Golint vet errcheck on ProtonMail fork

bitcurves/bitcurve.go

@@ -191,7 +191,6 @@ func (bitCurve *BitCurve) doubleJacobian(x, y, z *big.Int) (*big.Int, *big.Int,
 	return x3, y3, z3
 }
 
-//TODO: double check if it is okay
 // ScalarMult returns k*(Bx,By) where k is a number in big-endian form.
 func (bitCurve *BitCurve) ScalarMult(Bx, By *big.Int, k []byte) (*big.Int, *big.Int) {
 	// We have a slight problem in that the identity of the group (the
@@ -239,7 +238,6 @@ func (bitCurve *BitCurve) ScalarBaseMult(k []byte) (*big.Int, *big.Int) {
 
 var mask = []byte{0xff, 0x1, 0x3, 0x7, 0xf, 0x1f, 0x3f, 0x7f}
 
-//TODO: double check if it is okay
 // GenerateKey returns a public/private key pair. The private key is generated
 // using the given reader, which must return random data.
 func (bitCurve *BitCurve) GenerateKey(rand io.Reader) (priv []byte, x, y *big.Int, err error) {

bn256/bn256.go

@@ -162,7 +162,7 @@ type G2 struct {
 	p *twistPoint
 }
 
-// RandomG1 returns x and g₂ˣ where x is a random, non-zero number read from r.
+// RandomG2 returns x and g₂ˣ where x is a random, non-zero number read from r.
 func RandomG2(r io.Reader) (*big.Int, *G2, error) {
 	var k *big.Int
 	var err error

brainpool/rcurve.go

@@ -80,4 +80,4 @@ func (curve *rcurve) ScalarMult(x1, y1 *big.Int, scalar []byte) (x, y *big.Int)
 
 func (curve *rcurve) ScalarBaseMult(scalar []byte) (x, y *big.Int) {
 	return curve.fromTwisted(curve.twisted.ScalarBaseMult(scalar))
-}
+}

cryptobyte/asn1.go

@@ -488,7 +488,7 @@ func (s *String) ReadASN1BitString(out *encoding_asn1.BitString) bool {
 	return true
 }
 
-// ReadASN1BitString decodes an ASN.1 BIT STRING into out and advances. It is
+// ReadASN1BitStringAsBytes decodes an ASN.1 BIT STRING into out and advances. It is
 // an error if the BIT STRING is not a whole number of bytes. It reports
 // whether the read was successful.
 func (s *String) ReadASN1BitStringAsBytes(out *[]byte) bool {

openpgp/armor/armor.go

@@ -10,8 +10,9 @@ import (
 	"bufio"
 	"bytes"
 	"encoding/base64"
-	"golang.org/x/crypto/openpgp/errors"
 	"io"
+
+	"golang.org/x/crypto/openpgp/errors"
 )
 
 // A Block represents an OpenPGP armored structure.

openpgp/armor/armor_test.go

@@ -50,7 +50,7 @@ func TestDecodeEncode(t *testing.T) {
 	w.Close()
 
 	if !bytes.Equal(buf.Bytes(), []byte(armorExample1)) {
-		t.Errorf("got: %s\nwant: %s", string(buf.Bytes()), armorExample1)
+		t.Errorf("got: %s\nwant: %s", buf.String(), armorExample1)
 	}
 }
 

openpgp/ecdh/ecdh.go

@@ -18,23 +18,27 @@ import (
 	"golang.org/x/crypto/openpgp/internal/ecc"
 )
 
+// KDF is the Key Derivation Function as Specified in RFC 6637, section 7.
 type KDF struct {
 	Hash   algorithm.Hash
 	Cipher algorithm.Cipher
 }
 
+// PublicKey represents an ECDH public key.
 type PublicKey struct {
 	ecc.CurveType
 	elliptic.Curve
 	X, Y *big.Int
 	KDF
 }
 
+// PrivateKey represents an ECDH private key.
 type PrivateKey struct {
-	PublicKey
 	D []byte
+	PublicKey
 }
 
+// GenerateKey returns a PrivateKey object and an eventual error.
 func GenerateKey(c elliptic.Curve, kdf KDF, rand io.Reader) (priv *PrivateKey, err error) {
 	priv = new(PrivateKey)
 	priv.PublicKey.Curve = c
@@ -43,6 +47,10 @@ func GenerateKey(c elliptic.Curve, kdf KDF, rand io.Reader) (priv *PrivateKey, e
 	return
 }
 
+// Encrypt encrypts the given message to the given key. It first generates the
+// shared secret from the given random reader, and proceeds to encrypt. It
+// returns the generated key pair in compressed form, the ciphertext, and an
+// eventual error.
 func Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte) (vsG, c []byte, err error) {
 	if len(msg) > 40 {
 		return nil, nil, errors.New("ecdh: message too long")
@@ -86,6 +94,8 @@ func Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte
 
 }
 
+// Decrypt decrypts the given message with the given private key. It returns a
+// plaintext and an eventual error.
 func Decrypt(priv *PrivateKey, vsG, m, curveOID, fingerprint []byte) (msg []byte, err error) {
 	if priv.PublicKey.CurveType == ecc.Curve25519 {
 		return X25519Decrypt(priv, vsG, m, curveOID, fingerprint)

openpgp/ecdh/x25519.go

@@ -16,7 +16,7 @@ import (
 	"golang.org/x/crypto/openpgp/internal/ecc"
 )
 
-// Generates a private-public key-pair.
+// x25519GenerateKeyPairBytes generates a private-public key-pair.
 // 'priv' is a private key; a scalar belonging to the set
 // 2^{254} + 8 * [0, 2^{251}), in order to avoid the small subgroup of the
 // curve. 'pub' is simply 'priv' * G where G is the base point.
@@ -28,7 +28,7 @@ func x25519GenerateKeyPairBytes(rand io.Reader) (priv [32]byte, pub [32]byte, er
 	helper.SetString("27742317777372353535851937790883648493", 10)
 	n.Add(n, helper)
 
-	for true {
+	for {
 		_, err = io.ReadFull(rand, priv[:])
 		if err != nil {
 			return
@@ -48,7 +48,6 @@ func x25519GenerateKeyPairBytes(rand io.Reader) (priv [32]byte, pub [32]byte, er
 		curve25519.ScalarBaseMult(&pub, &priv)
 		return
 	}
-	return
 }
 
 // X25519GenerateKey samples the key pair according to the correct distribution.
@@ -82,6 +81,8 @@ func X25519GenerateKey(rand io.Reader, kdf KDF) (priv *PrivateKey, err error) {
 	return priv, nil
 }
 
+// X25519Encrypt is the Encrypt procedure of the ecdh package when the public
+// key is set with curve 25519.
 func X25519Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte) (vsG, c []byte, err error) {
 	d, ephemeralKey, err := x25519GenerateKeyPairBytes(random)
 	if err != nil {
@@ -114,6 +115,8 @@ func X25519Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint
 	return vsg[:], c, nil
 }
 
+// X25519Decrypt is the Encrypt procedure of the ecdh package when the public
+// key is set with curve 25519.
 func X25519Decrypt(priv *PrivateKey, vsG, m, curveOID, fingerprint []byte) (msg []byte, err error) {
 	var zb, d, ephemeralKey [32]byte
 	if len(vsG) != 33 || vsG[0] != 0x40 {

openpgp/errors/errors.go

@@ -47,6 +47,8 @@ func (se signatureExpiredError) Error() string {
 	return "openpgp: signature expired"
 }
 
+// ErrSignatureExpired indicates that a signature has expired, regardless of
+// its syntactic validity.
 var ErrSignatureExpired error = signatureExpiredError(0)
 
 type keyIncorrectError int
@@ -55,6 +57,7 @@ func (ki keyIncorrectError) Error() string {
 	return "openpgp: incorrect key"
 }
 
+// ErrKeyIncorrect indicates that the passed key is incorrect (see openpgp/read.go).
 var ErrKeyIncorrect error = keyIncorrectError(0)
 
 type unknownIssuerError int
@@ -63,6 +66,7 @@ func (unknownIssuerError) Error() string {
 	return "openpgp: signature made by unknown entity"
 }
 
+// ErrUnknownIssuer indicates that a signature was made by an unknown entity.
 var ErrUnknownIssuer error = unknownIssuerError(0)
 
 type keyRevokedError int
@@ -71,8 +75,10 @@ func (keyRevokedError) Error() string {
 	return "openpgp: signature made by revoked key"
 }
 
+// ErrKeyRevoked indicates that a signature was made by a revoked key.
 var ErrKeyRevoked error = keyRevokedError(0)
 
+// UnknownPacketTypeError indicates that the packet ID is not recognized.
 type UnknownPacketTypeError uint8
 
 func (upte UnknownPacketTypeError) Error() string {

openpgp/internal/algorithm/cipher.go

@@ -44,19 +44,12 @@ var CipherById = map[uint8]Cipher{
 	AES256.Id():    AES256,
 }
 
+// CipherFunction determines the block cipher algorithm.
 type CipherFunction uint8
 
-// ID returns the algorithm Id, as a byte, of cipher.
-func (sk CipherFunction) Id() uint8 {
-	return uint8(sk)
-}
-
-var keySizeByID = map[uint8]int{
-	TripleDES.Id(): 24,
-	CAST5.Id():     cast5.KeySize,
-	AES128.Id():    16,
-	AES192.Id():    24,
-	AES256.Id():    32,
+// Id returns the algorithm ID, as a byte, of cipher.
+func (cipher CipherFunction) Id() uint8 {
+	return uint8(cipher)
 }
 
 // KeySize returns the key size, in bytes, of cipher.

openpgp/internal/ecc/curveInfo.go

@@ -8,13 +8,15 @@ import (
 	"golang.org/x/crypto/brainpool"
 )
 
+// SignatureAlgorithm indicates the cryptographic signing algorithm.
 type SignatureAlgorithm uint8
 
 const (
 	ECDSA SignatureAlgorithm = 1
 	EdDSA SignatureAlgorithm = 2
 )
 
+// CurveInfo holds information about the chosen elliptic curve.
 type CurveInfo struct {
 	Name string
 	Oid *encoding.OID
@@ -89,6 +91,8 @@ var curves = []CurveInfo{
 	},
 }
 
+// FindByCurve returns the information of the given elliptic.Curve, or nil if
+// the curve is not available.
 func FindByCurve(curve elliptic.Curve) *CurveInfo {
 	for _, curveInfo := range curves {
 		if curveInfo.Curve == curve {
@@ -98,6 +102,7 @@ func FindByCurve(curve elliptic.Curve) *CurveInfo {
 	return nil
 }
 
+// FindByOid returns the information of the curve holding the given oid.
 func FindByOid(oid encoding.Field) *CurveInfo {
 	var rawBytes = oid.Bytes()
 	for _, curveInfo := range curves {
@@ -108,11 +113,12 @@ func FindByOid(oid encoding.Field) *CurveInfo {
 	return nil
 }
 
+// FindByName returns the information of the curve holding the given name.
 func FindByName(name string) *CurveInfo {
 	for _, curveInfo := range curves {
 		if curveInfo.Name == name {
 			return &curveInfo
 		}
 	}
 	return nil
-}
+}

openpgp/internal/ecc/curveType.go

@@ -1,10 +1,11 @@
 package ecc
 
+// CurveType determines the type of the curve being used.
 type CurveType uint8
 
 const (
     NISTCurve CurveType = 1
 	Curve25519 CurveType = 2
 	BitCurve CurveType = 3
 	BrainpoolCurve CurveType = 4
-)
+)

openpgp/keys.go

@@ -5,9 +5,9 @@
 package openpgp
 
 import (
+	goerrors "errors"
 	"io"
 	"time"
-	goerrors "errors"
 
 	"golang.org/x/crypto/openpgp/armor"
 	"golang.org/x/crypto/openpgp/errors"
@@ -183,7 +183,7 @@ func (el EntityList) KeysById(id uint64) (keys []Key) {
 	return
 }
 
-// KeysByIdAndUsage returns the set of keys with the given id that also meet
+// KeysByIdUsage returns the set of keys with the given id that also meet
 // the key usage given by requiredUsage.  The requiredUsage is expressed as
 // the bitwise-OR of packet.KeyFlag* values.
 func (el EntityList) KeysByIdUsage(id uint64, requiredUsage byte) (keys []Key) {
@@ -345,7 +345,7 @@ EachPacket:
 
 		switch pkt := p.(type) {
 		case *packet.UserId:
-			if err := addUserID(e, packets, pkt); err != nil {
+			if err = addUserID(e, packets, pkt); err != nil {
 				return nil, err
 			}
 		case *packet.Signature:
@@ -359,7 +359,7 @@ EachPacket:
 			// Else, ignoring the signature as it does not follow anything
 			// we would know to attach it to.
 		case *packet.PrivateKey:
-			if pkt.IsSubkey == false {
+			if !pkt.IsSubkey {
 				packets.Unread(p)
 				break EachPacket
 			}
@@ -368,7 +368,7 @@ EachPacket:
 				return nil, err
 			}
 		case *packet.PublicKey:
-			if pkt.IsSubkey == false {
+			if !pkt.IsSubkey {
 				packets.Unread(p)
 				break EachPacket
 			}

openpgp/packet/compressed.go

@@ -19,6 +19,7 @@ type Compressed struct {
 	Body io.Reader
 }
 
+// Compressions from the flate package (see RFC 1951)
 const (
 	NoCompression      = flate.NoCompression
 	BestSpeed          = flate.BestSpeed

openpgp/packet/config.go

@@ -63,41 +63,51 @@ type Config struct {
 	AEADConfig *AEADConfig
 }
 
+// Random returns the random reader of the given Config. If Rand is
+// not set, it returns rand.Reader from the crypto/rand package.
 func (c *Config) Random() io.Reader {
 	if c == nil || c.Rand == nil {
 		return rand.Reader
 	}
 	return c.Rand
 }
 
+// Hash returns the default hash algorithm of the given Config. If it is
+// not set, it returns SHA256 from the crypto package.
 func (c *Config) Hash() crypto.Hash {
 	if c == nil || uint(c.DefaultHash) == 0 {
 		return crypto.SHA256
 	}
 	return c.DefaultHash
 }
 
+// Cipher returns the default block cipher algorithm of the given Config. If it
+// is not set, it returns CipherAES128 (defined in the packet package).
 func (c *Config) Cipher() CipherFunction {
 	if c == nil || uint8(c.DefaultCipher) == 0 {
 		return CipherAES128
 	}
 	return c.DefaultCipher
 }
 
+// Now returns the time attribute of the given Config.
 func (c *Config) Now() time.Time {
 	if c == nil || c.Time == nil {
 		return time.Now()
 	}
 	return c.Time()
 }
 
+// Compression returns the default compression algorithm of the given Config.
 func (c *Config) Compression() CompressionAlgo {
 	if c == nil {
 		return CompressionNone
 	}
 	return c.DefaultCompressionAlgo
 }
 
+// PasswordHashIterations returns the S2KCount attribute of the given Config,
+// or 0 if the attribute is not set.
 func (c *Config) PasswordHashIterations() int {
 	if c == nil || c.S2KCount == 0 {
 		return 0