Enable linter in the CI

.github/workflows/golangci-lint.yml

@@ -0,0 +1,54 @@
+name: Lint
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+permissions:
+  contents: read
+  # Optional: allow read access to pull request. Use with `only-new-issues` option.
+  # pull-requests: read
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.20'
+          cache: false
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v4
+        with:
+          # Require: The version of golangci-lint to use.
+          # When `install-mode` is `binary` (default) the value can be v1.2 or v1.2.3 or `latest` to use the latest version.
+          # When `install-mode` is `goinstall` the value can be v1.2.3, `latest`, or the hash of a commit.
+          version: v1.56.2
+
+          # Optional: working directory, useful for monorepos
+          # working-directory: somedir
+
+          # Optional: golangci-lint command line arguments.
+          #
+          # Note: By default, the `.golangci.yml` file should be at the root of the repository.
+          # The location of the configuration file can be changed by using `--config=`
+          # args: --timeout=30m --config=/my/path/.golangci.yml --issues-exit-code=0
+
+          # Optional: show only new issues if it's a pull request. The default value is `false`.
+          # only-new-issues: true
+
+          # Optional: if set to true, then all caching functionality will be completely disabled,
+          #           takes precedence over all other caching options.
+          # skip-cache: true
+
+          # Optional: if set to true, then the action won't cache or restore ~/go/pkg.
+          # skip-pkg-cache: true
+
+          # Optional: if set to true, then the action won't cache or restore ~/.cache/go-build.
+          # skip-build-cache: true
+
+          # Optional: The mode to install golangci-lint. It can be 'binary' or 'goinstall'.
+          # install-mode: "goinstall"

.gitignore

@@ -16,4 +16,5 @@ exit_tunnel
 .DS_Store
 *.cov
 profile.tmp
-Coding/
+Coding/
+.idea/

.golangci.yml

@@ -8,6 +8,10 @@ run:
 # This file contains only configs which differ from defaults.
 # All possible options can be found here https://github.com/golangci/golangci-lint/blob/master/.golangci.reference.yml
 linters-settings:
+  staticcheck:
+    checks:
+      - all
+      - '-SA1019' # Ignore deprecated for now
   cyclop:
     # The maximal code complexity to report.
     # Default: 10
@@ -93,6 +97,10 @@ linters-settings:
       - G107 # variables in URLs
       - G404 # use of weak random generator
 
+  gocritic:
+    disabled-checks:
+      - captLocal
+
 linters:
   disable-all: true
   enable:
@@ -109,7 +117,7 @@ linters:
     - asciicheck # checks that your code does not contain non-ASCII identifiers
     - bidichk # checks for dangerous unicode character sequences
     - bodyclose # checks whether HTTP response body is closed successfully
-    #- contextcheck # checks the function whether use a non-inherited context # TODO: enable after golangci-lint uses https://github.com/sylvia7788/contextcheck/releases/tag/v1.0.7
+    - contextcheck # checks the function whether use a non-inherited context
     - cyclop # checks function and package cyclomatic complexity
     - dupl # tool for code clone detection
     - durationcheck # checks for two durations multiplied together
@@ -163,7 +171,7 @@ linters:
     #- decorder # checks declaration order and count of types, constants, variables and functions
     #- exhaustruct # checks if all structure fields are initialized
     #- gci # controls golang package import order and makes it always deterministic
-    - godox # detects FIXME, TODO and other comment keywords
+    #- godox # detects FIXME, TODO and other comment keywords
     #- goheader # checks is file header matches to pattern
     - interfacebloat # checks the number of methods inside an interface
     #- ireturn # accept interfaces, return concrete types
@@ -246,3 +254,42 @@ issues:
     - linters:
         - govet
       text: "shadow: declaration of \"err\" shadows declaration"
+    - path: 'group.go'
+      linters:
+        - interfacebloat
+    - path: 'group/edwards25519/scalar.go'
+      linters:
+        - ineffassign
+        - funlen
+    - path: 'group/edwards25519/const.go'
+      linters:
+        - lll
+    - path: 'group/edwards25519/fe.go'
+      linters:
+        - funlen
+    - path: "share/dkg/pedersen"
+      linters:
+        - gocognit
+        - funlen
+        - gocyclo
+        - cyclop
+    - path: "group/edwards25519/scalar.go"
+      linters:
+        - ineffassign
+    - path: "pairing|group"
+      linters:
+        - revive
+        - stylecheck
+      text: "var-naming: don't use an underscore in package name|ST1003: should not use underscores in package names"
+    - path: "pairing/(circl_bls12381|bn254)/."
+      linters:
+        - errcheck #TODO: proper error handling
+      text: "Error return value is not checked"
+    - path: "encrypt/ibe/ibe.go"
+      linters:
+        - stylecheck # Keep variable name as is
+      text: "var Gid should be GID|var hrGid should be hrGID|rGid should be rGID|var hGidT should be hGIDT|var GidT should be GIDT"
+    - path: "pairing/bls12381/circl/*|pairing/bls12381/kilic/*"
+      linters:
+        - errcheck
+      text: "Error return value is not checked"

Makefile

@@ -11,7 +11,6 @@ lint: tidy
 	#golangci-lint run
 	#staticcheck go list ./...
 
-
 vet: tidy
 	go vet ./...
 
@@ -24,4 +23,4 @@ coverage: tidy
 # target to run all the possible checks; it's a good habit to run it before
 # pushing code
 check: lint vet test
-	echo "check done"
+	echo "check done"

encrypt/ecies/ecies.go

@@ -36,13 +36,13 @@ func Encrypt(group kyber.Group, public kyber.Point, message []byte, hash func()
 	// ephemeral key for every ECIES encryption and thus have a fresh
 	// HKDF-derived key for AES-GCM, the nonce for AES-GCM can be an arbitrary
 	// (even static) value. We derive it here simply via HKDF as well.)
-	len := 32 + 12
-	buf, err := deriveKey(hash, dh, len)
+	keyNonceLen := 32 + 12
+	buf, err := deriveKey(hash, dh, keyNonceLen)
 	if err != nil {
 		return nil, err
 	}
 	key := buf[:32]
-	nonce := buf[32:len]
+	nonce := buf[32:keyNonceLen]
 
 	// Encrypt message using AES-GCM
 	aes, err := aes.NewCipher(key)
@@ -91,13 +91,13 @@ func Decrypt(group kyber.Group, private kyber.Scalar, ctx []byte, hash func() ha
 
 	// Compute shared DH key and derive the symmetric key and nonce via HKDF
 	dh := group.Point().Mul(private, R)
-	len := 32 + 12
-	buf, err := deriveKey(hash, dh, len)
+	keyNonceLen := 32 + 12
+	buf, err := deriveKey(hash, dh, keyNonceLen)
 	if err != nil {
 		return nil, err
 	}
 	key := buf[:32]
-	nonce := buf[32:len]
+	nonce := buf[32:keyNonceLen]
 
 	// Decrypt message using AES-GCM
 	aes, err := aes.NewCipher(key)
@@ -111,18 +111,18 @@ func Decrypt(group kyber.Group, private kyber.Scalar, ctx []byte, hash func() ha
 	return aesgcm.Open(nil, nonce, ctx[l:], nil)
 }
 
-func deriveKey(hash func() hash.Hash, dh kyber.Point, len int) ([]byte, error) {
+func deriveKey(hash func() hash.Hash, dh kyber.Point, l int) ([]byte, error) {
 	dhb, err := dh.MarshalBinary()
 	if err != nil {
 		return nil, err
 	}
 	hkdf := hkdf.New(hash, dhb, nil, nil)
-	key := make([]byte, len, len)
+	key := make([]byte, l)
 	n, err := hkdf.Read(key)
 	if err != nil {
 		return nil, err
 	}
-	if n < len {
+	if n < l {
 		return nil, errors.New("ecies: hkdf-derived key too short")
 	}
 	return key, nil

encrypt/ibe/ibe.go

@@ -46,6 +46,8 @@ func H4Tag() []byte {
 // - msg is the actual message
 // - seed is the random seed to generate the random element (sigma) of the encryption
 // The suite must produce points which implements the `HashablePoint` interface.
+//
+//nolint:dupl // unavoidable
 func EncryptCCAonG1(s pairing.Suite, master kyber.Point, ID, msg []byte) (*Ciphertext, error) {
 	if len(msg) > s.Hash().Size() {
 		return nil, errors.New("plaintext too long for the hash function provided")
@@ -62,7 +64,7 @@ func EncryptCCAonG1(s pairing.Suite, master kyber.Point, ID, msg []byte) (*Ciphe
 	// 2. Derive random sigma
 	sigma := make([]byte, len(msg))
 	if _, err := rand.Read(sigma); err != nil {
-		return nil, fmt.Errorf("err reading rand sigma: %v", err)
+		return nil, fmt.Errorf("err reading rand sigma: %w", err)
 	}
 	// 3. Derive r from sigma and msg
 	r, err := h3(s, sigma, msg)
@@ -141,23 +143,25 @@ func DecryptCCAonG1(s pairing.Suite, private kyber.Point, c *Ciphertext) ([]byte
 // - msg is the actual message
 // - seed is the random seed to generate the random element (sigma) of the encryption
 // The suite must produce points which implements the `HashablePoint` interface.
+//
+//nolint:dupl // unavoidable
 func EncryptCCAonG2(s pairing.Suite, master kyber.Point, ID, msg []byte) (*Ciphertext, error) {
 	if len(msg) > s.Hash().Size() {
 		return nil, errors.New("plaintext too long for the hash function provided")
 	}
 
 	// 1. Compute Gid = e(Q_id, master)
-	hG2, ok := s.G1().Point().(kyber.HashablePoint)
+	hG1, ok := s.G1().Point().(kyber.HashablePoint)
 	if !ok {
 		return nil, errors.New("point needs to implement `kyber.HashablePoint`")
 	}
-	Qid := hG2.Hash(ID)
+	Qid := hG1.Hash(ID)
 	Gid := s.Pair(Qid, master)
 
 	// 2. Derive random sigma
 	sigma := make([]byte, len(msg))
 	if _, err := rand.Read(sigma); err != nil {
-		return nil, fmt.Errorf("err reading rand sigma: %v", err)
+		return nil, fmt.Errorf("err reading rand sigma: %w", err)
 	}
 	// 3. Derive r from sigma and msg
 	r, err := h3(s, sigma, msg)
@@ -231,10 +235,10 @@ func h3(s pairing.Suite, sigma, msg []byte) (kyber.Scalar, error) {
 	h := s.Hash()
 
 	if _, err := h.Write(H3Tag()); err != nil {
-		return nil, fmt.Errorf("err hashing h3 tag: %v", err)
+		return nil, fmt.Errorf("err hashing h3 tag: %w", err)
 	}
 	if _, err := h.Write(sigma); err != nil {
-		return nil, fmt.Errorf("err hashing sigma: %v", err)
+		return nil, fmt.Errorf("err hashing sigma: %w", err)
 	}
 	_, _ = h.Write(msg)
 	// we hash it a first time: buffer = hash("IBE-H3" || sigma || msg)
@@ -258,7 +262,7 @@ func h3(s pairing.Suite, sigma, msg []byte) (kyber.Scalar, error) {
 		// but we assume that toMask is a few bits, at most 8.
 		// For instance when using BLS12-381 toMask == 1.
 		if hashable.ByteOrder() == kyber.BigEndian {
-			hashed[0] = hashed[0] >> toMask
+			hashed[0] >>= toMask
 		} else {
 			hashed[len(hashed)-1] = hashed[len(hashed)-1] >> toMask
 		}
@@ -280,10 +284,10 @@ func h4(s pairing.Suite, sigma []byte, length int) ([]byte, error) {
 	h4 := s.Hash()
 
 	if _, err := h4.Write(H4Tag()); err != nil {
-		return nil, fmt.Errorf("err writing h4tag: %v", err)
+		return nil, fmt.Errorf("err writing h4tag: %w", err)
 	}
 	if _, err := h4.Write(sigma); err != nil {
-		return nil, fmt.Errorf("err writing sigma to h4: %v", err)
+		return nil, fmt.Errorf("err writing sigma to h4: %w", err)
 	}
 	h4sigma := h4.Sum(nil)[:length]
 
@@ -305,7 +309,7 @@ func gtToHash(s pairing.Suite, gt kyber.Point, length int) ([]byte, error) {
 	if _, err := hashReader.Read(b); err != nil {
 		return nil, errors.New("couldn't read from hash output")
 	}
-	return b[:], nil
+	return b, nil
 }
 
 func xor(a, b []byte) []byte {

group/edwards25519/const.go

@@ -1,7 +1,6 @@
 // Copyright 2013 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
-
 package edwards25519
 
 import (
@@ -44,6 +43,7 @@ var sqrtM1 = fieldElement{
 	-32595792, -7943725, 9377950, 3500415, 12389472, -272473, -25146209, -2005654, 326686, 11406482,
 }
 
+//nolint:unused // May be used later
 var paramA = fieldElement{
 	486662, 0, 0, 0, 0, 0, 0, 0, 0, 0,
 }
@@ -55,6 +55,7 @@ var baseext = extendedGroupElement{
 	fieldElement{6966464, -2456167, 7033433, 6781840, 28785542, 12262365, -2659449, 13959020, -21013759, -5262166},
 }
 
+//nolint:unused // May be used later
 var bi = [8]preComputedGroupElement{
 	{
 		fieldElement{25967493, -14356035, 29566456, 3660896, -12694345, 4014787, 27544626, -11754271, -6079156, 2047605},

group/edwards25519/curve.go

@@ -49,12 +49,12 @@ func (c *Curve) Point() kyber.Point {
 // requiring it to be a multiple of 8). It also returns the input and the digest used
 // to generate the key.
 func (c *Curve) NewKeyAndSeedWithInput(buffer []byte) (kyber.Scalar, []byte, []byte) {
-	digest := sha512.Sum512(buffer[:])
+	digest := sha512.Sum512(buffer)
 	digest[0] &= 0xf8
 	digest[31] &= 0x7f
 	digest[31] |= 0x40
 
-	secret := c.Scalar().(*scalar)
+	secret := c.Scalar().(*scalar) //nolint:errcheck // V4 may bring better error handling
 	copy(secret.v[:], digest[:])
 	return secret, buffer, digest[32:]
 }

group/edwards25519/fe.go

@@ -1,7 +1,6 @@
 // Copyright 2013 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
-
 package edwards25519
 
 import (
@@ -78,7 +77,7 @@ func load4(in []byte) int64 {
 }
 
 func feFromBytes(dst *fieldElement, src []byte) {
-	h0 := load4(src[:])
+	h0 := load4(src)
 	h1 := load3(src[4:]) << 6
 	h2 := load3(src[7:]) << 5
 	h3 := load3(src[10:]) << 3