1/3 Updated Makefile to allow VENDOR flag (adds -vendor to version string)

2/3 Added vendor/ dir to lock down dependent pkg versions.
The author of git.schwanenlied.me/yawning/{chacha20,newhope,kyber}.git has copied
their repos to gitlab.com/yawning/ but some imports of chacha20 from newhope still
inconsistently refer to git.schwanenlied.me/, breaking build.
Licenses for chacha20 also changed from CC0 to AGPL, which may or may not be an
issue. Until the two aforementioned issues are resolved, locking to last-good
versions is probably the best way forward for now.

To build with vendored deps, use make VENDOR=1 clean all

3/3 Moved body of CI push script into bacillus/

vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/pbkdf2.go

@@ -0,0 +1,94 @@
+// Package pbkdf2 implements a modular crypt format for PBKDF2-SHA1,
+// PBKDF2-SHA256 and PBKDF-SHA512.
+//
+// The format is the same as that used by Python's passlib and is compatible.
+package pbkdf2
+
+import (
+	"crypto/rand"
+	"crypto/sha1"
+	"crypto/sha256"
+	"crypto/sha512"
+	"fmt"
+	"gopkg.in/hlandau/passlib.v1/abstract"
+	"gopkg.in/hlandau/passlib.v1/hash/pbkdf2/raw"
+	"hash"
+	"strings"
+)
+
+// An implementation of Scheme implementing a number of PBKDF2 modular crypt
+// formats used by Python's passlib ($pbkdf2$, $pbkdf2-sha256$,
+// $pbkdf2-sha512$).
+//
+// Uses RecommendedRounds.
+//
+// WARNING: SHA1 should not be used for new applications under any
+// circumstances. It should be used for legacy compatibility only.
+var SHA1Crypter abstract.Scheme
+var SHA256Crypter abstract.Scheme
+var SHA512Crypter abstract.Scheme
+
+const (
+	RecommendedRoundsSHA1   = 131000
+	RecommendedRoundsSHA256 = 29000
+	RecommendedRoundsSHA512 = 25000
+)
+
+const SaltLength = 16
+
+func init() {
+	SHA1Crypter = New("$pbkdf2$", sha1.New, RecommendedRoundsSHA1)
+	SHA256Crypter = New("$pbkdf2-sha256$", sha256.New, RecommendedRoundsSHA256)
+	SHA512Crypter = New("$pbkdf2-sha512$", sha512.New, RecommendedRoundsSHA512)
+}
+
+type scheme struct {
+	Ident    string
+	HashFunc func() hash.Hash
+	Rounds   int
+}
+
+func New(ident string, hf func() hash.Hash, rounds int) abstract.Scheme {
+	return &scheme{
+		Ident:    ident,
+		HashFunc: hf,
+		Rounds:   rounds,
+	}
+}
+
+func (s *scheme) Hash(password string) (string, error) {
+	salt := make([]byte, SaltLength)
+	_, err := rand.Read(salt)
+	if err != nil {
+		return "", err
+	}
+
+	hash := raw.Hash([]byte(password), salt, s.Rounds, s.HashFunc)
+
+	newHash := fmt.Sprintf("%s%d$%s$%s", s.Ident, s.Rounds, raw.Base64Encode(salt), hash)
+	return newHash, nil
+}
+
+func (s *scheme) Verify(password, stub string) (err error) {
+	_, rounds, salt, oldHash, err := raw.Parse(stub)
+	if err != nil {
+		return
+	}
+
+	newHash := raw.Hash([]byte(password), salt, rounds, s.HashFunc)
+
+	if len(newHash) == 0 || !abstract.SecureCompare(oldHash, newHash) {
+		err = abstract.ErrInvalidPassword
+	}
+
+	return
+}
+
+func (s *scheme) SupportsStub(stub string) bool {
+	return strings.HasPrefix(stub, s.Ident)
+}
+
+func (s *scheme) NeedsUpdate(stub string) bool {
+	_, rounds, salt, _, err := raw.Parse(stub)
+	return err == raw.ErrInvalidRounds || rounds < s.Rounds || len(salt) < SaltLength
+}

vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/raw/base64.go

@@ -0,0 +1,20 @@
+package raw
+
+import (
+	"encoding/base64"
+	"strings"
+)
+
+var b64 = base64.RawStdEncoding
+
+func Base64Encode(src []byte) (dst string) {
+	dst = b64.EncodeToString(src)
+	dst = strings.Replace(dst, "+", ".", -1)
+	return
+}
+
+func Base64Decode(src string) (dst []byte, err error) {
+	src = strings.Replace(src, ".", "+", -1)
+	dst, err = b64.DecodeString(src)
+	return
+}

vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/raw/parse.go

@@ -0,0 +1,62 @@
+package raw
+
+import (
+	"crypto/sha1"
+	"crypto/sha256"
+	"crypto/sha512"
+	"fmt"
+	"hash"
+	"strconv"
+	"strings"
+)
+
+// Indicates that a password hash or stub is invalid.
+var ErrInvalidStub = fmt.Errorf("invalid stub")
+
+// Indicates that the number of rounds specified is not in the valid range.
+var ErrInvalidRounds = fmt.Errorf("invalid number of rounds")
+
+var hashMap = map[string]func() hash.Hash{
+	"pbkdf2":        sha1.New,
+	"pbkdf2-sha256": sha256.New,
+	"pbkdf2-sha512": sha512.New,
+}
+
+func Parse(stub string) (hashFunc func() hash.Hash, rounds int, salt []byte, hash string, err error) {
+	// does not start with $pbkdf2
+	if !strings.HasPrefix(stub, "$pbkdf2") {
+		err = ErrInvalidStub
+		return
+	}
+
+	parts := strings.Split(stub, "$")
+	if f, ok := hashMap[parts[1]]; ok {
+		hashFunc = f
+	} else {
+		err = ErrInvalidStub
+		return
+	}
+
+	roundsStr := parts[2]
+	var n uint64
+	n, err = strconv.ParseUint(roundsStr, 10, 31)
+	if err != nil {
+		err = ErrInvalidStub
+		return
+	}
+	rounds = int(n)
+
+	if rounds < MinRounds || rounds > MaxRounds {
+		err = ErrInvalidRounds
+		return
+	}
+
+	salt, err = Base64Decode(parts[3])
+	if err != nil {
+		err = fmt.Errorf("could not decode base64 salt")
+		return
+	}
+	hash = parts[4]
+
+	return
+}

vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/raw/pbkdf2.go

@@ -0,0 +1,15 @@
+package raw
+
+import (
+	"golang.org/x/crypto/pbkdf2"
+	"hash"
+)
+
+const (
+	MinRounds = 1
+	MaxRounds = 0xffffffff // setting at 32-bit limit for now
+)
+
+func Hash(password, salt []byte, rounds int, hf func() hash.Hash) (hash string) {
+	return Base64Encode(pbkdf2.Key(password, salt, rounds, hf().Size(), hf))
+}

vendor/gopkg.in/hlandau/passlib.v1/hash/pbkdf2/test.py

@@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+import passlib.hash
+import base64
+def f(p):
+  h = passlib.hash.pbkdf2_sha256.hash(p)
+  print('  {"%s", "%s"},' % (p,h))
+
+f('')
+f('a')
+f('ab')
+f('abc')
+f('abcd')
+f('abcde')
+f('abcdef')
+f('abcdefg')
+f('abcdefgh')
+f('abcdefghi')
+f('abcdefghij')
+f('abcdefghijk')
+f('abcdefghijkl')
+f('abcdefghijklm')
+f('abcdefghijklmn')
+f('abcdefghijklmno')
+f('abcdefghijklmnop')
+f('qrstuvwxyz012345')
+f('67890./')
+f('ABCDEFGHIJKLMNOP')
+f('QRSTUVWXYZ012345')
+for i in range(70):
+    f(('password'*10)[0:i])