Upgrade certificate 0.26.0 | fix linter warnings (#1140)

* Update certificates to 0.26.0

* Fix linter warnings

Author: dopey

command/ca/admin/list.go

@@ -97,7 +97,7 @@ func listAction(ctx *cli.Context) (err error) {
 		if isNotSuperAdmin && a.Type == linkedca.Admin_SUPER_ADMIN {
 			return false
 		}
-		if len(provName) > 0 && a.ProvisionerName != provName {
+		if provName != "" && a.ProvisionerName != provName {
 			return false
 		}
 		return true

command/ca/init.go

@@ -39,10 +39,10 @@ func initCommand() cli.Command {
 		UsageText: `**step ca init**
 [**--root**=<file>] [**--key**=<file>] [**--key-password-file**=<file>] [**--pki**] [**--ssh**]
 [**--helm**] [**--deployment-type**=<name>] [**--name**=<name>]
-[**--dns**=<dns>] [**--address**=<address>] [**--provisioner**=<name>] 
-[**--admin-subject**=<string>] [**--provisioner-password-file**=<file>] 
-[**--password-file**=<file>] [**--ra**=<type>] [**--kms**=<type>] 
-[**--with-ca-url**=<url>] [**--no-db**] [**--remote-management**] 
+[**--dns**=<dns>] [**--address**=<address>] [**--provisioner**=<name>]
+[**--admin-subject**=<string>] [**--provisioner-password-file**=<file>]
+[**--password-file**=<file>] [**--ra**=<type>] [**--kms**=<type>]
+[**--with-ca-url**=<url>] [**--no-db**] [**--remote-management**]
 [**--acme**] [**--context**=<name>] [**--profile**=<name>] [**--authority**=<name>]`,
 		Description: `**step ca init** command initializes a public key infrastructure (PKI) to be
  used by the Certificate Authority.`,
@@ -476,7 +476,7 @@ func initAction(ctx *cli.Context) (err error) {
 			if v, ok := keyManager.(interface{ ValidateName(s string) error }); ok {
 				validateFunc = v.ValidateName
 			} else {
-				validateFunc = func(s string) error {
+				validateFunc = func(_ string) error {
 					return nil
 				}
 			}

command/ca/provisioner/add.go

@@ -99,9 +99,9 @@ SCEP
 **step ca provisioner add** <name> **--type**=SCEP [**--force-cn**] [**--challenge**=<challenge>]
 [**--capabilities**=<capabilities>] [**--include-root**] [**--exclude-intermediate**]
 [**--min-public-key-length**=<length>] [**--encryption-algorithm-identifier**=<id>]
-[**--scep-decrypter-certificate-file**=<file>] [**--scep-decrypter-key-file**=<file>] 
+[**--scep-decrypter-certificate-file**=<file>] [**--scep-decrypter-key-file**=<file>]
 [**--scep-decrypter-key-uri**=<uri>] [**--scep-decrypter-key-password-file**=<file>]
-[**--admin-cert**=<file>] [**--admin-key**=<file>] [**--admin-subject**=<subject>] 
+[**--admin-cert**=<file>] [**--admin-key**=<file>] [**--admin-subject**=<subject>]
 [**--admin-provisioner**=<name>] [**--admin-password-file**=<file>]
 [**--ca-url**=<uri>] [**--root**=<file>] [**--context**=<name>] [**--ca-config**=<file>]`,
 		Flags: []cli.Flag{
@@ -449,7 +449,7 @@ func createJWKDetails(ctx *cli.Context) (*linkedca.ProvisionerDetails, error) {
 		password string
 	)
 
-	if passwordFile := ctx.String("password-file"); len(passwordFile) > 0 {
+	if passwordFile := ctx.String("password-file"); passwordFile != "" {
 		password, err = utils.ReadStringPasswordFromFile(passwordFile)
 		if err != nil {
 			return nil, err

command/ca/provisioner/update.go

@@ -90,7 +90,7 @@ SCEP
 [**--minimum-public-key-length**=<length>] [**--encryption-algorithm-identifier**=<id>]
 [**--scep-decrypter-certificate-file**=<file>] [**--scep-decrypter-key-file**=<file>]
 [**--scep-decrypter-key-uri**=<uri>] [**--scep-decrypter-key-password-file**=<file>]
-[**--admin-cert**=<file>] [**--admin-key**=<file>] [**--admin-subject**=<subject>] 
+[**--admin-cert**=<file>] [**--admin-key**=<file>] [**--admin-subject**=<subject>]
 [**--admin-provisioner**=<name>] [**--admin-password-file**=<file>]
 [**--ca-url**=<uri>] [**--root**=<file>] [**--context**=<name>] [**--ca-config**=<file>]`,
 		Flags: []cli.Flag{
@@ -486,7 +486,7 @@ func updateJWKDetails(ctx *cli.Context, p *linkedca.Provisioner) error {
 		err      error
 		password string
 	)
-	if passwordFile := ctx.String("password-file"); len(passwordFile) > 0 {
+	if passwordFile := ctx.String("password-file"); passwordFile != "" {
 		password, err = utils.ReadStringPasswordFromFile(passwordFile)
 		if err != nil {
 			return err

command/ca/rekey.go

@@ -239,12 +239,12 @@ func rekeyCertificateAction(ctx *cli.Context) error {
 	}
 
 	var expiresIn, rekeyPeriod time.Duration
-	if s := ctx.String("expires-in"); len(s) > 0 {
+	if s := ctx.String("expires-in"); s != "" {
 		if expiresIn, err = time.ParseDuration(s); err != nil {
 			return errs.InvalidFlagValue(ctx, "expires-in", s, "")
 		}
 	}
-	if s := ctx.String("rekey-period"); len(s) > 0 {
+	if s := ctx.String("rekey-period"); s != "" {
 		if rekeyPeriod, err = time.ParseDuration(s); err != nil {
 			return errs.InvalidFlagValue(ctx, "rekey-period", s, "")
 		}
@@ -265,7 +265,7 @@ func rekeyCertificateAction(ctx *cli.Context) error {
 	}
 
 	pidFile := ctx.String("pid-file")
-	if len(pidFile) > 0 {
+	if pidFile != "" {
 		pidB, err := os.ReadFile(pidFile)
 		if err != nil {
 			return errs.FileError(err, pidFile)

command/ca/renew.go

@@ -243,12 +243,12 @@ func renewCertificateAction(ctx *cli.Context) error {
 	}
 
 	var expiresIn, renewPeriod time.Duration
-	if s := ctx.String("expires-in"); len(s) > 0 {
+	if s := ctx.String("expires-in"); s != "" {
 		if expiresIn, err = time.ParseDuration(s); err != nil {
 			return errs.InvalidFlagValue(ctx, "expires-in", s, "")
 		}
 	}
-	if s := ctx.String("renew-period"); len(s) > 0 {
+	if s := ctx.String("renew-period"); s != "" {
 		if renewPeriod, err = time.ParseDuration(s); err != nil {
 			return errs.InvalidFlagValue(ctx, "renew-period", s, "")
 		}
@@ -269,7 +269,7 @@ func renewCertificateAction(ctx *cli.Context) error {
 	}
 
 	pidFile := ctx.String("pid-file")
-	if len(pidFile) > 0 {
+	if pidFile != "" {
 		pidB, err := os.ReadFile(pidFile)
 		if err != nil {
 			return errs.FileError(err, pidFile)

command/ca/revoke.go

@@ -231,7 +231,7 @@ func revokeCertificateAction(ctx *cli.Context) error {
 
 	// If cert and key are passed then infer the serial number and certificate
 	// that should be revoked.
-	if len(certFile) > 0 || len(keyFile) > 0 {
+	if certFile != "" || keyFile != "" {
 		// Must be using cert/key flags for mTLS revoke so should be 0 cmd line args.
 		if ctx.NArg() > 0 {
 			return errors.Errorf("'%s %s --cert <certificate> --key <key>' expects no additional positional arguments", ctx.App.Name, ctx.Command.Name)
@@ -242,10 +242,10 @@ func revokeCertificateAction(ctx *cli.Context) error {
 		if keyFile == "" {
 			return errs.RequiredWithFlag(ctx, "cert", "key")
 		}
-		if len(token) > 0 {
+		if token != "" {
 			errs.IncompatibleFlagWithFlag(ctx, "cert", "token")
 		}
-		if len(serial) > 0 {
+		if serial != "" {
 			errs.IncompatibleFlagWithFlag(ctx, "cert", "serial")
 		}
 		var cert []*x509.Certificate
@@ -306,7 +306,7 @@ func newRevokeFlow(ctx *cli.Context, certFile, keyFile string) (*revokeFlow, err
 		if err != nil {
 			return nil, err
 		}
-		if len(certFile) > 0 || len(keyFile) > 0 {
+		if certFile != "" || keyFile != "" {
 			if err := offlineClient.VerifyClientCert(certFile, keyFile); err != nil {
 				return nil, err
 			}
@@ -332,7 +332,7 @@ func (f *revokeFlow) getClient(ctx *cli.Context, serial, token string) (cautils.
 	rootFile := ctx.String("root")
 	var options []ca.ClientOption
 
-	if len(token) > 0 {
+	if token != "" {
 		tok, err := jose.ParseSigned(token)
 		if err != nil {
 			return nil, errors.Wrap(err, "error parsing flag '--token'")
@@ -346,7 +346,7 @@ func (f *revokeFlow) getClient(ctx *cli.Context, serial, token string) (cautils.
 		}
 
 		// Prepare client for bootstrap or provisioning tokens
-		if len(claims.SHA) > 0 && len(claims.Audience) > 0 && strings.HasPrefix(strings.ToLower(claims.Audience[0]), "http") {
+		if claims.SHA != "" && len(claims.Audience) > 0 && strings.HasPrefix(strings.ToLower(claims.Audience[0]), "http") {
 			if caURL == "" {
 				caURL = claims.Audience[0]
 			}

command/ca/token.go

@@ -332,7 +332,7 @@ func tokenAction(ctx *cli.Context) error {
 			return err
 		}
 	}
-	if len(outputFile) > 0 {
+	if outputFile != "" {
 		return utils.WriteFile(outputFile, []byte(token), 0600)
 	}
 	fmt.Println(token)

command/certificate/install.go

@@ -227,7 +227,7 @@ func getTruststoreOptions(ctx *cli.Context) ([]truststore.Option, error) {
 
 	prefix := ctx.String("prefix")
 	if prefix == "" {
-		if len(cert.Subject.CommonName) > 0 {
+		if cert.Subject.CommonName != "" {
 			prefix = cert.Subject.CommonName + " "
 		} else {
 			prefix = "Smallstep Development CA "

command/certificate/key.go

@@ -77,7 +77,7 @@ func keyAction(ctx *cli.Context) error {
 		return err
 	}
 
-	if outputFile := ctx.String("output-file"); len(outputFile) > 0 {
+	if outputFile := ctx.String("output-file"); outputFile != "" {
 		if err := utils.WriteFile(outputFile, pem.EncodeToMemory(block), 0600); err != nil {
 			return err
 		}