diff options
author | Andy Zhao <andyzhao@google.com> | 2023-02-10 10:20:53 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-10 10:20:53 -0800 |
commit | e26f9fc7784a1af854cc5673d8491051469287de (patch) | |
tree | c2a9590f65d0014f3d753abc4be1e39865a8462e | |
parent | dc1cf9723817ec6254e81e349be8beb2a4bbeba7 (diff) | |
download | googleapis-enterprise-certificate-proxy-e26f9fc7784a1af854cc5673d8491051469287de.tar.gz |
chore: Add Linter step to all relevant workflows and fix lint errors. (#67)
-rw-r--r-- | .github/workflows/test-client.yml | 8 | ||||
-rw-r--r-- | .github/workflows/test-signer-darwin.yml | 9 | ||||
-rw-r--r-- | .github/workflows/test-signer-linux.yml | 9 | ||||
-rw-r--r-- | .github/workflows/test-signer-windows.yml | 9 | ||||
-rw-r--r-- | client/client.go | 5 | ||||
-rw-r--r-- | client/util/util.go | 4 | ||||
-rw-r--r-- | cshared/main.go | 14 | ||||
-rw-r--r-- | internal/signer/darwin/keychain/keychain_test.go | 7 | ||||
-rw-r--r-- | internal/signer/darwin/signer.go | 6 | ||||
-rw-r--r-- | internal/signer/darwin/util/util.go | 4 | ||||
-rw-r--r-- | internal/signer/linux/signer.go | 7 | ||||
-rw-r--r-- | internal/signer/linux/util/util.go | 4 | ||||
-rw-r--r-- | internal/signer/test/signer.go | 3 | ||||
-rw-r--r-- | internal/signer/windows/.gitattributes | 1 | ||||
-rw-r--r-- | internal/signer/windows/ncrypt/cert_util.go | 12 | ||||
-rw-r--r-- | internal/signer/windows/signer.go | 6 | ||||
-rw-r--r-- | internal/signer/windows/util/util.go | 4 |
17 files changed, 63 insertions, 49 deletions
diff --git a/.github/workflows/test-client.yml b/.github/workflows/test-client.yml index ba2703d..2a61bac 100644 --- a/.github/workflows/test-client.yml +++ b/.github/workflows/test-client.yml @@ -16,10 +16,16 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.18 + go-version: 1.19 - name: Build run: go build -v ./client/... - name: Test run: go test -v ./client/... + + - name: Lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + args: -E gofmt --max-same-issues 0 diff --git a/.github/workflows/test-signer-darwin.yml b/.github/workflows/test-signer-darwin.yml index 30ed888..bcfe6ce 100644 --- a/.github/workflows/test-signer-darwin.yml +++ b/.github/workflows/test-signer-darwin.yml @@ -16,7 +16,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.18 + go-version: 1.19 - name: Build working-directory: ./internal/signer/darwin @@ -25,6 +25,13 @@ jobs: - name: Test working-directory: ./internal/signer/darwin run: go test -v ./... + + - name: Lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + working-directory: ./internal/signer/darwin + args: -E gofmt --max-same-issues 0 - name: Create Binaries run: ./build/scripts/darwin_amd64.sh && ./build/scripts/darwin_arm64.sh diff --git a/.github/workflows/test-signer-linux.yml b/.github/workflows/test-signer-linux.yml index 0ad3e11..1949146 100644 --- a/.github/workflows/test-signer-linux.yml +++ b/.github/workflows/test-signer-linux.yml @@ -16,7 +16,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.18 + go-version: 1.19 - name: Build working-directory: ./internal/signer/linux @@ -26,6 +26,13 @@ jobs: working-directory: ./internal/signer/linux run: go test -v ./... + - name: Lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + working-directory: ./internal/signer/linux + args: -E gofmt --max-same-issues 0 + - name: Create Binaries run: ./build/scripts/linux_amd64.sh diff --git a/.github/workflows/test-signer-windows.yml b/.github/workflows/test-signer-windows.yml index 550f17c..7bd1c3d 100644 --- a/.github/workflows/test-signer-windows.yml +++ b/.github/workflows/test-signer-windows.yml @@ -16,7 +16,7 @@ jobs: - name: Set up Go uses: actions/setup-go@v3 with: - go-version: 1.18 + go-version: 1.19 - name: Build working-directory: ./internal/signer/windows @@ -25,6 +25,13 @@ jobs: - name: Test working-directory: ./internal/signer/windows run: go test -v ./... + + - name: Lint + uses: golangci/golangci-lint-action@v3 + with: + version: latest + working-directory: ./internal/signer/windows + args: -E gofmt --max-same-issues 0 - name: Create Binaries run: .\build\scripts\windows_amd64.ps1 diff --git a/client/client.go b/client/client.go index 0a2d4d7..7a34c0f 100644 --- a/client/client.go +++ b/client/client.go @@ -25,7 +25,6 @@ import ( "errors" "fmt" "io" - "io/ioutil" "log" "net/rpc" "os" @@ -61,7 +60,7 @@ func enableECPLogging() bool { return true } - log.SetOutput(ioutil.Discard) + log.SetOutput(io.Discard) return false } @@ -97,7 +96,7 @@ func (k *Key) Close() error { } // Wait for cmd to exit and release resources. Since the process is forcefully killed, this // will return a non-nil error (varies by OS), which we will ignore. - k.cmd.Wait() + _ = k.cmd.Wait() // The Pipes connecting the RPC client should have been closed when the signer subprocess was killed. // Calling `k.client.Close()` before `k.cmd.Process.Kill()` or `k.cmd.Wait()` _will_ cause a segfault. if err := k.client.Close(); err.Error() != "close |0: file already closed" { diff --git a/client/util/util.go b/client/util/util.go index a88dbd4..1640ec1 100644 --- a/client/util/util.go +++ b/client/util/util.go @@ -17,7 +17,7 @@ package util import ( "encoding/json" "errors" - "io/ioutil" + "io" "os" "os/user" "path/filepath" @@ -50,7 +50,7 @@ func LoadSignerBinaryPath(configFilePath string) (path string, err error) { return "", err } - byteValue, err := ioutil.ReadAll(jsonFile) + byteValue, err := io.ReadAll(jsonFile) if err != nil { return "", err } diff --git a/cshared/main.go b/cshared/main.go index db41a93..927719f 100644 --- a/cshared/main.go +++ b/cshared/main.go @@ -31,7 +31,7 @@ import ( "crypto/ecdsa" "crypto/rsa" "encoding/pem" - "io/ioutil" + "io" "log" "os" "unsafe" @@ -46,7 +46,7 @@ func enableECPLogging() bool { return true } - log.SetOutput(ioutil.Discard) + log.SetOutput(io.Discard) return false } @@ -138,16 +138,14 @@ func SignForPython(configFilePath *C.char, digest *byte, digestLen int, sigHolde log.Printf("failed to sign hash: %v", signErr) return 0 } - - // Create a Go buffer around the output buffer and copy the signature into the buffer - outBytes := unsafe.Slice(sigHolder, sigHolderLen) if sigHolderLen < len(signature) { log.Printf("The sigHolder buffer size %d is smaller than the signature size %d", sigHolderLen, len(signature)) return 0 } - for i := 0; i < len(signature); i++ { - outBytes[i] = signature[i] - } + + // Create a Go buffer around the output buffer and copy the signature into the buffer + outBytes := unsafe.Slice(sigHolder, sigHolderLen) + copy(outBytes, signature) return len(signature) } diff --git a/internal/signer/darwin/keychain/keychain_test.go b/internal/signer/darwin/keychain/keychain_test.go index f58ac53..946ba9b 100644 --- a/internal/signer/darwin/keychain/keychain_test.go +++ b/internal/signer/darwin/keychain/keychain_test.go @@ -18,17 +18,10 @@ package keychain import ( "bytes" - "crypto" "testing" "unsafe" ) -type signerOpts crypto.Hash - -func (s signerOpts) HashFunc() crypto.Hash { - return crypto.Hash(s) -} - func TestKeychainError(t *testing.T) { tests := []struct { e keychainError diff --git a/internal/signer/darwin/signer.go b/internal/signer/darwin/signer.go index f5b89a7..3eac7db 100644 --- a/internal/signer/darwin/signer.go +++ b/internal/signer/darwin/signer.go @@ -23,7 +23,6 @@ import ( "crypto/x509" "encoding/gob" "io" - "io/ioutil" "log" "net/rpc" "os" @@ -39,7 +38,7 @@ func enableECPLogging() bool { return true } - log.SetOutput(ioutil.Discard) + log.SetOutput(io.Discard) return false } @@ -103,6 +102,9 @@ func main() { } configFilePath := os.Args[1] config, err := util.LoadConfig(configFilePath) + if err != nil { + log.Fatalf("Failed to load enterprise cert config: %v", err) + } enterpriseCertSigner := new(EnterpriseCertSigner) enterpriseCertSigner.key, err = keychain.Cred(config.CertConfigs.MacOSKeychain.Issuer) diff --git a/internal/signer/darwin/util/util.go b/internal/signer/darwin/util/util.go index 4f238a9..b8019d8 100644 --- a/internal/signer/darwin/util/util.go +++ b/internal/signer/darwin/util/util.go @@ -16,7 +16,7 @@ package util import ( "encoding/json" - "io/ioutil" + "io" "os" ) @@ -42,7 +42,7 @@ func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err return EnterpriseCertificateConfig{}, err } - byteValue, err := ioutil.ReadAll(jsonFile) + byteValue, err := io.ReadAll(jsonFile) if err != nil { return EnterpriseCertificateConfig{}, err } diff --git a/internal/signer/linux/signer.go b/internal/signer/linux/signer.go index c48d989..ac2bb25 100644 --- a/internal/signer/linux/signer.go +++ b/internal/signer/linux/signer.go @@ -24,7 +24,6 @@ import ( "crypto/x509" "encoding/gob" "io" - "io/ioutil" "log" "net/rpc" "os" @@ -39,7 +38,7 @@ func enableECPLogging() bool { return true } - log.SetOutput(ioutil.Discard) + log.SetOutput(io.Discard) return false } @@ -103,6 +102,10 @@ func main() { } configFilePath := os.Args[1] config, err := util.LoadConfig(configFilePath) + if err != nil { + log.Fatalf("Failed to load enterprise cert config: %v", err) + } + enterpriseCertSigner := new(EnterpriseCertSigner) enterpriseCertSigner.key, err = util.Cred(config.CertConfigs.PKCS11.PKCS11Module, config.CertConfigs.PKCS11.Slot, config.CertConfigs.PKCS11.Label, config.CertConfigs.PKCS11.UserPin) if err != nil { diff --git a/internal/signer/linux/util/util.go b/internal/signer/linux/util/util.go index 521fa0b..630840a 100644 --- a/internal/signer/linux/util/util.go +++ b/internal/signer/linux/util/util.go @@ -16,7 +16,7 @@ package util import ( "encoding/json" - "io/ioutil" + "io" "os" "strconv" "strings" @@ -57,7 +57,7 @@ func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err return EnterpriseCertificateConfig{}, err } - byteValue, err := ioutil.ReadAll(jsonFile) + byteValue, err := io.ReadAll(jsonFile) if err != nil { return EnterpriseCertificateConfig{}, err } diff --git a/internal/signer/test/signer.go b/internal/signer/test/signer.go index 0ef0710..c34fc14 100644 --- a/internal/signer/test/signer.go +++ b/internal/signer/test/signer.go @@ -20,7 +20,6 @@ import ( "crypto/tls" "crypto/x509" "io" - "io/ioutil" "log" "net/rpc" "os" @@ -83,7 +82,7 @@ func (k *EnterpriseCertSigner) Sign(args SignArgs, resp *[]byte) (err error) { func main() { enterpriseCertSigner := new(EnterpriseCertSigner) - data, err := ioutil.ReadFile(os.Args[1]) + data, err := os.ReadFile(os.Args[1]) if err != nil { log.Fatalf("Error reading certificate: %v", err) } diff --git a/internal/signer/windows/.gitattributes b/internal/signer/windows/.gitattributes new file mode 100644 index 0000000..a0717e4 --- /dev/null +++ b/internal/signer/windows/.gitattributes @@ -0,0 +1 @@ +*.go text eol=lf
\ No newline at end of file diff --git a/internal/signer/windows/ncrypt/cert_util.go b/internal/signer/windows/ncrypt/cert_util.go index bc75164..f2f078a 100644 --- a/internal/signer/windows/ncrypt/cert_util.go +++ b/internal/signer/windows/ncrypt/cert_util.go @@ -59,9 +59,6 @@ const ( ) var ( - // my is the MY system store (see https://msdn.microsoft.com/en-us/library/windows/desktop/aa376560(v=vs.85).aspx) - my = []uint16{'M', 'Y', 0} - null = uintptr(unsafe.Pointer(nil)) crypt32 = windows.MustLoadDLL("crypt32.dll") @@ -96,13 +93,6 @@ func findCert(store windows.Handle, enc uint32, findFlags uint32, findType uint3 return (*windows.CertContext)(unsafe.Pointer(h)), nil } -// printCertificateList prints the index and subject of certificates in a list. -func printCertificateList(certs []*x509.Certificate) { - for i, xc := range certs { - fmt.Printf("[%d] %s\n", i, xc.Subject.ToRDNSequence()) - } -} - // extractSimpleChain extracts the final certificate chain from a CertSimpleChain. // Adapted from crypto.x509.root_windows func extractSimpleChain(simpleChain **windows.CertSimpleChain, chainCount int) ([]*x509.Certificate, error) { @@ -167,7 +157,7 @@ func findCertChain(cert *windows.CertContext) ([]*x509.Certificate, error) { // intendedKeyUsage wraps CertGetIntendedKeyUsage. If there are key usage bytes they will be returned, // otherwise 0 will be returned. func intendedKeyUsage(enc uint32, cert *windows.CertContext) (usage uint16) { - certGetIntendedKeyUsage.Call(uintptr(enc), uintptr(unsafe.Pointer(cert.CertInfo)), uintptr(unsafe.Pointer(&usage)), 2) + _, _, _ = certGetIntendedKeyUsage.Call(uintptr(enc), uintptr(unsafe.Pointer(cert.CertInfo)), uintptr(unsafe.Pointer(&usage)), 2) return } diff --git a/internal/signer/windows/signer.go b/internal/signer/windows/signer.go index 5bc6cb4..9ef64ab 100644 --- a/internal/signer/windows/signer.go +++ b/internal/signer/windows/signer.go @@ -23,7 +23,6 @@ import ( "crypto/x509" "encoding/gob" "io" - "io/ioutil" "log" "net/rpc" "os" @@ -39,7 +38,7 @@ func enableECPLogging() bool { return true } - log.SetOutput(ioutil.Discard) + log.SetOutput(io.Discard) return false } @@ -103,6 +102,9 @@ func main() { } configFilePath := os.Args[1] config, err := util.LoadConfig(configFilePath) + if err != nil { + log.Fatalf("Failed to load enterprise cert config: %v", err) + } enterpriseCertSigner := new(EnterpriseCertSigner) enterpriseCertSigner.key, err = ncrypt.Cred(config.CertConfigs.WindowsStore.Issuer, config.CertConfigs.WindowsStore.Store, config.CertConfigs.WindowsStore.Provider) diff --git a/internal/signer/windows/util/util.go b/internal/signer/windows/util/util.go index a93fc7e..a2bb1bd 100644 --- a/internal/signer/windows/util/util.go +++ b/internal/signer/windows/util/util.go @@ -16,7 +16,7 @@ package util import ( "encoding/json" - "io/ioutil" + "io" "os" ) @@ -44,7 +44,7 @@ func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err return EnterpriseCertificateConfig{}, err } - byteValue, err := ioutil.ReadAll(jsonFile) + byteValue, err := io.ReadAll(jsonFile) if err != nil { return EnterpriseCertificateConfig{}, err } |