mirror of
https://github.com/Luzifer/go-dhparam.git
synced 2024-12-20 11:01:19 +00:00
Fix linter errors, update required Go version
This commit is contained in:
parent
a42823ee10
commit
07b2fd08e7
7 changed files with 32 additions and 37 deletions
4
.github/workflows/test.yaml
vendored
4
.github/workflows/test.yaml
vendored
|
@ -9,8 +9,8 @@ jobs:
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
version:
|
version:
|
||||||
- '1.19-alpine'
|
- '1.22-alpine'
|
||||||
- '1.20-alpine'
|
- '1.23-alpine'
|
||||||
- alpine
|
- alpine
|
||||||
|
|
||||||
defaults:
|
defaults:
|
||||||
|
|
11
.travis.yml
11
.travis.yml
|
@ -1,11 +0,0 @@
|
||||||
language: go
|
|
||||||
|
|
||||||
go:
|
|
||||||
- 1.12.x
|
|
||||||
- 1.13.x
|
|
||||||
- 1.14.x
|
|
||||||
- tip
|
|
||||||
|
|
||||||
script:
|
|
||||||
- go vet
|
|
||||||
- go test -v -cover -timeout 1800s
|
|
4
dh.go
4
dh.go
|
@ -1,3 +1,5 @@
|
||||||
|
// Package dhparam is a pure Golang implementation of the openssl
|
||||||
|
// dhparam generator no requiring any CGO bindings
|
||||||
package dhparam
|
package dhparam
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -23,7 +25,7 @@ type DH struct {
|
||||||
|
|
||||||
// Decode reads a DH parameters struct from its PEM data
|
// Decode reads a DH parameters struct from its PEM data
|
||||||
func Decode(pemData []byte) (*DH, error) {
|
func Decode(pemData []byte) (*DH, error) {
|
||||||
if pemData == nil || len(pemData) == 0 {
|
if len(pemData) == 0 {
|
||||||
return nil, ErrNoPem
|
return nil, ErrNoPem
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
13
generator.go
13
generator.go
|
@ -59,9 +59,9 @@ func GenerateWithContext(ctx context.Context, bits int, generator Generator, cb
|
||||||
}
|
}
|
||||||
|
|
||||||
switch generator {
|
switch generator {
|
||||||
case 2:
|
case 2: //nolint:mnd
|
||||||
padd, rem = 24, 11
|
padd, rem = 24, 11
|
||||||
case 5:
|
case 5: //nolint:mnd
|
||||||
padd, rem = 10, 3
|
padd, rem = 10, 3
|
||||||
default:
|
default:
|
||||||
padd, rem = 2, 1
|
padd, rem = 2, 1
|
||||||
|
@ -70,7 +70,7 @@ func GenerateWithContext(ctx context.Context, bits int, generator Generator, cb
|
||||||
for {
|
for {
|
||||||
select {
|
select {
|
||||||
case <-ctx.Done():
|
case <-ctx.Done():
|
||||||
return nil, ctx.Err()
|
return nil, ctx.Err() //nolint:wrapcheck // Fine in this case
|
||||||
default:
|
default:
|
||||||
if prime, err = genPrime(bits, big.NewInt(padd), big.NewInt(rem)); err != nil {
|
if prime, err = genPrime(bits, big.NewInt(padd), big.NewInt(rem)); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -107,7 +107,7 @@ func genPrime(bits int, padd, rem *big.Int) (*big.Int, error) {
|
||||||
err error
|
err error
|
||||||
p = new(big.Int)
|
p = new(big.Int)
|
||||||
qadd = new(big.Int)
|
qadd = new(big.Int)
|
||||||
q = new(big.Int)
|
q *big.Int
|
||||||
t1 = new(big.Int)
|
t1 = new(big.Int)
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -146,10 +146,11 @@ func mightBePrime(i *big.Int) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//nolint:mnd
|
||||||
func genRand(bits int) (*big.Int, error) {
|
func genRand(bits int) (*big.Int, error) {
|
||||||
bytes := (bits + 7) / 8
|
bytes := (bits + 7) / 8
|
||||||
bit := (bits - 1) % 8
|
bit := (bits - 1) % 8
|
||||||
mask := 0xff << uint(bit+1)
|
mask := 0xff << uint(bit+1) //#nosec:G115 // Should only ever run with positive ints
|
||||||
|
|
||||||
buf := make([]byte, bytes)
|
buf := make([]byte, bytes)
|
||||||
if _, err := rand.Read(buf); err != nil {
|
if _, err := rand.Read(buf); err != nil {
|
||||||
|
@ -160,7 +161,7 @@ func genRand(bits int) (*big.Int, error) {
|
||||||
buf[0] = 1
|
buf[0] = 1
|
||||||
buf[1] |= 0x80
|
buf[1] |= 0x80
|
||||||
} else {
|
} else {
|
||||||
buf[0] |= 3 << uint(bit-1)
|
buf[0] |= 3 << uint(bit-1) //#nosec:G115 // Should only ever run with positive ints
|
||||||
}
|
}
|
||||||
|
|
||||||
buf[0] &= byte(^mask)
|
buf[0] &= byte(^mask)
|
||||||
|
|
|
@ -11,6 +11,7 @@ import (
|
||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
//nolint:errcheck,gosec,revive
|
||||||
func opensslOutput(r GeneratorResult) {
|
func opensslOutput(r GeneratorResult) {
|
||||||
switch r {
|
switch r {
|
||||||
case GeneratorFoundPossiblePrime:
|
case GeneratorFoundPossiblePrime:
|
||||||
|
@ -39,15 +40,15 @@ func execGeneratorIntegration(t *testing.T, bitsize int, generator Generator) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("Unable to create tempfile: %s", err)
|
t.Fatalf("Unable to create tempfile: %s", err)
|
||||||
}
|
}
|
||||||
defer os.Remove(f.Name())
|
defer os.Remove(f.Name()) //nolint:errcheck
|
||||||
|
|
||||||
if _, err = f.Write(pem); err != nil {
|
if _, err = f.Write(pem); err != nil {
|
||||||
t.Fatalf("Unable to write tempfile: %s", err)
|
t.Fatalf("Unable to write tempfile: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
f.Close()
|
f.Close() //nolint:errcheck,gosec,revive
|
||||||
|
|
||||||
cmd := exec.Command("openssl", "dhparam", "-inform", "PEM", "-in", f.Name(), "-check", "-noout", "-text")
|
cmd := exec.Command("openssl", "dhparam", "-inform", "PEM", "-in", f.Name(), "-check", "-noout", "-text") //#nosec:G204 // Only for tests
|
||||||
cmd.Stdin = bytes.NewReader(pem)
|
cmd.Stdin = bytes.NewReader(pem)
|
||||||
cmd.Stdout = buf
|
cmd.Stdout = buf
|
||||||
cmd.Stderr = buf
|
cmd.Stderr = buf
|
||||||
|
|
2
go.mod
2
go.mod
|
@ -1,3 +1,3 @@
|
||||||
module github.com/Luzifer/go-dhparam
|
module github.com/Luzifer/go-dhparam
|
||||||
|
|
||||||
go 1.19
|
go 1.22
|
||||||
|
|
28
validate.go
28
validate.go
|
@ -1,18 +1,19 @@
|
||||||
package dhparam
|
package dhparam
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"math/big"
|
|
||||||
|
|
||||||
"errors"
|
"errors"
|
||||||
|
"math/big"
|
||||||
)
|
)
|
||||||
|
|
||||||
const dhCheckPNotPrime = 0x01
|
const (
|
||||||
const dhCheckPNotSafePrime = 0x02
|
dhCheckPNotPrime = 0x01
|
||||||
const dhUnableToCheckGenerator = 0x04
|
dhCheckPNotSafePrime = 0x02
|
||||||
const dhNotSuitableGenerator = 0x08
|
dhUnableToCheckGenerator = 0x04
|
||||||
const dhCheckQNotPrime = 0x10
|
dhNotSuitableGenerator = 0x08
|
||||||
const dhCheckInvalidQValue = 0x20
|
dhCheckQNotPrime = 0x10
|
||||||
const dhCheckInvalidJValue = 0x40
|
dhCheckInvalidQValue = 0x20
|
||||||
|
dhCheckInvalidJValue = 0x40
|
||||||
|
)
|
||||||
|
|
||||||
// ErrAllParametersOK is defined to check whether the returned error from Check is indeed no error
|
// ErrAllParametersOK is defined to check whether the returned error from Check is indeed no error
|
||||||
// For simplicity reasons it is defined as an error instead of an additional result parameter
|
// For simplicity reasons it is defined as an error instead of an additional result parameter
|
||||||
|
@ -71,19 +72,20 @@ func (d DH) Check() ([]error, bool) {
|
||||||
return result, ok
|
return result, ok
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//revive:disable-next-line:confusing-naming // Intended in this case as this is the real functionality
|
||||||
func (d DH) check() int {
|
func (d DH) check() int {
|
||||||
var ret int
|
var ret int
|
||||||
|
|
||||||
// Check generator
|
// Check generator
|
||||||
switch d.G {
|
switch d.G {
|
||||||
case 2:
|
case 2: //nolint:mnd
|
||||||
l := new(big.Int)
|
l := new(big.Int)
|
||||||
if l.Mod(d.P, big.NewInt(24)); l.Int64() != 11 {
|
if l.Mod(d.P, big.NewInt(24)); l.Int64() != 11 { //nolint:mnd
|
||||||
ret |= dhNotSuitableGenerator
|
ret |= dhNotSuitableGenerator
|
||||||
}
|
}
|
||||||
case 5:
|
case 5: //nolint:mnd
|
||||||
l := new(big.Int)
|
l := new(big.Int)
|
||||||
if l.Mod(d.P, big.NewInt(10)); l.Int64() != 3 && l.Int64() != 7 {
|
if l.Mod(d.P, big.NewInt(10)); l.Int64() != 3 && l.Int64() != 7 { //nolint:mnd
|
||||||
ret |= dhNotSuitableGenerator
|
ret |= dhNotSuitableGenerator
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
|
|
Loading…
Reference in a new issue