go.mod: update for go1.18 and update/remove obsolete dependencies

Makefile

@@ -23,10 +23,6 @@ serve: bin/cfssl
 serve:
 	./bin/cfssl serve
 
-bin/golint: $(shell find vendor -type f -name '*.go')
-	@mkdir -p $(dir $@)
-	go build -o $@ ./vendor/golang.org/x/lint/golint
-
 bin/goose: $(shell find vendor -type f -name '*.go')
 	@mkdir -p $(dir $@)
 	go build -o $@ ./vendor/bitbucket.org/liamstask/goose/cmd/goose

api/revoke/revoke_test.go

@@ -142,9 +142,9 @@ func TestOCSPGeneration(t *testing.T) {
 		Subject: pkix.Name{
 			Organization: []string{"cfssl unit test"},
 		},
-		AuthorityKeyId: []byte{42, 42, 42, 42},
-		KeyUsage:       x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
-		IsCA:           true,
+		AuthorityKeyId:        []byte{42, 42, 42, 42},
+		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
+		IsCA:                  true,
 		BasicConstraintsValid: true,
 	}
 	issuerBytes, err := x509.CreateCertificate(rand.Reader, &issuerTemplate, &issuerTemplate, &privKey.PublicKey, privKey)

bundler/bundle_from_file_test.go

@@ -27,9 +27,11 @@ type fileTest struct {
 	bundleChecking func(*testing.T, *Bundle)
 }
 
-/* ========== BundleFromFile Test Setup =============
+/*
+	========== BundleFromFile Test Setup =============
 
 For each pair of crypto algorithm X and key size Y, a CA chain is constructed:
+
 	Test_root_CA -> inter-L1 -> inter-L2--> cfssl-leaf-ecdsa256
 	                                    |-> cfssl-leaf-ecdsa384
 	                                    |-> cfssl-leaf-ecdsa521
@@ -44,8 +46,10 @@ Two inter-* certs are assembled in intermediates.crt
 
 There is also an expired L1 cert, sharing the same CSR with inter-L1. Also the
 root CA processes the inter-L2 CSR directly to generate inter-L2-direct cert.
-*	Test_root_CA--> inter-L1-expired
+
+	Test_root_CA--> inter-L1-expired
 	            |-> inter-L2-direct
+
 Using inter-L2-direct as additional intermediate cert should shorten the
 bundle chain.
 */

certdb/sql/sql_mysql_test.go

@@ -1,3 +1,4 @@
+//go:build mysql
 // +build mysql
 
 package sql

certdb/sql/sql_pq_test.go

@@ -1,3 +1,4 @@
+//go:build postgresql
 // +build postgresql
 
 package sql

cli/config.go

@@ -69,7 +69,7 @@ type Config struct {
 	AKI               string
 	DBConfigFile      string
 	CRLExpiration     time.Duration
-	Disable     	  string
+	Disable           string
 }
 
 // registerFlags defines all cfssl command flags and associates their values with variables.

cli/crl/crl.go

@@ -1,4 +1,4 @@
-//Package crl implements the crl command
+// Package crl implements the crl command
 package crl
 
 import (

cli/gencrl/gencrl.go

@@ -1,4 +1,4 @@
-//Package gencrl implements the gencrl command
+// Package gencrl implements the gencrl command
 package gencrl
 
 import (

cmd/cfssl/cfssl.go

@@ -4,6 +4,7 @@ also a tool to start a HTTP server to handle web requests for signing, bundling
 and verification.
 
 Usage:
+
 	cfssl command [-flags] arguments
 
 	The commands are

cmd/mkbundle/mkbundle.go

@@ -2,6 +2,7 @@
 // All certificates in the input file paths are checked for revocation and bundled together.
 //
 // Usage:
+//
 //	mkbundle -f bundle_file -nw number_of_workers certificate_file_path ...
 package main
 

crypto/pkcs7/pkcs7.go

@@ -3,17 +3,17 @@
 // to PKCS #7 format from another encoding such as PEM conforms to this implementation.
 // reference: https://www.openssl.org/docs/man1.1.0/apps/crl2pkcs7.html
 //
-//			PKCS #7 Data type, reference: https://tools.ietf.org/html/rfc2315
+// PKCS #7 Data type, reference: https://tools.ietf.org/html/rfc2315
 //
 // The full pkcs#7 cryptographic message syntax allows for cryptographic enhancements,
 // for example data can be encrypted and signed and then packaged through pkcs#7 to be
 // sent over a network and then verified and decrypted.  It is asn1, and the type of
 // PKCS #7 ContentInfo, which comprises the PKCS #7 structure, is:
 //
-//			ContentInfo ::= SEQUENCE {
-//				contentType ContentType,
-//				content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL
-//			}
+//	ContentInfo ::= SEQUENCE {
+//		contentType ContentType,
+//		content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL
+//	}
 //
 // There are 6 possible ContentTypes, data, signedData, envelopedData,
 // signedAndEnvelopedData, digestedData, and encryptedData.  Here signedData, Data, and encrypted
@@ -22,15 +22,14 @@
 // formats.
 // The ContentType signedData has the form:
 //
-//
-//			signedData ::= SEQUENCE {
-//				version Version,
-//				digestAlgorithms DigestAlgorithmIdentifiers,
-//				contentInfo ContentInfo,
-//				certificates [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL
-//				crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
-//				signerInfos SignerInfos
-//			}
+//	signedData ::= SEQUENCE {
+//		version Version,
+//		digestAlgorithms DigestAlgorithmIdentifiers,
+//		contentInfo ContentInfo,
+//		certificates [0] IMPLICIT ExtendedCertificatesAndCertificates OPTIONAL
+//		crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+//		signerInfos SignerInfos
+//	}
 //
 // As of yet signerInfos and digestAlgorithms are not parsed, as they are not relevant to
 // this system's use of PKCS #7 data.  Version is an integer type, note that PKCS #7 is

csr/csr_test.go

@@ -115,7 +115,7 @@ func TestParseRequest(t *testing.T) {
 		Hosts:      []string{"cloudflare.com", "www.cloudflare.com", "192.168.0.1", "jdoe@example.com", "https://www.cloudflare.com"},
 		KeyRequest: NewKeyRequest(),
 		Extensions: []pkix.Extension{
-			pkix.Extension{
+			{
 				Id:    asn1.ObjectIdentifier{1, 2, 3, 4, 5},
 				Value: []byte("AgEB"),
 			},

errors/doc.go

@@ -7,6 +7,7 @@ It formats to a json object that consists of an error message and a 4-digit code
 Example: {"code":1002, "message": "Failed to decode certificate"}
 
 The index of codes are listed below:
+
 	1XXX: CertificateError
 	    1000: Unknown
 	    1001: ReadFailed

go.mod

@@ -1,54 +1,46 @@
 module github.com/cloudflare/cfssl
 
-go 1.16
+go 1.18
 
 require (
 	bitbucket.org/liamstask/goose v0.0.0-20150115234039-8488cc47d90c
-	github.com/census-instrumentation/opencensus-proto v0.3.0 // indirect
-	github.com/certifi/gocertifi v0.0.0-20210507211836-431795d63e8d // indirect
 	github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a
-	github.com/cloudflare/redoctober v0.0.0-20201013214028-99c99a8e7544
-	github.com/cncf/udpa/go v0.0.0-20210322005330-6414d713912e // indirect
-	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
-	github.com/envoyproxy/protoc-gen-validate v0.6.1 // indirect
-	github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect
+	github.com/cloudflare/redoctober v0.0.0-20211013234631-6a74ccc611f6
 	github.com/go-sql-driver/mysql v1.6.0
-	github.com/golang/glog v0.0.0-20210429001901-424d2337a529 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/google/certificate-transparency-go v1.1.2-0.20210511102531-373a877eec92
-	github.com/google/uuid v1.2.0 // indirect
-	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 // indirect
-	github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
-	github.com/jmhodges/clock v0.0.0-20160418191101-880ee4c33548
+	github.com/google/certificate-transparency-go v1.1.4
+	github.com/jmhodges/clock v1.2.0
 	github.com/jmoiron/sqlx v1.3.3
-	github.com/json-iterator/go v1.1.11 // indirect
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/kisom/goutils v1.4.3
-	github.com/kylelemons/go-gypsy v1.0.0 // indirect
 	github.com/lib/pq v1.10.1
-	github.com/mattn/go-runewidth v0.0.12 // indirect
-	github.com/mattn/go-sqlite3 v1.14.7
-	github.com/olekukonko/tablewriter v0.0.5 // indirect
-	github.com/prometheus/client_golang v1.10.0
-	github.com/prometheus/common v0.24.0 // indirect
-	github.com/rivo/uniseg v0.2.0 // indirect
-	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/sirupsen/logrus v1.8.1 // indirect
-	github.com/soheilhy/cmux v0.1.5 // indirect
-	github.com/spf13/cobra v1.1.3 // indirect
+	github.com/mattn/go-sqlite3 v1.14.15
+	github.com/prometheus/client_golang v1.13.0
 	github.com/stretchr/testify v1.7.0
-	github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802 // indirect
-	github.com/urfave/cli v1.22.5 // indirect
-	github.com/ziutek/mymysql v1.5.4 // indirect
 	github.com/zmap/zcrypto v0.0.0-20210511125630-18f1e0152cfc
 	github.com/zmap/zlint/v3 v3.1.0
-	go.uber.org/multierr v1.7.0 // indirect
-	golang.org/x/crypto v0.0.0-20220824171710-5757bc0c5503
-	golang.org/x/lint v0.0.0-20210508222113-6edffad5e616
-	golang.org/x/mod v0.4.2 // indirect
-	golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2
-	golang.org/x/oauth2 v0.0.0-20210427180440-81ed05c6b58c // indirect
-	golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
-	google.golang.org/genproto v0.0.0-20210510173355-fb37daa5cd7a // indirect
-	honnef.co/go/tools v0.1.4 // indirect
+	golang.org/x/crypto v0.3.0
+	golang.org/x/net v0.2.0
+)
+
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/getsentry/sentry-go v0.11.0 // indirect
+	github.com/go-logr/logr v1.2.0 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/kylelemons/go-gypsy v1.0.0 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
+	github.com/weppos/publicsuffix-go v0.15.1-0.20210511084619-b1f36a2d6c0b // indirect
+	github.com/ziutek/mymysql v1.5.4 // indirect
+	golang.org/x/sys v0.2.0 // indirect
+	golang.org/x/text v0.4.0 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/klog/v2 v2.80.1 // indirect
 )