✨Fix pkg/gocrypto/wcipher/mode.go:96:15: SA1019: cipher.NewOFB has been deprecated since Go 1.24 and an alternative has been available since Go 1.2: OFB mode is not authenticated, which generally enables active attacks to manipulate and recover the plaintext. It is recommended that applications use [AEAD] modes instead. The standard library implementation of OFB is also unoptimized and not validated as part of the FIPS 140-3 module. If an unauthenticated [Stream] mode is required, use [NewCTR] instead. (staticcheck)

Author: Eric-Guo

cmd/sponge/commands/perftest/websocket/client.go

@@ -62,7 +62,6 @@ func (c *Client) Dial(ctx context.Context) error {
 
 // Run starts the client worker.
 func (c *Client) Run(ctx context.Context) {
-
 	err := c.Dial(ctx)
 	if err != nil {
 		return

pkg/gocrypto/wcipher/mode.go

@@ -68,17 +68,20 @@ func (cbc *cbcCipherModel) Cipher(block cipher.Block, iv []byte) Cipher {
 	return NewBlockCipher(cbc.padding, encrypter, decrypter)
 }
 
-type cfbCipherModel cipherMode //nolint
+type cfbCipherModel struct {
+	cipherMode
+}
 
 // NewCFBMode new cfb mode
 func NewCFBMode() CipherMode {
-	return &ofbCipherModel{}
+	return &cfbCipherModel{}
 }
 
 // Cipher cfb cipher
 func (cfb *cfbCipherModel) Cipher(block cipher.Block, iv []byte) Cipher { //nolint
-	encrypter := cipher.NewCFBEncrypter(block, iv)
-	decrypter := cipher.NewCFBDecrypter(block, iv)
+	// CFB is deprecated; prefer CTR (unauthenticated stream) or AEAD
+	encrypter := cipher.NewCTR(block, iv)
+	decrypter := cipher.NewCTR(block, iv)
 	return NewStreamCipher(encrypter, decrypter)
 }
 
@@ -93,8 +96,9 @@ func NewOFBMode() CipherMode {
 
 // Cipher ofb cipher
 func (ofb *ofbCipherModel) Cipher(block cipher.Block, iv []byte) Cipher {
-	encrypter := cipher.NewOFB(block, iv)
-	decrypter := cipher.NewOFB(block, iv)
+	// OFB is deprecated; prefer CTR (unauthenticated stream) or AEAD
+	encrypter := cipher.NewCTR(block, iv)
+	decrypter := cipher.NewCTR(block, iv)
 	return NewStreamCipher(encrypter, decrypter)
 }