Bump github.com/hashicorp/terraform-plugin-sdk/v2 from 2.26.1 to 2.27.0

Bumps [github.com/hashicorp/terraform-plugin-sdk/v2](https://github.com/hashicorp/terraform-plugin-sdk) from 2.26.1 to 2.27.0.
- [Release notes](https://github.com/hashicorp/terraform-plugin-sdk/releases)
- [Changelog](https://github.com/hashicorp/terraform-plugin-sdk/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/terraform-plugin-sdk/compare/v2.26.1...v2.27.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/terraform-plugin-sdk/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

vendor/github.com/cloudflare/circl/sign/ed448/ed448.go

@@ -0,0 +1,411 @@
+// Package ed448 implements Ed448 signature scheme as described in RFC-8032.
+//
+// This package implements two signature variants.
+//
+//	| Scheme Name | Sign Function     | Verification  | Context           |
+//	|-------------|-------------------|---------------|-------------------|
+//	| Ed448       | Sign              | Verify        | Yes, can be empty |
+//	| Ed448Ph     | SignPh            | VerifyPh      | Yes, can be empty |
+//	| All above   | (PrivateKey).Sign | VerifyAny     | As above          |
+//
+// Specific functions for sign and verify are defined. A generic signing
+// function for all schemes is available through the crypto.Signer interface,
+// which is implemented by the PrivateKey type. A correspond all-in-one
+// verification method is provided by the VerifyAny function.
+//
+// Both schemes require a context string for domain separation. This parameter
+// is passed using a SignerOptions struct defined in this package.
+//
+// References:
+//
+//   - RFC8032: https://rfc-editor.org/rfc/rfc8032.txt
+//   - EdDSA for more curves: https://eprint.iacr.org/2015/677
+//   - High-speed high-security signatures: https://doi.org/10.1007/s13389-012-0027-1
+package ed448
+
+import (
+	"bytes"
+	"crypto"
+	cryptoRand "crypto/rand"
+	"crypto/subtle"
+	"errors"
+	"fmt"
+	"io"
+	"strconv"
+
+	"github.com/cloudflare/circl/ecc/goldilocks"
+	"github.com/cloudflare/circl/internal/sha3"
+	"github.com/cloudflare/circl/sign"
+)
+
+const (
+	// ContextMaxSize is the maximum length (in bytes) allowed for context.
+	ContextMaxSize = 255
+	// PublicKeySize is the length in bytes of Ed448 public keys.
+	PublicKeySize = 57
+	// PrivateKeySize is the length in bytes of Ed448 private keys.
+	PrivateKeySize = 114
+	// SignatureSize is the length in bytes of signatures.
+	SignatureSize = 114
+	// SeedSize is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032.
+	SeedSize = 57
+)
+
+const (
+	paramB   = 456 / 8    // Size of keys in bytes.
+	hashSize = 2 * paramB // Size of the hash function's output.
+)
+
+// SignerOptions implements crypto.SignerOpts and augments with parameters
+// that are specific to the Ed448 signature schemes.
+type SignerOptions struct {
+	// Hash must be crypto.Hash(0) for both Ed448 and Ed448Ph.
+	crypto.Hash
+
+	// Context is an optional domain separation string for signing.
+	// Its length must be less or equal than 255 bytes.
+	Context string
+
+	// Scheme is an identifier for choosing a signature scheme.
+	Scheme SchemeID
+}
+
+// SchemeID is an identifier for each signature scheme.
+type SchemeID uint
+
+const (
+	ED448 SchemeID = iota
+	ED448Ph
+)
+
+// PublicKey is the type of Ed448 public keys.
+type PublicKey []byte
+
+// Equal reports whether pub and x have the same value.
+func (pub PublicKey) Equal(x crypto.PublicKey) bool {
+	xx, ok := x.(PublicKey)
+	return ok && bytes.Equal(pub, xx)
+}
+
+// PrivateKey is the type of Ed448 private keys. It implements crypto.Signer.
+type PrivateKey []byte
+
+// Equal reports whether priv and x have the same value.
+func (priv PrivateKey) Equal(x crypto.PrivateKey) bool {
+	xx, ok := x.(PrivateKey)
+	return ok && subtle.ConstantTimeCompare(priv, xx) == 1
+}
+
+// Public returns the PublicKey corresponding to priv.
+func (priv PrivateKey) Public() crypto.PublicKey {
+	publicKey := make([]byte, PublicKeySize)
+	copy(publicKey, priv[SeedSize:])
+	return PublicKey(publicKey)
+}
+
+// Seed returns the private key seed corresponding to priv. It is provided for
+// interoperability with RFC 8032. RFC 8032's private keys correspond to seeds
+// in this package.
+func (priv PrivateKey) Seed() []byte {
+	seed := make([]byte, SeedSize)
+	copy(seed, priv[:SeedSize])
+	return seed
+}
+
+func (priv PrivateKey) Scheme() sign.Scheme { return sch }
+
+func (pub PublicKey) Scheme() sign.Scheme { return sch }
+
+func (priv PrivateKey) MarshalBinary() (data []byte, err error) {
+	privateKey := make(PrivateKey, PrivateKeySize)
+	copy(privateKey, priv)
+	return privateKey, nil
+}
+
+func (pub PublicKey) MarshalBinary() (data []byte, err error) {
+	publicKey := make(PublicKey, PublicKeySize)
+	copy(publicKey, pub)
+	return publicKey, nil
+}
+
+// Sign creates a signature of a message given a key pair.
+// This function supports all the two signature variants defined in RFC-8032,
+// namely Ed448 (or pure EdDSA) and Ed448Ph.
+// The opts.HashFunc() must return zero to the specify Ed448 variant. This can
+// be achieved by passing crypto.Hash(0) as the value for opts.
+// Use an Options struct to pass a bool indicating that the ed448Ph variant
+// should be used.
+// The struct can also be optionally used to pass a context string for signing.
+func (priv PrivateKey) Sign(
+	rand io.Reader,
+	message []byte,
+	opts crypto.SignerOpts,
+) (signature []byte, err error) {
+	var ctx string
+	var scheme SchemeID
+
+	if o, ok := opts.(SignerOptions); ok {
+		ctx = o.Context
+		scheme = o.Scheme
+	}
+
+	switch true {
+	case scheme == ED448 && opts.HashFunc() == crypto.Hash(0):
+		return Sign(priv, message, ctx), nil
+	case scheme == ED448Ph && opts.HashFunc() == crypto.Hash(0):
+		return SignPh(priv, message, ctx), nil
+	default:
+		return nil, errors.New("ed448: bad hash algorithm")
+	}
+}
+
+// GenerateKey generates a public/private key pair using entropy from rand.
+// If rand is nil, crypto/rand.Reader will be used.
+func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error) {
+	if rand == nil {
+		rand = cryptoRand.Reader
+	}
+
+	seed := make(PrivateKey, SeedSize)
+	if _, err := io.ReadFull(rand, seed); err != nil {
+		return nil, nil, err
+	}
+
+	privateKey := NewKeyFromSeed(seed)
+	publicKey := make([]byte, PublicKeySize)
+	copy(publicKey, privateKey[SeedSize:])
+
+	return publicKey, privateKey, nil
+}
+
+// NewKeyFromSeed calculates a private key from a seed. It will panic if
+// len(seed) is not SeedSize. This function is provided for interoperability
+// with RFC 8032. RFC 8032's private keys correspond to seeds in this
+// package.
+func NewKeyFromSeed(seed []byte) PrivateKey {
+	privateKey := make([]byte, PrivateKeySize)
+	newKeyFromSeed(privateKey, seed)
+	return privateKey
+}
+
+func newKeyFromSeed(privateKey, seed []byte) {
+	if l := len(seed); l != SeedSize {
+		panic("ed448: bad seed length: " + strconv.Itoa(l))
+	}
+
+	var h [hashSize]byte
+	H := sha3.NewShake256()
+	_, _ = H.Write(seed)
+	_, _ = H.Read(h[:])
+	s := &goldilocks.Scalar{}
+	deriveSecretScalar(s, h[:paramB])
+
+	copy(privateKey[:SeedSize], seed)
+	_ = goldilocks.Curve{}.ScalarBaseMult(s).ToBytes(privateKey[SeedSize:])
+}
+
+func signAll(signature []byte, privateKey PrivateKey, message, ctx []byte, preHash bool) {
+	if len(ctx) > ContextMaxSize {
+		panic(fmt.Errorf("ed448: bad context length: " + strconv.Itoa(len(ctx))))
+	}
+
+	H := sha3.NewShake256()
+	var PHM []byte
+
+	if preHash {
+		var h [64]byte
+		_, _ = H.Write(message)
+		_, _ = H.Read(h[:])
+		PHM = h[:]
+		H.Reset()
+	} else {
+		PHM = message
+	}
+
+	// 1.  Hash the 57-byte private key using SHAKE256(x, 114).
+	var h [hashSize]byte
+	_, _ = H.Write(privateKey[:SeedSize])
+	_, _ = H.Read(h[:])
+	s := &goldilocks.Scalar{}
+	deriveSecretScalar(s, h[:paramB])
+	prefix := h[paramB:]
+
+	// 2.  Compute SHAKE256(dom4(F, C) || prefix || PH(M), 114).
+	var rPM [hashSize]byte
+	H.Reset()
+
+	writeDom(&H, ctx, preHash)
+
+	_, _ = H.Write(prefix)
+	_, _ = H.Write(PHM)
+	_, _ = H.Read(rPM[:])
+
+	// 3.  Compute the point [r]B.
+	r := &goldilocks.Scalar{}
+	r.FromBytes(rPM[:])
+	R := (&[paramB]byte{})[:]
+	if err := (goldilocks.Curve{}.ScalarBaseMult(r).ToBytes(R)); err != nil {
+		panic(err)
+	}
+	// 4.  Compute SHAKE256(dom4(F, C) || R || A || PH(M), 114)
+	var hRAM [hashSize]byte
+	H.Reset()
+
+	writeDom(&H, ctx, preHash)
+
+	_, _ = H.Write(R)
+	_, _ = H.Write(privateKey[SeedSize:])
+	_, _ = H.Write(PHM)
+	_, _ = H.Read(hRAM[:])
+
+	// 5.  Compute S = (r + k * s) mod order.
+	k := &goldilocks.Scalar{}
+	k.FromBytes(hRAM[:])
+	S := &goldilocks.Scalar{}
+	S.Mul(k, s)
+	S.Add(S, r)
+
+	// 6.  The signature is the concatenation of R and S.
+	copy(signature[:paramB], R[:])
+	copy(signature[paramB:], S[:])
+}
+
+// Sign signs the message with privateKey and returns a signature.
+// This function supports the signature variant defined in RFC-8032: Ed448,
+// also known as the pure version of EdDSA.
+// It will panic if len(privateKey) is not PrivateKeySize.
+func Sign(priv PrivateKey, message []byte, ctx string) []byte {
+	signature := make([]byte, SignatureSize)
+	signAll(signature, priv, message, []byte(ctx), false)
+	return signature
+}
+
+// SignPh creates a signature of a message given a keypair.
+// This function supports the signature variant defined in RFC-8032: Ed448ph,
+// meaning it internally hashes the message using SHAKE-256.
+// Context could be passed to this function, which length should be no more than
+// 255. It can be empty.
+func SignPh(priv PrivateKey, message []byte, ctx string) []byte {
+	signature := make([]byte, SignatureSize)
+	signAll(signature, priv, message, []byte(ctx), true)
+	return signature
+}
+
+func verify(public PublicKey, message, signature, ctx []byte, preHash bool) bool {
+	if len(public) != PublicKeySize ||
+		len(signature) != SignatureSize ||
+		len(ctx) > ContextMaxSize ||
+		!isLessThanOrder(signature[paramB:]) {
+		return false
+	}
+
+	P, err := goldilocks.FromBytes(public)
+	if err != nil {
+		return false
+	}
+
+	H := sha3.NewShake256()
+	var PHM []byte
+
+	if preHash {
+		var h [64]byte
+		_, _ = H.Write(message)
+		_, _ = H.Read(h[:])
+		PHM = h[:]
+		H.Reset()
+	} else {
+		PHM = message
+	}
+
+	var hRAM [hashSize]byte
+	R := signature[:paramB]
+
+	writeDom(&H, ctx, preHash)
+
+	_, _ = H.Write(R)
+	_, _ = H.Write(public)
+	_, _ = H.Write(PHM)
+	_, _ = H.Read(hRAM[:])
+
+	k := &goldilocks.Scalar{}
+	k.FromBytes(hRAM[:])
+	S := &goldilocks.Scalar{}
+	S.FromBytes(signature[paramB:])
+
+	encR := (&[paramB]byte{})[:]
+	P.Neg()
+	_ = goldilocks.Curve{}.CombinedMult(S, k, P).ToBytes(encR)
+	return bytes.Equal(R, encR)
+}
+
+// VerifyAny returns true if the signature is valid. Failure cases are invalid
+// signature, or when the public key cannot be decoded.
+// This function supports all the two signature variants defined in RFC-8032,
+// namely Ed448 (or pure EdDSA) and Ed448Ph.
+// The opts.HashFunc() must return zero, this can be achieved by passing
+// crypto.Hash(0) as the value for opts.
+// Use a SignerOptions struct to pass a context string for signing.
+func VerifyAny(public PublicKey, message, signature []byte, opts crypto.SignerOpts) bool {
+	var ctx string
+	var scheme SchemeID
+	if o, ok := opts.(SignerOptions); ok {
+		ctx = o.Context
+		scheme = o.Scheme
+	}
+
+	switch true {
+	case scheme == ED448 && opts.HashFunc() == crypto.Hash(0):
+		return Verify(public, message, signature, ctx)
+	case scheme == ED448Ph && opts.HashFunc() == crypto.Hash(0):
+		return VerifyPh(public, message, signature, ctx)
+	default:
+		return false
+	}
+}
+
+// Verify returns true if the signature is valid. Failure cases are invalid
+// signature, or when the public key cannot be decoded.
+// This function supports the signature variant defined in RFC-8032: Ed448,
+// also known as the pure version of EdDSA.
+func Verify(public PublicKey, message, signature []byte, ctx string) bool {
+	return verify(public, message, signature, []byte(ctx), false)
+}
+
+// VerifyPh returns true if the signature is valid. Failure cases are invalid
+// signature, or when the public key cannot be decoded.
+// This function supports the signature variant defined in RFC-8032: Ed448ph,
+// meaning it internally hashes the message using SHAKE-256.
+// Context could be passed to this function, which length should be no more than
+// 255. It can be empty.
+func VerifyPh(public PublicKey, message, signature []byte, ctx string) bool {
+	return verify(public, message, signature, []byte(ctx), true)
+}
+
+func deriveSecretScalar(s *goldilocks.Scalar, h []byte) {
+	h[0] &= 0xFC        // The two least significant bits of the first octet are cleared,
+	h[paramB-1] = 0x00  // all eight bits the last octet are cleared, and
+	h[paramB-2] |= 0x80 // the highest bit of the second to last octet is set.
+	s.FromBytes(h[:paramB])
+}
+
+// isLessThanOrder returns true if 0 <= x < order and if the last byte of x is zero.
+func isLessThanOrder(x []byte) bool {
+	order := goldilocks.Curve{}.Order()
+	i := len(order) - 1
+	for i > 0 && x[i] == order[i] {
+		i--
+	}
+	return x[paramB-1] == 0 && x[i] < order[i]
+}
+
+func writeDom(h io.Writer, ctx []byte, preHash bool) {
+	dom4 := "SigEd448"
+	_, _ = h.Write([]byte(dom4))
+
+	if preHash {
+		_, _ = h.Write([]byte{byte(0x01), byte(len(ctx))})
+	} else {
+		_, _ = h.Write([]byte{byte(0x00), byte(len(ctx))})
+	}
+	_, _ = h.Write(ctx)
+}

vendor/github.com/cloudflare/circl/sign/ed448/signapi.go

@@ -0,0 +1,87 @@
+package ed448
+
+import (
+	"crypto/rand"
+	"encoding/asn1"
+
+	"github.com/cloudflare/circl/sign"
+)
+
+var sch sign.Scheme = &scheme{}
+
+// Scheme returns a signature interface.
+func Scheme() sign.Scheme { return sch }
+
+type scheme struct{}
+
+func (*scheme) Name() string          { return "Ed448" }
+func (*scheme) PublicKeySize() int    { return PublicKeySize }
+func (*scheme) PrivateKeySize() int   { return PrivateKeySize }
+func (*scheme) SignatureSize() int    { return SignatureSize }
+func (*scheme) SeedSize() int         { return SeedSize }
+func (*scheme) TLSIdentifier() uint   { return 0x0808 }
+func (*scheme) SupportsContext() bool { return true }
+func (*scheme) Oid() asn1.ObjectIdentifier {
+	return asn1.ObjectIdentifier{1, 3, 101, 113}
+}
+
+func (*scheme) GenerateKey() (sign.PublicKey, sign.PrivateKey, error) {
+	return GenerateKey(rand.Reader)
+}
+
+func (*scheme) Sign(
+	sk sign.PrivateKey,
+	message []byte,
+	opts *sign.SignatureOpts,
+) []byte {
+	priv, ok := sk.(PrivateKey)
+	if !ok {
+		panic(sign.ErrTypeMismatch)
+	}
+	ctx := ""
+	if opts != nil {
+		ctx = opts.Context
+	}
+	return Sign(priv, message, ctx)
+}
+
+func (*scheme) Verify(
+	pk sign.PublicKey,
+	message, signature []byte,
+	opts *sign.SignatureOpts,
+) bool {
+	pub, ok := pk.(PublicKey)
+	if !ok {
+		panic(sign.ErrTypeMismatch)
+	}
+	ctx := ""
+	if opts != nil {
+		ctx = opts.Context
+	}
+	return Verify(pub, message, signature, ctx)
+}
+
+func (*scheme) DeriveKey(seed []byte) (sign.PublicKey, sign.PrivateKey) {
+	privateKey := NewKeyFromSeed(seed)
+	publicKey := make(PublicKey, PublicKeySize)
+	copy(publicKey, privateKey[SeedSize:])
+	return publicKey, privateKey
+}
+
+func (*scheme) UnmarshalBinaryPublicKey(buf []byte) (sign.PublicKey, error) {
+	if len(buf) < PublicKeySize {
+		return nil, sign.ErrPubKeySize
+	}
+	pub := make(PublicKey, PublicKeySize)
+	copy(pub, buf[:PublicKeySize])
+	return pub, nil
+}
+
+func (*scheme) UnmarshalBinaryPrivateKey(buf []byte) (sign.PrivateKey, error) {
+	if len(buf) < PrivateKeySize {
+		return nil, sign.ErrPrivKeySize
+	}
+	priv := make(PrivateKey, PrivateKeySize)
+	copy(priv, buf[:PrivateKeySize])
+	return priv, nil
+}