From: Jakob Weisblat <jakobw@mit.edu>
Date: Fri, 18 Aug 2017 16:24:54 +0000 (+0200)
Subject: crypto/x509: improve error when parsing bad ECDSA cert
X-Git-Tag: go1.11beta1~1073
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=89f4592d1e83b3235ab91477702642d899da8c31;p=gostls13.git

crypto/x509: improve error when parsing bad ECDSA cert

When parsing an ECDSA certificate, improve the error message upon
failing to parse the curve as a named curve, rather than returning
the original ASN1 error.

Fixes #21502

Change-Id: I7ae7b3ea7a9dcbd78a9607f46f5883d3193b8367
Reviewed-on: https://go-review.googlesource.com/57050
Reviewed-by: Filippo Valsorda <filippo@golang.org>
---

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index 89789ceba4..037924cede 100644
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -1056,7 +1056,7 @@ func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{
 		namedCurveOID := new(asn1.ObjectIdentifier)
 		rest, err := asn1.Unmarshal(paramsData, namedCurveOID)
 		if err != nil {
-			return nil, err
+			return nil, errors.New("x509: failed to parse ECDSA parameters as named curve")
 		}
 		if len(rest) != 0 {
 			return nil, errors.New("x509: trailing data after ECDSA parameters")