crypto/x509: give type hint in error message in marshalPublicKey

Currently if type of public key is unsupported, error message is "only
RSA and ECDSA public keys supported". After adding Ed25519 this message
is no longer correct.

Moreover, it is superfluous because documentation for
MarshalPKIXPublicKey, CreateCertificateRequest and CreateCertificate
already lists supported public key types.

This CL removes unnecessary details from error message.
It also adds reporting the type of unsupported key, which helps
debugging cases when struct (instead of a pointer) to otherwise correct
public key is given.

Fixes #32640

Change-Id: I45e6e3d756b543688d850009b4da8a4023c05027
Reviewed-on: https://go-review.googlesource.com/c/go/+/196777
Reviewed-by: Filippo Valsorda <filippo@golang.org>

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index 7bca6810f7ddcf70bc8ae1f73f97f8f296b7cb4e..d959d0ba3fbfdbfd532aa62aa5d9e5669125a889 100644 (file)
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -99,7 +99,7 @@ func marshalPublicKey(pub interface{}) (publicKeyBytes []byte, publicKeyAlgorith
                publicKeyBytes = pub
                publicKeyAlgorithm.Algorithm = oidPublicKeyEd25519
        default:
-               return nil, pkix.AlgorithmIdentifier{}, errors.New("x509: only RSA and ECDSA public keys supported")
+               return nil, pkix.AlgorithmIdentifier{}, fmt.Errorf("x509: unsupported public key type: %T", pub)
        }
 
        return publicKeyBytes, publicKeyAlgorithm, nil