aboutsummaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'crypto')
-rw-r--r--crypto/crypto.go10
-rw-r--r--crypto/crypto_test.go2
-rw-r--r--crypto/key.go10
-rw-r--r--crypto/rand.go7
4 files changed, 12 insertions, 17 deletions
diff --git a/crypto/crypto.go b/crypto/crypto.go
index 9a138d0..1f64b38 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -50,13 +50,9 @@ import (
// Crypto error values
var (
- ErrBadAuth = errors.New("key authentication check failed")
- ErrNegativeLength = errors.New("keys cannot have negative lengths")
- ErrRecoveryCode = errors.New("invalid recovery code")
- ErrGetrandomFail = util.SystemError("getrandom() failed")
- ErrKeyAlloc = util.SystemError("could not allocate memory for key")
- ErrKeyFree = util.SystemError("could not free memory of key")
- ErrKeyLock = errors.New("could not lock key in memory")
+ ErrBadAuth = errors.New("key authentication check failed")
+ ErrRecoveryCode = errors.New("invalid recovery code")
+ ErrMlockUlimit = errors.New("could not lock key in memory")
)
// panicInputLength panics if "name" has invalid length (expected != actual)
diff --git a/crypto/crypto_test.go b/crypto/crypto_test.go
index 6eb0b02..10b3d17 100644
--- a/crypto/crypto_test.go
+++ b/crypto/crypto_test.go
@@ -257,7 +257,7 @@ func TestBigKeyGen(t *testing.T) {
case nil:
key.Wipe()
return
- case ErrKeyLock:
+ case ErrMlockUlimit:
// Don't fail just because "ulimit -l" is too low.
return
default:
diff --git a/crypto/key.go b/crypto/key.go
index 77adc95..2e57443 100644
--- a/crypto/key.go
+++ b/crypto/key.go
@@ -98,7 +98,7 @@ func NewBlankKey(length int) (*Key, error) {
if length == 0 {
return &Key{data: nil}, nil
} else if length < 0 {
- return nil, errors.Wrapf(ErrNegativeLength, "length of %d requested", length)
+ return nil, errors.Errorf("requested key length %d is negative", length)
}
flags := keyMmapFlags
@@ -109,11 +109,11 @@ func NewBlankKey(length int) (*Key, error) {
// See MAP_ANONYMOUS in http://man7.org/linux/man-pages/man2/mmap.2.html
data, err := unix.Mmap(-1, 0, length, keyProtection, flags)
if err == unix.EAGAIN {
- return nil, ErrKeyLock
+ return nil, ErrMlockUlimit
}
if err != nil {
- log.Printf("unix.Mmap() with length=%d failed: %v", length, err)
- return nil, ErrKeyAlloc
+ return nil, errors.Wrapf(err,
+ "failed to allocate (mmap) key buffer of length %d", length)
}
key := &Key{data: data}
@@ -139,7 +139,7 @@ func (key *Key) Wipe() error {
if err := unix.Munmap(data); err != nil {
log.Printf("unix.Munmap() failed: %v", err)
- return ErrKeyFree
+ return errors.Wrapf(err, "failed to free (munmap) key buffer")
}
}
return nil
diff --git a/crypto/rand.go b/crypto/rand.go
index 4d8c044..7d1e55b 100644
--- a/crypto/rand.go
+++ b/crypto/rand.go
@@ -90,10 +90,9 @@ func (r randReader) Read(buffer []byte) (int, error) {
case nil:
return n, nil
case unix.EAGAIN:
- return 0, errors.Wrap(ErrGetrandomFail, "insufficient entropy in pool")
+ err = errors.New("insufficient entropy in pool")
case unix.ENOSYS:
- return 0, errors.Wrap(ErrGetrandomFail, "kernel must be v3.17 or later")
- default:
- return 0, errors.Wrap(ErrGetrandomFail, err.Error())
+ err = errors.New("kernel must be v3.17 or later")
}
+ return 0, errors.Wrap(err, "getrandom() failed")
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 23:25:14 +0000