From: Andrew Medvedev <andrew.y.medvedev@gmail.com>
Date: Sat, 21 Sep 2019 17:18:47 +0000 (+0300)
Subject: crypto/x509: give type hint in error message in marshalPublicKey
X-Git-Tag: go1.14beta1~1018
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=37c033b0a5433ce4132e8694705ad66d4650f670;p=gostls13.git

crypto/x509: give type hint in error message in marshalPublicKey

Currently if type of public key is unsupported, error message is "only
RSA and ECDSA public keys supported". After adding Ed25519 this message
is no longer correct.

Moreover, it is superfluous because documentation for
MarshalPKIXPublicKey, CreateCertificateRequest and CreateCertificate
already lists supported public key types.

This CL removes unnecessary details from error message.
It also adds reporting the type of unsupported key, which helps
debugging cases when struct (instead of a pointer) to otherwise correct
public key is given.

Fixes #32640

Change-Id: I45e6e3d756b543688d850009b4da8a4023c05027
Reviewed-on: https://go-review.googlesource.com/c/go/+/196777
Reviewed-by: Filippo Valsorda <filippo@golang.org>
---

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index 7bca6810f7..d959d0ba3f 100644
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -99,7 +99,7 @@ func marshalPublicKey(pub interface{}) (publicKeyBytes []byte, publicKeyAlgorith
 		publicKeyBytes = pub
 		publicKeyAlgorithm.Algorithm = oidPublicKeyEd25519
 	default:
-		return nil, pkix.AlgorithmIdentifier{}, errors.New("x509: only RSA and ECDSA public keys supported")
+		return nil, pkix.AlgorithmIdentifier{}, fmt.Errorf("x509: unsupported public key type: %T", pub)
 	}
 
 	return publicKeyBytes, publicKeyAlgorithm, nil