Update vendors to versioning

Signed-off-by: Brandon Lum <lumjjb@gmail.com>

vendor.conf

@@ -89,7 +89,7 @@ github.com/containernetworking/cni 4cfb7b568922a3c79a23e438dc52fe537fc9687e # v0
 github.com/containerd/go-cni 0d360c50b10b350b6bb23863fd4dfb1c232b01c9
 
 # image decrypt depedencies
-github.com/containerd/imgcrypt 99334633d4657af3f32670947eb1008250e564d9
-github.com/containers/ocicrypt 142388cb70de0fe8c7edd921df79e477ab8b3051
-gopkg.in/square/go-jose.v2 v2.3.1 https://github.com/square/go-jose.git
-github.com/fullsailor/pkcs7 8306686428a5fe132eac8cb7c4848af725098bd4
+github.com/containerd/imgcrypt v1.0.1
+github.com/containers/ocicrypt v1.0.1 # from containerd/imgcrypt
+gopkg.in/square/go-jose.v2 v2.3.1 https://github.com/square/go-jose.git # from containers/ocicrypt
+github.com/fullsailor/pkcs7 8306686428a5fe132eac8cb7c4848af725098bd4 # from containers/ocicrypt

vendor/github.com/containerd/imgcrypt/go.mod

@@ -13,7 +13,7 @@ require (
 	github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda // indirect
 	github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8 // indirect
 	github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd
-	github.com/containers/ocicrypt v0.0.0-20190930154801-b87a4a69c741
+	github.com/containers/ocicrypt v1.0.1
 	github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b // indirect
 	github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible // indirect
 	github.com/docker/go-events v0.0.0-20170721190031-9461782956ad // indirect

vendor/github.com/containers/ocicrypt/encryption.go

@@ -196,10 +196,13 @@ func decryptLayerKeyOptsData(dc *config.DecryptConfig, desc ocispec.Descriptor)
 		if b64Annotation != "" {
 			keywrapper := GetKeyWrapper(scheme)
 
-			if len(keywrapper.GetPrivateKeys(dc.Parameters)) == 0 {
+			if keywrapper.NoPossibleKeys(dc.Parameters) {
 				continue
 			}
+
+			if len(keywrapper.GetPrivateKeys(dc.Parameters)) > 0 {
 				privKeyGiven = true
+			}
 
 			optsData, err := preUnwrapKey(keywrapper, dc, b64Annotation)
 			if err != nil {

vendor/github.com/containers/ocicrypt/keywrap/jwe/keywrapper_jwe.go

@@ -91,6 +91,10 @@ func (kw *jweKeyWrapper) UnwrapKey(dc *config.DecryptConfig, jweString []byte) (
 	return nil, errors.New("JWE: No suitable private key found for decryption")
 }
 
+func (kw *jweKeyWrapper) NoPossibleKeys(dcparameters map[string][][]byte) bool {
+	return len(kw.GetPrivateKeys(dcparameters)) == 0
+}
+
 func (kw *jweKeyWrapper) GetPrivateKeys(dcparameters map[string][][]byte) [][]byte {
 	return dcparameters["privkeys"]
 }

vendor/github.com/containers/ocicrypt/keywrap/keywrap.go

@@ -26,15 +26,23 @@ type KeyWrapper interface {
 	WrapKeys(ec *config.EncryptConfig, optsData []byte) ([]byte, error)
 	UnwrapKey(dc *config.DecryptConfig, annotation []byte) ([]byte, error)
 	GetAnnotationID() string
+
+	// NoPossibleKeys returns true if there is no possibility of performing
+	// decryption for parameters provided.
+	NoPossibleKeys(dcparameters map[string][][]byte) bool
+
 	// GetPrivateKeys (optional) gets the array of private keys. It is an optional implementation
 	// as in some key services, a private key may not be exportable (i.e. HSM)
+	// If not implemented, return nil
 	GetPrivateKeys(dcparameters map[string][][]byte) [][]byte
 
 	// GetKeyIdsFromPacket (optional) gets a list of key IDs. This is optional as some encryption
 	// schemes may not have a notion of key IDs
+	// If not implemented, return the nil slice
 	GetKeyIdsFromPacket(packet string) ([]uint64, error)
 
 	// GetRecipients (optional) gets a list of recipients. It is optional due to the validity of
 	// recipients in a particular encryptiong scheme
+	// If not implemented, return the nil slice
 	GetRecipients(packet string) ([]string, error)
 }

vendor/github.com/containers/ocicrypt/keywrap/pgp/keywrapper_gpg.go

@@ -191,6 +191,10 @@ func (kw *gpgKeyWrapper) GetRecipients(b64pgpPackets string) ([]string, error) {
 	return array, nil
 }
 
+func (kw *gpgKeyWrapper) NoPossibleKeys(dcparameters map[string][][]byte) bool {
+	return len(kw.GetPrivateKeys(dcparameters)) == 0
+}
+
 func (kw *gpgKeyWrapper) GetPrivateKeys(dcparameters map[string][][]byte) [][]byte {
 	return dcparameters["gpg-privatekeys"]
 }

vendor/github.com/containers/ocicrypt/keywrap/pkcs7/keywrapper_pkcs7.go

@@ -70,6 +70,10 @@ func collectX509s(x509s [][]byte) ([]*x509.Certificate, error) {
 	return x509Certs, nil
 }
 
+func (kw *pkcs7KeyWrapper) NoPossibleKeys(dcparameters map[string][][]byte) bool {
+	return len(kw.GetPrivateKeys(dcparameters)) == 0
+}
+
 func (kw *pkcs7KeyWrapper) GetPrivateKeys(dcparameters map[string][][]byte) [][]byte {
 	return dcparameters["privkeys"]
 }