diff --git a/crypto/signify/signify.go b/crypto/signify/signify.go
deleted file mode 100644
index ff8113caf98edfb471c4355e47767a0ba7ac908f..0000000000000000000000000000000000000000
--- a/crypto/signify/signify.go
+++ /dev/null
@@ -1,100 +0,0 @@
-// Copyright 2020 The go-ethereum Authors
-// This file is part of the go-ethereum library.
-//
-// The go-ethereum library is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Lesser General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// The go-ethereum library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public License
-// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
-
-// signFile reads the contents of an input file and signs it (in armored format)
-// with the key provided, placing the signature into the output file.
-
-package signify
-
-import (
- "bytes"
- "crypto/ed25519"
- "encoding/base64"
- "errors"
- "fmt"
- "io/ioutil"
- "strings"
- "time"
-)
-
-var (
- errInvalidKeyHeader = errors.New("incorrect key header")
- errInvalidKeyLength = errors.New("invalid, key length != 104")
-)
-
-func parsePrivateKey(key string) (k ed25519.PrivateKey, header []byte, keyNum []byte, err error) {
- keydata, err := base64.StdEncoding.DecodeString(key)
- if err != nil {
- return nil, nil, nil, err
- }
- if len(keydata) != 104 {
- return nil, nil, nil, errInvalidKeyLength
- }
- if string(keydata[:2]) != "Ed" {
- return nil, nil, nil, errInvalidKeyHeader
- }
- return keydata[40:], keydata[:2], keydata[32:40], nil
-}
-
-// SignFile creates a signature of the input file.
-//
-// This accepts base64 keys in the format created by the 'signify' tool.
-// The signature is written to the 'output' file.
-func SignFile(input string, output string, key string, untrustedComment string, trustedComment string) error {
- // Pre-check comments and ensure they're set to something.
- if strings.IndexByte(untrustedComment, '\n') >= 0 {
- return errors.New("untrusted comment must not contain newline")
- }
- if strings.IndexByte(trustedComment, '\n') >= 0 {
- return errors.New("trusted comment must not contain newline")
- }
- if untrustedComment == "" {
- untrustedComment = "verify with " + input + ".pub"
- }
- if trustedComment == "" {
- trustedComment = fmt.Sprintf("timestamp:%d", time.Now().Unix())
- }
-
- filedata, err := ioutil.ReadFile(input)
- if err != nil {
- return err
- }
- skey, header, keyNum, err := parsePrivateKey(key)
- if err != nil {
- return err
- }
-
- // Create the main data signature.
- rawSig := ed25519.Sign(skey, filedata)
- var dataSig []byte
- dataSig = append(dataSig, header...)
- dataSig = append(dataSig, keyNum...)
- dataSig = append(dataSig, rawSig...)
-
- // Create the comment signature.
- var commentSigInput []byte
- commentSigInput = append(commentSigInput, rawSig...)
- commentSigInput = append(commentSigInput, []byte(trustedComment)...)
- commentSig := ed25519.Sign(skey, commentSigInput)
-
- // Create the output file.
- var out = new(bytes.Buffer)
- fmt.Fprintln(out, "untrusted comment:", untrustedComment)
- fmt.Fprintln(out, base64.StdEncoding.EncodeToString(dataSig))
- fmt.Fprintln(out, "trusted comment:", trustedComment)
- fmt.Fprintln(out, base64.StdEncoding.EncodeToString(commentSig))
- return ioutil.WriteFile(output, out.Bytes(), 0644) //nolint:gosec
-}
diff --git a/crypto/signify/signify_fuzz.go b/crypto/signify/signify_fuzz.go
deleted file mode 100644
index f9167900ad655bc0f78a7e843e0f73fbadd77515..0000000000000000000000000000000000000000
--- a/crypto/signify/signify_fuzz.go
+++ /dev/null
@@ -1,150 +0,0 @@
-// Copyright 2020 The go-ethereum Authors
-// This file is part of the go-ethereum library.
-//
-// The go-ethereum library is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Lesser General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// The go-ethereum library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public License
-// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
-
-// +build gofuzz
-
-package signify
-
-import (
- "bufio"
- "fmt"
- "io/ioutil"
- "log"
- "os"
- "os/exec"
-
- fuzz "github.com/google/gofuzz"
- "github.com/jedisct1/go-minisign"
-)
-
-func Fuzz(data []byte) int {
- if len(data) < 32 {
- return -1
- }
- tmpFile, err := ioutil.TempFile("", "")
- if err != nil {
- panic(err)
- }
- defer os.Remove(tmpFile.Name())
- defer tmpFile.Close()
-
- testSecKey, testPubKey := createKeyPair()
- // Create message
- tmpFile.Write(data)
- if err = tmpFile.Close(); err != nil {
- panic(err)
- }
- // Fuzz comments
- var untrustedComment string
- var trustedComment string
- f := fuzz.NewFromGoFuzz(data)
- f.Fuzz(&untrustedComment)
- f.Fuzz(&trustedComment)
- fmt.Printf("untrusted: %v\n", untrustedComment)
- fmt.Printf("trusted: %v\n", trustedComment)
-
- err = SignifySignFile(tmpFile.Name(), tmpFile.Name()+".sig", testSecKey, untrustedComment, trustedComment)
- if err != nil {
- panic(err)
- }
- defer os.Remove(tmpFile.Name() + ".sig")
-
- signify := "signify"
- path := os.Getenv("SIGNIFY")
- if path != "" {
- signify = path
- }
-
- _, err := exec.LookPath(signify)
- if err != nil {
- panic(err)
- }
-
- // Write the public key into the file to pass it as
- // an argument to signify-openbsd
- pubKeyFile, err := ioutil.TempFile("", "")
- if err != nil {
- panic(err)
- }
- defer os.Remove(pubKeyFile.Name())
- defer pubKeyFile.Close()
- pubKeyFile.WriteString("untrusted comment: signify public key\n")
- pubKeyFile.WriteString(testPubKey)
- pubKeyFile.WriteString("\n")
-
- cmd := exec.Command(signify, "-V", "-p", pubKeyFile.Name(), "-x", tmpFile.Name()+".sig", "-m", tmpFile.Name())
- if output, err := cmd.CombinedOutput(); err != nil {
- panic(fmt.Sprintf("could not verify the file: %v, output: \n%s", err, output))
- }
-
- // Verify the signature using a golang library
- sig, err := minisign.NewSignatureFromFile(tmpFile.Name() + ".sig")
- if err != nil {
- panic(err)
- }
-
- pKey, err := minisign.NewPublicKey(testPubKey)
- if err != nil {
- panic(err)
- }
-
- valid, err := pKey.VerifyFromFile(tmpFile.Name(), sig)
- if err != nil {
- panic(err)
- }
- if !valid {
- panic("invalid signature")
- }
- return 1
-}
-
-func getKey(fileS string) (string, error) {
- file, err := os.Open(fileS)
- if err != nil {
- log.Fatal(err)
- }
- defer file.Close()
-
- scanner := bufio.NewScanner(file)
- // Discard the first line
- scanner.Scan()
- scanner.Scan()
- return scanner.Text(), scanner.Err()
-}
-
-func createKeyPair() (string, string) {
- // Create key and put it in correct format
- tmpKey, err := ioutil.TempFile("", "")
- if err != nil {
- panic(err)
- }
- defer os.Remove(tmpKey.Name())
- defer os.Remove(tmpKey.Name() + ".pub")
- defer os.Remove(tmpKey.Name() + ".sec")
- cmd := exec.Command("signify", "-G", "-n", "-p", tmpKey.Name()+".pub", "-s", tmpKey.Name()+".sec")
- if output, err := cmd.CombinedOutput(); err != nil {
- panic(fmt.Sprintf("could not verify the file: %v, output: \n%s", err, output))
- }
- secKey, err := getKey(tmpKey.Name() + ".sec")
- if err != nil {
- panic(err)
- }
- pubKey, err := getKey(tmpKey.Name() + ".pub")
- if err != nil {
- panic(err)
- }
- return secKey, pubKey
-}
diff --git a/crypto/signify/signify_test.go b/crypto/signify/signify_test.go
deleted file mode 100644
index c064de73cb11d85ca10338bb40ba79300c1b6de7..0000000000000000000000000000000000000000
--- a/crypto/signify/signify_test.go
+++ /dev/null
@@ -1,162 +0,0 @@
-// Copyright 2020 The go-ethereum Authors
-// This file is part of the go-ethereum library.
-//
-// The go-ethereum library is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Lesser General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// The go-ethereum library is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU Lesser General Public License for more details.
-//
-// You should have received a copy of the GNU Lesser General Public License
-// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
-
-// signFile reads the contents of an input file and signs it (in armored format)
-// with the key provided, placing the signature into the output file.
-
-package signify
-
-import (
- "io/ioutil"
- "math/rand"
- "os"
- "testing"
- "time"
-
- "github.com/jedisct1/go-minisign"
-)
-
-var (
- testSecKey = "RWRCSwAAAABVN5lr2JViGBN8DhX3/Qb/0g0wBdsNAR/APRW2qy9Fjsfr12sK2cd3URUFis1jgzQzaoayK8x4syT4G3Gvlt9RwGIwUYIQW/0mTeI+ECHu1lv5U4Wa2YHEPIesVPyRm5M="
- testPubKey = "RWTAPRW2qy9FjsBiMFGCEFv9Jk3iPhAh7tZb+VOFmtmBxDyHrFT8kZuT"
-)
-
-func TestSignify(t *testing.T) {
- tmpFile, err := ioutil.TempFile("", "")
- if err != nil {
- t.Fatal(err)
- }
- defer os.Remove(tmpFile.Name())
- defer tmpFile.Close()
-
- rand.Seed(time.Now().UnixNano())
-
- data := make([]byte, 1024)
- rand.Read(data)
- if _, err = tmpFile.Write(data); err != nil {
- t.Fatal(err)
- }
-
- if err = tmpFile.Close(); err != nil {
- t.Fatal(err)
- }
-
- err = SignFile(tmpFile.Name(), tmpFile.Name()+".sig", testSecKey, "clé", "croissants")
- if err != nil {
- t.Fatal(err)
- }
- defer os.Remove(tmpFile.Name() + ".sig")
-
- // Verify the signature using a golang library
- sig, err := minisign.NewSignatureFromFile(tmpFile.Name() + ".sig")
- if err != nil {
- t.Fatal(err)
- }
-
- pKey, err := minisign.NewPublicKey(testPubKey)
- if err != nil {
- t.Fatal(err)
- }
-
- valid, err := pKey.VerifyFromFile(tmpFile.Name(), sig)
- if err != nil {
- t.Fatal(err)
- }
- if !valid {
- t.Fatal("invalid signature")
- }
-}
-
-func TestSignifyTrustedCommentTooManyLines(t *testing.T) {
- tmpFile, err := ioutil.TempFile("", "")
- if err != nil {
- t.Fatal(err)
- }
- defer os.Remove(tmpFile.Name())
- defer tmpFile.Close()
-
- rand.Seed(time.Now().UnixNano())
-
- data := make([]byte, 1024)
- rand.Read(data)
- if _, err = tmpFile.Write(data); err != nil {
- t.Fatal(err)
- }
-
- if err = tmpFile.Close(); err != nil {
- t.Fatal(err)
- }
-
- err = SignFile(tmpFile.Name(), tmpFile.Name()+".sig", testSecKey, "", "crois\nsants")
- if err == nil || err.Error() == "" {
- t.Fatalf("should have errored on a multi-line trusted comment, got %v", err)
- }
- defer os.Remove(tmpFile.Name() + ".sig")
-}
-
-func TestSignifyTrustedCommentTooManyLinesLF(t *testing.T) {
- tmpFile, err := ioutil.TempFile("", "")
- if err != nil {
- t.Fatal(err)
- }
- defer os.Remove(tmpFile.Name())
- defer tmpFile.Close()
-
- rand.Seed(time.Now().UnixNano())
-
- data := make([]byte, 1024)
- rand.Read(data)
- if _, err = tmpFile.Write(data); err != nil {
- t.Fatal(err)
- }
-
- if err = tmpFile.Close(); err != nil {
- t.Fatal(err)
- }
-
- err = SignFile(tmpFile.Name(), tmpFile.Name()+".sig", testSecKey, "crois\rsants", "")
- if err != nil {
- t.Fatal(err)
- }
- defer os.Remove(tmpFile.Name() + ".sig")
-}
-
-func TestSignifyTrustedCommentEmpty(t *testing.T) {
- tmpFile, err := ioutil.TempFile("", "")
- if err != nil {
- t.Fatal(err)
- }
- defer os.Remove(tmpFile.Name())
- defer tmpFile.Close()
-
- rand.Seed(time.Now().UnixNano())
-
- data := make([]byte, 1024)
- rand.Read(data)
- if _, err = tmpFile.Write(data); err != nil {
- t.Fatal(err)
- }
-
- if err = tmpFile.Close(); err != nil {
- t.Fatal(err)
- }
-
- err = SignFile(tmpFile.Name(), tmpFile.Name()+".sig", testSecKey, "", "")
- if err != nil {
- t.Fatal(err)
- }
- defer os.Remove(tmpFile.Name() + ".sig")
-}
diff --git a/go.mod b/go.mod
index 13e789854e0ff8389c386255562f20f9d23556ad..36764c78b3f6f2861058136269a35591a7398e2b 100644
--- a/go.mod
+++ b/go.mod
@@ -36,7 +36,6 @@ require (
github.com/holiman/uint256 v1.2.0
github.com/huin/goupnp v1.0.1-0.20210626160114-33cdcbb30dda
github.com/jackpal/go-nat-pmp v1.0.2
- github.com/jedisct1/go-minisign v0.0.0-20190909160543-45766022959e
github.com/json-iterator/go v1.1.11
github.com/julienschmidt/httprouter v1.3.0
github.com/kevinburke/go-bindata v3.21.0+incompatible
diff --git a/go.sum b/go.sum
index 26d5f5b11026115ee6e6e359f638c9a6fe029124..b1932ced9995b78b55d34f87ec8aed445635f126 100644
--- a/go.sum
+++ b/go.sum
@@ -578,7 +578,6 @@ github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dv
github.com/jackpal/go-nat-pmp v1.0.2-0.20160603034137-1fa385a6f458/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus=
github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=
-github.com/jedisct1/go-minisign v0.0.0-20190909160543-45766022959e h1:UvSe12bq+Uj2hWd8aOlwPmoZ+CITRFrdit+sDGfAg8U=
github.com/jedisct1/go-minisign v0.0.0-20190909160543-45766022959e/go.mod h1:G1CVv03EnqU1wYL2dFwXxW2An0az9JTl/ZsqXQeBlkU=
github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU=
github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=