*: nosec: G115

getamis · Nov 22, 2024 · 6273604 · 6273604
1 parent 57afcad
commit 6273604
Show file tree

Hide file tree

Showing 26 changed files with 47 additions and 1 deletion.
diff --git a/crypto/binaryquadraticform/binaryquadratic.go b/crypto/binaryquadraticform/binaryquadratic.go
@@ -604,10 +604,13 @@ func partialGCD(R2, R1, C2, C1, bound *big.Int) (*big.Int, *big.Int, *big.Int, *
 		if T < 0 {
 			T = 0
 		}
+		// #nosec: G115: integer overflow conversion int -> uint32
 		r = new(big.Int).Rsh(R2, uint(T))
 		rr2 = r.Int64()
+		// #nosec: G115: integer overflow conversion int -> uint32
 		r = new(big.Int).Rsh(R1, uint(T))
 		rr1 = r.Int64()
+		// #nosec: G115: integer overflow conversion int -> uint32
 		r = new(big.Int).Rsh(bound, uint(T))
 		bb = r.Int64()
 

diff --git a/crypto/bip32/child/0_initial_handler.go b/crypto/bip32/child/0_initial_handler.go
@@ -133,6 +133,7 @@ func newChildKeyFunc(startIndex int, garbleStart int, garbleEnd int, parseResult
 
 		shareBits := make([]uint8, 512)
 		for i := 0; i < len(shareBits); i++ {
+			// #nosec: G115: integer overflow conversion int -> uint32
 			shareBits[i] = uint8(sm.share.Bit(i))
 		}
 		garcir, garMsg, err := cir.Garbled(bip32.Kappa, shareBits, circuit.EncryptFunc(startIndex))
@@ -289,11 +290,13 @@ func getMessage(msg types.Message) *Message {
 func computePaddingInput(childIndex uint32, firstState []uint64) ([]uint8, error) {
 	otherInfo := make([]uint8, 512)
 	for i := 0; i < 512; i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		otherInfo[i] = uint8(secp256k1N.Bit(i))
 	}
 	indexKey := make([]uint8, 32)
 	bigIndexKey := new(big.Int).SetUint64(uint64(childIndex))
 	for i := 0; i < 32; i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		indexKey[31-i] = uint8(bigIndexKey.Bit(i))
 	}
 	zeroShaPadding := make([]uint8, 717)

diff --git a/crypto/bip32/child/share_manager.go b/crypto/bip32/child/share_manager.go
@@ -87,6 +87,7 @@ func NewShareManager(share *big.Int, pubKey *ecpointgrouplaw.ECPoint, chainCode
 			i++
 		}
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	cos, err := bbks.ComputeBkCoefficient(uint32(len(bks)), n)
 	if err != nil {
 		return nil, err
@@ -137,6 +138,7 @@ func (sHolder *shareManager) ComputeHardenedChildShare(childIndex uint32, second
 	if childPubKey.IsIdentity() {
 		return nil, ErrIdentityChildPublicKey
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	cos, err := sHolder.bks.ComputeBkCoefficient(uint32(len(sHolder.bks)), curveN)
 	if err != nil {
 		return nil, err
@@ -186,6 +188,7 @@ func (sHolder *shareManager) ComputeNonHardenedChildShare(childIndex uint32) (*c
 	}
 
 	// TODO: need to define how to add translate in each party
+	// #nosec: G115: integer overflow conversion int -> uint32
 	cos, err := sHolder.bks.ComputeBkCoefficient(uint32(len(sHolder.bks)), curveN)
 	if err != nil {
 		return nil, err

diff --git a/crypto/birkhoffinterpolation/birkhoffinterpolation.go b/crypto/birkhoffinterpolation/birkhoffinterpolation.go
@@ -64,6 +64,7 @@ func (p *BkParameter) String() string {
 
 func (p *BkParameter) GetLinearEquationCoefficient(fieldOrder *big.Int, degreePoly uint32) []*big.Int {
 	result := make([]*big.Int, degreePoly+1)
+	// #nosec: G115: integer overflow conversion int -> uint32
 	for i := uint32(0); i < uint32(len(result)); i++ {
 		result[i] = p.getDiffMonomialCoeff(fieldOrder, i)
 	}
@@ -178,6 +179,7 @@ func (bks BkParameters) ensureRankAndOrder(threshold uint32, fieldOrder *big.Int
 	if err := utils.EnsureFieldOrder(fieldOrder); err != nil {
 		return err
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	if uint32(bks.Len()) < threshold {
 		return ErrEqualOrLargerThreshold
 	}
@@ -241,8 +243,10 @@ func (bks BkParameters) GetAddShareCoefficient(ownBk, newBk *BkParameter, fieldO
 		newRankFactorial = newRankFactorial.Mod(newRankFactorial, fieldOrder)
 	}
 	for i := newrank; i < uint64(threshold); i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		factorialCoe := new(big.Int).Binomial(int64(i), int64(i-newrank))
 		factorialCoe = factorialCoe.Mul(factorialCoe, newRankFactorial)
+		// #nosec: G115: integer overflow conversion int -> uint32
 		tempbki := birkhoffMatrix.Get(i, uint64(ownIndex))
 		tempResult := new(big.Int).Mul(factorialCoe, xPower)
 		tempResult = tempResult.Mul(tempResult, tempbki)

diff --git a/crypto/circuit/circuit.go b/crypto/circuit/circuit.go
@@ -333,6 +333,7 @@ func (cir *Circuit) Garbled(kBit int, input []uint8, f EncFunc) (*GarbleCircuit,
 
 	// Generate others Circuit: XOR/AND/INV/EQ
 	var F []*HalfGateMessage
+	// #nosec: G115: integer overflow conversion int -> uint32
 	for i := int32(0); i < int32(len(cir.gates)); i++ {
 		g := cir.gates[i]
 		switch g.gate {
@@ -409,6 +410,7 @@ func (cir *Circuit) Garbled(kBit int, input []uint8, f EncFunc) (*GarbleCircuit,
 func decrypt(d []int32, Y [][]byte) []uint8 {
 	result := make([]uint8, len(d))
 	for i := 0; i < len(d); i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		result[i] = uint8(d[i]) ^ lsb(Y[i])
 	}
 	return result
@@ -510,6 +512,7 @@ func setUint64ToBitSlice(input uint64) []uint8 {
 		result[i] = 0
 	}
 	for i := 0; i < big.BitLen(); i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		result[i] = uint8(big.Bit(i))
 	}
 	return result
@@ -525,6 +528,7 @@ func readText(scanner *bufio.Scanner) string {
 func Decrypt(d []int32, Y [][]byte) []uint8 {
 	result := make([]uint8, len(d))
 	for i := 0; i < len(d); i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		result[i] = uint8(d[i]) ^ lsb(Y[i])
 	}
 	return result

diff --git a/crypto/circuit/circuit_test.go b/crypto/circuit/circuit_test.go
@@ -511,6 +511,7 @@ func setHexToIntSlice(input string, exptected uint8) []uint8 {
 		result[i] = 0
 	}
 	for i := 0; i < big.BitLen(); i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		result[i] = uint8(big.Bit(i))
 	}
 	return result

diff --git a/crypto/dbnssystem/dbns.go b/crypto/dbnssystem/dbns.go
@@ -131,6 +131,7 @@ func get23ExpansionSpecialcase(numberwithout23Factor *big.Int, deepOfBranch int)
 func getGivenDepth23Expansion(number *big.Int, upperDepth int) (*big.Int, []*expansion23, error) {
 	numberList := []*big.Int{number}
 	minPosition, exp2, exp3 := 0, 0, 0
+	// #nosec: G115: integer overflow conversion int -> uint32
 	upperDepthMinus1 := uint(upperDepth - 1)
 	var bStop bool
 	minValue := new(big.Int).Set(number)
@@ -226,6 +227,7 @@ func getMax2Factor(number *big.Int) (*big.Int, int) {
 	bitLength := number.BitLen()
 	for i := 0; i < bitLength; i++ {
 		if number.Bit(i) != 0 {
+			// #nosec: G115: integer overflow conversion int -> uint32
 			number.Rsh(number, uint(i))
 			return number, i
 		}

diff --git a/crypto/matrix/matrix.go b/crypto/matrix/matrix.go
@@ -597,6 +597,7 @@ func (m *Matrix) Equal(m2 *Matrix) bool {
 	}
 	for i, mm := range m.matrix {
 		for j := range mm {
+			// #nosec: G115: integer overflow conversion int -> uint32
 			if m.Get(uint64(i), uint64(j)).Cmp(m2.Get(uint64(i), uint64(j))) != 0 {
 				return false
 			}

diff --git a/crypto/ot/ot_ext_receiver.go b/crypto/ot/ot_ext_receiver.go
@@ -45,6 +45,7 @@ func NewExtReceiver(sid []byte, r []byte, otRMsg *OtReceiverMessage) (*OtExtRece
 	}
 	kappa := uint(len(otRMsg.GetBi()))
 	// bitLength to byteLength
+	// #nosec: G115: integer overflow conversion int -> uint32
 	outputByteLength := int(m+kappa) >> 3
 	M, err := getMatrixM(sid, otSend.p0, outputByteLength)
 	if err != nil {

diff --git a/crypto/ot/ot_ext_sender.go b/crypto/ot/ot_ext_sender.go
@@ -222,6 +222,7 @@ func getMatrixR(kappa uint, p0 [][]byte, r []uint8, outputByteLength int) ([][]u
 	if err != nil {
 		return nil, err
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	randomrpai, err := utils.GenRandomBytes(int(kappa >> 3))
 	if err != nil {
 		return nil, err

diff --git a/crypto/ot/ot_receiver.go b/crypto/ot/ot_receiver.go
@@ -72,6 +72,7 @@ func NewReceiver(sid []byte, kappa int, ell int) (*OtReceiver, error) {
 			return nil, err
 		}
 		bimsg[i] = tempMsg
+		// #nosec: G115: integer overflow conversion int -> uint32
 		b[i] = uint8(bi.Uint64())
 		a[i] = alphai
 	}

diff --git a/crypto/polynomial/polynomial.go b/crypto/polynomial/polynomial.go
@@ -68,6 +68,7 @@ func RandomPolynomial(fieldOrder *big.Int, degree uint32) (*Polynomial, error) {
 // Given f(x) is a polynomial, then output is f^(diffTime)(x) mod field order
 // Ex: f(x)=x^5+2*x^3, diffTime = 1 Then f^(1)(x)= 5*x^4+6*x^2 = 2*x^4.
 func (p *Polynomial) Differentiate(diffTime uint32) *Polynomial {
+	// #nosec: G115: integer overflow conversion int -> uint32
 	lengthPolyACoeff := uint32(p.Len())
 	reduceDegree := lengthPolyACoeff - diffTime
 	diffCoeffSlice := make([]*big.Int, reduceDegree)
@@ -125,6 +126,7 @@ func (p *Polynomial) Len() int {
 
 // Degree returns the degree of the polynomial
 func (p *Polynomial) Degree() uint32 {
+	// #nosec: G115: integer overflow conversion int -> uint32
 	return uint32(p.Len() - 1)
 }
 
@@ -154,6 +156,7 @@ func (p *Polynomial) expend(xpoint, givenPoint *big.Int) (*Polynomial, error) {
 	for i := 1; i < len(newCos); i++ {
 		newCos[i] = big.NewInt(0)
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	for i := uint32(1); i < uint32(len(newCos)); i++ {
 		tempResult := expandMonomial(p.coefficients[i], givenPointPower, i)
 		for j := 0; j < len(tempResult); j++ {

diff --git a/crypto/tss/ecdsa/addshare/oldpeer/0_peer_handler.go b/crypto/tss/ecdsa/addshare/oldpeer/0_peer_handler.go
@@ -54,6 +54,7 @@ func newPeerHandler(peerManager types.PeerManager, pubkey *ecpointgrouplaw.ECPoi
 		log.Warn("Inconsistent peer num", "bks", len(bks), "numPeers", numPeers)
 		return nil, tss.ErrInconsistentPeerNumAndBks
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	if err := utils.EnsureThreshold(threshold, uint32(lenBks)); err != nil {
 		return nil, err
 	}

diff --git a/crypto/tss/ecdsa/gg18/reshare/0_commit_handler.go b/crypto/tss/ecdsa/gg18/reshare/0_commit_handler.go
@@ -56,6 +56,7 @@ func newCommitHandler(publicKey *ecpointgrouplaw.ECPoint, peerManager types.Peer
 		log.Warn("Inconsistent peer num", "bks", len(bks), "numPeers", numPeers)
 		return nil, tss.ErrInconsistentPeerNumAndBks
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	if err := utils.EnsureThreshold(threshold, uint32(lenBks)); err != nil {
 		return nil, err
 	}

diff --git a/crypto/tss/ecdsa/gg18/signer/0_pukkey_handler.go b/crypto/tss/ecdsa/gg18/signer/0_pukkey_handler.go
@@ -213,7 +213,7 @@ func buildWiAndPeers(curveN *big.Int, bks map[string]*birkhoffinterpolation.BkPa
 		i++
 		peers[id] = newPeer(id)
 	}
-
+	// #nosec: G115: integer overflow conversion int -> uint32
 	scalars, err := allBks.ComputeBkCoefficient(uint32(lenBks), curveN)
 	if err != nil {
 		log.Warn("Failed to compute bk coefficient", "allBks", allBks, "err", err)

diff --git a/crypto/tss/ecdsa/gg18/signer/signer_test.go b/crypto/tss/ecdsa/gg18/signer/signer_test.go
@@ -140,6 +140,7 @@ func newSigners(curve elliptic.Curve, expPublic *ecpointgrouplaw.ECPoint, ss [][
 
 	bks := make(map[string]*birkhoffinterpolation.BkParameter, threshold)
 	for i := 0; i < threshold; i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		bks[tss.GetTestID(i)] = birkhoffinterpolation.NewBkParameter(ss[i][0], uint32(ss[i][2].Uint64()))
 	}
 

diff --git a/crypto/tss/eddsa/frost/signer/round_1.go b/crypto/tss/eddsa/frost/signer/round_1.go
@@ -453,6 +453,7 @@ func computeRhoElli(x []byte, E *ecpointgrouplaw.ECPoint, message []byte, B []by
 	if err != nil {
 		return nil, err
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	bitUppBd := new(big.Int).Lsh(big1, uint(E.GetCurve().Params().N.BitLen()))
 	for j := 0; j < maxRetry; j++ {
 		tempMod := new(big.Int).Mod(temp, bitUppBd)

diff --git a/crypto/tss/eddsa/frost/signer/signer_test.go b/crypto/tss/eddsa/frost/signer/signer_test.go
@@ -176,6 +176,7 @@ func newSigners(curve elliptic.Curve, expPublic *ecpointgrouplaw.ECPoint, ss [][
 	bks := make(map[string]*birkhoffinterpolation.BkParameter, threshold)
 	Ys := make(map[string]*ecpointgrouplaw.ECPoint, threshold)
 	for i := 0; i < threshold; i++ {
+		// #nosec: G115: integer overflow conversion int -> uint32
 		bks[tss.GetTestID(i)] = birkhoffinterpolation.NewBkParameter(ss[i][0], uint32(ss[i][2].Uint64()))
 		Ys[tss.GetTestID(i)] = Y[i]
 	}
@@ -190,6 +191,7 @@ func newSigners(curve elliptic.Curve, expPublic *ecpointgrouplaw.ECPoint, ss [][
 		pm.Set(signersMain)
 		peerManagers[i] = pm
 		listeners[id] = new(mocks.StateChangedListener)
+		// #nosec: G115: integer overflow conversion int -> uint32
 		signers[id], err = NewSigner(expPublic, peerManagers[i], uint32(threshold), ss[i][1], dkgData, msg, listeners[id])
 		Expect(err).Should(BeNil())
 		signersMain[id] = signers[id]

diff --git a/crypto/tss/recovery/recover_private_key.go b/crypto/tss/recovery/recover_private_key.go
@@ -31,6 +31,7 @@ func RecoverPrivateKey(curve elliptic.Curve, threshold uint32, pubKey *ecpointgr
 	if curve == nil {
 		return nil, ErrAbsentCurve
 	}
+	// #nosec: G115: integer overflow conversion int -> uint32
 	if err := utils.EnsureThreshold(threshold, uint32(peerNum)); err != nil {
 		return nil, err
 	}

diff --git a/crypto/tss/utils.go b/crypto/tss/utils.go
@@ -89,6 +89,7 @@ func (p *TestPeerManager) Set(msgMains map[string]types.MessageMain) {
 }
 
 func (p *TestPeerManager) NumPeers() uint32 {
+	// #nosec: G115: integer overflow conversion int -> uint32
 	return uint32(len(p.peers))
 }
 

diff --git a/crypto/utils/prime.go b/crypto/utils/prime.go
@@ -137,6 +137,7 @@ func GenerateRandomSafePrime(rand io.Reader, pbits int) (*SafePrime, error) {
 	}
 	upperbound := uint64(1024)
 	bits := pbits - 1
+	// #nosec: G115: integer overflow conversion int -> uint32
 	b := uint(bits % 8)
 	if b == 0 {
 		b = 8
@@ -149,6 +150,7 @@ func GenerateRandomSafePrime(rand io.Reader, pbits int) (*SafePrime, error) {
 		}
 
 		// Clear bits in the first byte to make sure the candidate has a size <= bits.
+		// #nosec: G115: integer overflow conversion int -> uint32
 		bytes[0] &= uint8(int(1<<b) - 1)
 		// Don't let the value be too small, i.e, set the most significant two bits.
 		// Setting the top two bits, rather than just the top bit,

diff --git a/crypto/utils/utils.go b/crypto/utils/utils.go
@@ -292,13 +292,15 @@ func RandomAbsoluteRangeInt(n *big.Int) (*big.Int, error) {
 
 // RandomAbsoluteRangeIntBySeed generates a random number in (-2^q.bit, 2^q.bit) with seed.
 func RandomAbsoluteRangeIntBySeed(salt []byte, message []byte, q *big.Int) *big.Int {
+	// #nosec: G115: integer overflow conversion int -> uint32
 	desireBitLength := uint(q.BitLen() + 1)
 	ByteLength := int(math.Ceil(float64(desireBitLength) / 8))
 	expendResult := ExtendHashOutput(salt, message, ByteLength)
 	// expectResult Mod 2^(desireBitLength)
 	mod := new(big.Int).Lsh(big1, desireBitLength)
 	result := new(big.Int).SetBytes(expendResult)
 	result.Mod(result, mod)
+	// #nosec: G115: integer overflow conversion int -> uint32
 	translate := new(big.Int).Lsh(big1, uint(q.BitLen()))
 	return result.Sub(result, translate)
 }
@@ -363,6 +365,7 @@ func BitsToBytes(input []uint8) ([]byte, error) {
 		temp := input[low : low+bitsPerByte]
 		tempResult := temp[7]
 		for j := 6; j >= 0; j-- {
+			// #nosec: G115: integer overflow conversion int -> uint32
 			tempResult += temp[j] << uint8(7-j)
 		}
 		result[i] = tempResult

diff --git a/crypto/zkproof/integerfactorization.go b/crypto/zkproof/integerfactorization.go
@@ -170,6 +170,7 @@ func (msg *IntegerFactorizationProofMessage) Verify() error {
 
 func generateZ(N *big.Int, index *big.Int, maxTry int) (*big.Int, error) {
 	inputData := index.Bytes()
+	// #nosec: G115: integer overflow conversion int -> uint32
 	desireBitModular := new(big.Int).Lsh(big1, uint(N.BitLen()))
 	for j := 0; j < maxTry; j++ {
 		inputData = utils.ExtendHashOutput(inputData, N.Bytes(), N.BitLen())

diff --git a/crypto/zkproof/paillier/blummodzkproof.go b/crypto/zkproof/paillier/blummodzkproof.go
@@ -175,6 +175,7 @@ func (msg *PaillierBlumMessage) Verify(ssidInfo []byte, n *big.Int) error {
 func computeyByRejectSampling(w *big.Int, n *big.Int, salt []byte, ssidInfo []byte) (*big.Int, []byte, error) {
 	var yi *big.Int
 	ByteLength := int(math.Ceil(float64(n.BitLen()) / 8))
+	// #nosec: G115: integer overflow conversion int -> uint32
 	desireModular := new(big.Int).Lsh(big1, uint(n.BitLen()))
 	for j := 0; j < maxRetry; j++ {
 		yiSeed, err := utils.HashProtos(salt, utils.GetAnyMsg(ssidInfo, n.Bytes(), w.Bytes())...)

diff --git a/crypto/zkproof/paillier/curve.go b/crypto/zkproof/paillier/curve.go
@@ -40,8 +40,11 @@ type CurveConfig struct {
 func NewS256() *CurveConfig {
 	curve := elliptic.Secp256k1()
 	N := curve.Params().N
+	// #nosec: G115: integer overflow conversion int -> uint32
 	epsilon := uint(epsilonFactor * N.BitLen())
+	// #nosec: G115: integer overflow conversion int -> uint32
 	L := uint(LFactor * N.BitLen())
+	// #nosec: G115: integer overflow conversion int -> uint32
 	Lpai := uint(LpaiFactor * N.BitLen())
 	return &CurveConfig{
 		Curve:                curve,

diff --git a/example/node/pm.go b/example/node/pm.go
@@ -46,6 +46,7 @@ func NewPeerManager(id string, host host.Host, protocol protocol.ID) *peerManage
 }
 
 func (p *peerManager) NumPeers() uint32 {
+	// #nosec: G115: integer overflow conversion int -> uint32
 	return uint32(len(p.peers))
 }
-Original file line number
+Diff line change
@@ Expand Up @@
     }
     func (p *TestPeerManager) NumPeers() uint32 {
+    	// #nosec: G115: integer overflow conversion int -> uint32
     	return uint32(len(p.peers))
     }
@@ Expand Down @@