veyron2/security,veyron/security: Fix bug in signature generation.
The ECDSA signature algorithm signs only the leftmost N bits of a message
where N is the size of the underlying field of the curve. For example,
a P256 curve signs the leftmost 32 bits.
Prior to this commit, NewClearSigner.Sign would effectively only
sign the leftmost bits of the message, thereby allowing signatures
of one message >N bits to be used for distinct messages that share
the first N bits.
This commit fixes this problem by using a cryptographic hash function
on the message (if necessary) to "reduce" the size of the data
being signed to N bits.
The test added to signature_test.go is more comprehensive than
the tests it is replacing in this commit and would fail without
the changes to apply the hash function.
This commit also moves NewClearSigner from the veyron/security/signing
package to veyron2/security.
Change-Id: I4b9adcd467165e3eddb18a116fe0165377e7b198
4 files changed
