gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-07 20:21:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(cert-export): satisfy staticcheck ST1022 on PKCS12CipherModernAES256

Browse Source 
Production hardening II Phase 11 verification — golangci-lint v2.11.4
flagged the const PKCS12CipherModernAES256 doc comment with ST1022
(comments on exported identifiers should start with the identifier
name). Reformatted to lead with the const name; same content.

Reproduced clean: 0 issues across handler/, service/,
connector/issuer/local/, api/router/, ratelimit/.
This commit is contained in:
shankar0123
2026-04-30 05:22:10 +00:00
parent 67593604f1
commit 8891d5f456
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/service/export_audit_actions.go
+5 -5
View File
@@ -50,11 +50,11 @@ const (
AuditActionCertExportFailed = "cert_export_failed"
)
// Cipher identifier emitted in the PKCS#12 export audit detail.
// Pinned here so a future dependency upgrade that silently changes
// the underlying go-pkcs12 default is caught by the audit drift
// review (operator notices the value diverging from what's
// advertised in docs/security.md).
// PKCS12CipherModernAES256 is the cipher identifier emitted in the
// PKCS#12 export audit detail. Pinned here so a future dependency
// upgrade that silently changes the underlying go-pkcs12 default is
// caught by the audit drift review (operator notices the value
// diverging from what's advertised in docs/crl-ocsp.md).
//
// pkcs12.Modern (the SSLMate library) produces AES-256-CBC PBE2
// with SHA-256 KDF. Documented in github.com/SSLMate/go-pkcs12 v0.7+.