Skip to content

Commit fa70679

Browse files
committed
Improve some error messages
1 parent 063edb9 commit fa70679

4 files changed

Lines changed: 9 additions & 9 deletions

File tree

crypto.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,7 @@ func pbeCipherFor(algorithm pkix.AlgorithmIdentifier, password []byte) (cipher.B
116116
utf8Password := []byte(originalPassword)
117117
return pbes2CipherFor(algorithm, utf8Password)
118118
default:
119-
return nil, nil, NotImplementedError("algorithm " + algorithm.Algorithm.String() + " is not supported")
119+
return nil, nil, NotImplementedError("pbe algorithm " + algorithm.Algorithm.String() + " is not supported")
120120
}
121121

122122
var params pbeParams
@@ -211,15 +211,15 @@ func pbes2CipherFor(algorithm pkix.AlgorithmIdentifier, password []byte) (cipher
211211
}
212212

213213
if !params.Kdf.Algorithm.Equal(oidPBKDF2) {
214-
return nil, nil, NotImplementedError("kdf algorithm " + params.Kdf.Algorithm.String() + " is not supported")
214+
return nil, nil, NotImplementedError("pbes2 kdf algorithm " + params.Kdf.Algorithm.String() + " is not supported")
215215
}
216216

217217
var kdfParams pbkdf2Params
218218
if err := unmarshal(params.Kdf.Parameters.FullBytes, &kdfParams); err != nil {
219219
return nil, nil, err
220220
}
221221
if kdfParams.Salt.Tag != asn1.TagOctetString {
222-
return nil, nil, errors.New("pkcs12: only octet string salts are supported for pbkdf2")
222+
return nil, nil, NotImplementedError("only octet string salts are supported for pbes2/pbkdf2")
223223
}
224224

225225
var prf func() hash.Hash

mac.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ func doMac(macData *macData, message, password []byte) ([]byte, error) {
4747
hFn = sha512.New
4848
key = pbkdf(sha512Sum, 64, 128, macData.MacSalt, password, macData.Iterations, 3, 64)
4949
default:
50-
return nil, NotImplementedError("unknown digest algorithm: " + macData.Mac.Algorithm.Algorithm.String())
50+
return nil, NotImplementedError("MAC digest algorithm not supported: " + macData.Mac.Algorithm.Algorithm.String())
5151
}
5252

5353
mac := hmac.New(hFn, key)

pkcs12.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -349,10 +349,10 @@ func convertBag(bag *safeBag, password []byte) (*pem.Block, error) {
349349
return nil, err
350350
}
351351
default:
352-
return nil, errors.New("found unknown private key type in PKCS#8 wrapping")
352+
return nil, errors.New("pkcs12: found unknown private key type in PKCS#8 wrapping")
353353
}
354354
default:
355-
return nil, errors.New("don't know how to convert a safe bag of type " + bag.Id.String())
355+
return nil, errors.New("pkcs12: don't know how to convert a safe bag of type " + bag.Id.String())
356356
}
357357
return block, nil
358358
}
@@ -626,7 +626,7 @@ func Encode(rand io.Reader, privateKey interface{}, certificate *x509.Certificat
626626
// fingerprint of the end-entity certificate.
627627
func (enc *Encoder) Encode(privateKey interface{}, certificate *x509.Certificate, caCerts []*x509.Certificate, password string) (pfxData []byte, err error) {
628628
if enc.macAlgorithm == nil && enc.certAlgorithm == nil && enc.keyAlgorithm == nil && password != "" {
629-
return nil, errors.New("password must be empty")
629+
return nil, errors.New("pkcs12: password must be empty")
630630
}
631631

632632
encodedPassword, err := bmpStringZeroTerminated(password)
@@ -788,7 +788,7 @@ func EncodeTrustStoreEntries(rand io.Reader, entries []TrustStoreEntry, password
788788
// encrypted and contains the certificates.
789789
func (enc *Encoder) EncodeTrustStoreEntries(entries []TrustStoreEntry, password string) (pfxData []byte, err error) {
790790
if enc.macAlgorithm == nil && enc.certAlgorithm == nil && password != "" {
791-
return nil, errors.New("password must be empty")
791+
return nil, errors.New("pkcs12: password must be empty")
792792
}
793793

794794
encodedPassword, err := bmpStringZeroTerminated(password)

safebags.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -91,7 +91,7 @@ func decodeCertBag(asn1Data []byte) (x509Certificates []byte, err error) {
9191
return nil, errors.New("pkcs12: error decoding cert bag: " + err.Error())
9292
}
9393
if !bag.Id.Equal(oidCertTypeX509Certificate) {
94-
return nil, NotImplementedError("only X509 certificates are supported")
94+
return nil, NotImplementedError("only X509 certificates are supported in cert bags")
9595
}
9696
return bag.Data, nil
9797
}

0 commit comments

Comments
 (0)