[go] push by agl@golang.org - crypto/x509: harmonise error prefixes.... on 2013-05-24 20:25 GMT

4 views
Skip to first unread message

g...@googlecode.com

unread,
May 24, 2013, 4:25:10 PM5/24/13
to golang-...@googlegroups.com
Revision: 5993bd419cf0
Branch: default
Author: Adam Langley <a...@golang.org>
Date: Fri May 24 13:23:13 2013
Log: crypto/x509: harmonise error prefixes.

crypto/x509 has ended up with a variety of error formats. This change makes
them all start with "x509: ".

R=golang-dev, r
CC=golang-dev
https://codereview.appspot.com/9736043
http://code.google.com/p/go/source/detail?r=5993bd419cf0

Modified:
/src/pkg/crypto/x509/pkcs1.go
/src/pkg/crypto/x509/pkcs8.go
/src/pkg/crypto/x509/sec1.go
/src/pkg/crypto/x509/x509.go

=======================================
--- /src/pkg/crypto/x509/pkcs1.go Mon Mar 5 09:04:18 2012
+++ /src/pkg/crypto/x509/pkcs1.go Fri May 24 13:23:13 2013
@@ -52,7 +52,7 @@
}

if priv.N.Sign() <= 0 || priv.D.Sign() <= 0 || priv.P.Sign() <= 0 ||
priv.Q.Sign() <= 0 {
- return nil, errors.New("private key contains zero or negative value")
+ return nil, errors.New("x509: private key contains zero or negative
value")
}

key = new(rsa.PrivateKey)
@@ -67,7 +67,7 @@
key.Primes[1] = priv.Q
for i, a := range priv.AdditionalPrimes {
if a.Prime.Sign() <= 0 {
- return nil, errors.New("private key contains zero or negative prime")
+ return nil, errors.New("x509: private key contains zero or negative
prime")
}
key.Primes[i+2] = a.Prime
// We ignore the other two values because rsa will calculate
=======================================
--- /src/pkg/crypto/x509/pkcs8.go Mon Mar 11 14:16:55 2013
+++ /src/pkg/crypto/x509/pkcs8.go Fri May 24 13:23:13 2013
@@ -32,7 +32,7 @@
case privKey.Algo.Algorithm.Equal(oidPublicKeyRSA):
key, err = ParsePKCS1PrivateKey(privKey.PrivateKey)
if err != nil {
- return nil, errors.New("crypto/x509: failed to parse RSA private key
embedded in PKCS#8: " + err.Error())
+ return nil, errors.New("x509: failed to parse RSA private key embedded
in PKCS#8: " + err.Error())
}
return key, nil

@@ -44,11 +44,11 @@
}
key, err = parseECPrivateKey(namedCurveOID, privKey.PrivateKey)
if err != nil {
- return nil, errors.New("crypto/x509: failed to parse EC private key
embedded in PKCS#8: " + err.Error())
+ return nil, errors.New("x509: failed to parse EC private key embedded
in PKCS#8: " + err.Error())
}
return key, nil

default:
- return nil, fmt.Errorf("crypto/x509: PKCS#8 wrapping contained private
key with unknown algorithm: %v", privKey.Algo.Algorithm)
+ return nil, fmt.Errorf("x509: PKCS#8 wrapping contained private key with
unknown algorithm: %v", privKey.Algo.Algorithm)
}
}
=======================================
--- /src/pkg/crypto/x509/sec1.go Wed Nov 14 08:39:00 2012
+++ /src/pkg/crypto/x509/sec1.go Fri May 24 13:23:13 2013
@@ -40,10 +40,10 @@
func parseECPrivateKey(namedCurveOID *asn1.ObjectIdentifier, der []byte)
(key *ecdsa.PrivateKey, err error) {
var privKey ecPrivateKey
if _, err := asn1.Unmarshal(der, &privKey); err != nil {
- return nil, errors.New("crypto/x509: failed to parse EC private key: " +
err.Error())
+ return nil, errors.New("x509: failed to parse EC private key: " +
err.Error())
}
if privKey.Version != ecPrivKeyVersion {
- return nil, fmt.Errorf("crypto/x509: unknown EC private key version %d",
privKey.Version)
+ return nil, fmt.Errorf("x509: unknown EC private key version %d",
privKey.Version)
}

var curve elliptic.Curve
@@ -53,12 +53,12 @@
curve = namedCurveFromOID(privKey.NamedCurveOID)
}
if curve == nil {
- return nil, errors.New("crypto/x509: unknown elliptic curve")
+ return nil, errors.New("x509: unknown elliptic curve")
}

k := new(big.Int).SetBytes(privKey.PrivateKey)
if k.Cmp(curve.Params().N) >= 0 {
- return nil, errors.New("crypto/x509: invalid elliptic curve private key
value")
+ return nil, errors.New("x509: invalid elliptic curve private key value")
}
priv := new(ecdsa.PrivateKey)
priv.Curve = curve
=======================================
--- /src/pkg/crypto/x509/x509.go Mon Mar 11 14:16:55 2013
+++ /src/pkg/crypto/x509/x509.go Fri May 24 13:23:13 2013
@@ -40,7 +40,7 @@
}
algo := getPublicKeyAlgorithmFromOID(pki.Algorithm.Algorithm)
if algo == UnknownPublicKeyAlgorithm {
- return nil, errors.New("ParsePKIXPublicKey: unknown public key
algorithm")
+ return nil, errors.New("x509: unknown public key algorithm")
}
return parsePublicKey(algo, &pki)
}
@@ -56,7 +56,7 @@
E: pub.E,
})
default:
- return nil, errors.New("MarshalPKIXPublicKey: unknown public key type")
+ return nil, errors.New("x509: unknown public key type")
}

pkix := pkixPublicKey{
@@ -477,7 +477,7 @@

// ErrUnsupportedAlgorithm results from attempting to perform an operation
that
// involves algorithms that are not currently implemented.
-var ErrUnsupportedAlgorithm = errors.New("crypto/x509: cannot verify
signature: algorithm unimplemented")
+var ErrUnsupportedAlgorithm = errors.New("x509: cannot verify signature:
algorithm unimplemented")

// ConstraintViolationError results when a requested usage is not
permitted by
// a certificate. For example: checking a signature when the public key
isn't a
@@ -485,7 +485,7 @@
type ConstraintViolationError struct{}

func (ConstraintViolationError) Error() string {
- return "crypto/x509: invalid signature: parent certificate cannot sign
this kind of certificate"
+ return "x509: invalid signature: parent certificate cannot sign this kind
of certificate"
}

func (c *Certificate) Equal(other *Certificate) bool {
@@ -604,10 +604,10 @@
return err
}
if dsaSig.R.Sign() <= 0 || dsaSig.S.Sign() <= 0 {
- return errors.New("DSA signature contained zero or negative values")
+ return errors.New("x509: DSA signature contained zero or negative
values")
}
if !dsa.Verify(pub, digest, dsaSig.R, dsaSig.S) {
- return errors.New("DSA verification failure")
+ return errors.New("x509: DSA verification failure")
}
return
case *ecdsa.PublicKey:
@@ -616,10 +616,10 @@
return err
}
if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 {
- return errors.New("crypto/x509: ECDSA signature contained zero or
negative values")
+ return errors.New("x509: ECDSA signature contained zero or negative
values")
}
if !ecdsa.Verify(pub, digest, ecdsaSig.R, ecdsaSig.S) {
- return errors.New("crypto/x509: ECDSA verification failure")
+ return errors.New("x509: ECDSA verification failure")
}
return
}
@@ -635,7 +635,7 @@
type UnhandledCriticalExtension struct{}

func (h UnhandledCriticalExtension) Error() string {
- return "unhandled critical extension"
+ return "x509: unhandled critical extension"
}

type basicConstraints struct {
@@ -694,7 +694,7 @@
return nil, err
}
if p.Sign() <= 0 || params.P.Sign() <= 0 || params.Q.Sign() <= 0 ||
params.G.Sign() <= 0 {
- return nil, errors.New("zero or negative DSA parameter")
+ return nil, errors.New("x509: zero or negative DSA parameter")
}
pub := &dsa.PublicKey{
Parameters: dsa.Parameters{
@@ -714,11 +714,11 @@
}
namedCurve := namedCurveFromOID(*namedCurveOID)
if namedCurve == nil {
- return nil, errors.New("crypto/x509: unsupported elliptic curve")
+ return nil, errors.New("x509: unsupported elliptic curve")
}
x, y := elliptic.Unmarshal(namedCurve, asn1Data)
if x == nil {
- return nil, errors.New("crypto/x509: failed to unmarshal elliptic curve
point")
+ return nil, errors.New("x509: failed to unmarshal elliptic curve point")
}
pub := &ecdsa.PublicKey{
Curve: namedCurve,
@@ -752,7 +752,7 @@
}

if in.TBSCertificate.SerialNumber.Sign() < 0 {
- return nil, errors.New("negative serial number")
+ return nil, errors.New("x509: negative serial number")
}

out.Version = in.TBSCertificate.Version + 1
Reply all
Reply to author
Forward
0 new messages