Fix more linting errors

Signed-off-by: Steffen Vogel <post@steffenvogel.de>

ecdh/applese/applese.go

@@ -4,9 +4,9 @@
 
 //go:build darwin
 
-//nolint:gci
-
 // Package sw provides an ECDH implementation backed by an Apple Secure Enclave.
+//
+//nolint:gci
 package applese
 
 import (

ecdh/openpgp/openpgp.go

@@ -5,20 +5,18 @@
 package openpgp
 
 import (
-	"errors"
+	"github.com/katzenpost/nyquist/dh"
 
 	"cunicu.li/hawkes/ecdh"
-	"github.com/katzenpost/nyquist/dh"
 )
 
 // See: https://gnupg.org/ftp/specs/OpenPGP-smart-card-application-3.4.1.pdf
 // Based-on: https://git.sr.ht/~arx10/openpgpcard-x25519-agent
 
-var errNotSupported = errors.New("not supported")
-
 var _ ecdh.PrivateKey = (*PrivateKey)(nil)
 
 type PrivateKey struct {
+	//nolint:unused
 	publicKey *ecdh.PublicKey
 }
 

ecdh/sw/dh.go

@@ -9,8 +9,9 @@ import (
 	"fmt"
 	"io"
 
-	ecdhx "cunicu.li/hawkes/ecdh"
 	"github.com/katzenpost/nyquist/dh"
+
+	ecdhx "cunicu.li/hawkes/ecdh"
 )
 
 //nolint:gochecknoglobals

example_config.yaml

@@ -0,0 +1,45 @@
+---
+# SPDX-FileCopyrightText: 2023 Steffen Vogel <post@steffenvogel.de>
+# SPDX-License-Identifier: Apache-2.0
+
+interface:
+  wg0:
+    private_keys:
+
+    - type: OATH-OTP
+      hash: SHA256
+      timestep: 1m
+      id: etYgGvxbpwSJH67Z/5Lb0KorJn4kIsUj6jEdwD+Eyhs=
+
+    - type: Noise
+      dh: Secp256r1
+      cipher: ChaChaPoly
+      hash: BLAKE2s
+      id:
+
+    - protocol: Noise_Secp256r1_ChaChaPoly_BLAKE2s
+      id: 
+
+    - OATH-TOTP_SHA256_1m_YKOATH_12345678:cunicu1
+    - Noise_Secp256r1_ChaChaPoly_BLAKE2s_AppleSE_GXAKdUZajcXpa8AeE/78Fy6fRSU=
+    - Rosenpass_/path/so/my/secret
+    - WireGuard_ObwgdqtgkaIJ5L1v6JYDR+4yElUV0EgVhcudSF1pAgQ=
+
+    - protocol: Rosenpass
+      provider: file
+      file: /bla/blub.key
+
+    peers:
+      test:
+        public_keys:
+
+        - protocol: WireGuard
+          key: ObwgdqtgkaIJ5L1v6JYDR+4yElUV0EgVhcudSF1pAgQ=
+          file: 
+          provider: 
+          slot:
+
+        - Rosenpass_/some/file.pub
+        - Noise_Secp256r1_ChaChaPoly_BLAKE2s_UkcKhQMmWQh2TBcytBa8a1qGxoNzZ/JFmv7/lpNl0RU=
+        - WireGuard_ObwgdqtgkaIJ5L1v6JYDR+4yElUV0EgVhcudSF1pAgQ=
+

handshake/key.go

@@ -19,15 +19,15 @@ type Key struct {
 	Key      []byte
 }
 
-func (id *Key) PrivateKey() (ecdh.PrivateKey, error) {
+func (k *Key) PrivateKey() (ecdh.PrivateKey, error) {
 	return nil, errors.ErrUnsupported
 }
 
-func (i *Key) MarshalText() ([]byte, error) {
-	return []byte(i.String()), nil
+func (k *Key) MarshalText() ([]byte, error) {
+	return []byte(k.String()), nil
 }
 
-func (i *Key) UnmarshalText(t []byte) (err error) {
+func (k *Key) UnmarshalText(t []byte) (err error) {
 	s := string(t)
 
 	parts := strings.Split(s, "_")
@@ -47,18 +47,18 @@ func (i *Key) UnmarshalText(t []byte) (err error) {
 	}
 
 	protocol := strings.Join(parts[:protoParts], "_")
-	if i.Protocol, err = ParseProtocol(protocol); err != nil {
+	if k.Protocol, err = ParseProtocol(protocol); err != nil {
 		return fmt.Errorf("%w: %w", ErrParse, err)
 	}
 
 	key := parts[protoParts]
-	if i.Key, err = base64.StdEncoding.DecodeString(key); err != nil {
+	if k.Key, err = base64.StdEncoding.DecodeString(key); err != nil {
 		return fmt.Errorf("%w: %w", ErrParse, err)
 	}
 
 	return nil
 }
 
-func (i *Key) String() string {
-	return fmt.Sprintf("%s_%s", i.Protocol, base64.StdEncoding.EncodeToString(i.Key))
+func (k *Key) String() string {
+	return fmt.Sprintf("%s_%s", k.Protocol, base64.StdEncoding.EncodeToString(k.Key))
 }

handshake/noise.go

@@ -17,7 +17,7 @@ import (
 	"github.com/katzenpost/nyquist/pattern"
 )
 
-//nolint:gochecknoglobals
+//nolint:gochecknoglobals,unused
 var protocol = nyquist.Protocol{
 	Pattern: pattern.XX,
 	Cipher:  cipher.ChaChaPoly,
@@ -76,11 +76,11 @@ func (hs *NoiseHandshake) Secret(_ context.Context) (ss Secret, err error) {
 		fmt.Printf("%p Pre-Read\n", hs)
 
 		msg = make([]byte, 1500)
-		if n, err := hs.rw.Read(msg); err != nil {
+		n, err := hs.rw.Read(msg)
+		if err != nil {
 			return nil, fmt.Errorf("failed to receive message: %w", err)
-		} else {
-			msg = msg[:n]
 		}
+		msg = msg[:n]
 
 		fmt.Printf("%p Read: %s\n", hs, hex.EncodeToString(msg))
 

handshake/noise_test.go

@@ -8,18 +8,19 @@ import (
 	"crypto/rand"
 	"testing"
 
-	"cunicu.li/hawkes/ecdh"
-	"cunicu.li/hawkes/ecdh/sw"
-	"cunicu.li/hawkes/handshake"
 	"github.com/katzenpost/nyquist"
 	"github.com/stretchr/testify/require"
 	"golang.org/x/sync/errgroup"
+
+	"cunicu.li/hawkes/ecdh"
+	"cunicu.li/hawkes/ecdh/sw"
+	"cunicu.li/hawkes/handshake"
 )
 
 func TestHandshake(t *testing.T) {
 	require := require.New(t)
 
-	p1, p2 := handshake.NewInprocessPipe()
+	p1, p2 := handshake.NewInProcessPipe()
 
 	kp1, err := sw.P256.GenerateKeypair(rand.Reader)
 	require.NoError(err)

handshake/pipe.go

@@ -5,23 +5,23 @@ package handshake
 
 import "io"
 
-var _ io.ReadWriter = (*InprocessPipe)(nil)
+var _ io.ReadWriter = (*InProcessPipe)(nil)
 
-type InprocessPipe struct {
+type InProcessPipe struct {
 	*io.PipeReader
 	*io.PipeWriter
 }
 
-func NewInprocessPipe() (*InprocessPipe, *InprocessPipe) {
+func NewInProcessPipe() (*InProcessPipe, *InProcessPipe) {
 	rd1, wr1 := io.Pipe()
 	rd2, wr2 := io.Pipe()
 
-	c1 := &InprocessPipe{
+	c1 := &InProcessPipe{
 		PipeReader: rd1,
 		PipeWriter: wr2,
 	}
 
-	c2 := &InprocessPipe{
+	c2 := &InProcessPipe{
 		PipeReader: rd2,
 		PipeWriter: wr1,
 	}

handshake/protocol.go

@@ -18,11 +18,13 @@ import (
 
 var ErrUnsupportedHashAlgorithm = errors.New("unsupported hash algorithm")
 
+//nolint:gochecknoglobals
 var DefaultOathTotpProtocol = &OathTotpProtocol{
 	Hash:     hash.SHA256,
 	Timestep: time.Minute,
 }
 
+//nolint:gochecknoglobals
 var WireGuardProtocol = &nyquist.Protocol{
 	Pattern: pattern.IK,
 	DH:      dh.X25519,

internal/iso7816/error.go

@@ -9,6 +9,8 @@ import (
 )
 
 // Code encapsulates (some) response codes from the spec
+//
+//nolint:errname
 type Code []byte
 
 // Error return the encapsulated error string