Update Wycheproof test vectors.

They've since added new files that split up ECDH and RSA. The former especially
could be useful. A later commit will switch to those. Along the way, fix the
aes_cmac_test.json entry in the convert_wycheproof.go which got lost at some
point.

Change-Id: I9c4a2e5fc5f3e0935482f583c5466c1b64fe325e
Reviewed-on: https://boringssl-review.googlesource.com/29686
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

third_party/wycheproof_testvectors/METADATA

@@ -8,10 +8,10 @@ third_party {
     type: GIT
     value: "https://github.com/google/wycheproof"
   }
-  version: "0329f5b751ef102bd6b7b7181b6e049522a887f5"
-  last_upgrade_date { year: 2018 month: 5 day: 1 }
+  version: "2904be69e9d666bf3064fdc15093747e695cfae6"
+  last_upgrade_date { year: 2018 month: 7 day: 2 }
 
   local_modifications:
     "Only the testvectors directory checked in. txt files "
-    "are generated by convert_wycheproof.go script."
+    "are generated by convert_wycheproof.go script in util."
 }

third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.json

@@ -1,10 +1,10 @@
 {
   "algorithm" : "AES-CBC-PKCS5",
-  "generatorVersion" : "0.4",
-  "numberOfTests" : 183,
+  "generatorVersion" : "0.4.6",
   "notes" : {
     "BadPadding" : "The ciphertext in this test vector is the message encrypted with an invalid or unexpected padding. This allows to find implementations that are not properly checking the padding during decryption."
   },
+  "numberOfTests" : 183,
   "header" : [],
   "testGroups" : [
     {

third_party/wycheproof_testvectors/aes_cbc_pkcs5_test.txt

@@ -2,7 +2,7 @@
 # This file is generated by convert_wycheproof.go. Do not edit by hand.
 #
 # Algorithm: AES-CBC-PKCS5
-# Generator version: 0.4
+# Generator version: 0.4.6
 
 [ivSize = 128]
 [keySize = 128]

third_party/wycheproof_testvectors/aes_cmac_test.json

@@ -1,6 +1,6 @@
 {
   "algorithm" : "AES-CMAC",
-  "generatorVersion" : "0.4",
+  "generatorVersion" : "0.4.6",
   "numberOfTests" : 290,
   "header" : [],
   "testGroups" : [

third_party/wycheproof_testvectors/aes_cmac_test.txt

@@ -2,7 +2,7 @@
 # This file is generated by convert_wycheproof.go. Do not edit by hand.
 #
 # Algorithm: AES-CMAC
-# Generator version: 0.4
+# Generator version: 0.4.6
 
 [keySize = 128]
 [tagSize = 96]

third_party/wycheproof_testvectors/aes_eax_test.json

@@ -1,10 +1,10 @@
 {
   "algorithm" : "AES-EAX",
-  "generatorVersion" : "0.4",
-  "numberOfTests" : 155,
+  "generatorVersion" : "0.4.6",
   "notes" : {
     "CounterWrap" : "AES-EAX reduces the counter value modulo 2**128. This test vector was constructed for testing the wrapping of the counter value."
   },
+  "numberOfTests" : 155,
   "header" : [],
   "testGroups" : [
     {

third_party/wycheproof_testvectors/aes_gcm_siv_test.json

@@ -1,10 +1,10 @@
 {
   "algorithm" : "AES-GCM",
-  "generatorVersion" : "0.4",
-  "numberOfTests" : 143,
+  "generatorVersion" : "0.4.6",
   "notes" : {
     "ConstructedIv" : "The counter for AES-GCM-SIV is reduced modulo 2**32. This test vector was constructed to test for correct wrapping of the counter."
   },
+  "numberOfTests" : 143,
   "header" : [],
   "testGroups" : [
     {

third_party/wycheproof_testvectors/aes_gcm_siv_test.txt

@@ -2,7 +2,7 @@
 # This file is generated by convert_wycheproof.go. Do not edit by hand.
 #
 # Algorithm: AES-GCM
-# Generator version: 0.4
+# Generator version: 0.4.6
 
 [ivSize = 96]
 [keySize = 128]

third_party/wycheproof_testvectors/aes_gcm_test.json

@@ -1,11 +1,11 @@
 {
   "algorithm" : "AES-GCM",
-  "generatorVersion" : "0.4",
-  "numberOfTests" : 104,
+  "generatorVersion" : "0.4.6",
   "notes" : {
     "ConstructedIv" : "The counter for AES-GCM is reduced modulo 2**32. This test vector was constructed to test for correct wrapping of the counter.",
     "ZeroLengthIv" : "AES-GCM does not allow an IV of length 0. Encrypting with such an IV leaks the authentication key. Hence using an IV of length 0 is insecure even if the key itself is only used for a single encryption."
   },
+  "numberOfTests" : 104,
   "header" : [],
   "testGroups" : [
     {

third_party/wycheproof_testvectors/aes_gcm_test.txt

@@ -2,7 +2,7 @@
 # This file is generated by convert_wycheproof.go. Do not edit by hand.
 #
 # Algorithm: AES-GCM
-# Generator version: 0.4
+# Generator version: 0.4.6
 
 [ivSize = 96]
 [keySize = 128]

third_party/wycheproof_testvectors/aes_siv_cmac_test.json

@@ -1,10 +1,10 @@
 {
   "algorithm" : "AES-SIV-CMAC",
-  "generatorVersion" : "0.4",
-  "numberOfTests" : 442,
+  "generatorVersion" : "0.4.6",
   "notes" : {
     "EdgeCaseSiv" : "The SIV of this test vector has an edge case value. One purpose of these test vectors is to detect implementations where integer overflows of the counter is incorrectly implemented. AES-SIV itself prevents such overflow problems by clearing some msbs in the IV."
   },
+  "numberOfTests" : 442,
   "header" : [],
   "testGroups" : [
     {

third_party/wycheproof_testvectors/chacha20_poly1305_test.json

@@ -1,6 +1,6 @@
 {
   "algorithm" : "CHACHA20-POLY1305",
-  "generatorVersion" : "0.4",
+  "generatorVersion" : "0.4.6",
   "numberOfTests" : 151,
   "header" : [],
   "testGroups" : [

third_party/wycheproof_testvectors/chacha20_poly1305_test.txt

@@ -2,7 +2,7 @@
 # This file is generated by convert_wycheproof.go. Do not edit by hand.
 #
 # Algorithm: CHACHA20-POLY1305
-# Generator version: 0.4
+# Generator version: 0.4.6
 
 [ivSize = 96]
 [keySize = 256]