Skip to content

Commit

Permalink
update dependencies (#17)
Browse files Browse the repository at this point in the history
* update dependencies

Signed-off-by: bytemare <3641580+bytemare@users.noreply.github.com>

* update sonar config

Signed-off-by: bytemare <3641580+bytemare@users.noreply.github.com>

* update

Signed-off-by: bytemare <3641580+bytemare@users.noreply.github.com>

---------

Signed-off-by: bytemare <3641580+bytemare@users.noreply.github.com>
  • Loading branch information
bytemare authored Mar 20, 2023
1 parent 3717de0 commit 3b2556d
Show file tree
Hide file tree
Showing 8 changed files with 63 additions and 77 deletions.
30 changes: 10 additions & 20 deletions .github/.golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -146,15 +146,13 @@ linters-settings:
golint:
min-confidence: 0
gomnd:
settings:
mnd:
checks:
- argument
- case
- condition
- operation
- return
- assign
checks:
- argument
- case
- condition
- operation
- return
- assign
ignored-functions:
- 'Import'
- 'Deserialize'
Expand Down Expand Up @@ -200,14 +198,6 @@ linters-settings:
- unsafeptr
- unusedresult
- unusedwrite
depguard:
list-type: blacklist
packages:
# logging is allowed only by logutils.Log, logrus
# is allowed to use only in logutils package
- github.com/sirupsen/logrus
packages-with-error-message:
- github.com/sirupsen/logrus: "logging is allowed only by logutils.Log"
lll:
line-length: 120
# tab width ('\t') in spaces. Default to 1.
Expand Down Expand Up @@ -256,7 +246,7 @@ issues:
max-issues-per-linter: 0
max-same-issues: 0

# Independently from option `exclude` we use default exclude patterns,
# Independently of option `exclude` we use default exclude patterns,
# it can be disabled by this option. To list all
# excluded by default patterns execute `golangci-lint run --help`.
# Default value for this option is true.
Expand All @@ -265,5 +255,5 @@ issues:
run:
tests: false

#output:
# format: github-actions
output:
format: github-actions
12 changes: 7 additions & 5 deletions .github/Makefile
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
.PHONY: update
update:
@cd ../
@echo "Updating dependencies..."
@go get -u
@cd ../ && go get -u
@go mod tidy
@echo "Updating Github Actions pins..."
@$(foreach file, $(wildcard workflows/*.yml), pin-github-action $(file);)

.PHONY: update-linters
update-linters:
@echo "Updating linters..."
@go install mvdan.cc/gofumpt@latest
@go install github.com/daixiang0/gci@latest
Expand Down Expand Up @@ -36,14 +38,14 @@ lint: fmt license
.PHONY: test
test:
@echo "Running all tests ..."
@go test -v -vet=all ../...
@go test -v -vet=all ../tests

.PHONY: vectors
vectors:
@echo "Testing vectors ..."
@go test -v ../tests/...
@go test -v ../tests/vectors_test.go

.PHONY: cover
cover:
@echo "Testing with coverage ..."
@go test -v -race -covermode=atomic -coverpkg=../... -coverprofile=./coverage.out ../...
@go test -v -race -covermode=atomic -coverpkg=../... -coverprofile=./coverage.out ../tests
26 changes: 13 additions & 13 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,17 +13,17 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # pin@v3
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # pin@master
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@v3
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@master
with:
go-version-file: ./go.mod

# Linting
- name: Linting
uses: golangci/golangci-lint-action@5c56cd6c9dc07901af25baab6f2b0d9f3b7c3018 # pin@v2
uses: golangci/golangci-lint-action@5c56cd6c9dc07901af25baab6f2b0d9f3b7c3018 # pin@master
with:
version: latest
args: --config=./.github/.golangci.yml ./...
Expand All @@ -35,14 +35,14 @@ jobs:
strategy:
fail-fast: false
matrix:
go: [ '1.19', '1.18' ]
go: [ '1.20', '1.19' ]
steps:
- name: Checkout repo
uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # pin@v3
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # pin@master
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@v3
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@master
with:
go-version: ${{ matrix.go }}

Expand All @@ -55,11 +55,11 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repo
uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # pin@v3
uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # pin@master
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@v3
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # pin@master
with:
go-version-file: ./go.mod

Expand All @@ -69,23 +69,23 @@ jobs:

# Codecov
- name: Codecov
uses: codecov/codecov-action@29386c70ef20e286228c72b668a06fd0e8399192 # pin@v1
uses: codecov/codecov-action@29386c70ef20e286228c72b668a06fd0e8399192 # pin@master
with:
file: .github/coverage.out

# Sonar
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@cb201f3b2d7a38231a8c042dfea4539c8bea180b # pin@master
uses: SonarSource/sonarcloud-github-action@db501078e936e4b4c8773d1bb949ba9ddb7b6b6a # pin@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
args: >
-Dsonar.organization=bytemare-github
-Dsonar.projectKey=bytemare_voprf
-Dsonar.go.coverage.reportPaths=.github/coverage.out
-Dsonar.sources=.
-Dsonar.test.exclusions=examples_test.go,tests/**
-Dsonar.tests=tests/
-Dsonar.go.coverage.reportPaths=.github/coverage.out
-Dsonar.coverage.exclusions=examples_test.go,tests/**
-Dsonar.verbose=true
-Dsonar.tests=tests/
-Dsonar.verbose=true
8 changes: 4 additions & 4 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,16 +24,16 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@7884fcad6b5d53d10323aee724dc68d8b9096a2e # pin@v2
uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 # pin@master

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@fe2e30bafc62994571bcacc370c0818cf12a231e # pin@v1
uses: github/codeql-action/init@231aa2c8a89117b126725a0e11897209b7118144 # pin@master
with:
languages: go

- name: Autobuild
uses: github/codeql-action/autobuild@fe2e30bafc62994571bcacc370c0818cf12a231e # pin@v1
uses: github/codeql-action/autobuild@231aa2c8a89117b126725a0e11897209b7118144 # pin@master

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@fe2e30bafc62994571bcacc370c0818cf12a231e # pin@v1
uses: github/codeql-action/analyze@231aa2c8a89117b126725a0e11897209b7118144 # pin@master
8 changes: 4 additions & 4 deletions .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,12 @@ jobs:
id-token: write
steps:
- name: "Checkout code"
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # pin@master
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6
uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # pin@master
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -42,14 +42,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # pin@master
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@807578363a7869ca324a79039e6db9c843e0e100 # v2.1.27
uses: github/codeql-action/upload-sarif@807578363a7869ca324a79039e6db9c843e0e100 # pin@master
with:
sarif_file: results.sarif
15 changes: 3 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,26 +3,17 @@
[![VOPRF](https://github.com/bytemare/voprf/actions/workflows/ci.yml/badge.svg)](https://github.com/bytemare/voprf/actions/workflows/ci.yml)
[![Go Reference](https://pkg.go.dev/badge/github.com/bytemare/voprf.svg)](https://pkg.go.dev/github.com/bytemare/voprf)
[![codecov](https://codecov.io/gh/bytemare/voprf/branch/main/graph/badge.svg?token=5bQfB0OctA)](https://codecov.io/gh/bytemare/voprf)
[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fbytemare%2Fvoprf.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fbytemare%2Fvoprf?ref=badge_shield)

Package voprf provides abstracted access to Oblivious Pseudorandom Functions (OPRF) using Elliptic Curves (EC-OPRF).
Package voprf provides abstracted access to Oblivious Pseudorandom Functions (OPRF) over elliptic curves.

This implementation supports the OPRF, VOPRF, and POPRF protocols as specified in the latest [internet draft](https://tools.ietf.org/html/draft-irtf-cfrg-voprf).

## Identifiers and bit security

| Identifier | Bit security | Implementation |
|:----------------------|:------------:|:-----------------------------:|
| ristretto255-SHA512 | 128 | github.com/gtank/ristretto255 |
| ~~decaf448-SHAKE256~~ | 224 | not implemented |
| P256-SHA256 | 128 | github.com/armfazh/h2c-go-ref |
| P384-SHA384 | 192 | github.com/armfazh/h2c-go-ref |
| P521-SHA512 | 256 | github.com/armfazh/h2c-go-ref |

## Versioning

[SemVer](http://semver.org/) is used for versioning. For the versions available, see the [tags on this repository](https://github.com/bytemare/voprf/tags).

Minor v0.x versions match the corresponding CFRG draft version, the master branch implements the latest changes of [the draft development](https://github.com/cfrg/draft-irtf-cfrg-voprf).

## Contributing

Please read [CONTRIBUTING.md](.github/CONTRIBUTING.md) for details on the code of conduct, and the process for submitting pull requests.
Expand Down
15 changes: 8 additions & 7 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,17 +1,18 @@
module github.com/bytemare/voprf

go 1.19
go 1.20

require (
github.com/bytemare/crypto v0.3.3
github.com/bytemare/hash v0.1.3
github.com/bytemare/crypto v0.4.4
github.com/bytemare/hash v0.1.5
github.com/google/go-cmp v0.5.9
)

require (
filippo.io/nistec v0.0.0-20220825075812-a82cab4ea6f0 // indirect
github.com/bytemare/hash2curve v0.1.2 // indirect
filippo.io/edwards25519 v1.0.0 // indirect
filippo.io/nistec v0.0.2 // indirect
github.com/bytemare/hash2curve v0.1.3 // indirect
github.com/gtank/ristretto255 v0.1.2 // indirect
golang.org/x/crypto v0.4.0 // indirect
golang.org/x/sys v0.3.0 // indirect
golang.org/x/crypto v0.7.0 // indirect
golang.org/x/sys v0.6.0 // indirect
)
26 changes: 14 additions & 12 deletions go.sum
Original file line number Diff line number Diff line change
@@ -1,16 +1,18 @@
filippo.io/nistec v0.0.0-20220825075812-a82cab4ea6f0 h1:infQBtlEPAdRCqMIoddLS8K27zaaz05FLnrXskk0TtE=
filippo.io/nistec v0.0.0-20220825075812-a82cab4ea6f0/go.mod h1:84fxC9mi+MhC2AERXI4LSa8cmSVOzrFikg6hZ4IfCyw=
github.com/bytemare/crypto v0.3.3 h1:/zKg0KGDW/AZbLpS7VDMmGTjwkfr3fZzSfVZEliVCFE=
github.com/bytemare/crypto v0.3.3/go.mod h1:l4WGLrTDFQSxSrbB3d1DknkMe26M3IJHos66ZMAsrE8=
github.com/bytemare/hash v0.1.3 h1:E2v/+gqvLTjaR8W2JdhqaB2L9161yFBlSXDnYEyMt94=
github.com/bytemare/hash v0.1.3/go.mod h1:5WJSSK+ftRTLt9fOMHT+S4eXTTAb0Uz+NJJZKHLKovM=
github.com/bytemare/hash2curve v0.1.2 h1:V/TSdU/WsfYS3Bk73ap+odLCOOm2/B02rKE8lb91djI=
github.com/bytemare/hash2curve v0.1.2/go.mod h1:S+OcM3nIREThTmjkFa+nX6vqGH11nEzefaIYq7MVAp4=
filippo.io/edwards25519 v1.0.0 h1:0wAIcmJUqRdI8IJ/3eGi5/HwXZWPujYXXlkrQogz0Ek=
filippo.io/edwards25519 v1.0.0/go.mod h1:N1IkdkCkiLB6tki+MYJoSx2JTY9NUlxZE7eHn5EwJns=
filippo.io/nistec v0.0.2 h1:/NIXTUimcHIh0E2DsYucHlICvUisgj28/XEnKSEptUs=
filippo.io/nistec v0.0.2/go.mod h1:84fxC9mi+MhC2AERXI4LSa8cmSVOzrFikg6hZ4IfCyw=
github.com/bytemare/crypto v0.4.4 h1:BR4j35IRJIdDQa0dyqo4OS5OZ+mLlijhUxwWvgcipG4=
github.com/bytemare/crypto v0.4.4/go.mod h1:UA6K3SBPZ0C2VHQXc/9LT93rWTBwXxXNZFNL4uwapPo=
github.com/bytemare/hash v0.1.5 h1:VW+X1YQ2b3chjRFHkRUnO42uclsQjXimdBCPOgIobR4=
github.com/bytemare/hash v0.1.5/go.mod h1:+QmWXTky/2b63ngqM5IYezGydn9UTFDhpX7mLYwYxCA=
github.com/bytemare/hash2curve v0.1.3 h1:BOqV8BF5dF+BbPZgIyoeAVTwd4m7jmw4LwacD1GFBvU=
github.com/bytemare/hash2curve v0.1.3/go.mod h1:Wma3DmJdn8kqiK9j120hkWvC3tQVKS1PyA8ZzyG23BI=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/gtank/ristretto255 v0.1.2 h1:JEqUCPA1NvLq5DwYtuzigd7ss8fwbYay9fi4/5uMzcc=
github.com/gtank/ristretto255 v0.1.2/go.mod h1:Ph5OpO6c7xKUGROZfWVLiJf9icMDwUeIvY4OmlYW69o=
golang.org/x/crypto v0.4.0 h1:UVQgzMY87xqpKNgb+kDsll2Igd33HszWHFLmpaRMq/8=
golang.org/x/crypto v0.4.0/go.mod h1:3quD/ATkf6oY+rnes5c3ExXTbLc8mueNue5/DoinL80=
golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ=
golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

0 comments on commit 3b2556d

Please sign in to comment.