Issue 4878 - Start using ESLint for adblockpluscore

lib/rsa.js

 /*
  * This file is part of Adblock Plus <https://adblockplus.org/>,
  * Copyright (C) 2006-2016 Eyeo GmbH
  *
  * Adblock Plus is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 3 as
  * published by the Free Software Foundation.
  *
  * Adblock Plus is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
  * along with Adblock Plus.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+/* global console */
+
 "use strict";
 
 /**
  * This is a specialized RSA library meant only to verify SHA1-based signatures.
  */
 
-let {BigInteger} = require("jsbn");
-let Rusha = require("rusha");
+const {BigInteger} = require("jsbn");
+const Rusha = require("rusha");
 
 let rusha = new Rusha();
 
 // Define ASN.1 templates for the data structures used
 function seq(...args)
 {
   return {type: 0x30, children: args};
 }
 function obj(id)
 {
@@ skipping 66 matching lines @@
     let len = readLength();
     if ("type" in curTempl && curTempl.type != type)
       throw "Unexpected type";
     if ("content" in curTempl && curTempl.content != data.substr(pos, len))
       throw "Unexpected content";
     if ("out" in curTempl)
       out[curTempl.out] = new BigInteger(data.substr(pos, len), 256);
     if ("children" in curTempl)
     {
       let i;
       let end;

[Sebastian Noack, 2017/02/21 09:19:31]

These variables aren't used outside of the loop, so the declaration should go
inside the loop head.

[kzar, 2017/02/21 10:37:02]

They are used outside of the loop.

       for (i = 0, end = pos + len; pos < end; i++)
       {
         if (i >= curTempl.children.length)
           throw "Too many children";
         readNode(curTempl.children[i]);
       }
       if (i < curTempl.children.length)
         throw "Too few children";
       if (pos > end)
         throw "Children too large";
@@ skipping 12 matching lines @@
   readNode(templ);
   if (pos != data.length)
     throw "Too much data";
   return out;
 }
 
 /**
  * Reads a BER-encoded RSA public key. On success returns an object with the
  * properties n and e (the components of the key), otherwise null.
  * @param {string} key
- * @return {Object|null}
+ * @return {?Object}
  */
 function readPublicKey(key)
 {
   try
   {
     return readASN1(atob(key), publicKeyTemplate);
   }
   catch (e)
   {
     console.warn("Invalid RSA public key: " + e);
@@ skipping 22 matching lines @@
   let digest = sigInt.modPowInt(keyData.e, keyData.n).toString(256);
 
   try
   {
     let pos = 0;
     let next = () => digest.charCodeAt(pos++);
 
     // Skip padding, see http://tools.ietf.org/html/rfc3447#section-9.2 step 5
     if (next() != 1)
       throw "Wrong padding in signature digest";
-    while (next() == 255)
-    {
-      // Empty

[Sebastian Noack, 2017/02/21 09:19:31]

I start to wonder what's the point of the no-empty rule. So far we only
encountered instances of legit empty blocks. Unfortunately, there isn't an
option to allow while-loops with empty block, neither does the "// Empty"
comment add any useful information. Considering that we didn't see a single
inappropriate use of empty blocks yet, and that those would be unlikely to make
it past our code review, we might want to remove that rule altogether.

[kzar, 2017/02/21 10:37:01]

Done. https://codereview.adblockplus.org/29376719/

-    }
+    while (next() == 255) {}
     if (digest.charCodeAt(pos - 1) != 0)
       throw "Wrong padding in signature digest";
 
     // Rest is an ASN.1 structure, get the SHA1 hash from it and compare to
     // the real one
     let {sha1} = readASN1(digest.substr(pos), signatureTemplate);
     let expected = new BigInteger(rusha.digest(data), 16);
     return (sha1.compareTo(expected) == 0);
   }
   catch (e)
   {
     console.warn("Invalid encrypted signature: " + e);
     return false;
   }
 }
 exports.verifySignature = verifySignature;