replace rsc.io/letsencrypt in favour of golang.org/x/crypto

Signed-off-by: Tariq Ibrahim <tariq181290@gmail.com>
2019-05-15 17:21:50 -07:00 · 2019-05-15 17:21:50 -07:00 · 8f9c8094fb
commit 8f9c8094fb
parent 3226863cbc
129 changed files with 6555 additions and 37728 deletions
--- a/vendor/golang.org/x/crypto/otr/otr.go
+++ b/vendor/golang.org/x/crypto/otr/otr.go
@ -277,7 +277,7 @@ func (c *Conversation) Receive(in []byte) (out []byte, encrypted bool, change Se
 		in = in[len(msgPrefix) : len(in)-1]
 	} else if version := isQuery(in); version > 0 {
 		c.authState = authStateAwaitingDHKey
-		c.myKeyId = 0
+		c.reset()
 		toSend = c.encode(c.generateDHCommit())
 		return
 	} else {
@ -311,7 +311,7 @@ func (c *Conversation) Receive(in []byte) (out []byte, encrypted bool, change Se
 			if err = c.processDHCommit(msg); err != nil {
 				return
 			}
-			c.myKeyId = 0
+			c.reset()
 			toSend = c.encode(c.generateDHKey())
 			return
 		case authStateAwaitingDHKey:
@ -330,7 +330,7 @@ func (c *Conversation) Receive(in []byte) (out []byte, encrypted bool, change Se
 				if err = c.processDHCommit(msg); err != nil {
 					return
 				}
-				c.myKeyId = 0
+				c.reset()
 				toSend = c.encode(c.generateDHKey())
 				return
 			}
@ -343,7 +343,7 @@ func (c *Conversation) Receive(in []byte) (out []byte, encrypted bool, change Se
 			if err = c.processDHCommit(msg); err != nil {
 				return
 			}
-			c.myKeyId = 0
+			c.reset()
 			toSend = c.encode(c.generateDHKey())
 			c.authState = authStateAwaitingRevealSig
 		default:
@ -417,12 +417,11 @@ func (c *Conversation) Receive(in []byte) (out []byte, encrypted bool, change Se
 					change = SMPSecretNeeded
 					c.smp.saved = &inTLV
 					return
-				} else if err == smpFailureError {
+				}
+				if err == smpFailureError {
 					err = nil
 					change = SMPFailed
-					return
-				}
-				if complete {
+				} else if complete {
 					change = SMPComplete
 				}
 				if reply.typ != 0 {
@ -848,7 +847,6 @@ func (c *Conversation) rotateDHKeys() {
 		slot := &c.keySlots[i]
 		if slot.used && slot.myKeyId == c.myKeyId-1 {
 			slot.used = false
-			c.oldMACs = append(c.oldMACs, slot.sendMACKey...)
 			c.oldMACs = append(c.oldMACs, slot.recvMACKey...)
 		}
 	}
@ -924,7 +922,6 @@ func (c *Conversation) processData(in []byte) (out []byte, tlvs []tlv, err error
 			slot := &c.keySlots[i]
 			if slot.used && slot.theirKeyId == theirKeyId-1 {
 				slot.used = false
-				c.oldMACs = append(c.oldMACs, slot.sendMACKey...)
 				c.oldMACs = append(c.oldMACs, slot.recvMACKey...)
 			}
 		}
@ -946,6 +943,7 @@ func (c *Conversation) processData(in []byte) (out []byte, tlvs []tlv, err error
 			t.data, tlvData, ok3 = getNBytes(tlvData, int(t.length))
 			if !ok1 || !ok2 || !ok3 {
 				err = errors.New("otr: corrupt tlv data")
+				return
 			}
 			tlvs = append(tlvs, t)
 		}
@ -1039,8 +1037,7 @@ func (c *Conversation) calcDataKeys(myKeyId, theirKeyId uint32) (slot *keySlot,
 		}
 	}
 	if slot == nil {
-		err = errors.New("otr: internal error: no key slots")
-		return
+		return nil, errors.New("otr: internal error: no more key slots")
 	}

 	var myPriv, myPub, theirPub *big.Int
@ -1096,6 +1093,10 @@ func (c *Conversation) calcDataKeys(myKeyId, theirKeyId uint32) (slot *keySlot,
 	h.Write(slot.recvAESKey)
 	slot.recvMACKey = h.Sum(slot.recvMACKey[:0])

+	slot.theirKeyId = theirKeyId
+	slot.myKeyId = myKeyId
+	slot.used = true
+
 	zero(slot.theirLastCtr[:])
 	return
 }
@ -1162,6 +1163,14 @@ func (c *Conversation) encode(msg []byte) [][]byte {
 	return ret
 }

+func (c *Conversation) reset() {
+	c.myKeyId = 0
+
+	for i := range c.keySlots {
+		c.keySlots[i].used = false
+	}
+}
+
 type PublicKey struct {
 	dsa.PublicKey
 }
@ -1305,6 +1314,12 @@ func (priv *PrivateKey) Import(in []byte) bool {
 		mpis[i] = new(big.Int).SetBytes(mpiBytes)
 	}

+	for _, mpi := range mpis {
+		if mpi.Sign() <= 0 {
+			return false
+		}
+	}
+
 	priv.PrivateKey.P = mpis[0]
 	priv.PrivateKey.Q = mpis[1]
 	priv.PrivateKey.G = mpis[2]