Skip to content

chore(core): Linter fixes #2971

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dmihalcik-virtru wants to merge 2 commits into
base: main
Choose a base branch
from
Open

chore(core): Linter fixes #2971

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
012958a
chore(core): Linter fixes
dmihalcik-virtru Dec 22, 2025
f901d9c
Update chain_contract_tests.go
dmihalcik-virtru Dec 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion examples/cmd/encrypt.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ func encrypt(cmd *cobra.Command, args []string) error {
if err != nil {
return err
}
opts = append(opts, sdk.WithWrappingKeyAlg(kt))
opts = append(opts, sdk.WithWrappingKeyAlg(kt)) //nolint:staticcheck // Example code demonstrating legacy API usage
}
tdf, err := client.CreateTDF(out, in, opts...)
if err != nil {
Expand Down
2 changes: 1 addition & 1 deletion examples/cmd/examples.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ func newSDK() (*sdk.SDK, error) {
opts = append(opts, sdk.WithClientCredentials(clientCredentials[:i], clientCredentials[i+1:], nil))
}
if tokenEndpoint != "" {
opts = append(opts, sdk.WithTokenEndpoint(tokenEndpoint))
opts = append(opts, sdk.WithTokenEndpoint(tokenEndpoint)) //nolint:staticcheck // Example code demonstrating legacy API usage
}
if noKIDInKAO {
opts = append(opts, sdk.WithNoKIDInKAO())
Expand Down
1 change: 1 addition & 0 deletions lib/ocrypto/asym_encryption.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ func newECIES(pub *ecdh.PublicKey, salt, info []byte) (ECEncryptor, error) {
}

// NewAsymEncryption creates and returns a new AsymEncryption.
//
// Deprecated: Use FromPublicPEM instead.
func NewAsymEncryption(publicKeyInPem string) (AsymEncryption, error) {
pub, err := getPublicPart(publicKeyInPem)
Expand Down
1 change: 1 addition & 0 deletions lib/ocrypto/interfaces.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ type ProtectedKey interface {
VerifyBinding(ctx context.Context, policy, policyBinding []byte) error

// Export returns the raw key data, optionally encrypting it with the provided encapsulator
//
// Deprecated: Use the Encapsulator's Encapsulate method instead
Export(encapsulator Encapsulator) ([]byte, error)

Expand Down
1 change: 1 addition & 0 deletions lib/ocrypto/protected_key.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ func (k *AESProtectedKey) DecryptAESGCM(iv []byte, body []byte, tagSize int) ([]
}

// Export returns the raw key data, optionally encrypting it with the provided Encapsulator
//
// Deprecated: Use the Encapsulator's Encapsulate method instead
func (k *AESProtectedKey) Export(encapsulator Encapsulator) ([]byte, error) {
if encapsulator == nil {
Expand Down
25 changes: 14 additions & 11 deletions sdk/codegen/runner/generate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"os"
"path"
"path/filepath"
"strings"

"golang.org/x/text/cases"
"golang.org/x/text/language"
Expand Down Expand Up @@ -120,7 +121,8 @@ func generateWrapper(interfaceName string, interfaceType *ast.InterfaceType, pac
connectPackageName := packageName + "connect"

// Start generating the wrapper code
wrapperCode := fmt.Sprintf(`// Wrapper for %s%s (generated code) DO NOT EDIT
var wrapperCode strings.Builder
wrapperCode.WriteString(fmt.Sprintf(`// Wrapper for %s%s (generated code) DO NOT EDIT
package sdkconnect

import (
Expand Down Expand Up @@ -158,30 +160,31 @@ func New%s%s%sConnectWrapper(httpClient connect.HTTPClient, baseURL string, opts
suffix,
interfaceName,
connectPackageName,
interfaceName)
interfaceName))

// Generate the interface type definition
wrapperCode += generateInterfaceType(interfaceName, methods, packageName, prefix, suffix)
wrapperCode.WriteString(generateInterfaceType(interfaceName, methods, packageName, prefix, suffix))
// Now generate a wrapper function for each method in the interface
for _, method := range methods {
wrapperCode += generateWrapperMethod(interfaceName, method, packageName, prefix, suffix)
wrapperCode.WriteString(generateWrapperMethod(interfaceName, method, packageName, prefix, suffix))
}

// Output the generated wrapper code
return wrapperCode
return wrapperCode.String()
}

func generateInterfaceType(interfaceName string, methods []string, packageName, prefix, suffix string) string {
// Generate the interface type definition
interfaceType := fmt.Sprintf(`
var interfaceType strings.Builder
interfaceType.WriteString(fmt.Sprintf(`
type %s%s%s interface {
`, prefix, interfaceName, suffix)
`, prefix, interfaceName, suffix))
for _, method := range methods {
interfaceType += fmt.Sprintf(` %s(ctx context.Context, req *%s.%sRequest) (*%s.%sResponse, error)
`, method, packageName, method, packageName, method)
interfaceType.WriteString(fmt.Sprintf(` %s(ctx context.Context, req *%s.%sRequest) (*%s.%sResponse, error)
`, method, packageName, method, packageName, method))
}
interfaceType += "}\n"
return interfaceType
interfaceType.WriteString("}\n")
return interfaceType.String()
}

// Generate the wrapper method for a specific method in the interface
Expand Down
2 changes: 1 addition & 1 deletion sdk/granter_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,7 +163,7 @@ func mockAttributeFor(fqn AttributeNameFQN) *policy.Attribute {
case MP.key:
g := make([]*policy.KeyAccessServer, 1)
g[0] = mockGrant(specifiedKas, "r1")
g[0].PublicKey = createPublicKey("r1", mockRSAPublicKey1, policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048)
g[0].PublicKey = createPublicKey("r1", mockRSAPublicKey1, policy.KasPublicKeyAlgEnum_KAS_PUBLIC_KEY_ALG_ENUM_RSA_2048) //nolint:staticcheck // Using deprecated field for test compatibility with legacy protocol
return &policy.Attribute{
Id: "MP",
Namespace: &nsOne,
Expand Down
14 changes: 7 additions & 7 deletions sdk/internal/zipstream/crc32combine_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,16 @@ package zipstream

import (
"hash/crc32"
"math/rand"
"math/rand/v2"
"testing"
)

func TestCRC32CombineIEEE_Basic(t *testing.T) {
rand.Seed(42)
rng := rand.NewChaCha8([32]byte{42})
a := make([]byte, 1024)
b := make([]byte, 2048)
rand.Read(a)
rand.Read(b)
_, _ = rng.Read(a)
_, _ = rng.Read(b)

crcA := crc32.ChecksumIEEE(a)
crcB := crc32.ChecksumIEEE(b)
Expand All @@ -28,12 +28,12 @@ func TestCRC32CombineIEEE_Basic(t *testing.T) {
}

func TestCRC32CombineIEEE_MultiChunks(t *testing.T) {
rand.Seed(42)
rng := rand.NewChaCha8([32]byte{42})
chunks := make([][]byte, 10)
for i := range chunks {
n := 1 + rand.Intn(8192)
n := 1 + int(rng.Uint64()%8192)
chunks[i] = make([]byte, n)
rand.Read(chunks[i])
_, _ = rng.Read(chunks[i])
}

// Combine sequentially
Expand Down
2 changes: 2 additions & 0 deletions sdk/internal/zipstream/segment_writer_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -426,12 +426,14 @@ func TestSegmentWriter_LargeNumberOfSegments(t *testing.T) {

// Store in logical order for final assembly
if i == 0 {
//nolint:staticcheck // SA4010: simplified test code, result intentionally unused
allBytes = append([]byte{}, bytes...) // Segment 0 goes first
for j := 1; j < segmentCount; j++ {
allBytes = append(allBytes, make([]byte, 0)...) // Placeholder
}
} else {
// This is simplified - in practice you'd need proper ordering
//nolint:staticcheck // SA4010: simplified test code, result intentionally unused
allBytes = append(allBytes, bytes...)
Comment on lines +429 to 437
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Dec 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Instead of adding nolint directives to suppress the SA4010 warning, it would be better to remove the associated dead code. The allBytes variable is built up within this loop but is never used afterward, making this block of code and its associated comments confusing and unnecessary. Removing this logic would improve the test's clarity.

}
}
Expand Down
3 changes: 3 additions & 0 deletions sdk/kas_client_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ func getTokenSource(t *testing.T) FakeAccessTokenSource {
dpopPEM, _ := dpopKey.PrivateKeyInPemFormat()
decryption, _ := ocrypto.NewAsymDecryption(dpopPEM)
dpopPEMPublic, _ := dpopKey.PublicKeyInPemFormat()
//nolint:staticcheck // SA1019: NewAsymEncryption is deprecated but used in test code
encryption, _ := ocrypto.NewAsymEncryption(dpopPEMPublic)
dpopJWK, err := jwk.ParseKey([]byte(dpopPEM), jwk.WithPEM(true))
if err != nil {
Expand Down Expand Up @@ -115,6 +116,7 @@ func TestCreatingRequest(t *testing.T) {

require.NoError(t, protojson.Unmarshal([]byte(requestBodyJSON), &requestBody), "error unmarshaling request body")

//nolint:staticcheck // SA1019: NewAsymEncryption is deprecated but used in test code
_, err = ocrypto.NewAsymEncryption(requestBody.GetClientPublicKey())
require.NoError(t, err, "NewAsymEncryption failed, incorrect public key include")

Expand Down Expand Up @@ -465,6 +467,7 @@ func Test_processRSAResponse(t *testing.T) {
// Create a mock AsymEncryption to create the wrapped key
publicKeyPEM, err := mockPrivateKey.PublicKeyInPemFormat()
require.NoError(t, err)
//nolint:staticcheck // SA1019: NewAsymEncryption is deprecated but used in test code
mockEncryptor, err := ocrypto.NewAsymEncryption(publicKeyPEM)
require.NoError(t, err)

Expand Down
1 change: 1 addition & 0 deletions sdk/options.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,7 @@ func WithTLSCredentials(tls *tls.Config, audience []string) Option {
}

// WithTokenEndpoint When we implement service discovery using a .well-known endpoint this option may become deprecated
//
// Deprecated: SDK will discover the token endpoint from the platform configuration
func WithTokenEndpoint(tokenEndpoint string) Option {
return func(c *config) {
Expand Down
9 changes: 5 additions & 4 deletions sdk/tdf.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ func (s SDK) CreateTDFContext(ctx context.Context, writer io.Writer, reader io.R
}

var readPos int64
var aggregateHash string
var aggregateHash strings.Builder
readBuf := bytes.NewBuffer(make([]byte, 0, tdfConfig.defaultSegmentSize))
for totalSegments != 0 { // adjust read size
readSize := segmentSize
Expand Down Expand Up @@ -238,7 +238,7 @@ func (s SDK) CreateTDFContext(ctx context.Context, writer io.Writer, reader io.R
return nil, fmt.Errorf("splitKey.GetSignaturefailed: %w", err)
}

aggregateHash += segmentSig
aggregateHash.WriteString(segmentSig)
segmentInfo := Segment{
Hash: string(ocrypto.Base64Encode([]byte(segmentSig))),
Size: readSize,
Expand All @@ -251,7 +251,7 @@ func (s SDK) CreateTDFContext(ctx context.Context, writer io.Writer, reader io.R
readPos += readSize
}

rootSignature, err := calculateSignature([]byte(aggregateHash), tdfObject.payloadKey[:],
rootSignature, err := calculateSignature([]byte(aggregateHash.String()), tdfObject.payloadKey[:],
tdfConfig.integrityAlgorithm, tdfConfig.useHex)
if err != nil {
return nil, fmt.Errorf("splitKey.GetSignaturefailed: %w", err)
Expand Down Expand Up @@ -319,7 +319,7 @@ func (s SDK) CreateTDFContext(ctx context.Context, writer io.Writer, reader io.R
}

var completeHashBuilder strings.Builder
completeHashBuilder.WriteString(aggregateHash)
completeHashBuilder.WriteString(aggregateHash.String())
if tdfConfig.useHex {
completeHashBuilder.Write(hashOfAssertionAsHex)
} else {
Expand Down Expand Up @@ -702,6 +702,7 @@ func generateWrapKeyWithEC(mode ocrypto.ECCMode, kasPublicKey string, symKey []b
}

func generateWrapKeyWithRSA(publicKey string, symKey []byte) (string, error) {
//nolint:staticcheck // SA1019: NewAsymEncryption is deprecated but required for backward compatibility with existing TDF files
asymEncrypt, err := ocrypto.NewAsymEncryption(publicKey)
if err != nil {
return "", fmt.Errorf("generateWrapKeyWithRSA: ocrypto.NewAsymEncryption failed:%w", err)
Expand Down
Loading
Loading