Address staticcheck issues

bio.go

@@ -112,41 +112,41 @@ func writeBioPending(b *C.BIO) C.long {
 	return C.long(len(ptr.buf))
 }
 
-func (b *writeBio) WriteTo(w io.Writer) (rv int64, err error) {
-	b.op_mtx.Lock()
-	defer b.op_mtx.Unlock()
+func (wb *writeBio) WriteTo(w io.Writer) (rv int64, err error) {
+	wb.op_mtx.Lock()
+	defer wb.op_mtx.Unlock()
 
 	// write whatever data we currently have
-	b.data_mtx.Lock()
-	data := b.buf
-	b.data_mtx.Unlock()
+	wb.data_mtx.Lock()
+	data := wb.buf
+	wb.data_mtx.Unlock()
 
 	if len(data) == 0 {
 		return 0, nil
 	}
 	n, err := w.Write(data)
 
 	// subtract however much data we wrote from the buffer
-	b.data_mtx.Lock()
-	b.buf = b.buf[:copy(b.buf, b.buf[n:])]
-	if b.release_buffers && len(b.buf) == 0 {
-		b.buf = nil
+	wb.data_mtx.Lock()
+	wb.buf = wb.buf[:copy(wb.buf, wb.buf[n:])]
+	if wb.release_buffers && len(wb.buf) == 0 {
+		wb.buf = nil
 	}
-	b.data_mtx.Unlock()
+	wb.data_mtx.Unlock()
 
 	return int64(n), err
 }
 
-func (self *writeBio) Disconnect(b *C.BIO) {
-	if loadWritePtr(b) == self {
+func (wb *writeBio) Disconnect(b *C.BIO) {
+	if loadWritePtr(b) == wb {
 		writeBioMapping.Del(token(C.X_BIO_get_data(b)))
 		C.X_BIO_set_data(b, nil)
 	}
 }
 
-func (b *writeBio) MakeCBIO() *C.BIO {
+func (wb *writeBio) MakeCBIO() *C.BIO {
 	rv := C.X_BIO_new_write_bio()
-	token := writeBioMapping.Add(unsafe.Pointer(b))
+	token := writeBioMapping.Add(unsafe.Pointer(wb))
 	C.X_BIO_set_data(rv, unsafe.Pointer(token))
 	return rv
 }
@@ -228,53 +228,53 @@ func readBioPending(b *C.BIO) C.long {
 	return C.long(len(ptr.buf))
 }
 
-func (b *readBio) ReadFromOnce(r io.Reader) (n int, err error) {
-	b.op_mtx.Lock()
-	defer b.op_mtx.Unlock()
+func (rb *readBio) ReadFromOnce(r io.Reader) (n int, err error) {
+	rb.op_mtx.Lock()
+	defer rb.op_mtx.Unlock()
 
 	// make sure we have a destination that fits at least one SSL record
-	b.data_mtx.Lock()
-	if cap(b.buf) < len(b.buf)+SSLRecordSize {
-		new_buf := make([]byte, len(b.buf), len(b.buf)+SSLRecordSize)
-		copy(new_buf, b.buf)
-		b.buf = new_buf
+	rb.data_mtx.Lock()
+	if cap(rb.buf) < len(rb.buf)+SSLRecordSize {
+		new_buf := make([]byte, len(rb.buf), len(rb.buf)+SSLRecordSize)
+		copy(new_buf, rb.buf)
+		rb.buf = new_buf
 	}
-	dst := b.buf[len(b.buf):cap(b.buf)]
-	dst_slice := b.buf
-	b.data_mtx.Unlock()
+	dst := rb.buf[len(rb.buf):cap(rb.buf)]
+	dst_slice := rb.buf
+	rb.data_mtx.Unlock()
 
 	n, err = r.Read(dst)
-	b.data_mtx.Lock()
-	defer b.data_mtx.Unlock()
+	rb.data_mtx.Lock()
+	defer rb.data_mtx.Unlock()
 	if n > 0 {
-		if len(dst_slice) != len(b.buf) {
+		if len(dst_slice) != len(rb.buf) {
 			// someone shrunk the buffer, so we read in too far ahead and we
 			// need to slide backwards
-			copy(b.buf[len(b.buf):len(b.buf)+n], dst)
+			copy(rb.buf[len(rb.buf):len(rb.buf)+n], dst)
 		}
-		b.buf = b.buf[:len(b.buf)+n]
+		rb.buf = rb.buf[:len(rb.buf)+n]
 	}
 	return n, err
 }
 
-func (b *readBio) MakeCBIO() *C.BIO {
+func (rb *readBio) MakeCBIO() *C.BIO {
 	rv := C.X_BIO_new_read_bio()
-	token := readBioMapping.Add(unsafe.Pointer(b))
+	token := readBioMapping.Add(unsafe.Pointer(rb))
 	C.X_BIO_set_data(rv, unsafe.Pointer(token))
 	return rv
 }
 
-func (self *readBio) Disconnect(b *C.BIO) {
-	if loadReadPtr(b) == self {
+func (rb *readBio) Disconnect(b *C.BIO) {
+	if loadReadPtr(b) == rb {
 		readBioMapping.Del(token(C.X_BIO_get_data(b)))
 		C.X_BIO_set_data(b, nil)
 	}
 }
 
-func (b *readBio) MarkEOF() {
-	b.data_mtx.Lock()
-	defer b.data_mtx.Unlock()
-	b.eof = true
+func (rb *readBio) MarkEOF() {
+	rb.data_mtx.Lock()
+	defer rb.data_mtx.Unlock()
+	rb.eof = true
 }
 
 type anyBio C.BIO

cert.go

@@ -267,8 +267,8 @@ func (c *Certificate) Sign(privKey PrivateKey, digest EVP_MD) error {
 	case EVP_SHA384:
 	case EVP_SHA512:
 	default:
-		return errors.New("Unsupported digest" +
-			"You're probably looking for 'EVP_SHA256' or 'EVP_SHA512'.")
+		return errors.New("unsupported digest; " +
+			"you're probably looking for 'EVP_SHA256' or 'EVP_SHA512'")
 	}
 	return c.insecureSign(privKey, digest)
 }
@@ -336,7 +336,7 @@ func (c *Certificate) AddCustomExtension(nid NID, value []byte) error {
 	val := (*C.char)(C.CBytes(value))
 	defer C.free(unsafe.Pointer(val))
 	if int(C.add_custom_ext(c.x, C.int(nid), val, C.int(len(value)))) == 0 {
-		return errors.New("Unable to add extension")
+		return errors.New("unable to add extension")
 	}
 	return nil
 }

ciphers.go

@@ -125,7 +125,7 @@ func (ctx *cipherCtx) applyKeyAndIV(key, iv []byte) error {
 		} else {
 			res = C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, kptr, iptr)
 		}
-		if 1 != res {
+		if res != 1 {
 			return errors.New("failed to apply key/IV")
 		}
 	}
@@ -243,7 +243,7 @@ func newEncryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) (
 	if e != nil {
 		eptr = e.e
 	}
-	if 1 != C.EVP_EncryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) {
+	if C.EVP_EncryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) != 1 {
 		return nil, errors.New("failed to initialize cipher context")
 	}
 	err = ctx.applyKeyAndIV(key, iv)
@@ -266,7 +266,7 @@ func newDecryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) (
 	if e != nil {
 		eptr = e.e
 	}
-	if 1 != C.EVP_DecryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) {
+	if C.EVP_DecryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) != 1 {
 		return nil, errors.New("failed to initialize cipher context")
 	}
 	err = ctx.applyKeyAndIV(key, iv)
@@ -317,7 +317,7 @@ func (ctx *decryptionCipherCtx) DecryptUpdate(input []byte) ([]byte, error) {
 func (ctx *encryptionCipherCtx) EncryptFinal() ([]byte, error) {
 	outbuf := make([]byte, ctx.BlockSize())
 	var outlen C.int
-	if 1 != C.EVP_EncryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) {
+	if C.EVP_EncryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) != 1 {
 		return nil, errors.New("encryption failed")
 	}
 	return outbuf[:outlen], nil
@@ -326,7 +326,7 @@ func (ctx *encryptionCipherCtx) EncryptFinal() ([]byte, error) {
 func (ctx *decryptionCipherCtx) DecryptFinal() ([]byte, error) {
 	outbuf := make([]byte, ctx.BlockSize())
 	var outlen C.int
-	if 1 != C.EVP_DecryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) {
+	if C.EVP_DecryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) != 1 {
 		// this may mean the tag failed to verify- all previous plaintext
 		// returned must be considered faked and invalid
 		return nil, errors.New("decryption failed")

ciphers_gcm.go

@@ -86,8 +86,8 @@ func NewGCMEncryptionCipherCtx(blocksize int, e *Engine, key, iv []byte) (
 			return nil, fmt.Errorf("could not set IV len to %d: %s",
 				len(iv), err)
 		}
-		if 1 != C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, nil,
-			(*C.uchar)(&iv[0])) {
+		if C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, nil,
+			(*C.uchar)(&iv[0])) != 1 {
 			return nil, errors.New("failed to apply IV")
 		}
 	}
@@ -110,8 +110,8 @@ func NewGCMDecryptionCipherCtx(blocksize int, e *Engine, key, iv []byte) (
 			return nil, fmt.Errorf("could not set IV len to %d: %s",
 				len(iv), err)
 		}
-		if 1 != C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, nil,
-			(*C.uchar)(&iv[0])) {
+		if C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, nil,
+			(*C.uchar)(&iv[0])) != 1 {
 			return nil, errors.New("failed to apply IV")
 		}
 	}
@@ -123,8 +123,8 @@ func (ctx *authEncryptionCipherCtx) ExtraData(aad []byte) error {
 		return nil
 	}
 	var outlen C.int
-	if 1 != C.EVP_EncryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]),
-		C.int(len(aad))) {
+	if C.EVP_EncryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]),
+		C.int(len(aad))) != 1 {
 		return errors.New("failed to add additional authenticated data")
 	}
 	return nil
@@ -135,8 +135,8 @@ func (ctx *authDecryptionCipherCtx) ExtraData(aad []byte) error {
 		return nil
 	}
 	var outlen C.int
-	if 1 != C.EVP_DecryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]),
-		C.int(len(aad))) {
+	if C.EVP_DecryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]),
+		C.int(len(aad))) != 1 {
 		return errors.New("failed to add additional authenticated data")
 	}
 	return nil

ciphers_test.go

@@ -185,17 +185,16 @@ func TestBadTag(t *testing.T) {
 	}
 	// flip the last bit
 	tag[len(tag)-1] ^= 1
-	plaintext_out, err := doDecryption(key, iv, nil, ciphertext, tag, 128, 129)
-	if err == nil {
+	if _, err := doDecryption(key, iv, nil, ciphertext, tag, 128, 129); err == nil {
 		t.Fatal("Expected error for bad tag, but got none")
 	}
 	// flip it back, try again just to make sure
 	tag[len(tag)-1] ^= 1
-	plaintext_out, err = doDecryption(key, iv, nil, ciphertext, tag, 128, 129)
+	plaintextOut, err := doDecryption(key, iv, nil, ciphertext, tag, 128, 129)
 	if err != nil {
 		t.Fatal("Decryption failure:", err)
 	}
-	checkEqual(t, plaintext_out, plaintext)
+	checkEqual(t, plaintextOut, plaintext)
 }
 
 func TestBadCiphertext(t *testing.T) {
@@ -211,17 +210,16 @@ func TestBadCiphertext(t *testing.T) {
 	}
 	// flip the last bit
 	ciphertext[len(ciphertext)-1] ^= 1
-	plaintext_out, err := doDecryption(key, iv, aad, ciphertext, tag, 192, 192)
-	if err == nil {
+	if _, err := doDecryption(key, iv, aad, ciphertext, tag, 192, 192); err == nil {
 		t.Fatal("Expected error for bad ciphertext, but got none")
 	}
 	// flip it back, try again just to make sure
 	ciphertext[len(ciphertext)-1] ^= 1
-	plaintext_out, err = doDecryption(key, iv, aad, ciphertext, tag, 192, 192)
+	plaintextOut, err := doDecryption(key, iv, aad, ciphertext, tag, 192, 192)
 	if err != nil {
 		t.Fatal("Decryption failure:", err)
 	}
-	checkEqual(t, plaintext_out, plaintext)
+	checkEqual(t, plaintextOut, plaintext)
 }
 
 func TestBadAAD(t *testing.T) {
@@ -237,17 +235,16 @@ func TestBadAAD(t *testing.T) {
 	}
 	// flip the last bit
 	aad[len(aad)-1] ^= 1
-	plaintext_out, err := doDecryption(key, iv, aad, ciphertext, tag, 256, 256)
-	if err == nil {
+	if _, err := doDecryption(key, iv, aad, ciphertext, tag, 256, 256); err == nil {
 		t.Fatal("Expected error for bad AAD, but got none")
 	}
 	// flip it back, try again just to make sure
 	aad[len(aad)-1] ^= 1
-	plaintext_out, err = doDecryption(key, iv, aad, ciphertext, tag, 256, 256)
+	plaintextOut, err := doDecryption(key, iv, aad, ciphertext, tag, 256, 256)
 	if err != nil {
 		t.Fatal("Decryption failure:", err)
 	}
-	checkEqual(t, plaintext_out, plaintext)
+	checkEqual(t, plaintextOut, plaintext)
 }
 
 func TestNonAuthenticatedEncryption(t *testing.T) {