Method Config.jwtTokenSource has a Cognitive Complexity of 22 (exceeds 20 allowed). Consider refactoring.

Open

func (c *Config) jwtTokenSource(ctx context.Context, scopes []string) (oauth2.TokenSource, error) {
    var (
        pk         interface{}
        thumbprint []byte
        err        error

• Read up
  Read up

Method USBHIDTransport.Open has 5 return statements (exceeds 4 allowed).

Open

func (u *USBHIDTransport) Open(path string) (Exchanger, error) {
    if path == "" {
        devs, err := u.Enumerate()
        if err != nil {
            return nil, err

Method Vault.GetPublicKey has 5 return statements (exceeds 4 allowed).

Open

func (v *Vault) GetPublicKey(ctx context.Context, keyID string) (vault.StoredKey, error) {
    pkresp, err := v.kmsapi.GetPublicKeyWithContext(ctx, &kms.GetPublicKeyInput{
        KeyId: &keyID,
    })
    if err != nil {

Method HSM.signED25519 has 5 return statements (exceeds 4 allowed).

Open

func (h *HSM) signED25519(digest []byte, id uint16) (crypt.Ed25519Signature, error) {
    command, err := commands.CreateSignDataEddsaCommand(id, digest)
    if err != nil {
        return nil, fmt.Errorf("(YubiHSM/%s): %w", h.conf.id(), err)
    }

Method usbHIDRoundTripper.readCommand has a Cognitive Complexity of 22 (exceeds 20 allowed). Consider refactoring.

Open

func (u *usbHIDRoundTripper) readCommand() (channel uint16, cmd uint8, data []byte, err error) {
    var (
        dataLen int
        idx     uint16
    )

• Read up
  Read up

Method Vault.Ready has 5 return statements (exceeds 4 allowed).

Open

func (v *Vault) Ready(ctx context.Context) (bool, error) {
    if v.managementClient == nil {
        return true, nil // ignore
    }

Function New has 5 return statements (exceeds 4 allowed).

Open

func New(ctx context.Context, cfg *Config) (*Vault, error) {
    vaultConfig := &api.Config{
        Address: cfg.Address,
    }

Function readString has 5 return statements (exceeds 4 allowed).

Open

func readString(p []byte, end rune) (rem []byte, out string, err error) {
    r, sz := utf8.DecodeRune(p)
    if r == utf8.RuneError {
        return nil, "", errRune
    }

Method Vault.GetPublicKey has 5 return statements (exceeds 4 allowed).

Open

func (v *Vault) GetPublicKey(ctx context.Context, keyID string) (vault.StoredKey, error) {
    wrappingPubKeyString, err := v.Transit().GetKeyWithContext(ctx, keyID)
    if err != nil {
        return nil, err
    }

Method HSM.signECDSA has 5 return statements (exceeds 4 allowed).

Open

func (h *HSM) signECDSA(digest []byte, id uint16, curve elliptic.Curve) (*crypt.ECDSASignature, error) {
    command, err := commands.CreateSignDataEcdsaCommand(id, digest)
    if err != nil {
        return nil, fmt.Errorf("(YubiHSM/%s): %w", h.conf.id(), err)
    }

Method HSM.Ready has 5 return statements (exceeds 4 allowed).

Open

func (h *HSM) Ready(ctx context.Context) (bool, error) {
    command, err := commands.CreateEchoCommand(echoMessage)
    if err != nil {
        return false, fmt.Errorf("(YubiHSM/%s): %w", h.conf.id(), err)
    }

Method Config.GetPrivateKey has 5 return statements (exceeds 4 allowed).

Open

func (conf *Config) GetPrivateKey() (crypt.PrivateKey, error) {
    var keyData []byte
    if conf.PrivateKey != "" {
        if priv, err := crypt.ParsePrivateKey([]byte(conf.PrivateKey)); err == nil {
            return priv, nil

Method tcpRoundTripper.Exchange has 5 return statements (exceeds 4 allowed).

Open

func (t *tcpRoundTripper) Exchange(req *APDUCommand) (*APDUResponse, error) {
    data := req.Bytes()
    //log.Printf("> %s", hex.EncodeToString(data))

    buf := make([]byte, len(data)+4)

Function parsePrivateKey has 5 return statements (exceeds 4 allowed).

Open

func parsePrivateKey(name, password string) (pk interface{}, err error) {
    buf, err := ioutil.ReadFile(name)
    if err != nil {
        return nil, err
    }

Method scanner.open has 5 return statements (exceeds 4 allowed).

Open

func (s *scanner) open(id string) (*tezosapp.App, error) {
    s.mtx.Lock()
    defer s.mtx.Unlock()

    devs, err := s.tr.Enumerate()

Method JWTMiddleware.LoginHandler has 5 return statements (exceeds 4 allowed).

Open

func (m *JWTMiddleware) LoginHandler(w http.ResponseWriter, r *http.Request) {
    user := r.Header.Get("username")
    pass := r.Header.Get("password")
    if user == "" || pass == "" {
        w.WriteHeader(http.StatusUnauthorized)

Method JWK.ecPublicKey has 5 return statements (exceeds 4 allowed).

Open

func (j *JWK) ecPublicKey() (k *ecdsa.PublicKey, err error) {
    var key ecdsa.PublicKey
    if key.Curve = curveByName(j.Curve); key.Curve == nil {
        return nil, fmt.Errorf("jwk: unknown curve: %s", j.Curve)
    }

Method Transit.GetKeyWithContext has 5 return statements (exceeds 4 allowed).

Open

func (t *Transit) GetKeyWithContext(ctx context.Context, keyID string) (string, error) {
    s, err := t.c.Logical().ReadWithContext(ctx, fmt.Sprintf("%s/keys/%s", t.cfg.MountPoint, keyID))
    if err != nil {
        return "", err
    }

Method awsKMSIterator.Next has 5 return statements (exceeds 4 allowed).

Open

func (i *awsKMSIterator) Next() (key vault.StoredKey, err error) {
    for {
        if i.lko == nil || i.index == len(i.lko.Keys) {
            // get next page
            if i.lko != nil && i.lko.NextMarker == nil {

Method Vault.Unlock has 5 return statements (exceeds 4 allowed).

Open

func (v *Vault) Unlock(ctx context.Context) error {
    v.mtx.Lock()
    if v.unlocked {
        v.mtx.Unlock()
        return nil