all: lint

2025-06-28 00:13:26 +08:00 · 2025-06-19 10:38:23 +08:00 · 2025-06-19 10:38:23 +08:00 · 1e53c5f16d
commit 1e53c5f16d
parent 1a005fa41b
14 changed files with 71 additions and 73 deletions
--- a/cbcmac/cbcmac.go
+++ b/cbcmac/cbcmac.go
@ -286,7 +286,7 @@ func (d *cmac) Write(p []byte) (nn int, err error) {
 	}
 	// save remaining partial/full block
 	if len(p) > 0 {
-		d.nx = copy(d.x[:], p)
+		d.nx = copy(d.x, p)
 	}
 	return
 }
@ -309,19 +309,20 @@ func (d *cmac) Sum(in []byte) []byte {
 	d0.tag = make([]byte, d.blockSize)
 	copy(d0.tag, d.tag)
 	hash := d0.checkSum()
-	return append(in, hash[:]...)
+	return append(in, hash...)
 }

 func (c *cmac) checkSum() []byte {
 	tag := make([]byte, c.size)
-	if c.nx == 0 {
+	switch c.nx {
+	case 0:
 		// Special-cased as a single empty partial final block.
 		copy(c.tag, c.k2)
 		c.tag[0] ^= 0b10000000
-	} else if c.nx == c.blockSize {
+	case c.blockSize:
 		subtle.XORBytes(c.tag, c.x, c.tag)
 		subtle.XORBytes(c.tag, c.k1, c.tag)
-	} else {
+	default:
 		subtle.XORBytes(c.tag, c.x, c.tag)
 		c.tag[c.nx] ^= 0b10000000
 		subtle.XORBytes(c.tag, c.k2, c.tag)
--- a/cfca/pkcs10_test.go
+++ b/cfca/pkcs10_test.go
@ -147,13 +147,11 @@ func TestCreateCertificateRequest(t *testing.T) {
 			if err.Error() != tc.errormsg {
 				t.Fatalf("expected error %s, got %s", tc.errormsg, err.Error())
 			}
-		} else {
-			if err != nil {
+		} else if err != nil {
 			t.Fatal(err)
 		}
 	}
 }
-}

 func TestParseEscrowPrivateKey(t *testing.T) {
 	cases := []struct {
--- a/cipher/benchmark_test.go
+++ b/cipher/benchmark_test.go
@ -131,9 +131,7 @@ func BenchmarkSM4CBCDecrypt1K(b *testing.B) {
 func benchmarkStream(b *testing.B, block cipher.Block, mode func(cipher.Block, []byte) cipher.Stream, buf []byte) {
 	b.SetBytes(int64(len(buf)))

-	//var key [16]byte
 	var iv [16]byte
-	//c, _ := sm4.NewCipher(key[:])
 	stream := mode(block, iv[:])

 	b.ResetTimer()
@ -452,12 +450,10 @@ func benchmarkXTS(b *testing.B, isGB bool, cipherFunc func([]byte) (cipher.Block
 		}
 	}

-	//decrypted := make([]byte, length)
 	b.SetBytes(int64(len(plaintext)))
 	b.ResetTimer()
 	for i := 0; i < b.N; i++ {
 		c.CryptBlocks(encrypted, plaintext)
-	//c.Decrypt(decrypted, encrypted[:len(plaintext)], 0)
 	}
 }

--- a/drbg/ctr_drbg.go
+++ b/drbg/ctr_drbg.go
@ -77,7 +77,7 @@ func NewGMCtrDrbg(securityLevel SecurityLevel, entropy, nonce, personalization [

 func (hd *CtrDrbg) Reseed(entropy, additional []byte) error {
 	// here for the min length, we just check <=0 now
-	if len(entropy) <= 0 || (hd.gm && len(entropy) < 32) || len(entropy) >= MAX_BYTES {
+	if len(entropy) == 0 || (hd.gm && len(entropy) < 32) || len(entropy) >= MAX_BYTES {
 		return errors.New("drbg: invalid entropy length")
 	}

--- a/internal/bigmod/nat.go
+++ b/internal/bigmod/nat.go
@ -530,8 +530,8 @@ func minusInverseModW(x uint) uint {
 	//
 	// See https://crypto.stackexchange.com/a/47496.
 	y := x
-	for i := 0; i < 5; i++ {
-		y = y * (2 - x*y)
+	for range 5 {
+		y *= (2 - x*y)
 	}
 	return -y
 }
--- a/internal/sm2ec/sm2p256_asm.go
+++ b/internal/sm2ec/sm2p256_asm.go
@ -812,13 +812,14 @@ func (p *SM2P256Point) p256BaseMult(scalar *p256OrdElement) {
 	zero := sel

 	for i := 1; i < 43; i++ {
-		if index >= 192 {
+		switch {
+		case index >= 192:
 			wvalue = (scalar[3] >> (index & 63)) & 0x7f
-		} else if index >= 128 {
+		case index >= 128:
 			wvalue = ((scalar[2] >> (index & 63)) + (scalar[3] << (64 - (index & 63)))) & 0x7f
-		} else if index >= 64 {
+		case index >= 64:
 			wvalue = ((scalar[1] >> (index & 63)) + (scalar[2] << (64 - (index & 63)))) & 0x7f
-		} else {
+		default:
 			wvalue = ((scalar[0] >> (index & 63)) + (scalar[1] << (64 - (index & 63)))) & 0x7f
 		}
 		index += 6
--- a/internal/sm3/kdf_mult4_asm.go
+++ b/internal/sm3/kdf_mult4_asm.go
@ -85,8 +85,8 @@ func kdfBy4(baseMD *digest, keyLen int, limit int) []byte {
 		ret = ret[Size*parallelSize4:]
 	}
 	remain := limit % parallelSize4
-	for i := 0; i < remain; i++ {
-		byteorder.BEPutUint32(tmp[:], ct)
+	for i := range remain {
+		byteorder.BEPutUint32(tmp, ct)
 		md := *baseMD
 		md.Write(tmp[:4])
 		h := md.checkSum()
--- a/internal/sm3/kdf_mult8_amd64.go
+++ b/internal/sm3/kdf_mult8_amd64.go
@ -84,8 +84,8 @@ func kdfBy8(baseMD *digest, keyLen int, limit int) []byte {
 		remain -= parallelSize4
 	}

-	for i := 0; i < remain; i++ {
-		byteorder.BEPutUint32(tmp[:], ct)
+	for i := range remain {
+		byteorder.BEPutUint32(tmp, ct)
 		md := *baseMD
 		md.Write(tmp[:4])
 		h := md.checkSum()
--- a/internal/sm4/block.go
+++ b/internal/sm4/block.go
@ -76,76 +76,76 @@ func expandKeyGo(key []byte, enc, dec *[rounds]uint32) {
 	b2 = byteorder.BEUint32(key[8:12]) ^ fk[2]
 	b3 = byteorder.BEUint32(key[12:16]) ^ fk[3]

-	b0 = b0 ^ t2(b1^b2^b3^ck[0])
+	b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[0])
 	enc[0], dec[31] = b0, b0
-	b1 = b1 ^ t2(b2^b3^b0^ck[1])
+	b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[1])
 	enc[1], dec[30] = b1, b1
-	b2 = b2 ^ t2(b3^b0^b1^ck[2])
+	b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[2])
 	enc[2], dec[29] = b2, b2
-	b3 = b3 ^ t2(b0^b1^b2^ck[3])
+	b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[3])
 	enc[3], dec[28] = b3, b3

-	b0 = b0 ^ t2(b1^b2^b3^ck[4])
+	b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[4])
 	enc[4], dec[27] = b0, b0
-	b1 = b1 ^ t2(b2^b3^b0^ck[5])
+	b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[5])
 	enc[5], dec[26] = b1, b1
-	b2 = b2 ^ t2(b3^b0^b1^ck[6])
+	b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[6])
 	enc[6], dec[25] = b2, b2
-	b3 = b3 ^ t2(b0^b1^b2^ck[7])
+	b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[7])
 	enc[7], dec[24] = b3, b3

-	b0 = b0 ^ t2(b1^b2^b3^ck[8])
+	b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[8])
 	enc[8], dec[23] = b0, b0
-	b1 = b1 ^ t2(b2^b3^b0^ck[9])
+	b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[9])
 	enc[9], dec[22] = b1, b1
-	b2 = b2 ^ t2(b3^b0^b1^ck[10])
+	b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[10])
 	enc[10], dec[21] = b2, b2
-	b3 = b3 ^ t2(b0^b1^b2^ck[11])
+	b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[11])
 	enc[11], dec[20] = b3, b3

-	b0 = b0 ^ t2(b1^b2^b3^ck[12])
+	b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[12])
 	enc[12], dec[19] = b0, b0
-	b1 = b1 ^ t2(b2^b3^b0^ck[13])
+	b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[13])
 	enc[13], dec[18] = b1, b1
-	b2 = b2 ^ t2(b3^b0^b1^ck[14])
+	b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[14])
 	enc[14], dec[17] = b2, b2
-	b3 = b3 ^ t2(b0^b1^b2^ck[15])
+	b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[15])
 	enc[15], dec[16] = b3, b3

-	b0 = b0 ^ t2(b1^b2^b3^ck[16])
+	b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[16])
 	enc[16], dec[15] = b0, b0
-	b1 = b1 ^ t2(b2^b3^b0^ck[17])
+	b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[17])
 	enc[17], dec[14] = b1, b1
-	b2 = b2 ^ t2(b3^b0^b1^ck[18])
+	b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[18])
 	enc[18], dec[13] = b2, b2
-	b3 = b3 ^ t2(b0^b1^b2^ck[19])
+	b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[19])
 	enc[19], dec[12] = b3, b3

-	b0 = b0 ^ t2(b1^b2^b3^ck[20])
+	b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[20])
 	enc[20], dec[11] = b0, b0
-	b1 = b1 ^ t2(b2^b3^b0^ck[21])
+	b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[21])
 	enc[21], dec[10] = b1, b1
-	b2 = b2 ^ t2(b3^b0^b1^ck[22])
+	b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[22])
 	enc[22], dec[9] = b2, b2
-	b3 = b3 ^ t2(b0^b1^b2^ck[23])
+	b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[23])
 	enc[23], dec[8] = b3, b3

-	b0 = b0 ^ t2(b1^b2^b3^ck[24])
+	b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[24])
 	enc[24], dec[7] = b0, b0
-	b1 = b1 ^ t2(b2^b3^b0^ck[25])
+	b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[25])
 	enc[25], dec[6] = b1, b1
-	b2 = b2 ^ t2(b3^b0^b1^ck[26])
+	b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[26])
 	enc[26], dec[5] = b2, b2
-	b3 = b3 ^ t2(b0^b1^b2^ck[27])
+	b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[27])
 	enc[27], dec[4] = b3, b3

-	b0 = b0 ^ t2(b1^b2^b3^ck[28])
+	b0 ^= t2(b1 ^ b2 ^ b3 ^ ck[28])
 	enc[28], dec[3] = b0, b0
-	b1 = b1 ^ t2(b2^b3^b0^ck[29])
+	b1 ^= t2(b2 ^ b3 ^ b0 ^ ck[29])
 	enc[29], dec[2] = b1, b1
-	b2 = b2 ^ t2(b3^b0^b1^ck[30])
+	b2 ^= t2(b3 ^ b0 ^ b1 ^ ck[30])
 	enc[30], dec[1] = b2, b2
-	b3 = b3 ^ t2(b0^b1^b2^ck[31])
+	b3 ^= t2(b0 ^ b1 ^ b2 ^ ck[31])
 	enc[31], dec[0] = b3, b3
 }

--- a/mldsa/field.go
+++ b/mldsa/field.go
@ -22,6 +22,7 @@ type fieldElement uint32
 //}

 // fieldReduceOnce reduces a value a < 2q.
+// Also refer "A note on the implementation of the Number Theoretic Transform": https://eprint.iacr.org/2017/727.pdf .
 func fieldReduceOnce(a uint32) fieldElement {
 	x := a - q
 	// If x underflowed, then x >= 2^32 - q > 2^31, so the top bit is set.
@ -130,6 +131,7 @@ var zetasMontgomery = [n]fieldElement{
 // ntt maps a ringElement to its nttElement representation.
 //
 // It implements NTT, according to FIPS 204, Algorithm 41.
+// Also refer "A note on the implementation of the Number Theoretic Transform": https://eprint.iacr.org/2017/727.pdf .
 func ntt(f ringElement) nttElement {
 	k := 1
 	// len: 128, 64, 32, ..., 1
@ -153,6 +155,7 @@ func ntt(f ringElement) nttElement {
 // inverseNTT maps a nttElement back to the ringElement it represents.
 //
 // It implements NTT⁻¹, according to FIPS 204, Algorithm 42.
+// Also refer "A note on the implementation of the Number Theoretic Transform": https://eprint.iacr.org/2017/727.pdf .
 func inverseNTT(f nttElement) ringElement {
 	k := 255
 	for len := 1; len < n; len *= 2 {
--- a/mldsa/mldsa44.go
+++ b/mldsa/mldsa44.go
@ -272,8 +272,7 @@ func dsaKeyGen44(sk *Key44, xi *[32]byte) {
 	sk.xi = *xi
 	H := sha3.NewSHAKE256()
 	H.Write(xi[:])
-	H.Write([]byte{k44})
-	H.Write([]byte{l44})
+	H.Write([]byte{k44, l44})
 	K := make([]byte, 128)
 	H.Read(K)
 	rho, rho1 := K[:32], K[32:96]