Fix nosec comments
This commit is contained in:
Nicola Asuni
@@ -33,7 +33,7 @@ func Decrypt(privateKey []byte, doc []byte) ([]byte, error) {
|
|||||||
return nil, popError()
|
return nil, popError()
|
||||||
}
|
}
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
key := C.xmlSecCryptoAppKeyLoadMemory(
|
key := C.xmlSecCryptoAppKeyLoadMemory(
|
||||||
(*C.xmlSecByte)(unsafe.Pointer(&privateKey[0])),
|
(*C.xmlSecByte)(unsafe.Pointer(&privateKey[0])),
|
||||||
C.xmlSecSize(len(privateKey)),
|
C.xmlSecSize(len(privateKey)),
|
||||||
@@ -60,7 +60,7 @@ func Decrypt(privateKey []byte, doc []byte) ([]byte, error) {
|
|||||||
}
|
}
|
||||||
defer C.xmlSecEncCtxDestroy(encCtx)
|
defer C.xmlSecEncCtxDestroy(encCtx)
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
encDataNode := C.xmlSecFindNode(C.xmlDocGetRootElement(parsedDoc),
|
encDataNode := C.xmlSecFindNode(C.xmlDocGetRootElement(parsedDoc),
|
||||||
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecNodeEncryptedData)),
|
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecNodeEncryptedData)),
|
||||||
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecEncNs)))
|
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecEncNs)))
|
||||||
|
|||||||
@@ -91,7 +91,7 @@ var errInvalidAlgorithm = errors.New("invalid algorithm")
|
|||||||
// Note: the invocations of C.CString() here return a pointer to a string
|
// Note: the invocations of C.CString() here return a pointer to a string
|
||||||
// allocated from the C heap that would normally need to freed by calling
|
// allocated from the C heap that would normally need to freed by calling
|
||||||
// C.free, but because these are global, we can just leak them.
|
// C.free, but because these are global, we can just leak them.
|
||||||
// nosec
|
// #nosec
|
||||||
var (
|
var (
|
||||||
constDsigNamespace = (*C.xmlChar)(unsafe.Pointer(C.CString("http://www.w3.org/2000/09/xmldsig#")))
|
constDsigNamespace = (*C.xmlChar)(unsafe.Pointer(C.CString("http://www.w3.org/2000/09/xmldsig#")))
|
||||||
constDigestMethod = (*C.xmlChar)(unsafe.Pointer(C.CString("DigestMethod")))
|
constDigestMethod = (*C.xmlChar)(unsafe.Pointer(C.CString("DigestMethod")))
|
||||||
@@ -118,7 +118,7 @@ func Encrypt(publicKey, doc []byte, opts EncryptOptions) ([]byte, error) {
|
|||||||
return nil, mustPopError()
|
return nil, mustPopError()
|
||||||
}
|
}
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
key := C.xmlSecCryptoAppKeyLoadMemory(
|
key := C.xmlSecCryptoAppKeyLoadMemory(
|
||||||
(*C.xmlSecByte)(unsafe.Pointer(&publicKey[0])),
|
(*C.xmlSecByte)(unsafe.Pointer(&publicKey[0])),
|
||||||
C.xmlSecSize(len(publicKey)),
|
C.xmlSecSize(len(publicKey)),
|
||||||
@@ -128,7 +128,7 @@ func Encrypt(publicKey, doc []byte, opts EncryptOptions) ([]byte, error) {
|
|||||||
return nil, mustPopError()
|
return nil, mustPopError()
|
||||||
}
|
}
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
if rv := C.xmlSecCryptoAppKeyCertLoadMemory(key,
|
if rv := C.xmlSecCryptoAppKeyCertLoadMemory(key,
|
||||||
(*C.xmlSecByte)(unsafe.Pointer(&publicKey[0])),
|
(*C.xmlSecByte)(unsafe.Pointer(&publicKey[0])),
|
||||||
C.xmlSecSize(len(publicKey)),
|
C.xmlSecSize(len(publicKey)),
|
||||||
@@ -165,7 +165,7 @@ func Encrypt(publicKey, doc []byte, opts EncryptOptions) ([]byte, error) {
|
|||||||
|
|
||||||
// create encryption template to encrypt XML file and replace
|
// create encryption template to encrypt XML file and replace
|
||||||
// its content with encryption result
|
// its content with encryption result
|
||||||
// nosec
|
// #nosec
|
||||||
encDataNode := C.xmlSecTmplEncDataCreate(parsedDoc, sessionCipherTransform,
|
encDataNode := C.xmlSecTmplEncDataCreate(parsedDoc, sessionCipherTransform,
|
||||||
nil, (*C.xmlChar)(unsafe.Pointer(&C.xmlSecTypeEncElement)), nil, nil)
|
nil, (*C.xmlChar)(unsafe.Pointer(&C.xmlSecTypeEncElement)), nil, nil)
|
||||||
if encDataNode == nil {
|
if encDataNode == nil {
|
||||||
|
|||||||
@@ -9,6 +9,6 @@ import "C"
|
|||||||
func getThreadID() uintptr {
|
func getThreadID() uintptr {
|
||||||
// Darwin lacks a meaningful version of gettid() so instead we use
|
// Darwin lacks a meaningful version of gettid() so instead we use
|
||||||
// ptread_self() as a proxy.
|
// ptread_self() as a proxy.
|
||||||
// nosec
|
// #nosec
|
||||||
return uintptr(unsafe.Pointer(C.pthread_self()))
|
return uintptr(unsafe.Pointer(C.pthread_self()))
|
||||||
}
|
}
|
||||||
|
|||||||
10
xmldsig.go
10
xmldsig.go
@@ -48,7 +48,7 @@ func Sign(key []byte, doc []byte, opts SignatureOptions) ([]byte, error) {
|
|||||||
}
|
}
|
||||||
defer C.xmlSecDSigCtxDestroy(ctx)
|
defer C.xmlSecDSigCtxDestroy(ctx)
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
ctx.signKey = C.xmlSecCryptoAppKeyLoadMemory(
|
ctx.signKey = C.xmlSecCryptoAppKeyLoadMemory(
|
||||||
(*C.xmlSecByte)(unsafe.Pointer(&key[0])),
|
(*C.xmlSecByte)(unsafe.Pointer(&key[0])),
|
||||||
C.xmlSecSize(len(key)),
|
C.xmlSecSize(len(key)),
|
||||||
@@ -64,7 +64,7 @@ func Sign(key []byte, doc []byte, opts SignatureOptions) ([]byte, error) {
|
|||||||
}
|
}
|
||||||
defer closeDoc(parsedDoc)
|
defer closeDoc(parsedDoc)
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
node := C.xmlSecFindNode(C.xmlDocGetRootElement(parsedDoc),
|
node := C.xmlSecFindNode(C.xmlDocGetRootElement(parsedDoc),
|
||||||
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecNodeSignature)),
|
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecNodeSignature)),
|
||||||
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecDSigNs)))
|
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecDSigNs)))
|
||||||
@@ -108,7 +108,7 @@ func Verify(publicKey []byte, doc []byte, opts SignatureOptions) error {
|
|||||||
return mustPopError()
|
return mustPopError()
|
||||||
}
|
}
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
key := C.xmlSecCryptoAppKeyLoadMemory(
|
key := C.xmlSecCryptoAppKeyLoadMemory(
|
||||||
(*C.xmlSecByte)(unsafe.Pointer(&publicKey[0])),
|
(*C.xmlSecByte)(unsafe.Pointer(&publicKey[0])),
|
||||||
C.xmlSecSize(len(publicKey)),
|
C.xmlSecSize(len(publicKey)),
|
||||||
@@ -118,7 +118,7 @@ func Verify(publicKey []byte, doc []byte, opts SignatureOptions) error {
|
|||||||
return mustPopError()
|
return mustPopError()
|
||||||
}
|
}
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
if rv := C.xmlSecCryptoAppKeyCertLoadMemory(key,
|
if rv := C.xmlSecCryptoAppKeyCertLoadMemory(key,
|
||||||
(*C.xmlSecByte)(unsafe.Pointer(&publicKey[0])),
|
(*C.xmlSecByte)(unsafe.Pointer(&publicKey[0])),
|
||||||
C.xmlSecSize(len(publicKey)),
|
C.xmlSecSize(len(publicKey)),
|
||||||
@@ -143,7 +143,7 @@ func Verify(publicKey []byte, doc []byte, opts SignatureOptions) error {
|
|||||||
}
|
}
|
||||||
defer closeDoc(parsedDoc)
|
defer closeDoc(parsedDoc)
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
node := C.xmlSecFindNode(C.xmlDocGetRootElement(parsedDoc),
|
node := C.xmlSecFindNode(C.xmlDocGetRootElement(parsedDoc),
|
||||||
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecNodeSignature)),
|
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecNodeSignature)),
|
||||||
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecDSigNs)))
|
(*C.xmlChar)(unsafe.Pointer(&C.xmlSecDSigNs)))
|
||||||
|
|||||||
14
xmlsec.go
14
xmlsec.go
@@ -40,7 +40,7 @@ func init() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func newDoc(buf []byte, idattrs []XMLIDOption) (*C.xmlDoc, error) {
|
func newDoc(buf []byte, idattrs []XMLIDOption) (*C.xmlDoc, error) {
|
||||||
// nosec
|
// #nosec
|
||||||
ctx := C.xmlCreateMemoryParserCtxt((*C.char)(unsafe.Pointer(&buf[0])),
|
ctx := C.xmlCreateMemoryParserCtxt((*C.char)(unsafe.Pointer(&buf[0])),
|
||||||
C.int(len(buf)))
|
C.int(len(buf)))
|
||||||
if ctx == nil {
|
if ctx == nil {
|
||||||
@@ -77,18 +77,18 @@ func addIDAttr(node *C.xmlNode, attrName, nodeName, nsHref string) {
|
|||||||
cur = C.xmlSecGetNextElementNode(cur.next)
|
cur = C.xmlSecGetNextElementNode(cur.next)
|
||||||
}
|
}
|
||||||
|
|
||||||
// nosec
|
// #nosec
|
||||||
if C.GoString((*C.char)(unsafe.Pointer(node.name))) != nodeName {
|
if C.GoString((*C.char)(unsafe.Pointer(node.name))) != nodeName {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
// nosec
|
// #nosec
|
||||||
if nsHref != "" && node.ns != nil && C.GoString((*C.char)(unsafe.Pointer(node.ns.href))) != nsHref {
|
if nsHref != "" && node.ns != nil && C.GoString((*C.char)(unsafe.Pointer(node.ns.href))) != nsHref {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// the attribute with name equal to attrName should exist
|
// the attribute with name equal to attrName should exist
|
||||||
for attr := node.properties; attr != nil; attr = attr.next {
|
for attr := node.properties; attr != nil; attr = attr.next {
|
||||||
// nosec
|
// #nosec
|
||||||
if C.GoString((*C.char)(unsafe.Pointer(attr.name))) == attrName {
|
if C.GoString((*C.char)(unsafe.Pointer(attr.name))) == attrName {
|
||||||
id := C.xmlNodeListGetString(node.doc, attr.children, 1)
|
id := C.xmlNodeListGetString(node.doc, attr.children, 1)
|
||||||
if id == nil {
|
if id == nil {
|
||||||
@@ -108,9 +108,9 @@ func dumpDoc(doc *C.xmlDoc) []byte {
|
|||||||
var buffer *C.xmlChar
|
var buffer *C.xmlChar
|
||||||
var bufferSize C.int
|
var bufferSize C.int
|
||||||
C.xmlDocDumpMemory(doc, &buffer, &bufferSize)
|
C.xmlDocDumpMemory(doc, &buffer, &bufferSize)
|
||||||
defer C.MY_xmlFree(unsafe.Pointer(buffer)) // nosec
|
defer C.MY_xmlFree(unsafe.Pointer(buffer)) // #nosec
|
||||||
|
|
||||||
return C.GoBytes(unsafe.Pointer(buffer), bufferSize) // nosec
|
return C.GoBytes(unsafe.Pointer(buffer), bufferSize) // #nosec
|
||||||
}
|
}
|
||||||
|
|
||||||
func dumpNode(node *C.xmlNode) []byte {
|
func dumpNode(node *C.xmlNode) []byte {
|
||||||
@@ -118,5 +118,5 @@ func dumpNode(node *C.xmlNode) []byte {
|
|||||||
defer C.xmlBufferFree(buffer)
|
defer C.xmlBufferFree(buffer)
|
||||||
bufferSize := C.xmlNodeDump(buffer, nil, node, 0, 0)
|
bufferSize := C.xmlNodeDump(buffer, nil, node, 0, 0)
|
||||||
|
|
||||||
return C.GoBytes(unsafe.Pointer(buffer.content), bufferSize) // nosec
|
return C.GoBytes(unsafe.Pointer(buffer.content), bufferSize) // #nosec
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user