/JcS8m5UgQxC8mmb/2wLD5TDvWw+XCfjUgWmvqIi5dcJgmuTAn5X
-----END RSA PRIVATE KEY-----`
-----END RSA TESTING KEY-----`)

func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") }

func loadPrivateKey() (*rsa.PrivateKey, error) {
block, _ := pem.Decode([]byte(testPrivateKey))
Expand Down
5 changes: 2 additions & 3 deletions blindsign/blindrsa/internal/common/rsa.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,8 +88,7 @@ func encrypt(c *big.Int, N *big.Int, e *big.Int, m *big.Int) *big.Int {
func decrypt(random io.Reader, priv *keys.BigPrivateKey, c *big.Int) (m *big.Int, err error) {
// TODO(agl): can we get away with reusing blinds?
if c.Cmp(priv.Pk.N) > 0 {
err = rsa.ErrDecryption
return
return nil, rsa.ErrDecryption
}
if priv.Pk.N.Sign() == 0 {
return nil, rsa.ErrDecryption
Expand All @@ -107,7 +106,7 @@ func decrypt(random io.Reader, priv *keys.BigPrivateKey, c *big.Int) (m *big.Int
for {
r, err = rand.Int(random, priv.Pk.N)
if err != nil {
return
return nil, err
armfazh marked this conversation as resolved.
Show resolved Hide resolved
}
if r.Cmp(bigZero) == 0 {
r = bigOne
Expand Down
2 changes: 1 addition & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/cloudflare/circl

go 1.19
go 1.21

require (
github.com/bwesterb/go-ristretto v1.2.3
Expand Down
2 changes: 1 addition & 1 deletion pke/kyber/internal/common/asm/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/cloudflare/circl/pke/kyber/internal/common/asm

go 1.19
go 1.21

require (
github.com/cloudflare/circl v1.3.7
Expand Down
2 changes: 1 addition & 1 deletion sign/dilithium/internal/common/asm/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/cloudflare/circl/sign/dilithium/internal/common/asm

go 1.19
go 1.21

require (
github.com/cloudflare/circl v1.3.7
Expand Down
Loading