diff --git a/bazel/toolchains/go_module_deps.bzl b/bazel/toolchains/go_module_deps.bzl index bbc46f27613..0fadb86cfbb 100644 --- a/bazel/toolchains/go_module_deps.bzl +++ b/bazel/toolchains/go_module_deps.bzl @@ -1235,8 +1235,8 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "github.com/creack/pty", - sum = "h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=", - version = "v1.1.18", + sum = "h1:1/QdRyBaHHJP61QkWMXlOIBfsgdDeeKfK8SYVUWJKf0=", + version = "v1.1.21", ) go_repository( name = "com_github_cyberphone_json_canonicalization", @@ -1603,8 +1603,8 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "github.com/foxboron/go-uefi", - sum = "h1:SJMQFT74bCrP+kQ24oWhmuyPFHDTavrd3JMIe//2NhU=", - version = "v0.0.0-20230808201820-18b9ba9cd4c3", + sum = "h1:qGlg/7H49H30Eu7nkCBA7YxNmW30ephqBf7xIxlAGuQ=", + version = "v0.0.0-20240128152106-48be911532c2", ) go_repository( name = "com_github_foxcpp_go_mockdns", @@ -2366,6 +2366,14 @@ def go_dependencies(): sum = "h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=", version = "v1.2.0", ) + go_repository( + name = "com_github_google_goterm", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/google/goterm", + sum = "h1:CVuJwN34x4xM2aT4sIKhmeib40NeBPhRihNjQmpJsA4=", + version = "v0.0.0-20200907032337-555d40f16ae2", + ) go_repository( name = "com_github_google_licenseclassifier", build_file_generation = "on", @@ -2943,6 +2951,14 @@ def go_dependencies(): sum = "h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU=", version = "v1.4.0", ) + go_repository( + name = "com_github_hugelgupf_vmtest", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/hugelgupf/vmtest", + sum = "h1:aa9+0fjwoGotyC8A3QjdITMAX89g/+qvDAhKPrK1NKE=", + version = "v0.0.0-20240110072021-f6f07acb7aa1", + ) go_repository( name = "com_github_iancoleman_strcase", build_file_generation = "on", @@ -2983,6 +2999,14 @@ def go_dependencies(): sum = "h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=", version = "v1.1.0", ) + go_repository( + name = "com_github_insomniacslk_dhcp", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/insomniacslk/dhcp", + sum = "h1:9K06NfxkBh25x56yVhWWlKFE8YpicaSfHwoV8SFbueA=", + version = "v0.0.0-20231206064809-8c70d406f6d2", + ) go_repository( name = "com_github_intel_goresctrl", build_file_generation = "on", @@ -3108,8 +3132,8 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "github.com/josharian/native", - sum = "h1:Ts/E8zCSEsG17dUqv7joXJFybuMLjQfWE04tsBODTxk=", - version = "v1.0.0", + sum = "h1:uuaP0hAbW7Y4l0ZRQ6C9zfb7Mg1mbFKry/xzDAfmtLA=", + version = "v1.1.0", ) go_repository( name = "com_github_jpillora_backoff", @@ -3204,8 +3228,8 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "github.com/klauspost/compress", - sum = "h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI=", - version = "v1.16.5", + sum = "h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4=", + version = "v1.17.4", ) go_repository( name = "com_github_klauspost_cpuid_v2", @@ -3215,6 +3239,14 @@ def go_dependencies(): sum = "h1:g0I61F2K2DjRHz1cnxlkNSBIaePVoJIjjnHui8QHbiw=", version = "v2.0.4", ) + go_repository( + name = "com_github_klauspost_pgzip", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/klauspost/pgzip", + sum = "h1:8RXeL5crjEUFnR2/Sn6GJNWtSQ3Dk8pq4CL3jvdDyjU=", + version = "v1.2.6", + ) go_repository( name = "com_github_konsorten_go_windows_terminal_sequences", build_file_generation = "on", @@ -3528,8 +3560,8 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "github.com/mattn/go-isatty", - sum = "h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=", - version = "v0.0.19", + sum = "h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=", + version = "v0.0.20", ) go_repository( name = "com_github_mattn_go_oci8", @@ -3595,13 +3627,21 @@ def go_dependencies(): sum = "h1:FdUaT/e33HjEXagwELR8R3/KL1Fq5x3G5jgHLp/BTmg=", version = "v1.7.1", ) + go_repository( + name = "com_github_mdlayher_packet", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/mdlayher/packet", + sum = "h1:3Up1NG6LZrsgDVn6X4L9Ge/iyRyxFEFD9o6Pr3Q1nQY=", + version = "v1.1.2", + ) go_repository( name = "com_github_mdlayher_socket", build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "github.com/mdlayher/socket", - sum = "h1:280wsy40IC9M9q1uPGcLBwXpcTQDtoGwVt+BNoITxIw=", - version = "v0.4.0", + sum = "h1:ilICZmJcQz70vrWVes1MFera4jGiWNocSkykwwoy3XI=", + version = "v0.5.0", ) go_repository( name = "com_github_microsoft_applicationinsights_go", @@ -3891,6 +3931,14 @@ def go_dependencies(): sum = "h1:Z3TAKd9JS3BoKi6fW+d1bKD2Mf0FzTqDUEAwLWzYPRQ=", version = "v2.3.3", ) + go_repository( + name = "com_github_netflix_go_expect", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/Netflix/go-expect", + sum = "h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s=", + version = "v0.0.0-20220104043353-73e0943537d2", + ) go_repository( name = "com_github_niemeyer_pretty", build_file_generation = "on", @@ -4099,6 +4147,14 @@ def go_dependencies(): sum = "h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI=", version = "v0.0.0-20220201140144-74d24b5ae9f5", ) + go_repository( + name = "com_github_pierrec_lz4_v4", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/pierrec/lz4/v4", + sum = "h1:+fL8AQEZtz/ijeNnpduH0bROTu0O3NZAlPjQxGn8LwE=", + version = "v4.1.14", + ) go_repository( name = "com_github_pjbgf_sha1cd", build_file_generation = "on", @@ -4796,6 +4852,30 @@ def go_dependencies(): sum = "h1:Q9nBoQcZcgPamMkGn7ghV8XiTZ/kRxn1yCG81+twTK4=", version = "v0.0.2", ) + go_repository( + name = "com_github_u_root_gobusybox_src", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/u-root/gobusybox/src", + sum = "h1:AQX6C886dZqnOrXtbP0U59melqbb1+YnCfRYRfr4M3M=", + version = "v0.0.0-20231224233253-2944a440b6b6", + ) + go_repository( + name = "com_github_u_root_u_root", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/u-root/u-root", + sum = "h1:1AIJqOtdEufYfGb3eRpdaqWONzBOpAwrg1fehbWg+Mg=", + version = "v0.11.1-0.20230807200058-f87ad7ccb594", + ) + go_repository( + name = "com_github_u_root_uio", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/u-root/uio", + sum = "h1:YcojQL98T/OO+rybuzn2+5KrD5dBwXIvYBvQ2cD3Avg=", + version = "v0.0.0-20230305220412-3e8cd9d6bf63", + ) go_repository( name = "com_github_ulikunitz_xz", build_file_generation = "on", @@ -6965,8 +7045,8 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "golang.org/x/exp", - sum = "h1:EDuYyU/MkFXllv9QF9819VlI9a4tzGuCbhG0ExK9o1U=", - version = "v0.0.0-20230809150735-7b3493d9a819", + sum = "h1:+iq7lrkxmFNBM7xx+Rae2W6uyPfhPeDWD+n+JgppptE=", + version = "v0.0.0-20231219180239-dc181d75b848", ) go_repository( name = "org_golang_x_image", @@ -6997,16 +7077,16 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "golang.org/x/mod", - sum = "h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY=", - version = "v0.13.0", + sum = "h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=", + version = "v0.14.0", ) go_repository( name = "org_golang_x_net", build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "golang.org/x/net", - sum = "h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=", - version = "v0.17.0", + sum = "h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c=", + version = "v0.19.0", ) go_repository( name = "org_golang_x_oauth2", @@ -7021,8 +7101,8 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "golang.org/x/sync", - sum = "h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ=", - version = "v0.4.0", + sum = "h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE=", + version = "v0.5.0", ) go_repository( name = "org_golang_x_sys", @@ -7061,8 +7141,8 @@ def go_dependencies(): build_file_generation = "on", build_file_proto_mode = "disable_global", importpath = "golang.org/x/tools", - sum = "h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc=", - version = "v0.14.0", + sum = "h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA=", + version = "v0.16.1", ) go_repository( name = "org_golang_x_vuln", @@ -7140,6 +7220,14 @@ def go_dependencies(): sum = "h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=", version = "v1.26.0", ) + go_repository( + name = "sh_elv_src", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "src.elv.sh", + sum = "h1:pjVeIo9Ba6K1Wy+rlwX91zT7A+xGEmxiNRBdN04gDTQ=", + version = "v0.16.0-rc1.0.20220116211855-fda62502ad7f", + ) go_repository( name = "sh_helm_helm", build_file_generation = "on", diff --git a/go.mod b/go.mod index 2293dd92f25..c28315e5083 100644 --- a/go.mod +++ b/go.mod @@ -78,7 +78,7 @@ require ( github.com/docker/docker v24.0.7+incompatible github.com/edgelesssys/go-azguestattestation v0.0.0-20230707101700-a683be600fcf github.com/edgelesssys/go-tdx-qpl v0.0.0-20230530085549-fd2878a4dead - github.com/foxboron/go-uefi v0.0.0-20230808201820-18b9ba9cd4c3 + github.com/foxboron/go-uefi v0.0.0-20240128152106-48be911532c2 github.com/fsnotify/fsnotify v1.7.0 github.com/go-playground/locales v0.14.1 github.com/go-playground/universal-translator v0.18.1 @@ -109,7 +109,7 @@ require ( github.com/hashicorp/terraform-plugin-testing v1.6.0 github.com/hexops/gotextdiff v1.0.3 github.com/martinjungblut/go-cryptsetup v0.0.0-20220520180014-fd0874fd07a6 - github.com/mattn/go-isatty v0.0.19 + github.com/mattn/go-isatty v0.0.20 github.com/microsoft/ApplicationInsights-Go v0.4.4 github.com/onsi/ginkgo/v2 v2.13.0 github.com/onsi/gomega v1.29.0 @@ -133,11 +133,11 @@ require ( go.uber.org/goleak v1.3.0 go.uber.org/zap v1.26.0 golang.org/x/crypto v0.17.0 - golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819 - golang.org/x/mod v0.13.0 + golang.org/x/exp v0.0.0-20231219180239-dc181d75b848 + golang.org/x/mod v0.14.0 golang.org/x/sys v0.15.0 golang.org/x/text v0.14.0 - golang.org/x/tools v0.14.0 + golang.org/x/tools v0.16.1 google.golang.org/api v0.148.0 google.golang.org/grpc v1.60.0 google.golang.org/protobuf v1.31.0 @@ -294,7 +294,7 @@ require ( github.com/jmoiron/sqlx v1.3.5 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/klauspost/compress v1.16.5 // indirect + github.com/klauspost/compress v1.17.4 // indirect github.com/kylelemons/godebug v1.1.0 // indirect github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect @@ -364,9 +364,9 @@ require ( go.opentelemetry.io/otel/trace v1.19.0 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/net v0.17.0 // indirect + golang.org/x/net v0.19.0 // indirect golang.org/x/oauth2 v0.13.0 // indirect - golang.org/x/sync v0.4.0 // indirect + golang.org/x/sync v0.5.0 // indirect golang.org/x/term v0.15.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect diff --git a/go.sum b/go.sum index 09998bb8ebb..5985aad28f0 100644 --- a/go.sum +++ b/go.sum @@ -268,8 +268,8 @@ github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= -github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= +github.com/creack/pty v1.1.21 h1:1/QdRyBaHHJP61QkWMXlOIBfsgdDeeKfK8SYVUWJKf0= +github.com/creack/pty v1.1.21/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 h1:vU+EP9ZuFUCYE0NYLwTSob+3LNEJATzNfP/DC7SWGWI= github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= @@ -338,8 +338,8 @@ github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/foxboron/go-uefi v0.0.0-20230808201820-18b9ba9cd4c3 h1:SJMQFT74bCrP+kQ24oWhmuyPFHDTavrd3JMIe//2NhU= -github.com/foxboron/go-uefi v0.0.0-20230808201820-18b9ba9cd4c3/go.mod h1:VdozURTQHi5Rs54l+4Szi3yIJQDMfXXYrRLAjKKowWI= +github.com/foxboron/go-uefi v0.0.0-20240128152106-48be911532c2 h1:qGlg/7H49H30Eu7nkCBA7YxNmW30ephqBf7xIxlAGuQ= +github.com/foxboron/go-uefi v0.0.0-20240128152106-48be911532c2/go.mod h1:ffg/fkDeOYicEQLoO2yFFGt00KUTYVXI+rfnc8il6vQ= github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI= github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= github.com/frankban/quicktest v1.14.4 h1:g2rn0vABPOOXmZUj+vbmUp0lPoXEMuhTpIluN0XL9UY= @@ -731,8 +731,8 @@ github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= -github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI= -github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4= +github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= @@ -783,8 +783,8 @@ github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Ky github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= @@ -1099,8 +1099,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819 h1:EDuYyU/MkFXllv9QF9819VlI9a4tzGuCbhG0ExK9o1U= -golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc= +golang.org/x/exp v0.0.0-20231219180239-dc181d75b848 h1:+iq7lrkxmFNBM7xx+Rae2W6uyPfhPeDWD+n+JgppptE= +golang.org/x/exp v0.0.0-20231219180239-dc181d75b848/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1127,8 +1127,8 @@ golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= -golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1172,8 +1172,8 @@ golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c= +golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1199,8 +1199,8 @@ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= -golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1350,8 +1350,8 @@ golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= -golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= +golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/image/measured-boot/cmd/main.go b/image/measured-boot/cmd/main.go index 9037709fdce..01a544aae5e 100644 --- a/image/measured-boot/cmd/main.go +++ b/image/measured-boot/cmd/main.go @@ -8,6 +8,7 @@ package main import ( "bytes" + "crypto" "crypto/sha256" "encoding/json" "fmt" @@ -93,7 +94,7 @@ func measurePE(fs afero.Fs, peFile string) ([]byte, error) { } defer f.Close() - return measure.Authentihash(f, sha256.New()) + return measure.Authentihash(f, crypto.SHA256) } func precalculatePCR4(simulator *measure.Simulator, fs afero.Fs, ukiFile string) error { @@ -111,7 +112,7 @@ func precalculatePCR4(simulator *measure.Simulator, fs afero.Fs, ukiFile string) if err != nil { return fmt.Errorf("uki does not contain linux kernel image: %v", err) } - linuxMeasurement, err := measure.Authentihash(linuxSectionReader, sha256.New()) + linuxMeasurement, err := measure.Authentihash(linuxSectionReader, crypto.SHA256) if err != nil { return fmt.Errorf("failed to measure linux kernel image: %v", err) } diff --git a/image/measured-boot/measure/BUILD.bazel b/image/measured-boot/measure/BUILD.bazel index 7d3358c0601..1add5ae1b2c 100644 --- a/image/measured-boot/measure/BUILD.bazel +++ b/image/measured-boot/measure/BUILD.bazel @@ -14,6 +14,7 @@ go_library( visibility = ["//visibility:public"], deps = [ "//image/measured-boot/pesection", + "@com_github_foxboron_go_uefi//authenticode", "@com_github_foxboron_go_uefi//efi/pecoff", "@org_golang_x_text//encoding/unicode", ], diff --git a/image/measured-boot/measure/authentihash.go b/image/measured-boot/measure/authentihash.go index 718577d8c0d..e7e28f65f4f 100644 --- a/image/measured-boot/measure/authentihash.go +++ b/image/measured-boot/measure/authentihash.go @@ -8,24 +8,35 @@ package measure import ( "bytes" + "crypto" "fmt" - "hash" "io" - "github.com/foxboron/go-uefi/efi/pecoff" + "github.com/foxboron/go-uefi/authenticode" ) // Authentihash returns the PE/COFF hash / Authentihash of a file. -func Authentihash(r io.Reader, h hash.Hash) ([]byte, error) { - buf := new(bytes.Buffer) - if _, err := buf.ReadFrom(r); err != nil { - return nil, fmt.Errorf("failed to read pe file: %v", err) +func Authentihash(r io.Reader, h crypto.Hash) ([]byte, error) { + readerAt, err := getReaderAt(r) + if err != nil { + return nil, fmt.Errorf("failed to get readerAt: %v", err) } - signingCtx := pecoff.PECOFFChecksum(buf.Bytes()) - pecoff.PaddSigCtx(signingCtx) + bin, err := authenticode.Parse(readerAt) + if err != nil { + return nil, fmt.Errorf("failed to parse pe file: %v", err) + } + return bin.Hash(h), nil +} - h.Write(signingCtx.SigData.Bytes()) +func getReaderAt(r io.Reader) (io.ReaderAt, error) { + if ra, ok := r.(io.ReaderAt); ok { + return ra, nil + } - return h.Sum(nil), nil + buf := new(bytes.Buffer) + if _, err := buf.ReadFrom(r); err != nil { + return nil, fmt.Errorf("failed to read pe file: %v", err) + } + return bytes.NewReader(buf.Bytes()), nil } diff --git a/image/measured-boot/measure/authentihash_test.go b/image/measured-boot/measure/authentihash_test.go index e451460afc1..81cd2765260 100644 --- a/image/measured-boot/measure/authentihash_test.go +++ b/image/measured-boot/measure/authentihash_test.go @@ -8,7 +8,7 @@ package measure import ( "bytes" - "crypto/sha256" + "crypto" "testing" "github.com/edgelesssys/constellation/v2/image/measured-boot/fixtures" @@ -19,7 +19,7 @@ func TestPeSectionReader(t *testing.T) { assert := assert.New(t) peReader := bytes.NewReader(fixtures.UKI()) - digest, err := Authentihash(peReader, sha256.New()) + digest, err := Authentihash(peReader, crypto.SHA256) assert.NoError(err) assert.Equal( []byte{