fix: update help text tests and lint for PQ curve additions

Author: lclose

cert/sign_test.go

@@ -173,7 +173,7 @@ func TestCertificateV2_SignPQ(t *testing.T) {
 	assert.Equal(t, pubBytes, c.PublicKey())
 
 	// Verify signature length matches ML-DSA-87
-	assert.Equal(t, mldsa87.SignatureSize, len(c.Signature()))
+	assert.Len(t, c.Signature(), mldsa87.SignatureSize)
 
 	// Marshal and unmarshal roundtrip
 	b, err := c.Marshal()

cmd/nebula-cert/ca_test.go

@@ -34,7 +34,7 @@ func Test_caHelp(t *testing.T) {
 			"  -argon-parallelism uint\n"+
 			"    \tOptional: Argon2 parallelism parameter used for encrypted private key passphrase (default 4)\n"+
 			"  -curve string\n"+
-			"    \tEdDSA/ECDSA Curve (25519, P256) (default \"25519\")\n"+
+			"    \tEdDSA/ECDSA/PQ Curve (25519, P256, PQ) (default \"25519\")\n"+
 			"  -duration duration\n"+
 			"    \tOptional: amount of time the certificate should be valid for. Valid time units are seconds: \"s\", minutes: \"m\", hours: \"h\" (default 8760h0m0s)\n"+
 			"  -encrypt\n"+

cmd/nebula-cert/keygen_test.go

@@ -21,7 +21,7 @@ func Test_keygenHelp(t *testing.T) {
 		t,
 		"Usage of "+os.Args[0]+" keygen <flags>: create a public/private key pair. the public key can be passed to `nebula-cert sign`\n"+
 			"  -curve string\n"+
-			"    \tECDH Curve (25519, P256) (default \"25519\")\n"+
+			"    \tECDH/KEM Curve (25519, P256, PQ) (default \"25519\")\n"+
 			"  -out-key string\n"+
 			"    \tRequired: path to write the private key to\n"+
 			"  -out-pub string\n"+