From 1e53c5f16dd9637774cbfda032bd0f624aa52a00 Mon Sep 17 00:00:00 2001 From: Sun Yimin Date: Thu, 19 Jun 2025 10:38:23 +0800 Subject: [PATCH] all: lint --- cbcmac/cbcmac.go | 11 +++--- cfca/pkcs10_test.go | 6 ++-- cipher/benchmark_test.go | 8 ++--- cipher/ofbnlf.go | 2 +- drbg/ctr_drbg.go | 2 +- internal/bigmod/nat.go | 4 +-- internal/cpuid/cpuid_arm64.go | 6 ++-- internal/sm2ec/sm2p256_asm.go | 9 ++--- internal/sm3/kdf_mult4_asm.go | 4 +-- internal/sm3/kdf_mult8_amd64.go | 4 +-- internal/sm4/block.go | 64 ++++++++++++++++----------------- mldsa/field.go | 3 ++ mldsa/mldsa44.go | 3 +- pkcs8/pkcs8.go | 18 +++++----- 14 files changed, 71 insertions(+), 73 deletions(-) diff --git a/cbcmac/cbcmac.go b/cbcmac/cbcmac.go index d075ad1..4f429c9 100644 --- a/cbcmac/cbcmac.go +++ b/cbcmac/cbcmac.go @@ -286,7 +286,7 @@ func (d *cmac) Write(p []byte) (nn int, err error) { } // save remaining partial/full block if len(p) > 0 { - d.nx = copy(d.x[:], p) + d.nx = copy(d.x, p) } return } @@ -309,19 +309,20 @@ func (d *cmac) Sum(in []byte) []byte { d0.tag = make([]byte, d.blockSize) copy(d0.tag, d.tag) hash := d0.checkSum() - return append(in, hash[:]...) + return append(in, hash...) } func (c *cmac) checkSum() []byte { tag := make([]byte, c.size) - if c.nx == 0 { + switch c.nx { + case 0: // Special-cased as a single empty partial final block. copy(c.tag, c.k2) c.tag[0] ^= 0b10000000 - } else if c.nx == c.blockSize { + case c.blockSize: subtle.XORBytes(c.tag, c.x, c.tag) subtle.XORBytes(c.tag, c.k1, c.tag) - } else { + default: subtle.XORBytes(c.tag, c.x, c.tag) c.tag[c.nx] ^= 0b10000000 subtle.XORBytes(c.tag, c.k2, c.tag) diff --git a/cfca/pkcs10_test.go b/cfca/pkcs10_test.go index 2f311d2..68ea5f9 100644 --- a/cfca/pkcs10_test.go +++ b/cfca/pkcs10_test.go @@ -147,10 +147,8 @@ func TestCreateCertificateRequest(t *testing.T) { if err.Error() != tc.errormsg { t.Fatalf("expected error %s, got %s", tc.errormsg, err.Error()) } - } else { - if err != nil { - t.Fatal(err) - } + } else if err != nil { + t.Fatal(err) } } } diff --git a/cipher/benchmark_test.go b/cipher/benchmark_test.go index ebdd8b1..7255cb8 100644 --- a/cipher/benchmark_test.go +++ b/cipher/benchmark_test.go @@ -131,9 +131,7 @@ func BenchmarkSM4CBCDecrypt1K(b *testing.B) { func benchmarkStream(b *testing.B, block cipher.Block, mode func(cipher.Block, []byte) cipher.Stream, buf []byte) { b.SetBytes(int64(len(buf))) - //var key [16]byte var iv [16]byte - //c, _ := sm4.NewCipher(key[:]) stream := mode(block, iv[:]) b.ResetTimer() @@ -449,15 +447,13 @@ func benchmarkXTS(b *testing.B, isGB bool, cipherFunc func([]byte) (cipher.Block c, err = smcipher.NewGBXTSEncrypterWithSector(cipherFunc, make([]byte, keylen), make([]byte, keylen), 0) if err != nil { b.Fatalf("NewCipher failed: %s", err) - } + } } - //decrypted := make([]byte, length) b.SetBytes(int64(len(plaintext))) b.ResetTimer() for i := 0; i < b.N; i++ { c.CryptBlocks(encrypted, plaintext) - //c.Decrypt(decrypted, encrypted[:len(plaintext)], 0) } } @@ -523,7 +519,7 @@ func benchmarkXTS_Decrypt(b *testing.B, isGB bool, cipherFunc func([]byte) (ciph c, err = smcipher.NewGBXTSDecrypterWithSector(cipherFunc, make([]byte, keylen), make([]byte, keylen), 0) if err != nil { b.Fatalf("NewCipher failed: %s", err) - } + } } b.SetBytes(int64(len(plaintext))) diff --git a/cipher/ofbnlf.go b/cipher/ofbnlf.go index 4f736eb..89704df 100644 --- a/cipher/ofbnlf.go +++ b/cipher/ofbnlf.go @@ -30,7 +30,7 @@ func newOFBNLF(cipherFunc CipherCreator, key, iv []byte) (*ofbnlf, error) { return nil, errors.New("cipher: IV length must equal block size") } c.iv = bytes.Clone(iv) - + return c, nil } diff --git a/drbg/ctr_drbg.go b/drbg/ctr_drbg.go index 26b64e7..a6e5e21 100644 --- a/drbg/ctr_drbg.go +++ b/drbg/ctr_drbg.go @@ -77,7 +77,7 @@ func NewGMCtrDrbg(securityLevel SecurityLevel, entropy, nonce, personalization [ func (hd *CtrDrbg) Reseed(entropy, additional []byte) error { // here for the min length, we just check <=0 now - if len(entropy) <= 0 || (hd.gm && len(entropy) < 32) || len(entropy) >= MAX_BYTES { + if len(entropy) == 0 || (hd.gm && len(entropy) < 32) || len(entropy) >= MAX_BYTES { return errors.New("drbg: invalid entropy length") } diff --git a/internal/bigmod/nat.go b/internal/bigmod/nat.go index c5cf054..3ffe3d8 100644 --- a/internal/bigmod/nat.go +++ b/internal/bigmod/nat.go @@ -530,8 +530,8 @@ func minusInverseModW(x uint) uint { // // See https://crypto.stackexchange.com/a/47496. y := x - for i := 0; i < 5; i++ { - y = y * (2 - x*y) + for range 5 { + y *= (2 - x*y) } return -y } diff --git a/internal/cpuid/cpuid_arm64.go b/internal/cpuid/cpuid_arm64.go index eb99212..f234b15 100644 --- a/internal/cpuid/cpuid_arm64.go +++ b/internal/cpuid/cpuid_arm64.go @@ -5,7 +5,7 @@ package cpuid import "github.com/emmansun/gmsm/internal/deps/cpu" var ( - HasAES = cpu.ARM64.HasAES - HasGFMUL = cpu.ARM64.HasPMULL - HasVPMSUMD = false + HasAES = cpu.ARM64.HasAES + HasGFMUL = cpu.ARM64.HasPMULL + HasVPMSUMD = false ) diff --git a/internal/sm2ec/sm2p256_asm.go b/internal/sm2ec/sm2p256_asm.go index 64738e7..2863205 100644 --- a/internal/sm2ec/sm2p256_asm.go +++ b/internal/sm2ec/sm2p256_asm.go @@ -812,13 +812,14 @@ func (p *SM2P256Point) p256BaseMult(scalar *p256OrdElement) { zero := sel for i := 1; i < 43; i++ { - if index >= 192 { + switch { + case index >= 192: wvalue = (scalar[3] >> (index & 63)) & 0x7f - } else if index >= 128 { + case index >= 128: wvalue = ((scalar[2] >> (index & 63)) + (scalar[3] << (64 - (index & 63)))) & 0x7f - } else if index >= 64 { + case index >= 64: wvalue = ((scalar[1] >> (index & 63)) + (scalar[2] << (64 - (index & 63)))) & 0x7f - } else { + default: wvalue = ((scalar[0] >> (index & 63)) + (scalar[1] << (64 - (index & 63)))) & 0x7f } index += 6 diff --git a/internal/sm3/kdf_mult4_asm.go b/internal/sm3/kdf_mult4_asm.go index 35bdc32..f735670 100644 --- a/internal/sm3/kdf_mult4_asm.go +++ b/internal/sm3/kdf_mult4_asm.go @@ -85,8 +85,8 @@ func kdfBy4(baseMD *digest, keyLen int, limit int) []byte { ret = ret[Size*parallelSize4:] } remain := limit % parallelSize4 - for i := 0; i < remain; i++ { - byteorder.BEPutUint32(tmp[:], ct) + for i := range remain { + byteorder.BEPutUint32(tmp, ct) md := *baseMD md.Write(tmp[:4]) h := md.checkSum() diff --git a/internal/sm3/kdf_mult8_amd64.go b/internal/sm3/kdf_mult8_amd64.go index b8b8ae1..101a2e2 100644 --- a/internal/sm3/kdf_mult8_amd64.go +++ b/internal/sm3/kdf_mult8_amd64.go @@ -84,8 +84,8 @@ func kdfBy8(baseMD *digest, keyLen int, limit int) []byte { remain -= parallelSize4 } - for i := 0; i < remain; i++ { - byteorder.BEPutUint32(tmp[:], ct) + for i := range remain { + byteorder.BEPutUint32(tmp, ct) md := *baseMD md.Write(tmp[:4]) h := md.checkSum() diff --git a/internal/sm4/block.go b/internal/sm4/block.go index f0e5fb4..8fbed0e 100644 --- a/internal/sm4/block.go +++ b/internal/sm4/block.go @@ -76,76 +76,76 @@ func expandKeyGo(key []byte, enc, dec *[rounds]uint32) { b2 = byteorder.BEUint32(key[8:12]) ^ fk[2] b3 = byteorder.BEUint32(key[12:16]) ^ fk[3] - b0 = b0 ^ t2(b1^b2^b3^ck[0]) + b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[0]) enc[0], dec[31] = b0, b0 - b1 = b1 ^ t2(b2^b3^b0^ck[1]) + b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[1]) enc[1], dec[30] = b1, b1 - b2 = b2 ^ t2(b3^b0^b1^ck[2]) + b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[2]) enc[2], dec[29] = b2, b2 - b3 = b3 ^ t2(b0^b1^b2^ck[3]) + b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[3]) enc[3], dec[28] = b3, b3 - b0 = b0 ^ t2(b1^b2^b3^ck[4]) + b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[4]) enc[4], dec[27] = b0, b0 - b1 = b1 ^ t2(b2^b3^b0^ck[5]) + b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[5]) enc[5], dec[26] = b1, b1 - b2 = b2 ^ t2(b3^b0^b1^ck[6]) + b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[6]) enc[6], dec[25] = b2, b2 - b3 = b3 ^ t2(b0^b1^b2^ck[7]) + b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[7]) enc[7], dec[24] = b3, b3 - b0 = b0 ^ t2(b1^b2^b3^ck[8]) + b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[8]) enc[8], dec[23] = b0, b0 - b1 = b1 ^ t2(b2^b3^b0^ck[9]) + b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[9]) enc[9], dec[22] = b1, b1 - b2 = b2 ^ t2(b3^b0^b1^ck[10]) + b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[10]) enc[10], dec[21] = b2, b2 - b3 = b3 ^ t2(b0^b1^b2^ck[11]) + b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[11]) enc[11], dec[20] = b3, b3 - b0 = b0 ^ t2(b1^b2^b3^ck[12]) + b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[12]) enc[12], dec[19] = b0, b0 - b1 = b1 ^ t2(b2^b3^b0^ck[13]) + b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[13]) enc[13], dec[18] = b1, b1 - b2 = b2 ^ t2(b3^b0^b1^ck[14]) + b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[14]) enc[14], dec[17] = b2, b2 - b3 = b3 ^ t2(b0^b1^b2^ck[15]) + b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[15]) enc[15], dec[16] = b3, b3 - b0 = b0 ^ t2(b1^b2^b3^ck[16]) + b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[16]) enc[16], dec[15] = b0, b0 - b1 = b1 ^ t2(b2^b3^b0^ck[17]) + b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[17]) enc[17], dec[14] = b1, b1 - b2 = b2 ^ t2(b3^b0^b1^ck[18]) + b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[18]) enc[18], dec[13] = b2, b2 - b3 = b3 ^ t2(b0^b1^b2^ck[19]) + b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[19]) enc[19], dec[12] = b3, b3 - b0 = b0 ^ t2(b1^b2^b3^ck[20]) + b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[20]) enc[20], dec[11] = b0, b0 - b1 = b1 ^ t2(b2^b3^b0^ck[21]) + b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[21]) enc[21], dec[10] = b1, b1 - b2 = b2 ^ t2(b3^b0^b1^ck[22]) + b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[22]) enc[22], dec[9] = b2, b2 - b3 = b3 ^ t2(b0^b1^b2^ck[23]) + b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[23]) enc[23], dec[8] = b3, b3 - b0 = b0 ^ t2(b1^b2^b3^ck[24]) + b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[24]) enc[24], dec[7] = b0, b0 - b1 = b1 ^ t2(b2^b3^b0^ck[25]) + b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[25]) enc[25], dec[6] = b1, b1 - b2 = b2 ^ t2(b3^b0^b1^ck[26]) + b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[26]) enc[26], dec[5] = b2, b2 - b3 = b3 ^ t2(b0^b1^b2^ck[27]) + b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[27]) enc[27], dec[4] = b3, b3 - b0 = b0 ^ t2(b1^b2^b3^ck[28]) + b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[28]) enc[28], dec[3] = b0, b0 - b1 = b1 ^ t2(b2^b3^b0^ck[29]) + b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[29]) enc[29], dec[2] = b1, b1 - b2 = b2 ^ t2(b3^b0^b1^ck[30]) + b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[30]) enc[30], dec[1] = b2, b2 - b3 = b3 ^ t2(b0^b1^b2^ck[31]) + b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[31]) enc[31], dec[0] = b3, b3 } diff --git a/mldsa/field.go b/mldsa/field.go index 4139c98..77fcb2c 100644 --- a/mldsa/field.go +++ b/mldsa/field.go @@ -22,6 +22,7 @@ type fieldElement uint32 //} // fieldReduceOnce reduces a value a < 2q. +// Also refer "A note on the implementation of the Number Theoretic Transform": https://eprint.iacr.org/2017/727.pdf . func fieldReduceOnce(a uint32) fieldElement { x := a - q // If x underflowed, then x >= 2^32 - q > 2^31, so the top bit is set. @@ -130,6 +131,7 @@ var zetasMontgomery = [n]fieldElement{ // ntt maps a ringElement to its nttElement representation. // // It implements NTT, according to FIPS 204, Algorithm 41. +// Also refer "A note on the implementation of the Number Theoretic Transform": https://eprint.iacr.org/2017/727.pdf . func ntt(f ringElement) nttElement { k := 1 // len: 128, 64, 32, ..., 1 @@ -153,6 +155,7 @@ func ntt(f ringElement) nttElement { // inverseNTT maps a nttElement back to the ringElement it represents. // // It implements NTT⁻¹, according to FIPS 204, Algorithm 42. +// Also refer "A note on the implementation of the Number Theoretic Transform": https://eprint.iacr.org/2017/727.pdf . func inverseNTT(f nttElement) ringElement { k := 255 for len := 1; len < n; len *= 2 { diff --git a/mldsa/mldsa44.go b/mldsa/mldsa44.go index 68a2f49..6270bd6 100644 --- a/mldsa/mldsa44.go +++ b/mldsa/mldsa44.go @@ -272,8 +272,7 @@ func dsaKeyGen44(sk *Key44, xi *[32]byte) { sk.xi = *xi H := sha3.NewSHAKE256() H.Write(xi[:]) - H.Write([]byte{k44}) - H.Write([]byte{l44}) + H.Write([]byte{k44, l44}) K := make([]byte, 128) H.Read(K) rho, rho1 := K[:32], K[32:96] diff --git a/pkcs8/pkcs8.go b/pkcs8/pkcs8.go index 7770f16..e98b8c2 100644 --- a/pkcs8/pkcs8.go +++ b/pkcs8/pkcs8.go @@ -22,14 +22,14 @@ type ScryptOpts = pkcs.ScryptOpts var ( DefaultOpts = pkcs.DefaultOpts - SM3 = pkcs.SM3 - SHA1 = pkcs.SHA1 - SHA224 = pkcs.SHA224 - SHA256 = pkcs.SHA256 - SHA384 = pkcs.SHA384 - SHA512 = pkcs.SHA512 - SHA512_224 = pkcs.SHA512_224 - SHA512_256 = pkcs.SHA512_256 + SM3 = pkcs.SM3 + SHA1 = pkcs.SHA1 + SHA224 = pkcs.SHA224 + SHA256 = pkcs.SHA256 + SHA384 = pkcs.SHA384 + SHA512 = pkcs.SHA512 + SHA512_224 = pkcs.SHA512_224 + SHA512_256 = pkcs.SHA512_256 ) // for encrypted private-key information @@ -39,7 +39,7 @@ type encryptedPrivateKeyInfo struct { } var ( - ErrUnsupportedPBES = errors.New("pkcs8: only part of PBES1/PBES2 supported") + ErrUnsupportedPBES = errors.New("pkcs8: only part of PBES1/PBES2 supported") ErrUnexpectedKeyType = errors.New("pkcs8: unexpected key type") )