Resolves some linting errors flagged in GitHub actions

Author: Andrew Mitchell

client/client.go

@@ -388,6 +388,9 @@ func (c *Client) LoadTLSCertificate(server, certFile string) (cert tls.Certifica
 	return cert, nil
 }
 
+// DefaultLoadPubKey will parse a public key from the provided bytes.
+// The function used to load the public key in ScanDir if no LoadPubKey
+// argument is provided
 func DefaultLoadPubKey(in []byte) (crypto.PublicKey, error) {
 	block, _ := pem.Decode(in)
 	if block == nil {

client/keys.go

@@ -66,15 +66,13 @@ func signOpFromSignerOpts(key *PrivateKey, opts crypto.SignerOpts) protocol.Op {
 	case *rsa.PublicKey:
 		if value, ok := rsaCrypto[opts.HashFunc()]; ok {
 			return value
-		} else {
-			return protocol.OpError
 		}
+		return protocol.OpError
 	case *ecdsa.PublicKey:
 		if value, ok := ecdsaCrypto[opts.HashFunc()]; ok {
 			return value
-		} else {
-			return protocol.OpError
 		}
+		return protocol.OpError
 	case ed25519.PublicKey:
 		return protocol.OpEd25519Sign
 	default:

cmd/gokeyless/gokeyless.go

@@ -240,7 +240,7 @@ func runMain() error {
 
 		return nil
 	case manualMode && configMode:
-		return fmt.Errorf("can't specify both --manual-activation and --config-only!")
+		return fmt.Errorf("can't specify both --manual-activation and --config-only")
 	case manualMode:
 		// Allow manual activation (requires the CSR to be manually signed).
 		// manual activation won't proceed to start the server
@@ -403,15 +403,15 @@ func validCertExpiry(cert *x509.Certificate) bool {
 }
 
 // needNewCertAndKey checks the validity of certificate and key
-func (config Config) needNewCertAndKey() bool {
-	_, err := tls.LoadX509KeyPair(config.CertFile, config.KeyFile)
+func (c Config) needNewCertAndKey() bool {
+	_, err := tls.LoadX509KeyPair(c.CertFile, c.KeyFile)
 	if err != nil {
 		log.Errorf("cannot load server cert/key: %v", err)
 		return true
 	}
 
 	// error is ignore because tls.LoadX509KeyPair already verify the existence of the file
-	certBytes, _ := os.ReadFile(config.CertFile)
+	certBytes, _ := os.ReadFile(c.CertFile)
 	// error is ignore because tls.LoadX509KeyPair already verify the file can be parsed
 	cert, _ := helpers.ParseCertificatePEM(certBytes)
 	// verify the leaf certificate
@@ -424,8 +424,8 @@ func (config Config) needNewCertAndKey() bool {
 }
 
 // verifyCSRAndKey checks if csr and key files exist and if they match
-func (config Config) verifyCSRAndKey() bool {
-	csrBytes, err := os.ReadFile(config.CSRFile)
+func (c Config) verifyCSRAndKey() bool {
+	csrBytes, err := os.ReadFile(c.CSRFile)
 	if err != nil {
 		log.Errorf("cannot read csr file: %v", err)
 		return false
@@ -448,7 +448,7 @@ func (config Config) verifyCSRAndKey() bool {
 		return false
 	}
 
-	keyBytes, err := os.ReadFile(config.KeyFile)
+	keyBytes, err := os.ReadFile(c.KeyFile)
 	if err != nil {
 		log.Errorf("cannot read private key file: %v", err)
 		return false

internal/test/params/params.go

@@ -65,7 +65,8 @@ var (
 	// Compatibility. Before running tests, copy the contents of the
 	// testdata/tokens/ directory to your SoftHSM2 token directory, usually
 	// located at /var/lib/softhsm/tokens/, and run `make test-softhsm`
-	RSAURI   = "pkcs11:token=SoftHSM2%20Token;id=%03?module-path=" + getSoftHSMModulePath() + "&pin-value=1234"
+	RSAURI = "pkcs11:token=SoftHSM2%20Token;id=%03?module-path=" + getSoftHSMModulePath() + "&pin-value=1234"
+	// ECDSAURI is a sample PKCS #11 URIs used for testing HSM Compatibility
 	ECDSAURI = "pkcs11:token=SoftHSM2%20Token;id=%02?module-path=" + getSoftHSMModulePath() + "&pin-value=1234"
 )