Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix lints; run gofmt #293

Merged
merged 1 commit into from
Nov 1, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions attest/attest.go
Original file line number Diff line number Diff line change
Expand Up @@ -398,10 +398,10 @@ func (a HashAlg) String() string {
// the booted state of the machine the TPM is attached to.
//
// The digests contained in the event log can be considered authentic if:
// - The AK public corresponds to the known AK for that platform.
// - All quotes are verified with AKPublic.Verify(), and return no errors.
// - The event log parsed successfully using ParseEventLog(), and a call
// to EventLog.Verify() with the full set of PCRs returned no error.
// - The AK public corresponds to the known AK for that platform.
// - All quotes are verified with AKPublic.Verify(), and return no errors.
// - The event log parsed successfully using ParseEventLog(), and a call
// to EventLog.Verify() with the full set of PCRs returned no error.
type PlatformParameters struct {
// The version of the TPM which generated this attestation.
TPMVersion TPMVersion
Expand Down
2 changes: 1 addition & 1 deletion attest/eventlog.go
Original file line number Diff line number Diff line change
Expand Up @@ -383,7 +383,7 @@ func (a *AKPublic) validate20Quote(quote Quote, pcrs []PCR, nonce []byte) error
sigHash.Write(digest)
}

for index, _ := range pcrByIndex {
for index := range pcrByIndex {
if _, exists := quotePCRs[index]; !exists {
return fmt.Errorf("provided PCR %d was not included in quote", index)
}
Expand Down
8 changes: 4 additions & 4 deletions attest/internal/events.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ var (
// EventType describes the type of event signalled in the event log.
type EventType uint32

// BIOS Events (TCG PC Client Specific Implementation Specification for Conventional BIOS 1.21)
// BIOS Events (TCG PC Client Specific Implementation Specification for Conventional BIOS 1.21)
const (
PrebootCert EventType = 0x00000000
PostCode EventType = 0x00000001
Expand Down Expand Up @@ -280,9 +280,9 @@ func ParseUEFIVariableAuthority(v UEFIVariableData) (UEFIVariableAuthority, erro
// Skip parsing new SBAT section logged by shim.
// See https://github.com/rhboot/shim/blob/main/SBAT.md for more.
unicodeNameEquals(v, shimSbatVarName) || //https://github.com/rhboot/shim/blob/20e4d9486fcae54ee44d2323ae342ffe68c920e6/include/sbat.h#L9-L12
// Skip parsing new MokListTrusted section logged by shim.
// See https://github.com/rhboot/shim/blob/main/MokVars.txt for more.
unicodeNameEquals(v, shimMokListTrustedVarName)) { //https://github.com/rhboot/shim/blob/4e513405b4f1641710115780d19dcec130c5208f/mok.c#L169-L182
// Skip parsing new MokListTrusted section logged by shim.
// See https://github.com/rhboot/shim/blob/main/MokVars.txt for more.
unicodeNameEquals(v, shimMokListTrustedVarName)) { //https://github.com/rhboot/shim/blob/4e513405b4f1641710115780d19dcec130c5208f/mok.c#L169-L182
return UEFIVariableAuthority{}, nil
}
certs, err := parseEfiSignature(v.VariableData)
Expand Down
2 changes: 1 addition & 1 deletion attest/key_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ func (k *windowsKey12) quote(tb tpmBase, nonce []byte, alg HashAlg) (*Quote, err
}

selectedPCRs := make([]int, 24)
for pcr, _ := range selectedPCRs {
for pcr := range selectedPCRs {
selectedPCRs[pcr] = pcr
}

Expand Down
4 changes: 2 additions & 2 deletions attest/pcp_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -369,8 +369,8 @@ func (h *winPCP) Close() error {
return closeNCryptObject(h.hProv)
}

// DeleteKey permanently removes the key with the given handle
// from the system, and frees its handle.
// DeleteKey permanently removes the key with the given handle from the system,
// and frees its handle.
func (h *winPCP) DeleteKey(kh uintptr) error {
r, _, msg := nCryptDeleteKey.Call(kh, 0)
if r != 0 {
Expand Down
2 changes: 1 addition & 1 deletion attest/tpm.go
Original file line number Diff line number Diff line change
Expand Up @@ -303,7 +303,7 @@ type tpmBase interface {
measurementLog() ([]byte, error)
}

//TPM interfaces with a TPM device on the system.
// TPM interfaces with a TPM device on the system.
type TPM struct {
// tpm refers to a concrete implementation of TPM logic, based on the current
// platform and TPM version.
Expand Down
3 changes: 1 addition & 2 deletions attest/tpm_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,7 @@ import (

// Generated using the following command:
//
// openssl genrsa 2048|openssl rsa -outform PEM -pubout
//
// openssl genrsa 2048|openssl rsa -outform PEM -pubout
var testRSAKey = mustParseRSAKey(`-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8zyTXCjVALZzjS8wgNH
nAVdt4ZGM3N450xOnLplx/RbCVwXyu83SWh0B3Ka+92aocqcHzo+j6e6Urppre/I
Expand Down
10 changes: 5 additions & 5 deletions attest/win_events_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ func TestParseWinEvents(t *testing.T) {
CodeIntegrityEnabled: TernaryTrue,
BitlockerUnlocks: []BitlockerStatus{0, 0},
LoadedModules: map[string]WinModuleLoad{
"0fdce7d71936f79445e7d2c84cbeb97c948d3730e0b839166b0a4e625c2d4547": WinModuleLoad{
"0fdce7d71936f79445e7d2c84cbeb97c948d3730e0b839166b0a4e625c2d4547": {
FilePath: `\Windows\System32\drivers\vioscsi.sys`,
ImageBase: []uint64{81416192},
ImageSize: uint64(86016),
Expand All @@ -49,7 +49,7 @@ func TestParseWinEvents(t *testing.T) {
},
AuthenticodeHash: []byte{15, 220, 231, 215, 25, 54, 247, 148, 69, 231, 210, 200, 76, 190, 185, 124, 148, 141, 55, 48, 224, 184, 57, 22, 107, 10, 78, 98, 92, 45, 69, 71},
},
"055a36a9921b98cc04042ca95249c7eca655536868dafcec7508947ebe5e71f4": WinModuleLoad{
"055a36a9921b98cc04042ca95249c7eca655536868dafcec7508947ebe5e71f4": {
FilePath: `\Windows\System32\Drivers\ksecpkg.sys`,
ImageBase: []uint64{82952192},
ImageSize: uint64(204800),
Expand All @@ -67,7 +67,7 @@ func TestParseWinEvents(t *testing.T) {
},
AuthenticodeHash: []byte{5, 90, 54, 169, 146, 27, 152, 204, 4, 4, 44, 169, 82, 73, 199, 236, 166, 85, 83, 104, 104, 218, 252, 236, 117, 8, 148, 126, 190, 94, 113, 244},
},
"2bedd1589410b6fa13c82f35db735025b6a160595922750248771f5abd0fee58": WinModuleLoad{
"2bedd1589410b6fa13c82f35db735025b6a160595922750248771f5abd0fee58": {
FilePath: `\Windows\System32\drivers\volmgrx.sys`,
ImageBase: []uint64{80875520},
ImageSize: uint64(405504),
Expand All @@ -87,7 +87,7 @@ func TestParseWinEvents(t *testing.T) {
},
},
ELAM: map[string]WinELAM{
"Windows Defender": WinELAM{Measured: []byte{0x06, 0x7d, 0x5b, 0x9d, 0xc5, 0x62, 0x7f, 0x97, 0xdc, 0xf3, 0xfe, 0xff, 0x60, 0x2a, 0x34, 0x2e, 0xd6, 0x98, 0xd2, 0xcc}},
"Windows Defender": {Measured: []byte{0x06, 0x7d, 0x5b, 0x9d, 0xc5, 0x62, 0x7f, 0x97, 0xdc, 0xf3, 0xfe, 0xff, 0x60, 0x2a, 0x34, 0x2e, 0xd6, 0x98, 0xd2, 0xcc}},
},
}

Expand Down Expand Up @@ -121,7 +121,7 @@ func TestParseWinEvents(t *testing.T) {
"055a36a9921b98cc04042ca95249c7eca655536868dafcec7508947ebe5e71f4": true,
"2bedd1589410b6fa13c82f35db735025b6a160595922750248771f5abd0fee58": true,
}
for k, _ := range winState.LoadedModules {
for k := range winState.LoadedModules {
if _, keep := keep[k]; !keep {
delete(winState.LoadedModules, k)
}
Expand Down
30 changes: 15 additions & 15 deletions attributecert/attributecert.go
Original file line number Diff line number Diff line change
Expand Up @@ -129,87 +129,87 @@ func getSignatureAlgorithmFromAI(ai pkix.AlgorithmIdentifier) x509.SignatureAlgo
return x509.UnknownSignatureAlgorithm
}

//RFC 5280 4.2.2.1
// RFC 5280 4.2.2.1
type authorityInfoAccess struct {
Method asn1.ObjectIdentifier
Location asn1.RawValue
}

//RFC 5280 4.2.1.1
// RFC 5280 4.2.1.1
type authKeyID struct {
ID []byte `asn1:"optional,tag:0"`
IssuerName asn1.RawValue `asn1:"set,optional,tag:1"`
SerialNumber *big.Int `asn1:"optional,tag:2"`
}

//RFC 5280 4.2.1.4
// RFC 5280 4.2.1.4
type cpsPolicy struct {
ID asn1.ObjectIdentifier
Value string
}

//RFC 5280 4.2.1.4
// RFC 5280 4.2.1.4
type policyInformation struct {
Raw asn1.RawContent
ID asn1.ObjectIdentifier
Policy asn1.RawValue
}

//RFC 5280 4.1.2.5
// RFC 5280 4.1.2.5
type validity struct {
NotBefore, NotAfter time.Time
}

//RFC 5280 4.2.1.4
type NoticeReference struct {
// RFC 5280 4.2.1.4
type noticeReference struct {
Organization string
NoticeNumbers []int
}

//RFC 5280 4.2.1.4
// RFC 5280 4.2.1.4
type userNotice struct {
NoticeRef NoticeReference `asn1:"optional"`
NoticeRef noticeReference `asn1:"optional"`
ExplicitText string `asn1:"optional"`
}

//RFC 5755 4.1
// RFC 5755 4.1
type objectDigestInfo struct {
DigestedObjectType asn1.Enumerated
OtherObjectTypeID asn1.ObjectIdentifier
DigestAlgorithm pkix.AlgorithmIdentifier
ObjectDigest asn1.BitString
}

//RFC 5755 4.1
// RFC 5755 4.1
type attCertIssuer struct {
IssuerName asn1.RawValue `asn1:"set,optional"`
BaseCertificateID issuerSerial `asn1:"optional,tag:0"`
ObjectDigestInfo objectDigestInfo `asn1:"optional,tag:1"`
}

//RFC 5755 4.1
// RFC 5755 4.1
type issuerSerial struct {
Raw asn1.RawContent
Issuer asn1.RawValue
Serial *big.Int
IssuerUID asn1.BitString `asn1:"optional"`
}

//RFC 5755 4.1
// RFC 5755 4.1
type holder struct {
Raw asn1.RawContent
BaseCertificateID issuerSerial `asn1:"optional,tag:0"`
EntityName pkix.Extension `asn1:"optional,tag:1"`
ObjectDigestInfo objectDigestInfo `asn1:"optional,tag:2"`
}

//RFC 5755 4.1
// RFC 5755 4.1
type attribute struct {
ID asn1.ObjectIdentifier
RawValues []asn1.RawValue `asn1:"set"`
}

//RFC 5755 4.1
// RFC 5755 4.1
type tbsAttributeCertificate struct {
Raw asn1.RawContent
Version int
Expand Down
17 changes: 10 additions & 7 deletions x509/x509ext.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,9 @@ var (
oidPermanentIdentifier = []int{1, 3, 6, 1, 5, 5, 7, 8, 3}
)

// OtherName ::= SEQUENCE {
// type-id OBJECT IDENTIFIER,
// value [0] EXPLICIT ANY DEFINED BY type-id }
// OtherName ::= SEQUENCE {
// type-id OBJECT IDENTIFIER,
// value [0] EXPLICIT ANY DEFINED BY type-id }
type otherName struct {
TypeID asn1.ObjectIdentifier
Value asn1.RawValue
Expand All @@ -42,10 +42,13 @@ func marshalOtherName(typeID asn1.ObjectIdentifier, value interface{}) (asn1.Raw
return asn1.RawValue{FullBytes: bytes}, nil
}

// PermanentIdentifier ::= SEQUENCE {
// identifierValue UTF8String OPTIONAL,
// assigner OBJECT IDENTIFIER OPTIONAL
// }
// PermanentIdentifier represents an ASN.1 encoded "permanent identifier" as
// defined by RFC4043.
//
// PermanentIdentifier ::= SEQUENCE {
// identifierValue UTF8String OPTIONAL,
// assigner OBJECT IDENTIFIER OPTIONAL
// }
//
// https://datatracker.ietf.org/doc/html/rfc4043
type PermanentIdentifier struct {
Expand Down