From ddc8679128bae2c730e59f86880a3de96cf2c7d5 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Fri, 24 May 2013 16:23:13 -0400 Subject: [PATCH] crypto/x509: harmonise error prefixes. crypto/x509 has ended up with a variety of error formats. This change makes them all start with "x509: ". R=golang-dev, r CC=golang-dev https://golang.org/cl/9736043 --- src/pkg/crypto/x509/pkcs1.go | 4 ++-- src/pkg/crypto/x509/pkcs8.go | 6 +++--- src/pkg/crypto/x509/sec1.go | 8 ++++---- src/pkg/crypto/x509/x509.go | 26 +++++++++++++------------- 4 files changed, 22 insertions(+), 22 deletions(-) diff --git a/src/pkg/crypto/x509/pkcs1.go b/src/pkg/crypto/x509/pkcs1.go index 873d3966eb5..acebe351398 100644 --- a/src/pkg/crypto/x509/pkcs1.go +++ b/src/pkg/crypto/x509/pkcs1.go @@ -52,7 +52,7 @@ func ParsePKCS1PrivateKey(der []byte) (key *rsa.PrivateKey, err error) { } if priv.N.Sign() <= 0 || priv.D.Sign() <= 0 || priv.P.Sign() <= 0 || priv.Q.Sign() <= 0 { - return nil, errors.New("private key contains zero or negative value") + return nil, errors.New("x509: private key contains zero or negative value") } key = new(rsa.PrivateKey) @@ -67,7 +67,7 @@ func ParsePKCS1PrivateKey(der []byte) (key *rsa.PrivateKey, err error) { key.Primes[1] = priv.Q for i, a := range priv.AdditionalPrimes { if a.Prime.Sign() <= 0 { - return nil, errors.New("private key contains zero or negative prime") + return nil, errors.New("x509: private key contains zero or negative prime") } key.Primes[i+2] = a.Prime // We ignore the other two values because rsa will calculate diff --git a/src/pkg/crypto/x509/pkcs8.go b/src/pkg/crypto/x509/pkcs8.go index 8e1585e15cc..ba19989cba1 100644 --- a/src/pkg/crypto/x509/pkcs8.go +++ b/src/pkg/crypto/x509/pkcs8.go @@ -32,7 +32,7 @@ func ParsePKCS8PrivateKey(der []byte) (key interface{}, err error) { case privKey.Algo.Algorithm.Equal(oidPublicKeyRSA): key, err = ParsePKCS1PrivateKey(privKey.PrivateKey) if err != nil { - return nil, errors.New("crypto/x509: failed to parse RSA private key embedded in PKCS#8: " + err.Error()) + return nil, errors.New("x509: failed to parse RSA private key embedded in PKCS#8: " + err.Error()) } return key, nil @@ -44,11 +44,11 @@ func ParsePKCS8PrivateKey(der []byte) (key interface{}, err error) { } key, err = parseECPrivateKey(namedCurveOID, privKey.PrivateKey) if err != nil { - return nil, errors.New("crypto/x509: failed to parse EC private key embedded in PKCS#8: " + err.Error()) + return nil, errors.New("x509: failed to parse EC private key embedded in PKCS#8: " + err.Error()) } return key, nil default: - return nil, fmt.Errorf("crypto/x509: PKCS#8 wrapping contained private key with unknown algorithm: %v", privKey.Algo.Algorithm) + return nil, fmt.Errorf("x509: PKCS#8 wrapping contained private key with unknown algorithm: %v", privKey.Algo.Algorithm) } } diff --git a/src/pkg/crypto/x509/sec1.go b/src/pkg/crypto/x509/sec1.go index 8a2840fbef5..3a0e29a03e3 100644 --- a/src/pkg/crypto/x509/sec1.go +++ b/src/pkg/crypto/x509/sec1.go @@ -40,10 +40,10 @@ func ParseECPrivateKey(der []byte) (key *ecdsa.PrivateKey, err error) { func parseECPrivateKey(namedCurveOID *asn1.ObjectIdentifier, der []byte) (key *ecdsa.PrivateKey, err error) { var privKey ecPrivateKey if _, err := asn1.Unmarshal(der, &privKey); err != nil { - return nil, errors.New("crypto/x509: failed to parse EC private key: " + err.Error()) + return nil, errors.New("x509: failed to parse EC private key: " + err.Error()) } if privKey.Version != ecPrivKeyVersion { - return nil, fmt.Errorf("crypto/x509: unknown EC private key version %d", privKey.Version) + return nil, fmt.Errorf("x509: unknown EC private key version %d", privKey.Version) } var curve elliptic.Curve @@ -53,12 +53,12 @@ func parseECPrivateKey(namedCurveOID *asn1.ObjectIdentifier, der []byte) (key *e curve = namedCurveFromOID(privKey.NamedCurveOID) } if curve == nil { - return nil, errors.New("crypto/x509: unknown elliptic curve") + return nil, errors.New("x509: unknown elliptic curve") } k := new(big.Int).SetBytes(privKey.PrivateKey) if k.Cmp(curve.Params().N) >= 0 { - return nil, errors.New("crypto/x509: invalid elliptic curve private key value") + return nil, errors.New("x509: invalid elliptic curve private key value") } priv := new(ecdsa.PrivateKey) priv.Curve = curve diff --git a/src/pkg/crypto/x509/x509.go b/src/pkg/crypto/x509/x509.go index 4dfea2c9499..d789e5c5602 100644 --- a/src/pkg/crypto/x509/x509.go +++ b/src/pkg/crypto/x509/x509.go @@ -40,7 +40,7 @@ func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err error) { } algo := getPublicKeyAlgorithmFromOID(pki.Algorithm.Algorithm) if algo == UnknownPublicKeyAlgorithm { - return nil, errors.New("ParsePKIXPublicKey: unknown public key algorithm") + return nil, errors.New("x509: unknown public key algorithm") } return parsePublicKey(algo, &pki) } @@ -56,7 +56,7 @@ func MarshalPKIXPublicKey(pub interface{}) ([]byte, error) { E: pub.E, }) default: - return nil, errors.New("MarshalPKIXPublicKey: unknown public key type") + return nil, errors.New("x509: unknown public key type") } pkix := pkixPublicKey{ @@ -477,7 +477,7 @@ type Certificate struct { // ErrUnsupportedAlgorithm results from attempting to perform an operation that // involves algorithms that are not currently implemented. -var ErrUnsupportedAlgorithm = errors.New("crypto/x509: cannot verify signature: algorithm unimplemented") +var ErrUnsupportedAlgorithm = errors.New("x509: cannot verify signature: algorithm unimplemented") // ConstraintViolationError results when a requested usage is not permitted by // a certificate. For example: checking a signature when the public key isn't a @@ -485,7 +485,7 @@ var ErrUnsupportedAlgorithm = errors.New("crypto/x509: cannot verify signature: type ConstraintViolationError struct{} func (ConstraintViolationError) Error() string { - return "crypto/x509: invalid signature: parent certificate cannot sign this kind of certificate" + return "x509: invalid signature: parent certificate cannot sign this kind of certificate" } func (c *Certificate) Equal(other *Certificate) bool { @@ -604,10 +604,10 @@ func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature return err } if dsaSig.R.Sign() <= 0 || dsaSig.S.Sign() <= 0 { - return errors.New("DSA signature contained zero or negative values") + return errors.New("x509: DSA signature contained zero or negative values") } if !dsa.Verify(pub, digest, dsaSig.R, dsaSig.S) { - return errors.New("DSA verification failure") + return errors.New("x509: DSA verification failure") } return case *ecdsa.PublicKey: @@ -616,10 +616,10 @@ func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature return err } if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 { - return errors.New("crypto/x509: ECDSA signature contained zero or negative values") + return errors.New("x509: ECDSA signature contained zero or negative values") } if !ecdsa.Verify(pub, digest, ecdsaSig.R, ecdsaSig.S) { - return errors.New("crypto/x509: ECDSA verification failure") + return errors.New("x509: ECDSA verification failure") } return } @@ -635,7 +635,7 @@ func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) (err error) { type UnhandledCriticalExtension struct{} func (h UnhandledCriticalExtension) Error() string { - return "unhandled critical extension" + return "x509: unhandled critical extension" } type basicConstraints struct { @@ -694,7 +694,7 @@ func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{ return nil, err } if p.Sign() <= 0 || params.P.Sign() <= 0 || params.Q.Sign() <= 0 || params.G.Sign() <= 0 { - return nil, errors.New("zero or negative DSA parameter") + return nil, errors.New("x509: zero or negative DSA parameter") } pub := &dsa.PublicKey{ Parameters: dsa.Parameters{ @@ -714,11 +714,11 @@ func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{ } namedCurve := namedCurveFromOID(*namedCurveOID) if namedCurve == nil { - return nil, errors.New("crypto/x509: unsupported elliptic curve") + return nil, errors.New("x509: unsupported elliptic curve") } x, y := elliptic.Unmarshal(namedCurve, asn1Data) if x == nil { - return nil, errors.New("crypto/x509: failed to unmarshal elliptic curve point") + return nil, errors.New("x509: failed to unmarshal elliptic curve point") } pub := &ecdsa.PublicKey{ Curve: namedCurve, @@ -752,7 +752,7 @@ func parseCertificate(in *certificate) (*Certificate, error) { } if in.TBSCertificate.SerialNumber.Sign() < 0 { - return nil, errors.New("negative serial number") + return nil, errors.New("x509: negative serial number") } out.Version = in.TBSCertificate.Version + 1