* vendor: add github.com/btcsuite/btcd/btcec

* crypto: add btcec fallback for sign/recover without cgo

This commit adds a non-cgo fallback implementation of secp256k1
operations.

* crypto, core/vm: remove wrappers for sha256, ripemd160

- Sign takes common.Address, not Account
- Import/Export methods work with encrypted JSON keys

In order to avoid disk thrashing for Accounts and HasAccount,
address->key file mappings are now cached in memory. This makes it no
longer necessary to keep the key address in the file name. The address
of each key is derived from file content instead.

There are minor user-visible changes:

- "geth account list" now reports key file paths alongside the address.
- If multiple keys are present for an address, unlocking by address is
  not possible. Users are directed to remove the duplicate files
  instead. Unlocking by index is still possible.
- Key files are overwritten written in place when updating the password.

The account management API was originally implemented as a thin layer
around crypto.KeyStore, on the grounds that several kinds of key stores
would be implemented later on. It turns out that this won't happen so
KeyStore is a superflous abstraction.

In this commit crypto.KeyStore and everything related to it moves to
package accounts and is unexported.

thanks to Felix Lange (fjl) for help with design & impl

I forgot to update one instance of "go-ethereum" in commit 3f047be5.

All code outside of cmd/ is licensed as LGPL. The headers
now reflect this by calling the whole work "the go-ethereum library".

* Change password protection crypto in keystore to version 3
* Update KeyStoreTests/basic_tests.json
* Add support for PBKDF2 with HMAC-SHA256
* Change MAC and encryption key to avoid unnecessary hashing
* Add tests for test vectors in new wiki page defining version 3
* Add tests for new keystore tests in ethereum/tests repo
* Move JSON loading util to common for use in both tests and
  crypto packages
* Add backwards compatibility with key store version 1

* Also fix address types post-rebase

* Remove key header from unencrypted key file format and replace
  it with a version field
* Change encoding of bytes in key files from base64 to hex

This reverts commit a94d4ba0b53c4558ab838aaed635a2ff66ddfa53.

* Add key header containing key version, kdf and kdf params
* Store key header as JSON in the key file
* Read in KDF params from key header
* Include key header in MAC calculation and MAC verification

* Change MAC-then-Encrypt to Encrypt-then-MAC
* Change AES256 to AES128
* Use first 16 bytes of KDF derived key for AES and
  remaining 16 for MAC

- cli: add passwordfile flag
- cli: change unlock flag only takes account
- cli: with unlock you are prompted for password or use passfile with password flag
- cli: unlockAccount used in normal client start (run) and accountExport
- cli: getPassword used in accountCreate and accountImport
- accounts: Manager.Import, Manager.Export
- crypto: SaveECDSA (to complement LoadECDSA) to save to file
- crypto: NewKeyFromECDSA added (used in accountImport and New = generated constructor)

* Use crypto.Sign instead of directly calling secp256k1 lib
* Rename UserAccount to Account and Addr to Address (for consistency)
* Change AccountManager.Sign to take ptr to Account instead of
  address byte array
* Simplify copying of Accounts in Accounts()
* PubkeyToAddress and GetEntropyCSPRNG now exported

* Add initial UserAccount and AccountManager structs
* Add NewAccount, Sign and Accounts functions
* Refactor key stores to use key address as main identifier
  while keeping the UUID.
* Use key address as file/dir names instead of UUID

* ImportPreSaleKey takes a KeyStore, a presale key JSON (e.g. file content)
  and a password string. It stores the key in the given key store.
* Refactored common AES decryption and moved some functions to crypto.go

* Allocate with composite literal instead of new
* Remove check of number of bytes read from rand

* Remove flags field from key struct
* Change JSON struct fields from string to []byte
* Change GenerateNewKey API to take io.Reader for random source
* Remove mixing entropy source function
* Use testing Fatal in tests

* Simplify scrypt constants with const block
* Add key store constructors and make their types private
* Simplify key store and file namings to be less Java Enterprise™
* Change test error logging to use t.Error(err)
* Reduce number of naked returns (just like my ex-gf)
* Simplify file reading path code

* Add new generic key_store interface
* Add new plaintext key store storing unprotected keys on disk
* Add new encrypted key store storing encrypted keys on disk
* Add new entropy mixing function using OS and go runtime sources