diff --git a/crypto/binaryquadraticform/binaryquadratic.go b/crypto/binaryquadraticform/binaryquadratic.go index fce13c3f..c2447d4c 100644 --- a/crypto/binaryquadraticform/binaryquadratic.go +++ b/crypto/binaryquadraticform/binaryquadratic.go @@ -604,10 +604,13 @@ func partialGCD(R2, R1, C2, C1, bound *big.Int) (*big.Int, *big.Int, *big.Int, * if T < 0 { T = 0 } + // #nosec: G115: integer overflow conversion int -> uint32 r = new(big.Int).Rsh(R2, uint(T)) rr2 = r.Int64() + // #nosec: G115: integer overflow conversion int -> uint32 r = new(big.Int).Rsh(R1, uint(T)) rr1 = r.Int64() + // #nosec: G115: integer overflow conversion int -> uint32 r = new(big.Int).Rsh(bound, uint(T)) bb = r.Int64() diff --git a/crypto/bip32/child/0_initial_handler.go b/crypto/bip32/child/0_initial_handler.go index 6dd315c0..b766c795 100644 --- a/crypto/bip32/child/0_initial_handler.go +++ b/crypto/bip32/child/0_initial_handler.go @@ -133,6 +133,7 @@ func newChildKeyFunc(startIndex int, garbleStart int, garbleEnd int, parseResult shareBits := make([]uint8, 512) for i := 0; i < len(shareBits); i++ { + // #nosec: G115: integer overflow conversion int -> uint32 shareBits[i] = uint8(sm.share.Bit(i)) } garcir, garMsg, err := cir.Garbled(bip32.Kappa, shareBits, circuit.EncryptFunc(startIndex)) @@ -289,11 +290,13 @@ func getMessage(msg types.Message) *Message { func computePaddingInput(childIndex uint32, firstState []uint64) ([]uint8, error) { otherInfo := make([]uint8, 512) for i := 0; i < 512; i++ { + // #nosec: G115: integer overflow conversion int -> uint32 otherInfo[i] = uint8(secp256k1N.Bit(i)) } indexKey := make([]uint8, 32) bigIndexKey := new(big.Int).SetUint64(uint64(childIndex)) for i := 0; i < 32; i++ { + // #nosec: G115: integer overflow conversion int -> uint32 indexKey[31-i] = uint8(bigIndexKey.Bit(i)) } zeroShaPadding := make([]uint8, 717) diff --git a/crypto/bip32/child/share_manager.go b/crypto/bip32/child/share_manager.go index 7b082c03..04ad0fd1 100644 --- a/crypto/bip32/child/share_manager.go +++ b/crypto/bip32/child/share_manager.go @@ -87,6 +87,7 @@ func NewShareManager(share *big.Int, pubKey *ecpointgrouplaw.ECPoint, chainCode i++ } } + // #nosec: G115: integer overflow conversion int -> uint32 cos, err := bbks.ComputeBkCoefficient(uint32(len(bks)), n) if err != nil { return nil, err @@ -137,6 +138,7 @@ func (sHolder *shareManager) ComputeHardenedChildShare(childIndex uint32, second if childPubKey.IsIdentity() { return nil, ErrIdentityChildPublicKey } + // #nosec: G115: integer overflow conversion int -> uint32 cos, err := sHolder.bks.ComputeBkCoefficient(uint32(len(sHolder.bks)), curveN) if err != nil { return nil, err @@ -186,6 +188,7 @@ func (sHolder *shareManager) ComputeNonHardenedChildShare(childIndex uint32) (*c } // TODO: need to define how to add translate in each party + // #nosec: G115: integer overflow conversion int -> uint32 cos, err := sHolder.bks.ComputeBkCoefficient(uint32(len(sHolder.bks)), curveN) if err != nil { return nil, err diff --git a/crypto/birkhoffinterpolation/birkhoffinterpolation.go b/crypto/birkhoffinterpolation/birkhoffinterpolation.go index 0aca1b47..33adfdf1 100644 --- a/crypto/birkhoffinterpolation/birkhoffinterpolation.go +++ b/crypto/birkhoffinterpolation/birkhoffinterpolation.go @@ -64,6 +64,7 @@ func (p *BkParameter) String() string { func (p *BkParameter) GetLinearEquationCoefficient(fieldOrder *big.Int, degreePoly uint32) []*big.Int { result := make([]*big.Int, degreePoly+1) + // #nosec: G115: integer overflow conversion int -> uint32 for i := uint32(0); i < uint32(len(result)); i++ { result[i] = p.getDiffMonomialCoeff(fieldOrder, i) } @@ -178,6 +179,7 @@ func (bks BkParameters) ensureRankAndOrder(threshold uint32, fieldOrder *big.Int if err := utils.EnsureFieldOrder(fieldOrder); err != nil { return err } + // #nosec: G115: integer overflow conversion int -> uint32 if uint32(bks.Len()) < threshold { return ErrEqualOrLargerThreshold } @@ -241,8 +243,10 @@ func (bks BkParameters) GetAddShareCoefficient(ownBk, newBk *BkParameter, fieldO newRankFactorial = newRankFactorial.Mod(newRankFactorial, fieldOrder) } for i := newrank; i < uint64(threshold); i++ { + // #nosec: G115: integer overflow conversion int -> uint32 factorialCoe := new(big.Int).Binomial(int64(i), int64(i-newrank)) factorialCoe = factorialCoe.Mul(factorialCoe, newRankFactorial) + // #nosec: G115: integer overflow conversion int -> uint32 tempbki := birkhoffMatrix.Get(i, uint64(ownIndex)) tempResult := new(big.Int).Mul(factorialCoe, xPower) tempResult = tempResult.Mul(tempResult, tempbki) diff --git a/crypto/circuit/circuit.go b/crypto/circuit/circuit.go index 2eb5be22..aad3cbbf 100644 --- a/crypto/circuit/circuit.go +++ b/crypto/circuit/circuit.go @@ -333,6 +333,7 @@ func (cir *Circuit) Garbled(kBit int, input []uint8, f EncFunc) (*GarbleCircuit, // Generate others Circuit: XOR/AND/INV/EQ var F []*HalfGateMessage + // #nosec: G115: integer overflow conversion int -> uint32 for i := int32(0); i < int32(len(cir.gates)); i++ { g := cir.gates[i] switch g.gate { @@ -409,6 +410,7 @@ func (cir *Circuit) Garbled(kBit int, input []uint8, f EncFunc) (*GarbleCircuit, func decrypt(d []int32, Y [][]byte) []uint8 { result := make([]uint8, len(d)) for i := 0; i < len(d); i++ { + // #nosec: G115: integer overflow conversion int -> uint32 result[i] = uint8(d[i]) ^ lsb(Y[i]) } return result @@ -510,6 +512,7 @@ func setUint64ToBitSlice(input uint64) []uint8 { result[i] = 0 } for i := 0; i < big.BitLen(); i++ { + // #nosec: G115: integer overflow conversion int -> uint32 result[i] = uint8(big.Bit(i)) } return result @@ -525,6 +528,7 @@ func readText(scanner *bufio.Scanner) string { func Decrypt(d []int32, Y [][]byte) []uint8 { result := make([]uint8, len(d)) for i := 0; i < len(d); i++ { + // #nosec: G115: integer overflow conversion int -> uint32 result[i] = uint8(d[i]) ^ lsb(Y[i]) } return result diff --git a/crypto/circuit/circuit_test.go b/crypto/circuit/circuit_test.go index 30b4a885..cae8e955 100644 --- a/crypto/circuit/circuit_test.go +++ b/crypto/circuit/circuit_test.go @@ -511,6 +511,7 @@ func setHexToIntSlice(input string, exptected uint8) []uint8 { result[i] = 0 } for i := 0; i < big.BitLen(); i++ { + // #nosec: G115: integer overflow conversion int -> uint32 result[i] = uint8(big.Bit(i)) } return result diff --git a/crypto/dbnssystem/dbns.go b/crypto/dbnssystem/dbns.go index f589baa2..55497f31 100644 --- a/crypto/dbnssystem/dbns.go +++ b/crypto/dbnssystem/dbns.go @@ -131,6 +131,7 @@ func get23ExpansionSpecialcase(numberwithout23Factor *big.Int, deepOfBranch int) func getGivenDepth23Expansion(number *big.Int, upperDepth int) (*big.Int, []*expansion23, error) { numberList := []*big.Int{number} minPosition, exp2, exp3 := 0, 0, 0 + // #nosec: G115: integer overflow conversion int -> uint32 upperDepthMinus1 := uint(upperDepth - 1) var bStop bool minValue := new(big.Int).Set(number) @@ -226,6 +227,7 @@ func getMax2Factor(number *big.Int) (*big.Int, int) { bitLength := number.BitLen() for i := 0; i < bitLength; i++ { if number.Bit(i) != 0 { + // #nosec: G115: integer overflow conversion int -> uint32 number.Rsh(number, uint(i)) return number, i } diff --git a/crypto/matrix/matrix.go b/crypto/matrix/matrix.go index a6786b14..d93a3e44 100644 --- a/crypto/matrix/matrix.go +++ b/crypto/matrix/matrix.go @@ -597,6 +597,7 @@ func (m *Matrix) Equal(m2 *Matrix) bool { } for i, mm := range m.matrix { for j := range mm { + // #nosec: G115: integer overflow conversion int -> uint32 if m.Get(uint64(i), uint64(j)).Cmp(m2.Get(uint64(i), uint64(j))) != 0 { return false } diff --git a/crypto/ot/ot_ext_receiver.go b/crypto/ot/ot_ext_receiver.go index 6c15f0c7..fe0ba781 100644 --- a/crypto/ot/ot_ext_receiver.go +++ b/crypto/ot/ot_ext_receiver.go @@ -45,6 +45,7 @@ func NewExtReceiver(sid []byte, r []byte, otRMsg *OtReceiverMessage) (*OtExtRece } kappa := uint(len(otRMsg.GetBi())) // bitLength to byteLength + // #nosec: G115: integer overflow conversion int -> uint32 outputByteLength := int(m+kappa) >> 3 M, err := getMatrixM(sid, otSend.p0, outputByteLength) if err != nil { diff --git a/crypto/ot/ot_ext_sender.go b/crypto/ot/ot_ext_sender.go index e463eff4..b4e663ff 100644 --- a/crypto/ot/ot_ext_sender.go +++ b/crypto/ot/ot_ext_sender.go @@ -222,6 +222,7 @@ func getMatrixR(kappa uint, p0 [][]byte, r []uint8, outputByteLength int) ([][]u if err != nil { return nil, err } + // #nosec: G115: integer overflow conversion int -> uint32 randomrpai, err := utils.GenRandomBytes(int(kappa >> 3)) if err != nil { return nil, err diff --git a/crypto/ot/ot_receiver.go b/crypto/ot/ot_receiver.go index fe773ff0..9086cc9f 100644 --- a/crypto/ot/ot_receiver.go +++ b/crypto/ot/ot_receiver.go @@ -72,6 +72,7 @@ func NewReceiver(sid []byte, kappa int, ell int) (*OtReceiver, error) { return nil, err } bimsg[i] = tempMsg + // #nosec: G115: integer overflow conversion int -> uint32 b[i] = uint8(bi.Uint64()) a[i] = alphai } diff --git a/crypto/polynomial/polynomial.go b/crypto/polynomial/polynomial.go index 4e92ecd1..8aeb4097 100644 --- a/crypto/polynomial/polynomial.go +++ b/crypto/polynomial/polynomial.go @@ -68,6 +68,7 @@ func RandomPolynomial(fieldOrder *big.Int, degree uint32) (*Polynomial, error) { // Given f(x) is a polynomial, then output is f^(diffTime)(x) mod field order // Ex: f(x)=x^5+2*x^3, diffTime = 1 Then f^(1)(x)= 5*x^4+6*x^2 = 2*x^4. func (p *Polynomial) Differentiate(diffTime uint32) *Polynomial { + // #nosec: G115: integer overflow conversion int -> uint32 lengthPolyACoeff := uint32(p.Len()) reduceDegree := lengthPolyACoeff - diffTime diffCoeffSlice := make([]*big.Int, reduceDegree) @@ -125,6 +126,7 @@ func (p *Polynomial) Len() int { // Degree returns the degree of the polynomial func (p *Polynomial) Degree() uint32 { + // #nosec: G115: integer overflow conversion int -> uint32 return uint32(p.Len() - 1) } @@ -154,6 +156,7 @@ func (p *Polynomial) expend(xpoint, givenPoint *big.Int) (*Polynomial, error) { for i := 1; i < len(newCos); i++ { newCos[i] = big.NewInt(0) } + // #nosec: G115: integer overflow conversion int -> uint32 for i := uint32(1); i < uint32(len(newCos)); i++ { tempResult := expandMonomial(p.coefficients[i], givenPointPower, i) for j := 0; j < len(tempResult); j++ { diff --git a/crypto/tss/ecdsa/addshare/oldpeer/0_peer_handler.go b/crypto/tss/ecdsa/addshare/oldpeer/0_peer_handler.go index ea639b01..38aaf8c6 100644 --- a/crypto/tss/ecdsa/addshare/oldpeer/0_peer_handler.go +++ b/crypto/tss/ecdsa/addshare/oldpeer/0_peer_handler.go @@ -54,6 +54,7 @@ func newPeerHandler(peerManager types.PeerManager, pubkey *ecpointgrouplaw.ECPoi log.Warn("Inconsistent peer num", "bks", len(bks), "numPeers", numPeers) return nil, tss.ErrInconsistentPeerNumAndBks } + // #nosec: G115: integer overflow conversion int -> uint32 if err := utils.EnsureThreshold(threshold, uint32(lenBks)); err != nil { return nil, err } diff --git a/crypto/tss/ecdsa/gg18/reshare/0_commit_handler.go b/crypto/tss/ecdsa/gg18/reshare/0_commit_handler.go index 736cc09e..f7fe9724 100644 --- a/crypto/tss/ecdsa/gg18/reshare/0_commit_handler.go +++ b/crypto/tss/ecdsa/gg18/reshare/0_commit_handler.go @@ -56,6 +56,7 @@ func newCommitHandler(publicKey *ecpointgrouplaw.ECPoint, peerManager types.Peer log.Warn("Inconsistent peer num", "bks", len(bks), "numPeers", numPeers) return nil, tss.ErrInconsistentPeerNumAndBks } + // #nosec: G115: integer overflow conversion int -> uint32 if err := utils.EnsureThreshold(threshold, uint32(lenBks)); err != nil { return nil, err } diff --git a/crypto/tss/ecdsa/gg18/signer/0_pukkey_handler.go b/crypto/tss/ecdsa/gg18/signer/0_pukkey_handler.go index 00f3a042..71ed8aa5 100644 --- a/crypto/tss/ecdsa/gg18/signer/0_pukkey_handler.go +++ b/crypto/tss/ecdsa/gg18/signer/0_pukkey_handler.go @@ -213,7 +213,7 @@ func buildWiAndPeers(curveN *big.Int, bks map[string]*birkhoffinterpolation.BkPa i++ peers[id] = newPeer(id) } - + // #nosec: G115: integer overflow conversion int -> uint32 scalars, err := allBks.ComputeBkCoefficient(uint32(lenBks), curveN) if err != nil { log.Warn("Failed to compute bk coefficient", "allBks", allBks, "err", err) diff --git a/crypto/tss/ecdsa/gg18/signer/signer_test.go b/crypto/tss/ecdsa/gg18/signer/signer_test.go index 5709fc72..88eecd50 100644 --- a/crypto/tss/ecdsa/gg18/signer/signer_test.go +++ b/crypto/tss/ecdsa/gg18/signer/signer_test.go @@ -140,6 +140,7 @@ func newSigners(curve elliptic.Curve, expPublic *ecpointgrouplaw.ECPoint, ss [][ bks := make(map[string]*birkhoffinterpolation.BkParameter, threshold) for i := 0; i < threshold; i++ { + // #nosec: G115: integer overflow conversion int -> uint32 bks[tss.GetTestID(i)] = birkhoffinterpolation.NewBkParameter(ss[i][0], uint32(ss[i][2].Uint64())) } diff --git a/crypto/tss/eddsa/frost/signer/round_1.go b/crypto/tss/eddsa/frost/signer/round_1.go index c2aea65f..34a25442 100644 --- a/crypto/tss/eddsa/frost/signer/round_1.go +++ b/crypto/tss/eddsa/frost/signer/round_1.go @@ -453,6 +453,7 @@ func computeRhoElli(x []byte, E *ecpointgrouplaw.ECPoint, message []byte, B []by if err != nil { return nil, err } + // #nosec: G115: integer overflow conversion int -> uint32 bitUppBd := new(big.Int).Lsh(big1, uint(E.GetCurve().Params().N.BitLen())) for j := 0; j < maxRetry; j++ { tempMod := new(big.Int).Mod(temp, bitUppBd) diff --git a/crypto/tss/eddsa/frost/signer/signer_test.go b/crypto/tss/eddsa/frost/signer/signer_test.go index 12c95753..312e99cf 100644 --- a/crypto/tss/eddsa/frost/signer/signer_test.go +++ b/crypto/tss/eddsa/frost/signer/signer_test.go @@ -176,6 +176,7 @@ func newSigners(curve elliptic.Curve, expPublic *ecpointgrouplaw.ECPoint, ss [][ bks := make(map[string]*birkhoffinterpolation.BkParameter, threshold) Ys := make(map[string]*ecpointgrouplaw.ECPoint, threshold) for i := 0; i < threshold; i++ { + // #nosec: G115: integer overflow conversion int -> uint32 bks[tss.GetTestID(i)] = birkhoffinterpolation.NewBkParameter(ss[i][0], uint32(ss[i][2].Uint64())) Ys[tss.GetTestID(i)] = Y[i] } @@ -190,6 +191,7 @@ func newSigners(curve elliptic.Curve, expPublic *ecpointgrouplaw.ECPoint, ss [][ pm.Set(signersMain) peerManagers[i] = pm listeners[id] = new(mocks.StateChangedListener) + // #nosec: G115: integer overflow conversion int -> uint32 signers[id], err = NewSigner(expPublic, peerManagers[i], uint32(threshold), ss[i][1], dkgData, msg, listeners[id]) Expect(err).Should(BeNil()) signersMain[id] = signers[id] diff --git a/crypto/tss/recovery/recover_private_key.go b/crypto/tss/recovery/recover_private_key.go index f5f8af0d..7de7bfaf 100644 --- a/crypto/tss/recovery/recover_private_key.go +++ b/crypto/tss/recovery/recover_private_key.go @@ -31,6 +31,7 @@ func RecoverPrivateKey(curve elliptic.Curve, threshold uint32, pubKey *ecpointgr if curve == nil { return nil, ErrAbsentCurve } + // #nosec: G115: integer overflow conversion int -> uint32 if err := utils.EnsureThreshold(threshold, uint32(peerNum)); err != nil { return nil, err } diff --git a/crypto/tss/utils.go b/crypto/tss/utils.go index d32ac6bf..5019d501 100644 --- a/crypto/tss/utils.go +++ b/crypto/tss/utils.go @@ -89,6 +89,7 @@ func (p *TestPeerManager) Set(msgMains map[string]types.MessageMain) { } func (p *TestPeerManager) NumPeers() uint32 { + // #nosec: G115: integer overflow conversion int -> uint32 return uint32(len(p.peers)) } diff --git a/crypto/utils/prime.go b/crypto/utils/prime.go index 86c09d8a..6e6d3ee9 100644 --- a/crypto/utils/prime.go +++ b/crypto/utils/prime.go @@ -137,6 +137,7 @@ func GenerateRandomSafePrime(rand io.Reader, pbits int) (*SafePrime, error) { } upperbound := uint64(1024) bits := pbits - 1 + // #nosec: G115: integer overflow conversion int -> uint32 b := uint(bits % 8) if b == 0 { b = 8 @@ -149,6 +150,7 @@ func GenerateRandomSafePrime(rand io.Reader, pbits int) (*SafePrime, error) { } // Clear bits in the first byte to make sure the candidate has a size <= bits. + // #nosec: G115: integer overflow conversion int -> uint32 bytes[0] &= uint8(int(1< uint32 desireBitLength := uint(q.BitLen() + 1) ByteLength := int(math.Ceil(float64(desireBitLength) / 8)) expendResult := ExtendHashOutput(salt, message, ByteLength) @@ -299,6 +300,7 @@ func RandomAbsoluteRangeIntBySeed(salt []byte, message []byte, q *big.Int) *big. mod := new(big.Int).Lsh(big1, desireBitLength) result := new(big.Int).SetBytes(expendResult) result.Mod(result, mod) + // #nosec: G115: integer overflow conversion int -> uint32 translate := new(big.Int).Lsh(big1, uint(q.BitLen())) return result.Sub(result, translate) } @@ -363,6 +365,7 @@ func BitsToBytes(input []uint8) ([]byte, error) { temp := input[low : low+bitsPerByte] tempResult := temp[7] for j := 6; j >= 0; j-- { + // #nosec: G115: integer overflow conversion int -> uint32 tempResult += temp[j] << uint8(7-j) } result[i] = tempResult diff --git a/crypto/zkproof/integerfactorization.go b/crypto/zkproof/integerfactorization.go index e2485c5c..ace058d4 100644 --- a/crypto/zkproof/integerfactorization.go +++ b/crypto/zkproof/integerfactorization.go @@ -170,6 +170,7 @@ func (msg *IntegerFactorizationProofMessage) Verify() error { func generateZ(N *big.Int, index *big.Int, maxTry int) (*big.Int, error) { inputData := index.Bytes() + // #nosec: G115: integer overflow conversion int -> uint32 desireBitModular := new(big.Int).Lsh(big1, uint(N.BitLen())) for j := 0; j < maxTry; j++ { inputData = utils.ExtendHashOutput(inputData, N.Bytes(), N.BitLen()) diff --git a/crypto/zkproof/paillier/blummodzkproof.go b/crypto/zkproof/paillier/blummodzkproof.go index 604327e6..bee01d0c 100644 --- a/crypto/zkproof/paillier/blummodzkproof.go +++ b/crypto/zkproof/paillier/blummodzkproof.go @@ -175,6 +175,7 @@ func (msg *PaillierBlumMessage) Verify(ssidInfo []byte, n *big.Int) error { func computeyByRejectSampling(w *big.Int, n *big.Int, salt []byte, ssidInfo []byte) (*big.Int, []byte, error) { var yi *big.Int ByteLength := int(math.Ceil(float64(n.BitLen()) / 8)) + // #nosec: G115: integer overflow conversion int -> uint32 desireModular := new(big.Int).Lsh(big1, uint(n.BitLen())) for j := 0; j < maxRetry; j++ { yiSeed, err := utils.HashProtos(salt, utils.GetAnyMsg(ssidInfo, n.Bytes(), w.Bytes())...) diff --git a/crypto/zkproof/paillier/curve.go b/crypto/zkproof/paillier/curve.go index 46a0f4d1..e9b3a381 100644 --- a/crypto/zkproof/paillier/curve.go +++ b/crypto/zkproof/paillier/curve.go @@ -40,8 +40,11 @@ type CurveConfig struct { func NewS256() *CurveConfig { curve := elliptic.Secp256k1() N := curve.Params().N + // #nosec: G115: integer overflow conversion int -> uint32 epsilon := uint(epsilonFactor * N.BitLen()) + // #nosec: G115: integer overflow conversion int -> uint32 L := uint(LFactor * N.BitLen()) + // #nosec: G115: integer overflow conversion int -> uint32 Lpai := uint(LpaiFactor * N.BitLen()) return &CurveConfig{ Curve: curve, diff --git a/example/node/pm.go b/example/node/pm.go index 76b0351a..413caeb2 100644 --- a/example/node/pm.go +++ b/example/node/pm.go @@ -46,6 +46,7 @@ func NewPeerManager(id string, host host.Host, protocol protocol.ID) *peerManage } func (p *peerManager) NumPeers() uint32 { + // #nosec: G115: integer overflow conversion int -> uint32 return uint32(len(p.peers)) }