diff --git a/cmd/boulder-wfe2/main_test.go b/cmd/boulder-wfe2/main_test.go index eb97845b8..4ee509ab5 100644 --- a/cmd/boulder-wfe2/main_test.go +++ b/cmd/boulder-wfe2/main_test.go @@ -184,7 +184,7 @@ func TestLoadCertificateChains(t *testing.T) { test.AssertEquals(t, len(resultMap), len(tc.ExpectedMap)) test.AssertEquals(t, len(issuers), len(tc.ExpectedMap)) for url, chain := range resultMap { - test.Assert(t, bytes.Compare(chain, tc.ExpectedMap[url]) == 0, "Chain bytes did not match expected") + test.Assert(t, bytes.Equal(chain, tc.ExpectedMap[url]), "Chain bytes did not match expected") } }) } diff --git a/cmd/ceremony/cert.go b/cmd/ceremony/cert.go index 1e806501c..041d02110 100644 --- a/cmd/ceremony/cert.go +++ b/cmd/ceremony/cert.go @@ -296,14 +296,14 @@ func newSigner(ctx pkcs11helpers.PKCtx, session pkcs11.SessionHandle, label stri var keyType pkcs11helpers.KeyType switch { // 0x00000000, CKK_RSA - case bytes.Compare(attrs[0].Value, []byte{0, 0, 0, 0, 0, 0, 0, 0}) == 0: + case bytes.Equal(attrs[0].Value, []byte{0, 0, 0, 0, 0, 0, 0, 0}): keyType = pkcs11helpers.RSAKey pub, err = pkcs11helpers.GetRSAPublicKey(ctx, session, pubHandle) if err != nil { return nil, fmt.Errorf("failed to retrieve public key: %s", err) } // 0x00000003, CKK_ECDSA - case bytes.Compare(attrs[0].Value, []byte{3, 0, 0, 0, 0, 0, 0, 0}) == 0: + case bytes.Equal(attrs[0].Value, []byte{3, 0, 0, 0, 0, 0, 0, 0}): keyType = pkcs11helpers.ECDSAKey pub, err = pkcs11helpers.GetECDSAPublicKey(ctx, session, pubHandle) if err != nil { diff --git a/cmd/ceremony/cert_test.go b/cmd/ceremony/cert_test.go index 25de08cae..4fc7341ae 100644 --- a/cmd/ceremony/cert_test.go +++ b/cmd/ceremony/cert_test.go @@ -299,7 +299,7 @@ func TestGetKey(t *testing.T) { return []*pkcs11.Attribute{pkcs11.NewAttribute(pkcs11.CKA_KEY_TYPE, pkcs11.CKK_EC)}, nil } ctx.FindObjectsInitFunc = func(_ pkcs11.SessionHandle, tmpl []*pkcs11.Attribute) error { - if bytes.Compare(tmpl[0].Value, []byte{2, 0, 0, 0, 0, 0, 0, 0}) == 0 { + if bytes.Equal(tmpl[0].Value, []byte{2, 0, 0, 0, 0, 0, 0, 0}) { return errors.New("broken") } return nil diff --git a/cmd/key-hash-backfill/main_test.go b/cmd/key-hash-backfill/main_test.go index 0906adda4..d84d58b94 100644 --- a/cmd/key-hash-backfill/main_test.go +++ b/cmd/key-hash-backfill/main_test.go @@ -102,7 +102,7 @@ func TestBackfill(t *testing.T) { test.AssertEquals(t, keyHashes[0].CertNotAfter, expires) test.AssertEquals(t, keyHashes[1].CertNotAfter, expires) test.AssertEquals(t, keyHashes[2].CertNotAfter, expires) - test.Assert(t, bytes.Compare(keyHashes[0].KeyHash, spkiHash[:]) == 0, "SPKI hash mismatch") - test.Assert(t, bytes.Compare(keyHashes[1].KeyHash, spkiHash[:]) == 0, "SPKI hash mismatch") - test.Assert(t, bytes.Compare(keyHashes[2].KeyHash, spkiHash[:]) == 0, "SPKI hash mismatch") + test.Assert(t, bytes.Equal(keyHashes[0].KeyHash, spkiHash[:]), "SPKI hash mismatch") + test.Assert(t, bytes.Equal(keyHashes[1].KeyHash, spkiHash[:]), "SPKI hash mismatch") + test.Assert(t, bytes.Equal(keyHashes[2].KeyHash, spkiHash[:]), "SPKI hash mismatch") } diff --git a/cmd/ocsp-responder/main.go b/cmd/ocsp-responder/main.go index 0626e9472..9f48f1dac 100644 --- a/cmd/ocsp-responder/main.go +++ b/cmd/ocsp-responder/main.go @@ -86,7 +86,7 @@ type dbResponse struct { // Response is called by the HTTP server to handle a new OCSP request. func (src *DBSource) Response(req *ocsp.Request) ([]byte, http.Header, error) { // Check that this request is for the proper CA - if bytes.Compare(req.IssuerKeyHash, src.caKeyHash) != 0 { + if !bytes.Equal(req.IssuerKeyHash, src.caKeyHash) { src.log.Debugf("Request intended for CA Cert ID: %s", hex.EncodeToString(req.IssuerKeyHash)) return nil, nil, bocsp.ErrNotFound }