First linter pass

asymmetric.go

@@ -28,9 +28,9 @@ import (
 	"fmt"
 	"math/big"
 
-	"golang.org/x/crypto/ed25519"
 	josecipher "github.com/square/go-jose/cipher"
 	"github.com/square/go-jose/json"
+	"golang.org/x/crypto/ed25519"
 )
 
 // A generic RSA-based encrypter/verifier

cipher/cbc_hmac_test.go

@@ -111,10 +111,10 @@ func TestVectorsAESCBC128(t *testing.T) {
 		return
 	}
 
-	if bytes.Compare(out[:len(out)-16], expectedCiphertext) != 0 {
+	if !bytes.Equal(out[:len(out)-16], expectedCiphertext) {
 		t.Error("Ciphertext did not match")
 	}
-	if bytes.Compare(out[len(out)-16:], expectedAuthtag) != 0 {
+	if !bytes.Equal(out[len(out)-16:], expectedAuthtag) {
 		t.Error("Auth tag did not match")
 	}
 }
@@ -167,10 +167,10 @@ func TestVectorsAESCBC256(t *testing.T) {
 		return
 	}
 
-	if bytes.Compare(out[:len(out)-32], expectedCiphertext) != 0 {
+	if !bytes.Equal(out[:len(out)-32], expectedCiphertext) {
 		t.Error("Ciphertext did not match, got", out[:len(out)-32], "wanted", expectedCiphertext)
 	}
-	if bytes.Compare(out[len(out)-32:], expectedAuthtag) != 0 {
+	if !bytes.Equal(out[len(out)-32:], expectedAuthtag) {
 		t.Error("Auth tag did not match, got", out[len(out)-32:], "wanted", expectedAuthtag)
 	}
 }
@@ -215,7 +215,7 @@ func RunRoundtrip(t *testing.T, key, nonce []byte) {
 	aad := []byte{4, 3, 2, 1}
 
 	result := aead.Seal(dst, nonce, plaintext, aad)
-	if bytes.Compare(dst, result[:4]) != 0 {
+	if !bytes.Equal(dst, result[:4]) {
 		t.Error("Existing data in dst not preserved")
 	}
 
@@ -226,7 +226,7 @@ func RunRoundtrip(t *testing.T, key, nonce []byte) {
 		panic(err)
 	}
 
-	if bytes.Compare(result, plaintext) != 0 {
+	if !bytes.Equal(result, plaintext) {
 		t.Error("Plaintext does not match output")
 	}
 }
@@ -359,7 +359,7 @@ func TestInvalidPadding(t *testing.T) {
 
 func TestZeroLengthPadding(t *testing.T) {
 	data := make([]byte, 16)
-	data, err := unpadBuffer(data, 16)
+	_, err := unpadBuffer(data, 16)
 	if err == nil {
 		t.Error("padding with 0x00 should never be valid")
 	}

cipher/concat_kdf_test.go

@@ -66,7 +66,7 @@ func TestVectorConcatKDF(t *testing.T) {
 	out = append(out, out0...)
 	out = append(out, out1...)
 
-	if bytes.Compare(out, expected) != 0 {
+	if !bytes.Equal(out, expected) {
 		t.Error("did not receive expected output from concat kdf reader")
 		return
 	}
@@ -103,7 +103,7 @@ func TestCache(t *testing.T) {
 	}
 
 	for i := range outputs {
-		if bytes.Compare(outputs[i], outputs[(i+1)%len(outputs)]) != 0 {
+		if !bytes.Equal(outputs[i], outputs[(i+1)%len(outputs)]) {
 			t.Error("not all outputs from KDF matched")
 		}
 	}

cipher/ecdh_es_test.go

@@ -62,7 +62,7 @@ func TestVectorECDHES(t *testing.T) {
 
 	output := DeriveECDHES("A128GCM", apuData, apvData, bobKey, &aliceKey.PublicKey, 16)
 
-	if bytes.Compare(output, expected) != 0 {
+	if !bytes.Equal(output, expected) {
 		t.Error("output did not match what we expect, got", output, "wanted", expected)
 	}
 }

cipher/key_wrap_test.go

@@ -48,31 +48,31 @@ func TestAesKeyWrap(t *testing.T) {
 	out1, _ := KeyWrap(block1, cek1)
 	out2, _ := KeyWrap(block2, cek2)
 
-	if bytes.Compare(out0, expected0) != 0 {
+	if !bytes.Equal(out0, expected0) {
 		t.Error("output 0 not as expected, got", out0, "wanted", expected0)
 	}
 
-	if bytes.Compare(out1, expected1) != 0 {
+	if !bytes.Equal(out1, expected1) {
 		t.Error("output 1 not as expected, got", out1, "wanted", expected1)
 	}
 
-	if bytes.Compare(out2, expected2) != 0 {
+	if !bytes.Equal(out2, expected2) {
 		t.Error("output 2 not as expected, got", out2, "wanted", expected2)
 	}
 
 	unwrap0, _ := KeyUnwrap(block0, out0)
 	unwrap1, _ := KeyUnwrap(block1, out1)
 	unwrap2, _ := KeyUnwrap(block2, out2)
 
-	if bytes.Compare(unwrap0, cek0) != 0 {
+	if !bytes.Equal(unwrap0, cek0) {
 		t.Error("key unwrap did not return original input, got", unwrap0, "wanted", cek0)
 	}
 
-	if bytes.Compare(unwrap1, cek1) != 0 {
+	if !bytes.Equal(unwrap1, cek1) {
 		t.Error("key unwrap did not return original input, got", unwrap1, "wanted", cek1)
 	}
 
-	if bytes.Compare(unwrap2, cek2) != 0 {
+	if !bytes.Equal(unwrap2, cek2) {
 		t.Error("key unwrap did not return original input, got", unwrap2, "wanted", cek2)
 	}
 }

crypter.go

@@ -199,7 +199,7 @@ func NewMultiEncrypter(enc ContentEncryption, rcpts []Recipient, opts *Encrypter
 	if cipher == nil {
 		return nil, ErrUnsupportedAlgorithm
 	}
-	if rcpts == nil || len(rcpts) == 0 {
+	if len(rcpts) == 0 {
 		return nil, fmt.Errorf("square/go-jose: recipients is nil or empty")
 	}
 
@@ -517,13 +517,13 @@ func (obj JSONWebEncryption) DecryptMulti(decryptionKey interface{}) (int, Heade
 		}
 	}
 
-	if plaintext == nil || err != nil {
+	if plaintext == nil {
 		return -1, Header{}, nil, ErrCryptoFailure
 	}
 
 	// The "zip" header parameter may only be present in the protected header.
 	if comp := obj.protected.getCompression(); comp != "" {
-		plaintext, err = decompress(comp, plaintext)
+		plaintext, _ = decompress(comp, plaintext)
 	}
 
 	sanitized, err := headers.sanitized()

crypter_test.go

@@ -77,7 +77,7 @@ func RoundtripJWE(keyAlg KeyAlgorithm, encAlg ContentEncryption, compressionAlg
 		return fmt.Errorf("corrupter indicated message should be skipped")
 	}
 
-	if bytes.Compare(parsed.GetAuthData(), aad) != 0 {
+	if !bytes.Equal(parsed.GetAuthData(), aad) {
 		return fmt.Errorf("auth data in parsed object does not match")
 	}
 
@@ -86,7 +86,7 @@ func RoundtripJWE(keyAlg KeyAlgorithm, encAlg ContentEncryption, compressionAlg
 		return fmt.Errorf("error on decrypt: %s", err)
 	}
 
-	if bytes.Compare(input, output) != 0 {
+	if !bytes.Equal(input, output) {
 		return fmt.Errorf("Decrypted output does not match input, got '%s' but wanted '%s'", output, input)
 	}
 
@@ -321,7 +321,7 @@ func TestMultiRecipientJWE(t *testing.T) {
 		t.Fatal("recipient index should be 0 for RSA key")
 	}
 
-	if bytes.Compare(input, output) != 0 {
+	if !bytes.Equal(input, output) {
 		t.Fatal("Decrypted output does not match input: ", output, input)
 	}
 
@@ -334,7 +334,7 @@ func TestMultiRecipientJWE(t *testing.T) {
 		t.Fatal("recipient index should be 1 for shared key")
 	}
 
-	if bytes.Compare(input, output) != 0 {
+	if !bytes.Equal(input, output) {
 		t.Fatal("Decrypted output does not match input", output, input)
 	}
 }
@@ -407,7 +407,7 @@ func TestEncrypterExtraHeaderInclusion(t *testing.T) {
 		t.Fatal("error on decrypt: ", err)
 	}
 
-	if bytes.Compare(input, output) != 0 {
+	if !bytes.Equal(input, output) {
 		t.Fatal("Decrypted output does not match input: ", output, input)
 	}
 
@@ -549,15 +549,15 @@ func TestPBES2JWKEncryption(t *testing.T) {
 		t.Fatal("error in Decrypt reference:", err)
 	}
 
-	if bytes.Compare(original1, original2) != 0 {
+	if !bytes.Equal(original1, original2) {
 		t.Error("decryption does not match reference decryption")
 	}
 
-	if bytes.Compare(plaintext, original1) != 0 {
+	if !bytes.Equal(plaintext, original1) {
 		t.Error("decryption does not match plaintext")
 	}
 
-	if bytes.Compare(plaintext, original2) != 0 {
+	if !bytes.Equal(plaintext, original2) {
 		t.Error("reference decryption does not match plaintext")
 	}
 }
@@ -598,11 +598,11 @@ func TestEncrypterWithPBES2(t *testing.T) {
 				t.Fatal("error on Decrypt:", err)
 			}
 
-			if bytes.Compare(actual1, expected) != 0 {
+			if !bytes.Equal(actual1, expected) {
 				t.Errorf("error comparing decrypted message (%s) and expected (%s)", actual1, expected)
 			}
 
-			if bytes.Compare(actual2, expected) != 0 {
+			if !bytes.Equal(actual2, expected) {
 				t.Errorf("error comparing decrypted message (%s) and expected (%s)", actual2, expected)
 			}
 		}

cryptosigner/cryptosigner.go

@@ -28,8 +28,8 @@ import (
 	"io"
 	"math/big"
 
-	"golang.org/x/crypto/ed25519"
 	"github.com/square/go-jose"
+	"golang.org/x/crypto/ed25519"
 )
 
 // Opaque creates an OpaqueSigner from a "crypto".Signer

cryptosigner/cryptosigner_test.go

@@ -26,8 +26,8 @@ import (
 	"fmt"
 	"testing"
 
-	"golang.org/x/crypto/ed25519"
 	"github.com/square/go-jose"
+	"golang.org/x/crypto/ed25519"
 )
 
 func TestRoundtripsJWSCryptoSigner(t *testing.T) {
@@ -103,7 +103,7 @@ func roundtripJWS(sigAlg jose.SignatureAlgorithm, serializer func(*jose.JSONWebS
 		}
 	}
 
-	if bytes.Compare(output, input) != 0 {
+	if !bytes.Equal(output, input) {
 		return fmt.Errorf("input/output do not match, got '%s', expected '%s'", output, input)
 	}
 

doc_test.go

@@ -70,7 +70,7 @@ func Example_jWE() {
 		panic(err)
 	}
 
-	fmt.Printf(string(decrypted))
+	fmt.Print(string(decrypted))
 	// output: Lorem ipsum dolor sit amet
 }
 
@@ -116,7 +116,7 @@ func Example_jWS() {
 		panic(err)
 	}
 
-	fmt.Printf(string(output))
+	fmt.Print(string(output))
 	// output: Lorem ipsum dolor sit amet
 }
 

encoding.go

@@ -28,7 +28,7 @@ import (
 	"github.com/square/go-jose/json"
 )
 
-var stripWhitespaceRegex = regexp.MustCompile("\\s")
+var stripWhitespaceRegex = regexp.MustCompile(`\s`)
 
 // Helper function to serialize known-good objects.
 // Precondition: value is not a nil pointer.

encoding_test.go

@@ -35,7 +35,7 @@ func TestDeflateRoundtrip(t *testing.T) {
 		panic(err)
 	}
 
-	if bytes.Compare(output, original) != 0 {
+	if !bytes.Equal(output, original) {
 		t.Error("Input and output do not match")
 	}
 }

jwk-keygen/main.go

@@ -29,8 +29,8 @@ import (
 	"io"
 	"os"
 
-	"gopkg.in/alecthomas/kingpin.v2"
 	"github.com/square/go-jose"
+	"gopkg.in/alecthomas/kingpin.v2"
 )
 
 var (

jwt/builder_test.go

@@ -243,7 +243,7 @@ func TestBuilderSignedAndEncrypted(t *testing.T) {
 				ExtraHeaders: map[jose.HeaderKey]interface{}{
 					jose.HeaderType:        "JWT",
 					jose.HeaderContentType: "JWT",
-					"enc": "A128CBC-HS256",
+					"enc":                  "A128CBC-HS256",
 				},
 			}}, jwe.Headers)
 			if jws, err := jwe.Decrypt(testPrivRSAKey1); assert.NoError(t, err) {

jwt/jwt_test.go

@@ -21,8 +21,8 @@ import (
 	"strings"
 	"testing"
 
-	"github.com/stretchr/testify/assert"
 	jose "github.com/square/go-jose"
+	"github.com/stretchr/testify/assert"
 )
 
 var (

shared.go

@@ -133,8 +133,8 @@ const (
 type HeaderKey string
 
 const (
-	HeaderType        HeaderKey = "typ" // string
-	HeaderContentType           = "cty" // string
+	HeaderType        = "typ" // string
+	HeaderContentType = "cty" // string
 
 	// These are set by go-jose and shouldn't need to be set by consumers of the
 	// library.

signing_test.go

@@ -85,7 +85,7 @@ func RoundtripJWS(sigAlg SignatureAlgorithm, serializer func(*JSONWebSignature)
 		}
 	}
 
-	if bytes.Compare(output, input) != 0 {
+	if !bytes.Equal(output, input) {
 		return fmt.Errorf("input/output do not match, got '%s', expected '%s'", output, input)
 	}
 
@@ -265,7 +265,7 @@ func TestMultiRecipientJWS(t *testing.T) {
 		t.Fatal("signature index should be 0 for RSA key")
 	}
 
-	if bytes.Compare(output, input) != 0 {
+	if !bytes.Equal(output, input) {
 		t.Fatal("input/output do not match", output, input)
 	}
 
@@ -278,7 +278,7 @@ func TestMultiRecipientJWS(t *testing.T) {
 		t.Fatal("signature index should be 1 for EC key")
 	}
 
-	if bytes.Compare(output, input) != 0 {
+	if !bytes.Equal(output, input) {
 		t.Fatal("input/output do not match", output, input)
 	}
 }
@@ -399,7 +399,7 @@ func TestSignerKid(t *testing.T) {
 		t.Error("KeyID did not survive trip")
 	}
 
-	signer, err = NewSigner(SigningKey{ES256, jwk}, nil)
+	_, err = NewSigner(SigningKey{ES256, jwk}, nil)
 	if err != nil {
 		t.Error("problem creating signer with JSONWebKey", err)
 	}
@@ -566,7 +566,7 @@ func TestSignerB64(t *testing.T) {
 		t.Errorf("Error on verify: %s", err)
 	}
 
-	if bytes.Compare(output, input) != 0 {
+	if !bytes.Equal(output, input) {
 		t.Errorf("Input/output do not match, got '%s', expected '%s'", output, input)
 	}
 }