diff --git a/coze.go b/coze.go index 981bb0e..b0e729b 100644 --- a/coze.go +++ b/coze.go @@ -313,7 +313,7 @@ func MarshalPretty(i any) ([]byte, error) { } // Hash hashes msg and returns the digest. Returns nil on error. Errors on -// invalid HshAlg or if digest is nil. +// invalid HshAlg or if digest is empty. // // For algorithms that support arbitrary sized digests, Hash only returns a // static size. SHAKE128 returns 32 bytes. SHAKE256 returns 64 bytes. @@ -328,7 +328,7 @@ func Hash(h HshAlg, msg []byte) (digest B64, err error) { default: hash := h.goHash() if hash == nil { - return nil, fmt.Errorf("coze.Hash invalid HashAlg: %s", h) + return nil, fmt.Errorf("Hash: invalid HashAlg: %s", h) } _, err = hash.Write(msg) if err != nil { @@ -337,10 +337,9 @@ func Hash(h HshAlg, msg []byte) (digest B64, err error) { digest = hash.Sum(nil) } - if len(digest) == 0 { - return nil, fmt.Errorf("coze.Hash digest is empty. Given HashAlg: %s", h) + if len(digest) == 0 { // sanity check + return nil, fmt.Errorf("Hash: digest is empty; given HashAlg: %s", h) } - return digest, nil } diff --git a/key.go b/key.go index dcf76ff..b272947 100644 --- a/key.go +++ b/key.go @@ -93,7 +93,7 @@ func (c *Key) Thumbprint() (err error) { // set and be a valid length. On error, tmb is set to nil. func Thumbprint(c *Key) (tmb B64, err error) { if len(c.X) != c.Alg.XSize() { - return nil, fmt.Errorf("x length incorrect; for alg %s expected length %d; given %d", c.Alg, c.Alg.Hash().Size(), len(tmb)) + return nil, fmt.Errorf("Thumbprint: incorrect x length for alg %s; expected %d; given %d", c.Alg, c.Alg.Hash().Size(), len(tmb)) } b, err := Marshal(c) if err != nil { @@ -126,14 +126,13 @@ func (c *Key) UnmarshalJSON(b []byte) error { // and/or VerifyCoze if needing Coze validation. func (c *Key) Sign(digest B64) (sig B64, err error) { if len(c.D) != c.Alg.DSize() { - return nil, fmt.Errorf("Sign: Invalid `d` length %d", len(c.D)) + return nil, fmt.Errorf("Sign: incorrect d length for alg %s; expected: %d, given %d", c.Alg, c.Alg.DSize(), len(c.D)) } switch c.Alg.SigAlg().Genus() { default: return nil, fmt.Errorf("Sign: unsupported alg: %s", c.Alg) case ECDSA: - prk := ecdsa.PrivateKey{ // ecdsa.Sign only needs PublicKey.Curve, not it's value. PublicKey: ecdsa.PublicKey{Curve: c.Alg.Curve().EllipticCurve()}, @@ -169,10 +168,10 @@ func (c *Key) Sign(digest B64) (sig B64, err error) { // uses key as a source of truth. func (c *Key) SignPay(p *Pay) (coze *Coze, err error) { if p.Alg != "" && c.Alg != p.Alg { - return nil, fmt.Errorf("SignPay: key alg \"%s\" and coze alg \"%s\" do not match", c.Alg, p.Alg) + return nil, fmt.Errorf("SignPay: key alg %s and coze alg %s do not match", c.Alg, p.Alg) } if len(p.Tmb) != 0 && !bytes.Equal(c.Tmb, p.Tmb) { - return nil, fmt.Errorf("SignPay: key tmb \"%s\" and coze tmb \"%s\" do not match", c.Tmb, p.Tmb) + return nil, fmt.Errorf("SignPay: key tmb %s and coze tmb %s do not match", c.Tmb, p.Tmb) } b, err := Marshal(p) @@ -203,7 +202,7 @@ func (c *Key) SignPayJSON(pay json.RawMessage) (coze *Coze, err error) { } if p.Alg != "" && c.Alg != p.Alg { - return nil, fmt.Errorf("SignPay: key alg \"%s\" and coze alg \"%s\" do not match", c.Alg, p.Alg) + return nil, fmt.Errorf("SignPay: key alg %s and coze alg %s do not match", c.Alg, p.Alg) } if len(p.Tmb) != 0 && !bytes.Equal(c.Tmb, p.Tmb) { // Force correct value for `tmb`. p.Tmb = c.Tmb @@ -277,10 +276,10 @@ func (c *Key) VerifyCoze(cz *Coze) (bool, error) { return false, err } if p.Alg != "" && c.Alg != p.Alg { - return false, fmt.Errorf("VerifyCoze: key alg \"%s\" and coze alg \"%s\" do not match", c.Alg, p.Alg) + return false, fmt.Errorf("VerifyCoze: key alg %s and coze alg %s do not match", c.Alg, p.Alg) } if len(p.Tmb) != 0 && !bytes.Equal(c.Tmb, p.Tmb) { - return false, fmt.Errorf("VerifyCoze: key tmb \"%s\" and coze tmb \"%s\" do not match", c.Tmb, p.Tmb) + return false, fmt.Errorf("VerifyCoze: key tmb %s and coze tmb %s do not match", c.Tmb, p.Tmb) } b, err := compact(cz.Pay) @@ -350,7 +349,7 @@ func (c *Key) Correct() (err error) { givenX := c.X c.X = c.calcX() if len(givenX) != 0 && !bytes.Equal(c.X, givenX) { - return fmt.Errorf("Correct: incorrect X; calculated: %s, given: %s, ", c.X, givenX) + return fmt.Errorf("Correct: incorrect X; expected: %s, given: %s, ", c.X, givenX) } if !c.Valid() { return fmt.Errorf("Correct: key is invalid") @@ -361,7 +360,7 @@ func (c *Key) Correct() (err error) { // Calculate tmb from x and if tmb was given compare. if len(c.X) != 0 { if len(c.X) != c.Alg.XSize() { - return fmt.Errorf("Correct: incorrect x size: %d", len(c.X)) + return fmt.Errorf("Correct: incorrect x length for alg %s; expected: %d, given: %d", c.Alg, c.Alg.XSize(), len(c.X)) } givenTmb := c.Tmb err := c.Thumbprint() @@ -369,16 +368,15 @@ func (c *Key) Correct() (err error) { return err } if len(givenTmb) != 0 && !bytes.Equal(c.Tmb, givenTmb) { - return fmt.Errorf("Correct: incorrect tmb; calculated: %s, given: %s", c.Tmb, givenTmb) + return fmt.Errorf("Correct: incorrect tmb; expected: %s, given: %s", c.Tmb, givenTmb) } } // tmb only key. (Coze assumes `x` is calculable from `d`, so at this point // `tmb` should always be set. See `checksum_and_seed.md` for exposition. if len(c.Tmb) != c.Alg.Hash().Size() { - return fmt.Errorf("Correct: incorrect tmb length; expected %d, given %d", c.Alg.Hash().Size(), len(c.Tmb)) + return fmt.Errorf("Correct: incorrect tmb length for alg %s; expected: %d, given: %d", c.Alg, c.Alg.Hash().Size(), len(c.Tmb)) } - return nil } @@ -459,12 +457,11 @@ var curveHalfOrders = map[SigAlg]*big.Int{ ES512: new(big.Int).Rsh(elliptic.P521().Params().N, 1), } -// IsLowS checks if S is a low-S. Only for ECDSA. See Coze docs on low-S. +// IsLowS checks if S is a low-S for ECDSA. See Coze docs on low-S. func IsLowS(c *Key, s *big.Int) (bool, error) { if c.Alg.Genus() != ECDSA { - return false, fmt.Errorf("alg not ECDSA: [%s]", c.Alg) + return false, fmt.Errorf("IsLowS: alg is not ECDSA: [%s]", c.Alg) } - return s.Cmp(curveHalfOrders[c.Alg.SigAlg()]) != 1, nil }