crypto/x509: give type hint in error message in marshalPublicKey

Currently if type of public key is unsupported, error message is "only RSA and ECDSA public keys supported". After adding Ed25519 this message is no longer correct. Moreover, it is superfluous because documentation for MarshalPKIXPublicKey, CreateCertificateRequest and CreateCertificate already lists supported public key types. This CL removes unnecessary details from error message. It also adds reporting the type of unsupported key, which helps debugging cases when struct (instead of a pointer) to otherwise correct public key is given. Fixes #32640 Change-Id: I45e6e3d756b543688d850009b4da8a4023c05027 Reviewed-on: https://go-review.googlesource.com/c/go/+/196777 Reviewed-by: Filippo Valsorda <filippo@golang.org>
golang · Sep 23, 2019 · 37c033b · 37c033b
1 parent 361ab73
commit 37c033b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
@@ -99,7 +99,7 @@ func marshalPublicKey(pub interface{}) (publicKeyBytes []byte, publicKeyAlgorith
 		publicKeyBytes = pub
 		publicKeyAlgorithm.Algorithm = oidPublicKeyEd25519
 	default:
-		return nil, pkix.AlgorithmIdentifier{}, errors.New("x509: only RSA and ECDSA public keys supported")
+		return nil, pkix.AlgorithmIdentifier{}, fmt.Errorf("x509: unsupported public key type: %T", pub)
 	}
 
 	return publicKeyBytes, publicKeyAlgorithm, nil