Use bytes.Equal instead of bytes.Compare == 0 (letsencrypt#4758)

jsha · web-flow · commit 0e9ac0c638fc · 2020-04-08T17:20:56.000-07:00
staticcheck cleanup: https://staticcheck.io/docs/checks#S1004
diff --git a/cmd/boulder-wfe2/main_test.go b/cmd/boulder-wfe2/main_test.go
@@ -184,7 +184,7 @@ func TestLoadCertificateChains(t *testing.T) {
 			test.AssertEquals(t, len(resultMap), len(tc.ExpectedMap))
 			test.AssertEquals(t, len(issuers), len(tc.ExpectedMap))
 			for url, chain := range resultMap {
-				test.Assert(t, bytes.Compare(chain, tc.ExpectedMap[url]) == 0, "Chain bytes did not match expected")
+				test.Assert(t, bytes.Equal(chain, tc.ExpectedMap[url]), "Chain bytes did not match expected")
 			}
 		})
 	}
diff --git a/cmd/ceremony/cert.go b/cmd/ceremony/cert.go
@@ -296,14 +296,14 @@ func newSigner(ctx pkcs11helpers.PKCtx, session pkcs11.SessionHandle, label stri
 	var keyType pkcs11helpers.KeyType
 	switch {
 	// 0x00000000, CKK_RSA
-	case bytes.Compare(attrs[0].Value, []byte{0, 0, 0, 0, 0, 0, 0, 0}) == 0:
+	case bytes.Equal(attrs[0].Value, []byte{0, 0, 0, 0, 0, 0, 0, 0}):
 		keyType = pkcs11helpers.RSAKey
 		pub, err = pkcs11helpers.GetRSAPublicKey(ctx, session, pubHandle)
 		if err != nil {
 			return nil, fmt.Errorf("failed to retrieve public key: %s", err)
 		}
 	// 0x00000003, CKK_ECDSA
-	case bytes.Compare(attrs[0].Value, []byte{3, 0, 0, 0, 0, 0, 0, 0}) == 0:
+	case bytes.Equal(attrs[0].Value, []byte{3, 0, 0, 0, 0, 0, 0, 0}):
 		keyType = pkcs11helpers.ECDSAKey
 		pub, err = pkcs11helpers.GetECDSAPublicKey(ctx, session, pubHandle)
 		if err != nil {
diff --git a/cmd/ceremony/cert_test.go b/cmd/ceremony/cert_test.go
@@ -299,7 +299,7 @@ func TestGetKey(t *testing.T) {
 		return []*pkcs11.Attribute{pkcs11.NewAttribute(pkcs11.CKA_KEY_TYPE, pkcs11.CKK_EC)}, nil
 	}
 	ctx.FindObjectsInitFunc = func(_ pkcs11.SessionHandle, tmpl []*pkcs11.Attribute) error {
-		if bytes.Compare(tmpl[0].Value, []byte{2, 0, 0, 0, 0, 0, 0, 0}) == 0 {
+		if bytes.Equal(tmpl[0].Value, []byte{2, 0, 0, 0, 0, 0, 0, 0}) {
 			return errors.New("broken")
 		}
 		return nil
diff --git a/cmd/key-hash-backfill/main_test.go b/cmd/key-hash-backfill/main_test.go
@@ -102,7 +102,7 @@ func TestBackfill(t *testing.T) {
 	test.AssertEquals(t, keyHashes[0].CertNotAfter, expires)
 	test.AssertEquals(t, keyHashes[1].CertNotAfter, expires)
 	test.AssertEquals(t, keyHashes[2].CertNotAfter, expires)
-	test.Assert(t, bytes.Compare(keyHashes[0].KeyHash, spkiHash[:]) == 0, "SPKI hash mismatch")
-	test.Assert(t, bytes.Compare(keyHashes[1].KeyHash, spkiHash[:]) == 0, "SPKI hash mismatch")
-	test.Assert(t, bytes.Compare(keyHashes[2].KeyHash, spkiHash[:]) == 0, "SPKI hash mismatch")
+	test.Assert(t, bytes.Equal(keyHashes[0].KeyHash, spkiHash[:]), "SPKI hash mismatch")
+	test.Assert(t, bytes.Equal(keyHashes[1].KeyHash, spkiHash[:]), "SPKI hash mismatch")
+	test.Assert(t, bytes.Equal(keyHashes[2].KeyHash, spkiHash[:]), "SPKI hash mismatch")
 }
diff --git a/cmd/ocsp-responder/main.go b/cmd/ocsp-responder/main.go
@@ -86,7 +86,7 @@ type dbResponse struct {
 // Response is called by the HTTP server to handle a new OCSP request.
 func (src *DBSource) Response(req *ocsp.Request) ([]byte, http.Header, error) {
 	// Check that this request is for the proper CA
-	if bytes.Compare(req.IssuerKeyHash, src.caKeyHash) != 0 {
+	if !bytes.Equal(req.IssuerKeyHash, src.caKeyHash) {
 		src.log.Debugf("Request intended for CA Cert ID: %s", hex.EncodeToString(req.IssuerKeyHash))
 		return nil, nil, bocsp.ErrNotFound
 	}

Original file line number	Diff line number	Diff line change
`@@ -184,7 +184,7 @@ func TestLoadCertificateChains(t *testing.T) {`
`184`	`184`	`test.AssertEquals(t, len(resultMap), len(tc.ExpectedMap))`
`185`	`185`	`test.AssertEquals(t, len(issuers), len(tc.ExpectedMap))`
`186`	`186`	`for url, chain := range resultMap {`
`187`		`- test.Assert(t, bytes.Compare(chain, tc.ExpectedMap[url]) == 0, "Chain bytes did not match expected")`
	`187`	`+ test.Assert(t, bytes.Equal(chain, tc.ExpectedMap[url]), "Chain bytes did not match expected")`
`188`	`188`	`}`
`189`	`189`	`})`
`190`	`190`	`}`
Original file line number	Diff line number	Diff line change
`@@ -299,7 +299,7 @@ func TestGetKey(t *testing.T) {`
`299`	`299`	`return []*pkcs11.Attribute{pkcs11.NewAttribute(pkcs11.CKA_KEY_TYPE, pkcs11.CKK_EC)}, nil`
`300`	`300`	`}`
`301`	`301`	`ctx.FindObjectsInitFunc = func(_ pkcs11.SessionHandle, tmpl []*pkcs11.Attribute) error {`
`302`		`- if bytes.Compare(tmpl[0].Value, []byte{2, 0, 0, 0, 0, 0, 0, 0}) == 0 {`
	`302`	`+ if bytes.Equal(tmpl[0].Value, []byte{2, 0, 0, 0, 0, 0, 0, 0}) {`
`303`	`303`	`return errors.New("broken")`
`304`	`304`	`}`
`305`	`305`	`return nil`
Original file line number	Diff line number	Diff line change
`@@ -86,7 +86,7 @@ type dbResponse struct {`
`86`	`86`	`// Response is called by the HTTP server to handle a new OCSP request.`
`87`	`87`	`func (src DBSource) Response(req ocsp.Request) ([]byte, http.Header, error) {`
`88`	`88`	`// Check that this request is for the proper CA`
`89`		`- if bytes.Compare(req.IssuerKeyHash, src.caKeyHash) != 0 {`
	`89`	`+ if !bytes.Equal(req.IssuerKeyHash, src.caKeyHash) {`
`90`	`90`	`src.log.Debugf("Request intended for CA Cert ID: %s", hex.EncodeToString(req.IssuerKeyHash))`
`91`	`91`	`return nil, nil, bocsp.ErrNotFound`
`92`	`92`	`}`