Configure golangci-lint and fix warnings

2021-01-09 11:24:40 +01:00 · 2021-01-09 11:24:40 +01:00 · 2e467b3d2e
commit 2e467b3d2e
parent ecd1846975
20 changed files with 915 additions and 559 deletions
--- a/signer/protocol_elements.go
+++ b/signer/protocol_elements.go
@ -7,65 +7,65 @@ import (
 	"path"

 	"git.cacert.org/cacert-gosigner/shared"
-	"git.cacert.org/cacert-gosigner/signer/openpgp_ops"
-	"git.cacert.org/cacert-gosigner/signer/x509_ops"
+	"git.cacert.org/cacert-gosigner/signer/openpgpops"
+	"git.cacert.org/cacert-gosigner/signer/x509ops"
 )

 const (
-	CsX509    shared.CryptoSystemId = 1
-	CsOpenPGP shared.CryptoSystemId = 2
+	CsX509    shared.CryptoSystemID = 1
+	CsOpenPGP shared.CryptoSystemID = 2
 )

 const (
-	X509RootDefault shared.CryptoSystemRootId = 0
-	X509RootClass3  shared.CryptoSystemRootId = 1
+	X509RootDefault shared.CryptoSystemRootID = 0
+	X509RootClass3  shared.CryptoSystemRootID = 1
 	// The following roots existed in the old server.pl but had
 	// no profile configurations and were thus unusable
 	//
-	// X509RootClass3s shared.CryptoSystemRootId = 2
-	// X509Root3       shared.CryptoSystemRootId = 3
-	// X509Root4       shared.CryptoSystemRootId = 4
-	// X509Root5       shared.CryptoSystemRootId = 5
+	// X509RootClass3s shared.CryptoSystemRootID = 2
+	// X509Root3       shared.CryptoSystemRootID = 3
+	// X509Root4       shared.CryptoSystemRootID = 4
+	// X509Root5       shared.CryptoSystemRootID = 5
 )

 const (
-	X509ProfileClient         shared.CertificateProfileId = 0
-	X509ProfileClientOrg      shared.CertificateProfileId = 1
-	X509ProfileClientCodesign shared.CertificateProfileId = 2
-	X509ProfileServer         shared.CertificateProfileId = 5
-	X509ProfileServerOrg      shared.CertificateProfileId = 6
-	X509ProfileOCSP           shared.CertificateProfileId = 8
-	X509ProfileTimestamp      shared.CertificateProfileId = 9
+	X509ProfileClient         shared.CertificateProfileID = 0
+	X509ProfileClientOrg      shared.CertificateProfileID = 1
+	X509ProfileClientCodesign shared.CertificateProfileID = 2
+	X509ProfileServer         shared.CertificateProfileID = 5
+	X509ProfileServerOrg      shared.CertificateProfileID = 6
+	X509ProfileOCSP           shared.CertificateProfileID = 8
+	X509ProfileTimestamp      shared.CertificateProfileID = 9

 	// the following profiles where valid options in the original signer code but had no configurations
 	//
-	// X509ProfileClientMachine  shared.CertificateProfileId = 3  // no configuration on original signer
-	// X509ProfileClientAds      shared.CertificateProfileId = 4  // no configuration on original signer
-	// X509ProfileServerJabber   shared.CertificateProfileId = 7  // no configuration on original signer
-	// X509ProfileProxy          shared.CertificateProfileId = 10  // no configuration on original signer
-	// X509ProfileSubCA          shared.CertificateProfileId = 11  // no configuration on original signer
+	// X509ProfileClientMachine  shared.CertificateProfileID = 3  // no configuration on original signer
+	// X509ProfileClientAds      shared.CertificateProfileID = 4  // no configuration on original signer
+	// X509ProfileServerJabber   shared.CertificateProfileID = 7  // no configuration on original signer
+	// X509ProfileProxy          shared.CertificateProfileID = 10  // no configuration on original signer
+	// X509ProfileSubCA          shared.CertificateProfileID = 11  // no configuration on original signer
 )

 const (
-	X509MDDefault shared.MessageDigestAlgorithmId = 0
-	X509MDMd5     shared.MessageDigestAlgorithmId = 1
-	X509MDSha1    shared.MessageDigestAlgorithmId = 2
-	// X509MDRipeMD160 shared.MessageDigestAlgorithmId = 3  x509 package does not support RIPEMD160
-	X509MDSha256 shared.MessageDigestAlgorithmId = 8
-	X509MDSha384 shared.MessageDigestAlgorithmId = 9
-	X509MDSha512 shared.MessageDigestAlgorithmId = 10
+	X509MDDefault shared.SignatureAlgorithmID = 0
+	X509MDMd5     shared.SignatureAlgorithmID = 1
+	X509MDSha1    shared.SignatureAlgorithmID = 2
+	// X509MDRipeMD160 shared.SignatureAlgorithmID = 3  x509ops package does not support RIPEMD160
+	X509MDSha256 shared.SignatureAlgorithmID = 8
+	X509MDSha384 shared.SignatureAlgorithmID = 9
+	X509MDSha512 shared.SignatureAlgorithmID = 10
 )

 const (
-	OpenPGPRoot0 shared.CryptoSystemRootId = 0
+	OpenPGPRoot0 shared.CryptoSystemRootID = 0
 )

 const (
-	OpenPGPDefaultProfile shared.CertificateProfileId = 0
+	OpenPGPDefaultProfile shared.CertificateProfileID = 0
 )

 const (
-	OpenPGPDefaultMD shared.MessageDigestAlgorithmId = 0
+	OpenPGPDefaultMD shared.SignatureAlgorithmID = 0
 )

 func NewCommandProcessor() *CommandProcessor {
@ -76,9 +76,9 @@ func NewCommandProcessor() *CommandProcessor {
 		ExtKeyUsage: []x509.ExtKeyUsage{
 			x509.ExtKeyUsageEmailProtection,
 			x509.ExtKeyUsageClientAuth,
-			// x509.ExtKeyUsageMicrosoftServerGatedCrypto,
+			// x509ops.ExtKeyUsageMicrosoftServerGatedCrypto,
 			// 1.3.6.1.4.1.311.10.3.4 msEFS not supported by golang.org/crypto
-			// x509.ExtKeyUsageNetscapeServerGatedCrypto,
+			// x509ops.ExtKeyUsageNetscapeServerGatedCrypto,
 		},
 	}
 	codeSignPrototype := &x509.Certificate{
@ -88,10 +88,10 @@ func NewCommandProcessor() *CommandProcessor {
 			x509.ExtKeyUsageClientAuth,
 			x509.ExtKeyUsageCodeSigning,
 			// 1.3.6.1.4.1.311.2.1.21 msCodeInd not supported by golang.org/crypto
-			// x509.ExtKeyUsageMicrosoftCommercialCodeSigning,
-			// x509.ExtKeyUsageMicrosoftServerGatedCrypto,
+			// x509ops.ExtKeyUsageMicrosoftCommercialCodeSigning,
+			// x509ops.ExtKeyUsageMicrosoftServerGatedCrypto,
 			// 1.3.6.1.4.1.311.10.3.4 msEFS not supported by golang.org/crypto
-			// x509.ExtKeyUsageNetscapeServerGatedCrypto,
+			// x509ops.ExtKeyUsageNetscapeServerGatedCrypto,
 		},
 	}
 	serverPrototype := &x509.Certificate{
@ -99,8 +99,8 @@ func NewCommandProcessor() *CommandProcessor {
 		ExtKeyUsage: []x509.ExtKeyUsage{
 			x509.ExtKeyUsageClientAuth,
 			x509.ExtKeyUsageServerAuth,
-			// x509.ExtKeyUsageMicrosoftServerGatedCrypto,
-			// x509.ExtKeyUsageNetscapeServerGatedCrypto,
+			// x509ops.ExtKeyUsageMicrosoftServerGatedCrypto,
+			// x509ops.ExtKeyUsageNetscapeServerGatedCrypto,
 		},
 	}
 	ocspPrototype := &x509.Certificate{
@ -108,8 +108,8 @@ func NewCommandProcessor() *CommandProcessor {
 		ExtKeyUsage: []x509.ExtKeyUsage{
 			x509.ExtKeyUsageServerAuth,
 			x509.ExtKeyUsageOCSPSigning,
-			// x509.ExtKeyUsageMicrosoftServerGatedCrypto,
-			// x509.ExtKeyUsageNetscapeServerGatedCrypto,
+			// x509ops.ExtKeyUsageMicrosoftServerGatedCrypto,
+			// x509ops.ExtKeyUsageNetscapeServerGatedCrypto,
 		},
 	}
 	timestampPrototype := &x509.Certificate{
@ -117,15 +117,15 @@ func NewCommandProcessor() *CommandProcessor {
 		ExtKeyUsage: []x509.ExtKeyUsage{
 			x509.ExtKeyUsageServerAuth,
 			x509.ExtKeyUsageOCSPSigning,
-			// x509.ExtKeyUsageMicrosoftServerGatedCrypto,
-			// x509.ExtKeyUsageNetscapeServerGatedCrypto,
+			// x509ops.ExtKeyUsageMicrosoftServerGatedCrypto,
+			// x509ops.ExtKeyUsageNetscapeServerGatedCrypto,
 		},
 	}
-	cryptoSystems := map[shared.CryptoSystemId]*CryptoSystem{
+	cryptoSystems := map[shared.CryptoSystemID]*CryptoSystem{
 		CsX509: {
 			Name: "X.509",
-			Roots: map[shared.CryptoSystemRootId]interface{}{
-				X509RootDefault: x509_ops.NewRoot(
+			Roots: map[shared.CryptoSystemRootID]interface{}{
+				X509RootDefault: x509ops.NewRoot(
 					settings.CABaseDir,
 					"openssl",
 					"CA",
@ -135,7 +135,7 @@ func NewCommandProcessor() *CommandProcessor {
 					// TODO: parse OCSP endpoints from configuration
 					[]string{"http://ocsp.cacert.localhost"},
 				),
-				X509RootClass3: x509_ops.NewRoot(
+				X509RootClass3: x509ops.NewRoot(
 					settings.CABaseDir,
 					"class3",
 					"class3",
@ -148,99 +148,99 @@ func NewCommandProcessor() *CommandProcessor {
 				// The following roots existed in the old server.pl but had
 				// no profile configurations and were thus unusable
 				//
-				// X509RootClass3s: &x509_ops.Root{Name: "class3s"},  // no profile configs
-				// X509Root3:       &x509_ops.Root{Name: "root3"},
-				// X509Root4:       &x509_ops.Root{Name: "root4"},
-				// X509Root5:       &x509_ops.Root{Name: "root5"},
+				// X509RootClass3s: &x509ops.Root{Name: "class3s"},  // no profile configs
+				// X509Root3:       &x509ops.Root{Name: "root3"},
+				// X509Root4:       &x509ops.Root{Name: "root4"},
+				// X509Root5:       &x509ops.Root{Name: "root5"},
 			},
-			Profiles: map[shared.CertificateProfileId]interface{}{
-				X509ProfileClient: x509_ops.NewProfile(
+			Profiles: map[shared.CertificateProfileID]interface{}{
+				X509ProfileClient: x509ops.NewProfile(
 					"client",
 					clientPrototype,
-					[]x509_ops.SubjectDnField{
-						x509_ops.SubjectDnFieldCommonName,
-						x509_ops.SubjectDnFieldEmailAddress,
+					[]x509ops.SubjectDnField{
+						x509ops.SubjectDnFieldCommonName,
+						x509ops.SubjectDnFieldEmailAddress,
 					},
 					nil,
 					true,
 				),
-				X509ProfileClientOrg: x509_ops.NewProfile("client-org", clientPrototype,
-					[]x509_ops.SubjectDnField{
-						x509_ops.SubjectDnFieldCountryName,
-						x509_ops.SubjectDnFieldStateOrProvinceName,
-						x509_ops.SubjectDnFieldLocalityName,
-						x509_ops.SubjectDnFieldOrganizationName,
-						x509_ops.SubjectDnFieldOrganizationalUnitName,
-						x509_ops.SubjectDnFieldCommonName,
-						x509_ops.SubjectDnFieldEmailAddress,
+				X509ProfileClientOrg: x509ops.NewProfile("client-org", clientPrototype,
+					[]x509ops.SubjectDnField{
+						x509ops.SubjectDnFieldCountryName,
+						x509ops.SubjectDnFieldStateOrProvinceName,
+						x509ops.SubjectDnFieldLocalityName,
+						x509ops.SubjectDnFieldOrganizationName,
+						x509ops.SubjectDnFieldOrganizationalUnitName,
+						x509ops.SubjectDnFieldCommonName,
+						x509ops.SubjectDnFieldEmailAddress,
 					},
 					nil,
 					true,
 				),
-				X509ProfileClientCodesign: x509_ops.NewProfile("client-codesign", codeSignPrototype,
-					[]x509_ops.SubjectDnField{
-						x509_ops.SubjectDnFieldCountryName,
-						x509_ops.SubjectDnFieldStateOrProvinceName,
-						x509_ops.SubjectDnFieldLocalityName,
-						x509_ops.SubjectDnFieldCommonName,
-						x509_ops.SubjectDnFieldEmailAddress,
+				X509ProfileClientCodesign: x509ops.NewProfile("client-codesign", codeSignPrototype,
+					[]x509ops.SubjectDnField{
+						x509ops.SubjectDnFieldCountryName,
+						x509ops.SubjectDnFieldStateOrProvinceName,
+						x509ops.SubjectDnFieldLocalityName,
+						x509ops.SubjectDnFieldCommonName,
+						x509ops.SubjectDnFieldEmailAddress,
 					},
 					nil,
 					true,
 				),
-				// X509ProfileClientMachine:  &x509_ops.Profile{Name: "client-machine"},
-				// X509ProfileClientAds:      &x509_ops.Profile{Name: "client-ads"},
-				X509ProfileServer: x509_ops.NewProfile("server", serverPrototype,
-					[]x509_ops.SubjectDnField{
-						x509_ops.SubjectDnFieldCommonName,
+				// X509ProfileClientMachine:  &x509ops.Profile{Name: "client-machine"},
+				// X509ProfileClientAds:      &x509ops.Profile{Name: "client-ads"},
+				X509ProfileServer: x509ops.NewProfile("server", serverPrototype,
+					[]x509ops.SubjectDnField{
+						x509ops.SubjectDnFieldCommonName,
 					},
-					[]x509_ops.AltNameType{x509_ops.NameTypeDNS, x509_ops.NameTypeXmppJid},
+					[]x509ops.AltNameType{x509ops.NameTypeDNS, x509ops.NameTypeXMPPJid},
 					false,
 				),
-				X509ProfileServerOrg: x509_ops.NewProfile("server-org", serverPrototype,
-					[]x509_ops.SubjectDnField{
-						x509_ops.SubjectDnFieldCountryName,
-						x509_ops.SubjectDnFieldStateOrProvinceName,
-						x509_ops.SubjectDnFieldLocalityName,
-						x509_ops.SubjectDnFieldOrganizationName,
-						x509_ops.SubjectDnFieldOrganizationalUnitName,
-						x509_ops.SubjectDnFieldCommonName,
+				X509ProfileServerOrg: x509ops.NewProfile("server-org", serverPrototype,
+					[]x509ops.SubjectDnField{
+						x509ops.SubjectDnFieldCountryName,
+						x509ops.SubjectDnFieldStateOrProvinceName,
+						x509ops.SubjectDnFieldLocalityName,
+						x509ops.SubjectDnFieldOrganizationName,
+						x509ops.SubjectDnFieldOrganizationalUnitName,
+						x509ops.SubjectDnFieldCommonName,
 					},
-					[]x509_ops.AltNameType{x509_ops.NameTypeDNS, x509_ops.NameTypeXmppJid},
+					[]x509ops.AltNameType{x509ops.NameTypeDNS, x509ops.NameTypeXMPPJid},
 					false,
 				),
-				// X509ProfileServerJabber: &x509_ops.Profile{Name: "server-jabber"},
-				X509ProfileOCSP: x509_ops.NewProfile("ocsp", ocspPrototype,
-					[]x509_ops.SubjectDnField{
-						x509_ops.SubjectDnFieldCountryName,
-						x509_ops.SubjectDnFieldStateOrProvinceName,
-						x509_ops.SubjectDnFieldLocalityName,
-						x509_ops.SubjectDnFieldOrganizationName,
-						x509_ops.SubjectDnFieldOrganizationalUnitName,
-						x509_ops.SubjectDnFieldCommonName,
-						x509_ops.SubjectDnFieldEmailAddress,
+				// X509ProfileServerJabber: &x509ops.Profile{Name: "server-jabber"},
+				X509ProfileOCSP: x509ops.NewProfile("ocsp", ocspPrototype,
+					[]x509ops.SubjectDnField{
+						x509ops.SubjectDnFieldCountryName,
+						x509ops.SubjectDnFieldStateOrProvinceName,
+						x509ops.SubjectDnFieldLocalityName,
+						x509ops.SubjectDnFieldOrganizationName,
+						x509ops.SubjectDnFieldOrganizationalUnitName,
+						x509ops.SubjectDnFieldCommonName,
+						x509ops.SubjectDnFieldEmailAddress,
 					},
 					nil,
 					false,
 				),
-				X509ProfileTimestamp: x509_ops.NewProfile("timestamp", timestampPrototype,
-					[]x509_ops.SubjectDnField{
-						x509_ops.SubjectDnFieldCountryName,
-						x509_ops.SubjectDnFieldStateOrProvinceName,
-						x509_ops.SubjectDnFieldLocalityName,
-						x509_ops.SubjectDnFieldOrganizationName,
-						x509_ops.SubjectDnFieldOrganizationalUnitName,
-						x509_ops.SubjectDnFieldCommonName,
+				X509ProfileTimestamp: x509ops.NewProfile("timestamp", timestampPrototype,
+					[]x509ops.SubjectDnField{
+						x509ops.SubjectDnFieldCountryName,
+						x509ops.SubjectDnFieldStateOrProvinceName,
+						x509ops.SubjectDnFieldLocalityName,
+						x509ops.SubjectDnFieldOrganizationName,
+						x509ops.SubjectDnFieldOrganizationalUnitName,
+						x509ops.SubjectDnFieldCommonName,
 					},
 					nil,
 					true,
 				),
-				// X509ProfileProxy:          &x509_ops.Profile{Name: "proxy"},
-				// X509ProfileSubCA:          &x509_ops.Profile{Name: "subca"},
+				// X509ProfileProxy:          &x509ops.Profile{Name: "proxy"},
+				// X509ProfileSubCA:          &x509ops.Profile{Name: "subca"},
 			},
 			// constants for openssl invocations. Should be replaced with
 			// something more useful
-			DigestAlgorithms: map[shared.MessageDigestAlgorithmId]interface{}{
+			DigestAlgorithms: map[shared.SignatureAlgorithmID]interface{}{
 				X509MDDefault: x509.SHA256WithRSA,
 				X509MDMd5:     x509.MD5WithRSA,
 				X509MDSha1:    x509.SHA1WithRSA,
@ -251,8 +251,8 @@ func NewCommandProcessor() *CommandProcessor {
 		},
 		CsOpenPGP: {
 			Name: "OpenPGP",
-			Roots: map[shared.CryptoSystemRootId]interface{}{
-				OpenPGPRoot0: &openpgp_ops.OpenPGPRoot{
+			Roots: map[shared.CryptoSystemRootID]interface{}{
+				OpenPGPRoot0: &openpgpops.OpenPGPRoot{
 					Name: "OpenPGP Root",
 					SecretKeyRing: path.Join(
 						settings.OpenPGPKeyRingDir,
@ -262,12 +262,12 @@ func NewCommandProcessor() *CommandProcessor {
 					Identifier: settings.OpenPGPUidEmail,
 				},
 			},
-			Profiles: map[shared.CertificateProfileId]interface{}{
-				OpenPGPDefaultProfile: &openpgp_ops.OpenPGPProfile{Name: "default"},
+			Profiles: map[shared.CertificateProfileID]interface{}{
+				OpenPGPDefaultProfile: &openpgpops.OpenPGPProfile{Name: "default"},
 			},
 			// constants for gnupg cert-digest-algo parameter. Should be replaced with
 			// something more useful
-			DigestAlgorithms: map[shared.MessageDigestAlgorithmId]interface{}{
+			DigestAlgorithms: map[shared.SignatureAlgorithmID]interface{}{
 				OpenPGPDefaultMD: crypto.SHA256,
 			},
 		},