Depenancy upgrades and movign to dep. (#8630)

4 files changed, 32 insertions, 186 deletions

diff --git a/vendor/golang.org/x/crypto/ed25519/ed25519.go b/vendor/golang.org/x/crypto/ed25519/ed25519.go
index 4f26b49b6..a57771a1e 100644
--- a/vendor/golang.org/x/crypto/ed25519/ed25519.go
+++ b/vendor/golang.org/x/crypto/ed25519/ed25519.go
@@ -171,9 +171,16 @@ func Verify(publicKey PublicKey, message, sig []byte) bool {
 	edwards25519.ScReduce(&hReduced, &digest)
 
 	var R edwards25519.ProjectiveGroupElement
-	var b [32]byte
-	copy(b[:], sig[32:])
-	edwards25519.GeDoubleScalarMultVartime(&R, &hReduced, &A, &b)
+	var s [32]byte
+	copy(s[:], sig[32:])
+
+	// https://tools.ietf.org/html/rfc8032#section-5.1.7 requires that s be in
+	// the range [0, order) in order to prevent signature malleability.
+	if !edwards25519.ScMinimal(&s) {
+		return false
+	}
+
+	edwards25519.GeDoubleScalarMultVartime(&R, &hReduced, &A, &s)
 
 	var checkR [32]byte
 	R.ToBytes(&checkR)
diff --git a/vendor/golang.org/x/crypto/ed25519/ed25519_test.go b/vendor/golang.org/x/crypto/ed25519/ed25519_test.go
deleted file mode 100644
index e272f8a55..000000000
--- a/vendor/golang.org/x/crypto/ed25519/ed25519_test.go
+++ /dev/null
@@ -1,183 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ed25519
-
-import (
-	"bufio"
-	"bytes"
-	"compress/gzip"
-	"crypto"
-	"crypto/rand"
-	"encoding/hex"
-	"os"
-	"strings"
-	"testing"
-
-	"golang.org/x/crypto/ed25519/internal/edwards25519"
-)
-
-type zeroReader struct{}
-
-func (zeroReader) Read(buf []byte) (int, error) {
-	for i := range buf {
-		buf[i] = 0
-	}
-	return len(buf), nil
-}
-
-func TestUnmarshalMarshal(t *testing.T) {
-	pub, _, _ := GenerateKey(rand.Reader)
-
-	var A edwards25519.ExtendedGroupElement
-	var pubBytes [32]byte
-	copy(pubBytes[:], pub)
-	if !A.FromBytes(&pubBytes) {
-		t.Fatalf("ExtendedGroupElement.FromBytes failed")
-	}
-
-	var pub2 [32]byte
-	A.ToBytes(&pub2)
-
-	if pubBytes != pub2 {
-		t.Errorf("FromBytes(%v)->ToBytes does not round-trip, got %x\n", pubBytes, pub2)
-	}
-}
-
-func TestSignVerify(t *testing.T) {
-	var zero zeroReader
-	public, private, _ := GenerateKey(zero)
-
-	message := []byte("test message")
-	sig := Sign(private, message)
-	if !Verify(public, message, sig) {
-		t.Errorf("valid signature rejected")
-	}
-
-	wrongMessage := []byte("wrong message")
-	if Verify(public, wrongMessage, sig) {
-		t.Errorf("signature of different message accepted")
-	}
-}
-
-func TestCryptoSigner(t *testing.T) {
-	var zero zeroReader
-	public, private, _ := GenerateKey(zero)
-
-	signer := crypto.Signer(private)
-
-	publicInterface := signer.Public()
-	public2, ok := publicInterface.(PublicKey)
-	if !ok {
-		t.Fatalf("expected PublicKey from Public() but got %T", publicInterface)
-	}
-
-	if !bytes.Equal(public, public2) {
-		t.Errorf("public keys do not match: original:%x vs Public():%x", public, public2)
-	}
-
-	message := []byte("message")
-	var noHash crypto.Hash
-	signature, err := signer.Sign(zero, message, noHash)
-	if err != nil {
-		t.Fatalf("error from Sign(): %s", err)
-	}
-
-	if !Verify(public, message, signature) {
-		t.Errorf("Verify failed on signature from Sign()")
-	}
-}
-
-func TestGolden(t *testing.T) {
-	// sign.input.gz is a selection of test cases from
-	// https://ed25519.cr.yp.to/python/sign.input
-	testDataZ, err := os.Open("testdata/sign.input.gz")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer testDataZ.Close()
-	testData, err := gzip.NewReader(testDataZ)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer testData.Close()
-
-	scanner := bufio.NewScanner(testData)
-	lineNo := 0
-
-	for scanner.Scan() {
-		lineNo++
-
-		line := scanner.Text()
-		parts := strings.Split(line, ":")
-		if len(parts) != 5 {
-			t.Fatalf("bad number of parts on line %d", lineNo)
-		}
-
-		privBytes, _ := hex.DecodeString(parts[0])
-		pubKey, _ := hex.DecodeString(parts[1])
-		msg, _ := hex.DecodeString(parts[2])
-		sig, _ := hex.DecodeString(parts[3])
-		// The signatures in the test vectors also include the message
-		// at the end, but we just want R and S.
-		sig = sig[:SignatureSize]
-
-		if l := len(pubKey); l != PublicKeySize {
-			t.Fatalf("bad public key length on line %d: got %d bytes", lineNo, l)
-		}
-
-		var priv [PrivateKeySize]byte
-		copy(priv[:], privBytes)
-		copy(priv[32:], pubKey)
-
-		sig2 := Sign(priv[:], msg)
-		if !bytes.Equal(sig, sig2[:]) {
-			t.Errorf("different signature result on line %d: %x vs %x", lineNo, sig, sig2)
-		}
-
-		if !Verify(pubKey, msg, sig2) {
-			t.Errorf("signature failed to verify on line %d", lineNo)
-		}
-	}
-
-	if err := scanner.Err(); err != nil {
-		t.Fatalf("error reading test data: %s", err)
-	}
-}
-
-func BenchmarkKeyGeneration(b *testing.B) {
-	var zero zeroReader
-	for i := 0; i < b.N; i++ {
-		if _, _, err := GenerateKey(zero); err != nil {
-			b.Fatal(err)
-		}
-	}
-}
-
-func BenchmarkSigning(b *testing.B) {
-	var zero zeroReader
-	_, priv, err := GenerateKey(zero)
-	if err != nil {
-		b.Fatal(err)
-	}
-	message := []byte("Hello, world!")
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		Sign(priv, message)
-	}
-}
-
-func BenchmarkVerification(b *testing.B) {
-	var zero zeroReader
-	pub, priv, err := GenerateKey(zero)
-	if err != nil {
-		b.Fatal(err)
-	}
-	message := []byte("Hello, world!")
-	signature := Sign(priv, message)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		Verify(pub, message, signature)
-	}
-}
diff --git a/vendor/golang.org/x/crypto/ed25519/internal/edwards25519/edwards25519.go b/vendor/golang.org/x/crypto/ed25519/internal/edwards25519/edwards25519.go
index 5f8b99478..fd03c252a 100644
--- a/vendor/golang.org/x/crypto/ed25519/internal/edwards25519/edwards25519.go
+++ b/vendor/golang.org/x/crypto/ed25519/internal/edwards25519/edwards25519.go
@@ -4,6 +4,8 @@
 
 package edwards25519
 
+import "encoding/binary"
+
 // This code is a port of the public domain, “ref10” implementation of ed25519
 // from SUPERCOP.
 
@@ -1769,3 +1771,23 @@ func ScReduce(out *[32]byte, s *[64]byte) {
 	out[30] = byte(s11 >> 9)
 	out[31] = byte(s11 >> 17)
 }
+
+// order is the order of Curve25519 in little-endian form.
+var order = [4]uint64{0x5812631a5cf5d3ed, 0x14def9dea2f79cd6, 0, 0x1000000000000000}
+
+// ScMinimal returns true if the given scalar is less than the order of the
+// curve.
+func ScMinimal(scalar *[32]byte) bool {
+	for i := 3; ; i-- {
+		v := binary.LittleEndian.Uint64(scalar[i*8:])
+		if v > order[i] {
+			return false
+		} else if v < order[i] {
+			break
+		} else if i == 0 {
+			return false
+		}
+	}
+
+	return true
+}
diff --git a/vendor/golang.org/x/crypto/ed25519/testdata/sign.input.gz b/vendor/golang.org/x/crypto/ed25519/testdata/sign.input.gz
deleted file mode 100644
index 41030690c..000000000
--- a/vendor/golang.org/x/crypto/ed25519/testdata/sign.input.gz
+++ /dev/null