Update libgin vendored dependency

vendor/github.com/G-Node/libgin/libgin/archive.go

@@ -9,8 +9,9 @@ import (
 	"strings"
 )
 
-// MakeZip creates a zip archive called dest from the files specified by source.
-// Any directories listed in source are archived recursively.
+// MakeZip recursively writes all the files found under the provided sources to
+// the dest io.Writer in ZIP format.  Any directories listed in source are
+// archived recursively.  Empty directories are ignored.
 func MakeZip(dest io.Writer, source ...string) error {
 	// check sources
 	for _, src := range source {
@@ -22,7 +23,7 @@ func MakeZip(dest io.Writer, source ...string) error {
 	zipwriter := zip.NewWriter(dest)
 	defer zipwriter.Close()
 
-	walker := func(filepath string, fi os.FileInfo, err error) error {
+	walker := func(path string, fi os.FileInfo, err error) error {
 
 		// return on any error
 		if err != nil {
@@ -37,7 +38,7 @@ func MakeZip(dest io.Writer, source ...string) error {
 
 		// update the name to correctly reflect the desired destination when unzipping
 		// header.Name = strings.TrimPrefix(strings.Replace(file, src, "", -1), string(filepath.Separator))
-		header.Name = filepath
+		header.Name = path
 
 		if fi.Mode().IsDir() {
 			return nil
@@ -51,7 +52,7 @@ func MakeZip(dest io.Writer, source ...string) error {
 
 		// Dereference symlinks
 		if fi.Mode()&os.ModeSymlink != 0 {
-			data, err := os.Readlink(filepath)
+			data, err := os.Readlink(path)
 			if err != nil {
 				return err
 			}
@@ -62,7 +63,7 @@ func MakeZip(dest io.Writer, source ...string) error {
 		}
 
 		// open files for zipping
-		f, err := os.Open(filepath)
+		f, err := os.Open(path)
 		defer f.Close()
 		if err != nil {
 			return err

vendor/github.com/G-Node/libgin/libgin/crypto.go

@@ -0,0 +1,95 @@
+package libgin
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/rand"
+	"encoding/base64"
+	"io"
+)
+
+// Encrypt an array of bytes with AES.
+func Encrypt(key, plaintext []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+
+	// The IV needs to be unique, but not secure. Therefore it's common to
+	// include it at the beginning of the ciphertext.
+	ciphertext := make([]byte, aes.BlockSize+len(plaintext))
+	iv := ciphertext[:aes.BlockSize]
+	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
+		return nil, err
+	}
+
+	stream := cipher.NewCFBEncrypter(block, iv)
+	stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)
+	return ciphertext, nil
+}
+
+// EncryptURLString encrypts a string using AES and returns it in URL encoded base64.
+func EncryptURLString(key []byte, plaintext string) (string, error) {
+	cipherbytes, err := Encrypt(key, []byte(plaintext))
+	if err != nil {
+		return "", err
+	}
+	// convert to URL encoded base64
+	return base64.URLEncoding.EncodeToString(cipherbytes), nil
+}
+
+// EncryptString encrypts a string using AES and returns it in base64.
+func EncryptString(key []byte, plaintext string) (string, error) {
+	cipherbytes, err := Encrypt(key, []byte(plaintext))
+	if err != nil {
+		return "", err
+	}
+	// convert to (standard) encoded base64
+	return base64.StdEncoding.EncodeToString(cipherbytes), nil
+}
+
+// Decrypt an AES encrypted array of bytes.
+func Decrypt(key, ciphertext []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+
+	// The IV needs to be unique, but not secure. Therefore it's common to
+	// include it at the beginning of the ciphertext.
+	if len(ciphertext) < aes.BlockSize {
+		return nil, err
+	}
+	iv := ciphertext[:aes.BlockSize]
+	ciphertext = ciphertext[aes.BlockSize:]
+
+	stream := cipher.NewCFBDecrypter(block, iv)
+
+	// XORKeyStream can work in-place if the two arguments are the same.
+	stream.XORKeyStream(ciphertext, ciphertext)
+
+	return ciphertext, nil
+}
+
+// DecryptURLString decrypts an AES encrypted URL encoded base64 string.
+func DecryptURLString(key []byte, encstring string) (string, error) {
+	ciphertext, err := base64.URLEncoding.DecodeString(encstring)
+	if err != nil {
+		return "", err
+	}
+	plainbytes, err := Decrypt(key, ciphertext)
+	if err != nil {
+		return "", err
+	}
+	return string(plainbytes), nil
+}
+
+// DecryptString decrypts an AES encrypted base64 string.
+func DecryptString(key []byte, encstring string) (string, error) {
+	ciphertext, _ := base64.StdEncoding.DecodeString(encstring)
+	plainbytes, err := Decrypt(key, ciphertext)
+	if err != nil {
+		return "", err
+	}
+	return string(plainbytes), nil
+}

vendor/github.com/G-Node/libgin/libgin/util.go

@@ -0,0 +1,24 @@
+package libgin
+
+// Common utilities for the GIN services
+
+import (
+	"os"
+)
+
+// ReadConfDefault returns the value of a configuration env variable.
+// If the variable is not set, the default is returned.
+func ReadConfDefault(key, defval string) string {
+	value, ok := os.LookupEnv(key)
+	if !ok {
+		return defval
+	}
+	return value
+}
+
+// ReadConf returns the value of a configuration env variable.
+// If the variable is not set, an empty string is returned (ignores any errors).
+func ReadConf(key string) string {
+	value, _ := os.LookupEnv(key)
+	return value
+}

vendor/vendor.json

@@ -50,10 +50,10 @@
 			"revision": ""
 		},
 		{
-			"checksumSHA1": "HM8GI780IYgrBjmQfEB8YXN4Gbs=",
+			"checksumSHA1": "BBQVBKXpzAPMbi0tLh4vY41r6hg=",
 			"path": "github.com/G-Node/libgin/libgin",
-			"revision": "c5e0b86f5b8b481b061df2926eea96e7e7793eca",
-			"revisionTime": "2018-12-13T18:01:10Z"
+			"revision": "3786fb1dd6179032053d6aeb853f8f84d3f24f18",
+			"revisionTime": "2019-06-28T14:39:41Z"
 		},
 		{
 			"checksumSHA1": "s+CthU3jnDZx1F6sOfsEvRLFjBE=",