chore: Add Linter step to all relevant workflows and fix lint errors. (#67)

17 files changed, 63 insertions, 49 deletions

diff --git a/.github/workflows/test-client.yml b/.github/workflows/test-client.yml
index ba2703d..2a61bac 100644
--- a/.github/workflows/test-client.yml
+++ b/.github/workflows/test-client.yml
@@ -16,10 +16,16 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v3
       with:
-        go-version: 1.18
+        go-version: 1.19
 
     - name: Build
       run: go build -v ./client/...
 
     - name: Test
       run: go test -v ./client/...
+
+    - name: Lint
+      uses: golangci/golangci-lint-action@v3
+      with:
+        version: latest
+        args: -E gofmt --max-same-issues 0
diff --git a/.github/workflows/test-signer-darwin.yml b/.github/workflows/test-signer-darwin.yml
index 30ed888..bcfe6ce 100644
--- a/.github/workflows/test-signer-darwin.yml
+++ b/.github/workflows/test-signer-darwin.yml
@@ -16,7 +16,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v3
       with:
-        go-version: 1.18
+        go-version: 1.19
 
     - name: Build
       working-directory: ./internal/signer/darwin
@@ -25,6 +25,13 @@ jobs:
     - name: Test
       working-directory: ./internal/signer/darwin
       run: go test -v ./...
+      
+    - name: Lint
+      uses: golangci/golangci-lint-action@v3
+      with:
+        version: latest
+        working-directory: ./internal/signer/darwin
+        args: -E gofmt --max-same-issues 0
 
     - name: Create Binaries
       run: ./build/scripts/darwin_amd64.sh && ./build/scripts/darwin_arm64.sh
diff --git a/.github/workflows/test-signer-linux.yml b/.github/workflows/test-signer-linux.yml
index 0ad3e11..1949146 100644
--- a/.github/workflows/test-signer-linux.yml
+++ b/.github/workflows/test-signer-linux.yml
@@ -16,7 +16,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v3
       with:
-        go-version: 1.18
+        go-version: 1.19
 
     - name: Build
       working-directory: ./internal/signer/linux
@@ -26,6 +26,13 @@ jobs:
       working-directory: ./internal/signer/linux
       run: go test -v ./...
 
+    - name: Lint
+      uses: golangci/golangci-lint-action@v3
+      with:
+        version: latest
+        working-directory: ./internal/signer/linux
+        args: -E gofmt --max-same-issues 0
+
     - name: Create Binaries
       run: ./build/scripts/linux_amd64.sh
 
diff --git a/.github/workflows/test-signer-windows.yml b/.github/workflows/test-signer-windows.yml
index 550f17c..7bd1c3d 100644
--- a/.github/workflows/test-signer-windows.yml
+++ b/.github/workflows/test-signer-windows.yml
@@ -16,7 +16,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v3
       with:
-        go-version: 1.18
+        go-version: 1.19
 
     - name: Build
       working-directory: ./internal/signer/windows
@@ -25,6 +25,13 @@ jobs:
     - name: Test
       working-directory: ./internal/signer/windows
       run: go test -v ./...
+      
+    - name: Lint
+      uses: golangci/golangci-lint-action@v3
+      with:
+        version: latest
+        working-directory: ./internal/signer/windows
+        args: -E gofmt --max-same-issues 0
 
     - name: Create Binaries
       run: .\build\scripts\windows_amd64.ps1
diff --git a/client/client.go b/client/client.go
index 0a2d4d7..7a34c0f 100644
--- a/client/client.go
+++ b/client/client.go
@@ -25,7 +25,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"log"
 	"net/rpc"
 	"os"
@@ -61,7 +60,7 @@ func enableECPLogging() bool {
 		return true
 	}
 
-	log.SetOutput(ioutil.Discard)
+	log.SetOutput(io.Discard)
 	return false
 }
 
@@ -97,7 +96,7 @@ func (k *Key) Close() error {
 	}
 	// Wait for cmd to exit and release resources. Since the process is forcefully killed, this
 	// will return a non-nil error (varies by OS), which we will ignore.
-	k.cmd.Wait()
+	_ = k.cmd.Wait()
 	// The Pipes connecting the RPC client should have been closed when the signer subprocess was killed.
 	// Calling `k.client.Close()` before `k.cmd.Process.Kill()` or `k.cmd.Wait()` _will_ cause a segfault.
 	if err := k.client.Close(); err.Error() != "close |0: file already closed" {
diff --git a/client/util/util.go b/client/util/util.go
index a88dbd4..1640ec1 100644
--- a/client/util/util.go
+++ b/client/util/util.go
@@ -17,7 +17,7 @@ package util
 import (
 	"encoding/json"
 	"errors"
-	"io/ioutil"
+	"io"
 	"os"
 	"os/user"
 	"path/filepath"
@@ -50,7 +50,7 @@ func LoadSignerBinaryPath(configFilePath string) (path string, err error) {
 		return "", err
 	}
 
-	byteValue, err := ioutil.ReadAll(jsonFile)
+	byteValue, err := io.ReadAll(jsonFile)
 	if err != nil {
 		return "", err
 	}
diff --git a/cshared/main.go b/cshared/main.go
index db41a93..927719f 100644
--- a/cshared/main.go
+++ b/cshared/main.go
@@ -31,7 +31,7 @@ import (
 	"crypto/ecdsa"
 	"crypto/rsa"
 	"encoding/pem"
-	"io/ioutil"
+	"io"
 	"log"
 	"os"
 	"unsafe"
@@ -46,7 +46,7 @@ func enableECPLogging() bool {
 		return true
 	}
 
-	log.SetOutput(ioutil.Discard)
+	log.SetOutput(io.Discard)
 	return false
 }
 
@@ -138,16 +138,14 @@ func SignForPython(configFilePath *C.char, digest *byte, digestLen int, sigHolde
 		log.Printf("failed to sign hash: %v", signErr)
 		return 0
 	}
-
-	// Create a Go buffer around the output buffer and copy the signature into the buffer
-	outBytes := unsafe.Slice(sigHolder, sigHolderLen)
 	if sigHolderLen < len(signature) {
 		log.Printf("The sigHolder buffer size %d is smaller than the signature size %d", sigHolderLen, len(signature))
 		return 0
 	}
-	for i := 0; i < len(signature); i++ {
-		outBytes[i] = signature[i]
-	}
+
+	// Create a Go buffer around the output buffer and copy the signature into the buffer
+	outBytes := unsafe.Slice(sigHolder, sigHolderLen)
+	copy(outBytes, signature)
 	return len(signature)
 }
 
diff --git a/internal/signer/darwin/keychain/keychain_test.go b/internal/signer/darwin/keychain/keychain_test.go
index f58ac53..946ba9b 100644
--- a/internal/signer/darwin/keychain/keychain_test.go
+++ b/internal/signer/darwin/keychain/keychain_test.go
@@ -18,17 +18,10 @@ package keychain
 
 import (
 	"bytes"
-	"crypto"
 	"testing"
 	"unsafe"
 )
 
-type signerOpts crypto.Hash
-
-func (s signerOpts) HashFunc() crypto.Hash {
-	return crypto.Hash(s)
-}
-
 func TestKeychainError(t *testing.T) {
 	tests := []struct {
 		e    keychainError
diff --git a/internal/signer/darwin/signer.go b/internal/signer/darwin/signer.go
index f5b89a7..3eac7db 100644
--- a/internal/signer/darwin/signer.go
+++ b/internal/signer/darwin/signer.go
@@ -23,7 +23,6 @@ import (
 	"crypto/x509"
 	"encoding/gob"
 	"io"
-	"io/ioutil"
 	"log"
 	"net/rpc"
 	"os"
@@ -39,7 +38,7 @@ func enableECPLogging() bool {
 		return true
 	}
 
-	log.SetOutput(ioutil.Discard)
+	log.SetOutput(io.Discard)
 	return false
 }
 
@@ -103,6 +102,9 @@ func main() {
 	}
 	configFilePath := os.Args[1]
 	config, err := util.LoadConfig(configFilePath)
+	if err != nil {
+		log.Fatalf("Failed to load enterprise cert config: %v", err)
+	}
 
 	enterpriseCertSigner := new(EnterpriseCertSigner)
 	enterpriseCertSigner.key, err = keychain.Cred(config.CertConfigs.MacOSKeychain.Issuer)
diff --git a/internal/signer/darwin/util/util.go b/internal/signer/darwin/util/util.go
index 4f238a9..b8019d8 100644
--- a/internal/signer/darwin/util/util.go
+++ b/internal/signer/darwin/util/util.go
@@ -16,7 +16,7 @@ package util
 
 import (
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"os"
 )
 
@@ -42,7 +42,7 @@ func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err
 		return EnterpriseCertificateConfig{}, err
 	}
 
-	byteValue, err := ioutil.ReadAll(jsonFile)
+	byteValue, err := io.ReadAll(jsonFile)
 	if err != nil {
 		return EnterpriseCertificateConfig{}, err
 	}
diff --git a/internal/signer/linux/signer.go b/internal/signer/linux/signer.go
index c48d989..ac2bb25 100644
--- a/internal/signer/linux/signer.go
+++ b/internal/signer/linux/signer.go
@@ -24,7 +24,6 @@ import (
 	"crypto/x509"
 	"encoding/gob"
 	"io"
-	"io/ioutil"
 	"log"
 	"net/rpc"
 	"os"
@@ -39,7 +38,7 @@ func enableECPLogging() bool {
 		return true
 	}
 
-	log.SetOutput(ioutil.Discard)
+	log.SetOutput(io.Discard)
 	return false
 }
 
@@ -103,6 +102,10 @@ func main() {
 	}
 	configFilePath := os.Args[1]
 	config, err := util.LoadConfig(configFilePath)
+	if err != nil {
+		log.Fatalf("Failed to load enterprise cert config: %v", err)
+	}
+
 	enterpriseCertSigner := new(EnterpriseCertSigner)
 	enterpriseCertSigner.key, err = util.Cred(config.CertConfigs.PKCS11.PKCS11Module, config.CertConfigs.PKCS11.Slot, config.CertConfigs.PKCS11.Label, config.CertConfigs.PKCS11.UserPin)
 	if err != nil {
diff --git a/internal/signer/linux/util/util.go b/internal/signer/linux/util/util.go
index 521fa0b..630840a 100644
--- a/internal/signer/linux/util/util.go
+++ b/internal/signer/linux/util/util.go
@@ -16,7 +16,7 @@ package util
 
 import (
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"os"
 	"strconv"
 	"strings"
@@ -57,7 +57,7 @@ func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err
 		return EnterpriseCertificateConfig{}, err
 	}
 
-	byteValue, err := ioutil.ReadAll(jsonFile)
+	byteValue, err := io.ReadAll(jsonFile)
 	if err != nil {
 		return EnterpriseCertificateConfig{}, err
 	}
diff --git a/internal/signer/test/signer.go b/internal/signer/test/signer.go
index 0ef0710..c34fc14 100644
--- a/internal/signer/test/signer.go
+++ b/internal/signer/test/signer.go
@@ -20,7 +20,6 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"io"
-	"io/ioutil"
 	"log"
 	"net/rpc"
 	"os"
@@ -83,7 +82,7 @@ func (k *EnterpriseCertSigner) Sign(args SignArgs, resp *[]byte) (err error) {
 func main() {
 	enterpriseCertSigner := new(EnterpriseCertSigner)
 
-	data, err := ioutil.ReadFile(os.Args[1])
+	data, err := os.ReadFile(os.Args[1])
 	if err != nil {
 		log.Fatalf("Error reading certificate: %v", err)
 	}
diff --git a/internal/signer/windows/.gitattributes b/internal/signer/windows/.gitattributes
new file mode 100644
index 0000000..a0717e4
--- /dev/null
+++ b/internal/signer/windows/.gitattributes
@@ -0,0 +1 @@
+*.go text eol=lf
\ No newline at end of file
diff --git a/internal/signer/windows/ncrypt/cert_util.go b/internal/signer/windows/ncrypt/cert_util.go
index bc75164..f2f078a 100644
--- a/internal/signer/windows/ncrypt/cert_util.go
+++ b/internal/signer/windows/ncrypt/cert_util.go
@@ -59,9 +59,6 @@ const (
 )
 
 var (
-	// my is the MY system store (see https://msdn.microsoft.com/en-us/library/windows/desktop/aa376560(v=vs.85).aspx)
-	my = []uint16{'M', 'Y', 0}
-
 	null = uintptr(unsafe.Pointer(nil))
 
 	crypt32 = windows.MustLoadDLL("crypt32.dll")
@@ -96,13 +93,6 @@ func findCert(store windows.Handle, enc uint32, findFlags uint32, findType uint3
 	return (*windows.CertContext)(unsafe.Pointer(h)), nil
 }
 
-// printCertificateList prints the index and subject of certificates in a list.
-func printCertificateList(certs []*x509.Certificate) {
-	for i, xc := range certs {
-		fmt.Printf("[%d] %s\n", i, xc.Subject.ToRDNSequence())
-	}
-}
-
 // extractSimpleChain extracts the final certificate chain from a CertSimpleChain.
 // Adapted from crypto.x509.root_windows
 func extractSimpleChain(simpleChain **windows.CertSimpleChain, chainCount int) ([]*x509.Certificate, error) {
@@ -167,7 +157,7 @@ func findCertChain(cert *windows.CertContext) ([]*x509.Certificate, error) {
 // intendedKeyUsage wraps CertGetIntendedKeyUsage. If there are key usage bytes they will be returned,
 // otherwise 0 will be returned.
 func intendedKeyUsage(enc uint32, cert *windows.CertContext) (usage uint16) {
-	certGetIntendedKeyUsage.Call(uintptr(enc), uintptr(unsafe.Pointer(cert.CertInfo)), uintptr(unsafe.Pointer(&usage)), 2)
+	_, _, _ = certGetIntendedKeyUsage.Call(uintptr(enc), uintptr(unsafe.Pointer(cert.CertInfo)), uintptr(unsafe.Pointer(&usage)), 2)
 	return
 }
 
diff --git a/internal/signer/windows/signer.go b/internal/signer/windows/signer.go
index 5bc6cb4..9ef64ab 100644
--- a/internal/signer/windows/signer.go
+++ b/internal/signer/windows/signer.go
@@ -23,7 +23,6 @@ import (
 	"crypto/x509"
 	"encoding/gob"
 	"io"
-	"io/ioutil"
 	"log"
 	"net/rpc"
 	"os"
@@ -39,7 +38,7 @@ func enableECPLogging() bool {
 		return true
 	}
 
-	log.SetOutput(ioutil.Discard)
+	log.SetOutput(io.Discard)
 	return false
 }
 
@@ -103,6 +102,9 @@ func main() {
 	}
 	configFilePath := os.Args[1]
 	config, err := util.LoadConfig(configFilePath)
+	if err != nil {
+		log.Fatalf("Failed to load enterprise cert config: %v", err)
+	}
 
 	enterpriseCertSigner := new(EnterpriseCertSigner)
 	enterpriseCertSigner.key, err = ncrypt.Cred(config.CertConfigs.WindowsStore.Issuer, config.CertConfigs.WindowsStore.Store, config.CertConfigs.WindowsStore.Provider)
diff --git a/internal/signer/windows/util/util.go b/internal/signer/windows/util/util.go
index a93fc7e..a2bb1bd 100644
--- a/internal/signer/windows/util/util.go
+++ b/internal/signer/windows/util/util.go
@@ -16,7 +16,7 @@ package util
 
 import (
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"os"
 )
 
@@ -44,7 +44,7 @@ func LoadConfig(configFilePath string) (config EnterpriseCertificateConfig, err
 		return EnterpriseCertificateConfig{}, err
 	}
 
-	byteValue, err := ioutil.ReadAll(jsonFile)
+	byteValue, err := io.ReadAll(jsonFile)
 	if err != nil {
 		return EnterpriseCertificateConfig{}, err
 	}