src/pkg/[a-m]*: gofix -r error -force=error
R=golang-dev, iant
CC=golang-dev
https://golang.org/cl/5322051
diff --git a/src/pkg/crypto/aes/cipher.go b/src/pkg/crypto/aes/cipher.go
index 7322353..5ad75ec 100644
--- a/src/pkg/crypto/aes/cipher.go
+++ b/src/pkg/crypto/aes/cipher.go
@@ -4,10 +4,7 @@
package aes
-import (
- "os"
- "strconv"
-)
+import "strconv"
// The AES block size in bytes.
const BlockSize = 16
@@ -20,7 +17,7 @@
type KeySizeError int
-func (k KeySizeError) String() string {
+func (k KeySizeError) Error() string {
return "crypto/aes: invalid key size " + strconv.Itoa(int(k))
}
@@ -28,7 +25,7 @@
// The key argument should be the AES key,
// either 16, 24, or 32 bytes to select
// AES-128, AES-192, or AES-256.
-func NewCipher(key []byte) (*Cipher, os.Error) {
+func NewCipher(key []byte) (*Cipher, error) {
k := len(key)
switch k {
default:
diff --git a/src/pkg/crypto/bcrypt/base64.go b/src/pkg/crypto/bcrypt/base64.go
index ed6cea7..fc31160 100644
--- a/src/pkg/crypto/bcrypt/base64.go
+++ b/src/pkg/crypto/bcrypt/base64.go
@@ -4,10 +4,7 @@
package bcrypt
-import (
- "encoding/base64"
- "os"
-)
+import "encoding/base64"
const alphabet = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
@@ -23,7 +20,7 @@
return dst[:n]
}
-func base64Decode(src []byte) ([]byte, os.Error) {
+func base64Decode(src []byte) ([]byte, error) {
numOfEquals := 4 - (len(src) % 4)
for i := 0; i < numOfEquals; i++ {
src = append(src, '=')
diff --git a/src/pkg/crypto/bcrypt/bcrypt.go b/src/pkg/crypto/bcrypt/bcrypt.go
index 1e8ccfa..9740135 100644
--- a/src/pkg/crypto/bcrypt/bcrypt.go
+++ b/src/pkg/crypto/bcrypt/bcrypt.go
@@ -11,9 +11,9 @@
"crypto/blowfish"
"crypto/rand"
"crypto/subtle"
+ "errors"
"fmt"
"io"
- "os"
"strconv"
)
@@ -25,30 +25,30 @@
// The error returned from CompareHashAndPassword when a password and hash do
// not match.
-var MismatchedHashAndPasswordError = os.NewError("crypto/bcrypt: hashedPassword is not the hash of the given password")
+var MismatchedHashAndPasswordError = errors.New("crypto/bcrypt: hashedPassword is not the hash of the given password")
// The error returned from CompareHashAndPassword when a hash is too short to
// be a bcrypt hash.
-var HashTooShortError = os.NewError("crypto/bcrypt: hashedSecret too short to be a bcrypted password")
+var HashTooShortError = errors.New("crypto/bcrypt: hashedSecret too short to be a bcrypted password")
// The error returned from CompareHashAndPassword when a hash was created with
// a bcrypt algorithm newer than this implementation.
type HashVersionTooNewError byte
-func (hv HashVersionTooNewError) String() string {
+func (hv HashVersionTooNewError) Error() string {
return fmt.Sprintf("crypto/bcrypt: bcrypt algorithm version '%c' requested is newer than current version '%c'", byte(hv), majorVersion)
}
// The error returned from CompareHashAndPassword when a hash starts with something other than '$'
type InvalidHashPrefixError byte
-func (ih InvalidHashPrefixError) String() string {
+func (ih InvalidHashPrefixError) Error() string {
return fmt.Sprintf("crypto/bcrypt: bcrypt hashes must start with '$', but hashedSecret started with '%c'", byte(ih))
}
type InvalidCostError int
-func (ic InvalidCostError) String() string {
+func (ic InvalidCostError) Error() string {
return fmt.Sprintf("crypto/bcrypt: cost %d is outside allowed range (%d,%d)", int(ic), int(MinCost), int(MaxCost))
}
@@ -85,7 +85,7 @@
// cost. If the cost given is less than MinCost, the cost will be set to
// MinCost, instead. Use CompareHashAndPassword, as defined in this package,
// to compare the returned hashed password with its cleartext version.
-func GenerateFromPassword(password []byte, cost int) ([]byte, os.Error) {
+func GenerateFromPassword(password []byte, cost int) ([]byte, error) {
p, err := newFromPassword(password, cost)
if err != nil {
return nil, err
@@ -96,7 +96,7 @@
// CompareHashAndPassword compares a bcrypt hashed password with its possible
// plaintext equivalent. Note: Using bytes.Equal for this job is
// insecure. Returns nil on success, or an error on failure.
-func CompareHashAndPassword(hashedPassword, password []byte) os.Error {
+func CompareHashAndPassword(hashedPassword, password []byte) error {
p, err := newFromHash(hashedPassword)
if err != nil {
return err
@@ -115,7 +115,7 @@
return MismatchedHashAndPasswordError
}
-func newFromPassword(password []byte, cost int) (*hashed, os.Error) {
+func newFromPassword(password []byte, cost int) (*hashed, error) {
if cost < MinCost {
cost = DefaultCost
}
@@ -144,7 +144,7 @@
return p, err
}
-func newFromHash(hashedSecret []byte) (*hashed, os.Error) {
+func newFromHash(hashedSecret []byte) (*hashed, error) {
if len(hashedSecret) < minHashSize {
return nil, HashTooShortError
}
@@ -172,7 +172,7 @@
return p, nil
}
-func bcrypt(password []byte, cost uint32, salt []byte) ([]byte, os.Error) {
+func bcrypt(password []byte, cost uint32, salt []byte) ([]byte, error) {
cipherData := make([]byte, len(magicCipherData))
copy(cipherData, magicCipherData)
@@ -193,7 +193,7 @@
return hsh, nil
}
-func expensiveBlowfishSetup(key []byte, cost uint32, salt []byte) (*blowfish.Cipher, os.Error) {
+func expensiveBlowfishSetup(key []byte, cost uint32, salt []byte) (*blowfish.Cipher, error) {
csalt, err := base64Decode(salt)
if err != nil {
@@ -240,7 +240,7 @@
return arr[:n]
}
-func (p *hashed) decodeVersion(sbytes []byte) (int, os.Error) {
+func (p *hashed) decodeVersion(sbytes []byte) (int, error) {
if sbytes[0] != '$' {
return -1, InvalidHashPrefixError(sbytes[0])
}
@@ -257,7 +257,7 @@
}
// sbytes should begin where decodeVersion left off.
-func (p *hashed) decodeCost(sbytes []byte) (int, os.Error) {
+func (p *hashed) decodeCost(sbytes []byte) (int, error) {
cost, err := strconv.Atoi(string(sbytes[0:2]))
if err != nil {
return -1, err
@@ -274,7 +274,7 @@
return fmt.Sprintf("&{hash: %#v, salt: %#v, cost: %d, major: %c, minor: %c}", string(p.hash), p.salt, p.cost, p.major, p.minor)
}
-func checkCost(cost int) os.Error {
+func checkCost(cost int) error {
if cost < MinCost || cost > MaxCost {
return InvalidCostError(cost)
}
diff --git a/src/pkg/crypto/bcrypt/bcrypt_test.go b/src/pkg/crypto/bcrypt/bcrypt_test.go
index 3efbc1c..a3155c5 100644
--- a/src/pkg/crypto/bcrypt/bcrypt_test.go
+++ b/src/pkg/crypto/bcrypt/bcrypt_test.go
@@ -6,7 +6,6 @@
import (
"bytes"
- "os"
"testing"
)
@@ -68,7 +67,7 @@
}
type InvalidHashTest struct {
- err os.Error
+ err error
hash []byte
}
@@ -81,7 +80,7 @@
}
func TestInvalidHashErrors(t *testing.T) {
- check := func(name string, expected, err os.Error) {
+ check := func(name string, expected, err error) {
if err == nil {
t.Errorf("%s: Should have returned an error", name)
}
diff --git a/src/pkg/crypto/blowfish/cipher.go b/src/pkg/crypto/blowfish/cipher.go
index 3439825..a5d56d2e 100644
--- a/src/pkg/crypto/blowfish/cipher.go
+++ b/src/pkg/crypto/blowfish/cipher.go
@@ -8,10 +8,7 @@
// The code is a port of Bruce Schneier's C implementation.
// See http://www.schneier.com/blowfish.html.
-import (
- "os"
- "strconv"
-)
+import "strconv"
// The Blowfish block size in bytes.
const BlockSize = 8
@@ -24,13 +21,13 @@
type KeySizeError int
-func (k KeySizeError) String() string {
+func (k KeySizeError) Error() string {
return "crypto/blowfish: invalid key size " + strconv.Itoa(int(k))
}
// NewCipher creates and returns a Cipher.
// The key argument should be the Blowfish key, 4 to 56 bytes.
-func NewCipher(key []byte) (*Cipher, os.Error) {
+func NewCipher(key []byte) (*Cipher, error) {
var result Cipher
k := len(key)
if k < 4 || k > 56 {
@@ -45,7 +42,7 @@
// schedule. For most purposes, NewCipher, instead of NewSaltedCipher, is
// sufficient and desirable. For bcrypt compatiblity, the key can be over 56
// bytes.
-func NewSaltedCipher(key, salt []byte) (*Cipher, os.Error) {
+func NewSaltedCipher(key, salt []byte) (*Cipher, error) {
var result Cipher
k := len(key)
if k < 4 {
diff --git a/src/pkg/crypto/cast5/cast5.go b/src/pkg/crypto/cast5/cast5.go
index e9d4a24..889a13c 100644
--- a/src/pkg/crypto/cast5/cast5.go
+++ b/src/pkg/crypto/cast5/cast5.go
@@ -6,9 +6,7 @@
// OpenPGP cipher.
package cast5
-import (
- "os"
-)
+import "errors"
const BlockSize = 8
const KeySize = 16
@@ -18,9 +16,9 @@
rotate [16]uint8
}
-func NewCipher(key []byte) (c *Cipher, err os.Error) {
+func NewCipher(key []byte) (c *Cipher, err error) {
if len(key) != KeySize {
- return nil, os.NewError("CAST5: keys must be 16 bytes")
+ return nil, errors.New("CAST5: keys must be 16 bytes")
}
c = new(Cipher)
diff --git a/src/pkg/crypto/cipher/io.go b/src/pkg/crypto/cipher/io.go
index 97f40b8..9888c98 100644
--- a/src/pkg/crypto/cipher/io.go
+++ b/src/pkg/crypto/cipher/io.go
@@ -4,10 +4,7 @@
package cipher
-import (
- "os"
- "io"
-)
+import "io"
// The Stream* objects are so simple that all their members are public. Users
// can create them themselves.
@@ -19,7 +16,7 @@
R io.Reader
}
-func (r StreamReader) Read(dst []byte) (n int, err os.Error) {
+func (r StreamReader) Read(dst []byte) (n int, err error) {
n, err = r.R.Read(dst)
r.S.XORKeyStream(dst[:n], dst[:n])
return
@@ -31,10 +28,10 @@
type StreamWriter struct {
S Stream
W io.Writer
- Err os.Error
+ Err error
}
-func (w StreamWriter) Write(src []byte) (n int, err os.Error) {
+func (w StreamWriter) Write(src []byte) (n int, err error) {
if w.Err != nil {
return 0, w.Err
}
@@ -50,7 +47,7 @@
return
}
-func (w StreamWriter) Close() os.Error {
+func (w StreamWriter) Close() error {
// This saves us from either requiring a WriteCloser or having a
// StreamWriterCloser.
return w.W.(io.Closer).Close()
diff --git a/src/pkg/crypto/des/cipher.go b/src/pkg/crypto/des/cipher.go
index d17a1a7..fc252c8 100644
--- a/src/pkg/crypto/des/cipher.go
+++ b/src/pkg/crypto/des/cipher.go
@@ -4,17 +4,14 @@
package des
-import (
- "os"
- "strconv"
-)
+import "strconv"
// The DES block size in bytes.
const BlockSize = 8
type KeySizeError int
-func (k KeySizeError) String() string {
+func (k KeySizeError) Error() string {
return "crypto/des: invalid key size " + strconv.Itoa(int(k))
}
@@ -24,7 +21,7 @@
}
// NewCipher creates and returns a new Cipher.
-func NewCipher(key []byte) (*Cipher, os.Error) {
+func NewCipher(key []byte) (*Cipher, error) {
if len(key) != 8 {
return nil, KeySizeError(len(key))
}
@@ -60,7 +57,7 @@
}
// NewCipher creates and returns a new Cipher.
-func NewTripleDESCipher(key []byte) (*TripleDESCipher, os.Error) {
+func NewTripleDESCipher(key []byte) (*TripleDESCipher, error) {
if len(key) != 24 {
return nil, KeySizeError(len(key))
}
diff --git a/src/pkg/crypto/dsa/dsa.go b/src/pkg/crypto/dsa/dsa.go
index a5f96fe..692d62a 100644
--- a/src/pkg/crypto/dsa/dsa.go
+++ b/src/pkg/crypto/dsa/dsa.go
@@ -7,8 +7,8 @@
import (
"big"
+ "errors"
"io"
- "os"
)
// Parameters represents the domain parameters for a key. These parameters can
@@ -31,7 +31,7 @@
type invalidPublicKeyError int
-func (invalidPublicKeyError) String() string {
+func (invalidPublicKeyError) Error() string {
return "crypto/dsa: invalid public key"
}
@@ -58,7 +58,7 @@
// GenerateParameters puts a random, valid set of DSA parameters into params.
// This function takes many seconds, even on fast machines.
-func GenerateParameters(params *Parameters, rand io.Reader, sizes ParameterSizes) (err os.Error) {
+func GenerateParameters(params *Parameters, rand io.Reader, sizes ParameterSizes) (err error) {
// This function doesn't follow FIPS 186-3 exactly in that it doesn't
// use a verification seed to generate the primes. The verification
// seed doesn't appear to be exported or used by other code and
@@ -79,7 +79,7 @@
L = 3072
N = 256
default:
- return os.NewError("crypto/dsa: invalid ParameterSizes")
+ return errors.New("crypto/dsa: invalid ParameterSizes")
}
qBytes := make([]byte, N/8)
@@ -156,9 +156,9 @@
// GenerateKey generates a public&private key pair. The Parameters of the
// PrivateKey must already be valid (see GenerateParameters).
-func GenerateKey(priv *PrivateKey, rand io.Reader) os.Error {
+func GenerateKey(priv *PrivateKey, rand io.Reader) error {
if priv.P == nil || priv.Q == nil || priv.G == nil {
- return os.NewError("crypto/dsa: parameters not set up before generating key")
+ return errors.New("crypto/dsa: parameters not set up before generating key")
}
x := new(big.Int)
@@ -185,7 +185,7 @@
// larger message) using the private key, priv. It returns the signature as a
// pair of integers. The security of the private key depends on the entropy of
// rand.
-func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err os.Error) {
+func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error) {
// FIPS 186-3, section 4.6
n := priv.Q.BitLen()
diff --git a/src/pkg/crypto/ecdsa/ecdsa.go b/src/pkg/crypto/ecdsa/ecdsa.go
index 7bce1bc..b7f235b 100644
--- a/src/pkg/crypto/ecdsa/ecdsa.go
+++ b/src/pkg/crypto/ecdsa/ecdsa.go
@@ -16,7 +16,6 @@
"big"
"crypto/elliptic"
"io"
- "os"
)
// PublicKey represents an ECDSA public key.
@@ -35,7 +34,7 @@
// randFieldElement returns a random element of the field underlying the given
// curve using the procedure given in [NSA] A.2.1.
-func randFieldElement(c *elliptic.Curve, rand io.Reader) (k *big.Int, err os.Error) {
+func randFieldElement(c *elliptic.Curve, rand io.Reader) (k *big.Int, err error) {
b := make([]byte, c.BitSize/8+8)
_, err = io.ReadFull(rand, b)
if err != nil {
@@ -50,7 +49,7 @@
}
// GenerateKey generates a public&private key pair.
-func GenerateKey(c *elliptic.Curve, rand io.Reader) (priv *PrivateKey, err os.Error) {
+func GenerateKey(c *elliptic.Curve, rand io.Reader) (priv *PrivateKey, err error) {
k, err := randFieldElement(c, rand)
if err != nil {
return
@@ -86,7 +85,7 @@
// larger message) using the private key, priv. It returns the signature as a
// pair of integers. The security of the private key depends on the entropy of
// rand.
-func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err os.Error) {
+func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error) {
// See [NSA] 3.4.1
c := priv.PublicKey.Curve
diff --git a/src/pkg/crypto/elliptic/elliptic.go b/src/pkg/crypto/elliptic/elliptic.go
index 41835f1..3c3327f 100644
--- a/src/pkg/crypto/elliptic/elliptic.go
+++ b/src/pkg/crypto/elliptic/elliptic.go
@@ -16,7 +16,6 @@
import (
"big"
"io"
- "os"
"sync"
)
@@ -249,7 +248,7 @@
// GenerateKey returns a public/private key pair. The private key is generated
// using the given reader, which must return random data.
-func (curve *Curve) GenerateKey(rand io.Reader) (priv []byte, x, y *big.Int, err os.Error) {
+func (curve *Curve) GenerateKey(rand io.Reader) (priv []byte, x, y *big.Int, err error) {
byteLen := (curve.BitSize + 7) >> 3
priv = make([]byte, byteLen)
diff --git a/src/pkg/crypto/hmac/hmac.go b/src/pkg/crypto/hmac/hmac.go
index 04ec86e..6a17bbd 100644
--- a/src/pkg/crypto/hmac/hmac.go
+++ b/src/pkg/crypto/hmac/hmac.go
@@ -13,7 +13,6 @@
"crypto/sha1"
"crypto/sha256"
"hash"
- "os"
)
// FIPS 198:
@@ -60,7 +59,7 @@
return h.outer.Sum()
}
-func (h *hmac) Write(p []byte) (n int, err os.Error) {
+func (h *hmac) Write(p []byte) (n int, err error) {
return h.inner.Write(p)
}
diff --git a/src/pkg/crypto/md4/md4.go b/src/pkg/crypto/md4/md4.go
index 848d955..f21cc51 100644
--- a/src/pkg/crypto/md4/md4.go
+++ b/src/pkg/crypto/md4/md4.go
@@ -8,7 +8,6 @@
import (
"crypto"
"hash"
- "os"
)
func init() {
@@ -52,7 +51,7 @@
func (d *digest) Size() int { return Size }
-func (d *digest) Write(p []byte) (nn int, err os.Error) {
+func (d *digest) Write(p []byte) (nn int, err error) {
nn = len(p)
d.len += uint64(nn)
if d.nx > 0 {
diff --git a/src/pkg/crypto/md5/md5.go b/src/pkg/crypto/md5/md5.go
index 378faa6..20f3a1b 100644
--- a/src/pkg/crypto/md5/md5.go
+++ b/src/pkg/crypto/md5/md5.go
@@ -8,7 +8,6 @@
import (
"crypto"
"hash"
- "os"
)
func init() {
@@ -52,7 +51,7 @@
func (d *digest) Size() int { return Size }
-func (d *digest) Write(p []byte) (nn int, err os.Error) {
+func (d *digest) Write(p []byte) (nn int, err error) {
nn = len(p)
d.len += uint64(nn)
if d.nx > 0 {
diff --git a/src/pkg/crypto/ocsp/ocsp.go b/src/pkg/crypto/ocsp/ocsp.go
index 7ea7a1e..f697fa1 100644
--- a/src/pkg/crypto/ocsp/ocsp.go
+++ b/src/pkg/crypto/ocsp/ocsp.go
@@ -14,7 +14,6 @@
_ "crypto/sha1"
"crypto/x509"
"crypto/x509/pkix"
- "os"
"time"
)
@@ -106,7 +105,7 @@
// ParseError results from an invalid OCSP response.
type ParseError string
-func (p ParseError) String() string {
+func (p ParseError) Error() string {
return string(p)
}
@@ -114,7 +113,7 @@
// responses for a single certificate and only those using RSA signatures.
// Non-RSA responses will result in an x509.UnsupportedAlgorithmError.
// Signature errors or parse failures will result in a ParseError.
-func ParseResponse(bytes []byte) (*Response, os.Error) {
+func ParseResponse(bytes []byte) (*Response, error) {
var resp responseASN1
rest, err := asn1.Unmarshal(bytes, &resp)
if err != nil {
diff --git a/src/pkg/crypto/openpgp/armor/armor.go b/src/pkg/crypto/openpgp/armor/armor.go
index 9c4180d..707bdf3 100644
--- a/src/pkg/crypto/openpgp/armor/armor.go
+++ b/src/pkg/crypto/openpgp/armor/armor.go
@@ -9,10 +9,9 @@
import (
"bufio"
"bytes"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"encoding/base64"
"io"
- "os"
)
// A Block represents an OpenPGP armored structure.
@@ -36,7 +35,7 @@
oReader openpgpReader
}
-var ArmorCorrupt os.Error = error.StructuralError("armor invalid")
+var ArmorCorrupt error = error_.StructuralError("armor invalid")
const crc24Init = 0xb704ce
const crc24Poly = 0x1864cfb
@@ -69,9 +68,9 @@
crc uint32
}
-func (l *lineReader) Read(p []byte) (n int, err os.Error) {
+func (l *lineReader) Read(p []byte) (n int, err error) {
if l.eof {
- return 0, os.EOF
+ return 0, io.EOF
}
if len(l.buf) > 0 {
@@ -101,7 +100,7 @@
uint32(expectedBytes[2])
line, _, err = l.in.ReadLine()
- if err != nil && err != os.EOF {
+ if err != nil && err != io.EOF {
return
}
if !bytes.HasPrefix(line, armorEnd) {
@@ -109,7 +108,7 @@
}
l.eof = true
- return 0, os.EOF
+ return 0, io.EOF
}
if len(line) > 64 {
@@ -138,11 +137,11 @@
currentCRC uint32
}
-func (r *openpgpReader) Read(p []byte) (n int, err os.Error) {
+func (r *openpgpReader) Read(p []byte) (n int, err error) {
n, err = r.b64Reader.Read(p)
r.currentCRC = crc24(r.currentCRC, p[:n])
- if err == os.EOF {
+ if err == io.EOF {
if r.lReader.crc != uint32(r.currentCRC&crc24Mask) {
return 0, ArmorCorrupt
}
@@ -155,7 +154,7 @@
// leading garbage. If it doesn't find a block, it will return nil, os.EOF. The
// given Reader is not usable after calling this function: an arbitrary amount
// of data may have been read past the end of the block.
-func Decode(in io.Reader) (p *Block, err os.Error) {
+func Decode(in io.Reader) (p *Block, err error) {
r, _ := bufio.NewReaderSize(in, 100)
var line []byte
ignoreNext := false
diff --git a/src/pkg/crypto/openpgp/armor/encode.go b/src/pkg/crypto/openpgp/armor/encode.go
index 99dee37..6f07582 100644
--- a/src/pkg/crypto/openpgp/armor/encode.go
+++ b/src/pkg/crypto/openpgp/armor/encode.go
@@ -7,7 +7,6 @@
import (
"encoding/base64"
"io"
- "os"
)
var armorHeaderSep = []byte(": ")
@@ -16,7 +15,7 @@
var armorEndOfLineOut = []byte("-----\n")
// writeSlices writes its arguments to the given Writer.
-func writeSlices(out io.Writer, slices ...[]byte) (err os.Error) {
+func writeSlices(out io.Writer, slices ...[]byte) (err error) {
for _, s := range slices {
_, err = out.Write(s)
if err != nil {
@@ -45,7 +44,7 @@
}
}
-func (l *lineBreaker) Write(b []byte) (n int, err os.Error) {
+func (l *lineBreaker) Write(b []byte) (n int, err error) {
n = len(b)
if n == 0 {
@@ -81,7 +80,7 @@
return
}
-func (l *lineBreaker) Close() (err os.Error) {
+func (l *lineBreaker) Close() (err error) {
if l.used > 0 {
_, err = l.out.Write(l.line[0:l.used])
if err != nil {
@@ -106,12 +105,12 @@
blockType []byte
}
-func (e *encoding) Write(data []byte) (n int, err os.Error) {
+func (e *encoding) Write(data []byte) (n int, err error) {
e.crc = crc24(e.crc, data)
return e.b64.Write(data)
}
-func (e *encoding) Close() (err os.Error) {
+func (e *encoding) Close() (err error) {
err = e.b64.Close()
if err != nil {
return
@@ -131,7 +130,7 @@
// Encode returns a WriteCloser which will encode the data written to it in
// OpenPGP armor.
-func Encode(out io.Writer, blockType string, headers map[string]string) (w io.WriteCloser, err os.Error) {
+func Encode(out io.Writer, blockType string, headers map[string]string) (w io.WriteCloser, err error) {
bType := []byte(blockType)
err = writeSlices(out, armorStart, bType, armorEndOfLineOut)
if err != nil {
diff --git a/src/pkg/crypto/openpgp/canonical_text.go b/src/pkg/crypto/openpgp/canonical_text.go
index 293eff3..fe4557a 100644
--- a/src/pkg/crypto/openpgp/canonical_text.go
+++ b/src/pkg/crypto/openpgp/canonical_text.go
@@ -4,10 +4,7 @@
package openpgp
-import (
- "hash"
- "os"
-)
+import "hash"
// NewCanonicalTextHash reformats text written to it into the canonical
// form and then applies the hash h. See RFC 4880, section 5.2.1.
@@ -22,7 +19,7 @@
var newline = []byte{'\r', '\n'}
-func (cth *canonicalTextHash) Write(buf []byte) (int, os.Error) {
+func (cth *canonicalTextHash) Write(buf []byte) (int, error) {
start := 0
for i, c := range buf {
diff --git a/src/pkg/crypto/openpgp/canonical_text_test.go b/src/pkg/crypto/openpgp/canonical_text_test.go
index ccf2910..ae54f8c 100644
--- a/src/pkg/crypto/openpgp/canonical_text_test.go
+++ b/src/pkg/crypto/openpgp/canonical_text_test.go
@@ -6,7 +6,6 @@
import (
"bytes"
- "os"
"testing"
)
@@ -14,7 +13,7 @@
buf *bytes.Buffer
}
-func (r recordingHash) Write(b []byte) (n int, err os.Error) {
+func (r recordingHash) Write(b []byte) (n int, err error) {
return r.buf.Write(b)
}
diff --git a/src/pkg/crypto/openpgp/elgamal/elgamal.go b/src/pkg/crypto/openpgp/elgamal/elgamal.go
index 99a6e3e..2ed49f6 100644
--- a/src/pkg/crypto/openpgp/elgamal/elgamal.go
+++ b/src/pkg/crypto/openpgp/elgamal/elgamal.go
@@ -16,8 +16,8 @@
"big"
"crypto/rand"
"crypto/subtle"
+ "errors"
"io"
- "os"
)
// PublicKey represents an ElGamal public key.
@@ -34,10 +34,10 @@
// Encrypt encrypts the given message to the given public key. The result is a
// pair of integers. Errors can result from reading random, or because msg is
// too large to be encrypted to the public key.
-func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err os.Error) {
+func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err error) {
pLen := (pub.P.BitLen() + 7) / 8
if len(msg) > pLen-11 {
- err = os.NewError("elgamal: message too long")
+ err = errors.New("elgamal: message too long")
return
}
@@ -74,7 +74,7 @@
// be used to break the cryptosystem. See ``Chosen Ciphertext Attacks
// Against Protocols Based on the RSA Encryption Standard PKCS #1'', Daniel
// Bleichenbacher, Advances in Cryptology (Crypto '98),
-func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err os.Error) {
+func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) {
s := new(big.Int).Exp(c1, priv.X, priv.P)
s.ModInverse(s, priv.P)
s.Mul(s, c2)
@@ -97,13 +97,13 @@
}
if firstByteIsTwo != 1 || lookingForIndex != 0 || index < 9 {
- return nil, os.NewError("elgamal: decryption error")
+ return nil, errors.New("elgamal: decryption error")
}
return em[index+1:], nil
}
// nonZeroRandomBytes fills the given slice with non-zero random octets.
-func nonZeroRandomBytes(s []byte, rand io.Reader) (err os.Error) {
+func nonZeroRandomBytes(s []byte, rand io.Reader) (err error) {
_, err = io.ReadFull(rand, s)
if err != nil {
return
diff --git a/src/pkg/crypto/openpgp/error/error.go b/src/pkg/crypto/openpgp/error/error.go
index 9cc21f1..ceeb054 100644
--- a/src/pkg/crypto/openpgp/error/error.go
+++ b/src/pkg/crypto/openpgp/error/error.go
@@ -13,7 +13,7 @@
// invalid.
type StructuralError string
-func (s StructuralError) String() string {
+func (s StructuralError) Error() string {
return "OpenPGP data invalid: " + string(s)
}
@@ -21,7 +21,7 @@
// makes use of currently unimplemented features.
type UnsupportedError string
-func (s UnsupportedError) String() string {
+func (s UnsupportedError) Error() string {
return "OpenPGP feature unsupported: " + string(s)
}
@@ -29,7 +29,7 @@
// incorrect value.
type InvalidArgumentError string
-func (i InvalidArgumentError) String() string {
+func (i InvalidArgumentError) Error() string {
return "OpenPGP argument invalid: " + string(i)
}
@@ -37,13 +37,13 @@
// validate.
type SignatureError string
-func (b SignatureError) String() string {
+func (b SignatureError) Error() string {
return "OpenPGP signature invalid: " + string(b)
}
type keyIncorrectError int
-func (ki keyIncorrectError) String() string {
+func (ki keyIncorrectError) Error() string {
return "the given key was incorrect"
}
@@ -51,7 +51,7 @@
type unknownIssuerError int
-func (unknownIssuerError) String() string {
+func (unknownIssuerError) Error() string {
return "signature make by unknown entity"
}
@@ -59,6 +59,6 @@
type UnknownPacketTypeError uint8
-func (upte UnknownPacketTypeError) String() string {
+func (upte UnknownPacketTypeError) Error() string {
return "unknown OpenPGP packet type: " + strconv.Itoa(int(upte))
}
diff --git a/src/pkg/crypto/openpgp/keys.go b/src/pkg/crypto/openpgp/keys.go
index c70fb79..b705d22 100644
--- a/src/pkg/crypto/openpgp/keys.go
+++ b/src/pkg/crypto/openpgp/keys.go
@@ -7,11 +7,10 @@
import (
"crypto"
"crypto/openpgp/armor"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/openpgp/packet"
"crypto/rsa"
"io"
- "os"
"time"
)
@@ -178,16 +177,16 @@
}
// ReadArmoredKeyRing reads one or more public/private keys from an armor keyring file.
-func ReadArmoredKeyRing(r io.Reader) (EntityList, os.Error) {
+func ReadArmoredKeyRing(r io.Reader) (EntityList, error) {
block, err := armor.Decode(r)
- if err == os.EOF {
- return nil, error.InvalidArgumentError("no armored data found")
+ if err == io.EOF {
+ return nil, error_.InvalidArgumentError("no armored data found")
}
if err != nil {
return nil, err
}
if block.Type != PublicKeyType && block.Type != PrivateKeyType {
- return nil, error.InvalidArgumentError("expected public or private key block, got: " + block.Type)
+ return nil, error_.InvalidArgumentError("expected public or private key block, got: " + block.Type)
}
return ReadKeyRing(block.Body)
@@ -195,19 +194,19 @@
// ReadKeyRing reads one or more public/private keys. Unsupported keys are
// ignored as long as at least a single valid key is found.
-func ReadKeyRing(r io.Reader) (el EntityList, err os.Error) {
+func ReadKeyRing(r io.Reader) (el EntityList, err error) {
packets := packet.NewReader(r)
- var lastUnsupportedError os.Error
+ var lastUnsupportedError error
for {
var e *Entity
e, err = readEntity(packets)
if err != nil {
- if _, ok := err.(error.UnsupportedError); ok {
+ if _, ok := err.(error_.UnsupportedError); ok {
lastUnsupportedError = err
err = readToNextPublicKey(packets)
}
- if err == os.EOF {
+ if err == io.EOF {
err = nil
break
}
@@ -228,14 +227,14 @@
// readToNextPublicKey reads packets until the start of the entity and leaves
// the first packet of the new entity in the Reader.
-func readToNextPublicKey(packets *packet.Reader) (err os.Error) {
+func readToNextPublicKey(packets *packet.Reader) (err error) {
var p packet.Packet
for {
p, err = packets.Next()
- if err == os.EOF {
+ if err == io.EOF {
return
} else if err != nil {
- if _, ok := err.(error.UnsupportedError); ok {
+ if _, ok := err.(error_.UnsupportedError); ok {
err = nil
continue
}
@@ -253,7 +252,7 @@
// readEntity reads an entity (public key, identities, subkeys etc) from the
// given Reader.
-func readEntity(packets *packet.Reader) (*Entity, os.Error) {
+func readEntity(packets *packet.Reader) (*Entity, error) {
e := new(Entity)
e.Identities = make(map[string]*Identity)
@@ -266,21 +265,21 @@
if e.PrimaryKey, ok = p.(*packet.PublicKey); !ok {
if e.PrivateKey, ok = p.(*packet.PrivateKey); !ok {
packets.Unread(p)
- return nil, error.StructuralError("first packet was not a public/private key")
+ return nil, error_.StructuralError("first packet was not a public/private key")
} else {
e.PrimaryKey = &e.PrivateKey.PublicKey
}
}
if !e.PrimaryKey.PubKeyAlgo.CanSign() {
- return nil, error.StructuralError("primary key cannot be used for signatures")
+ return nil, error_.StructuralError("primary key cannot be used for signatures")
}
var current *Identity
EachPacket:
for {
p, err := packets.Next()
- if err == os.EOF {
+ if err == io.EOF {
break
} else if err != nil {
return nil, err
@@ -295,7 +294,7 @@
for {
p, err = packets.Next()
- if err == os.EOF {
+ if err == io.EOF {
return nil, io.ErrUnexpectedEOF
} else if err != nil {
return nil, err
@@ -303,12 +302,12 @@
sig, ok := p.(*packet.Signature)
if !ok {
- return nil, error.StructuralError("user ID packet not followed by self-signature")
+ return nil, error_.StructuralError("user ID packet not followed by self-signature")
}
if (sig.SigType == packet.SigTypePositiveCert || sig.SigType == packet.SigTypeGenericCert) && sig.IssuerKeyId != nil && *sig.IssuerKeyId == e.PrimaryKey.KeyId {
if err = e.PrimaryKey.VerifyUserIdSignature(pkt.Id, sig); err != nil {
- return nil, error.StructuralError("user ID self-signature invalid: " + err.String())
+ return nil, error_.StructuralError("user ID self-signature invalid: " + err.Error())
}
current.SelfSignature = sig
break
@@ -317,7 +316,7 @@
}
case *packet.Signature:
if current == nil {
- return nil, error.StructuralError("signature packet found before user id packet")
+ return nil, error_.StructuralError("signature packet found before user id packet")
}
current.Signatures = append(current.Signatures, pkt)
case *packet.PrivateKey:
@@ -344,34 +343,34 @@
}
if len(e.Identities) == 0 {
- return nil, error.StructuralError("entity without any identities")
+ return nil, error_.StructuralError("entity without any identities")
}
return e, nil
}
-func addSubkey(e *Entity, packets *packet.Reader, pub *packet.PublicKey, priv *packet.PrivateKey) os.Error {
+func addSubkey(e *Entity, packets *packet.Reader, pub *packet.PublicKey, priv *packet.PrivateKey) error {
var subKey Subkey
subKey.PublicKey = pub
subKey.PrivateKey = priv
p, err := packets.Next()
- if err == os.EOF {
+ if err == io.EOF {
return io.ErrUnexpectedEOF
}
if err != nil {
- return error.StructuralError("subkey signature invalid: " + err.String())
+ return error_.StructuralError("subkey signature invalid: " + err.Error())
}
var ok bool
subKey.Sig, ok = p.(*packet.Signature)
if !ok {
- return error.StructuralError("subkey packet not followed by signature")
+ return error_.StructuralError("subkey packet not followed by signature")
}
if subKey.Sig.SigType != packet.SigTypeSubkeyBinding {
- return error.StructuralError("subkey signature with wrong type")
+ return error_.StructuralError("subkey signature with wrong type")
}
err = e.PrimaryKey.VerifyKeySignature(subKey.PublicKey, subKey.Sig)
if err != nil {
- return error.StructuralError("subkey signature invalid: " + err.String())
+ return error_.StructuralError("subkey signature invalid: " + err.Error())
}
e.Subkeys = append(e.Subkeys, subKey)
return nil
@@ -382,10 +381,10 @@
// NewEntity returns an Entity that contains a fresh RSA/RSA keypair with a
// single identity composed of the given full name, comment and email, any of
// which may be empty but must not contain any of "()<>\x00".
-func NewEntity(rand io.Reader, currentTimeSecs int64, name, comment, email string) (*Entity, os.Error) {
+func NewEntity(rand io.Reader, currentTimeSecs int64, name, comment, email string) (*Entity, error) {
uid := packet.NewUserId(name, comment, email)
if uid == nil {
- return nil, error.InvalidArgumentError("user id field contained invalid characters")
+ return nil, error_.InvalidArgumentError("user id field contained invalid characters")
}
signingPriv, err := rsa.GenerateKey(rand, defaultRSAKeyBits)
if err != nil {
@@ -442,7 +441,7 @@
// SerializePrivate serializes an Entity, including private key material, to
// the given Writer. For now, it must only be used on an Entity returned from
// NewEntity.
-func (e *Entity) SerializePrivate(w io.Writer) (err os.Error) {
+func (e *Entity) SerializePrivate(w io.Writer) (err error) {
err = e.PrivateKey.Serialize(w)
if err != nil {
return
@@ -480,7 +479,7 @@
// Serialize writes the public part of the given Entity to w. (No private
// key material will be output).
-func (e *Entity) Serialize(w io.Writer) os.Error {
+func (e *Entity) Serialize(w io.Writer) error {
err := e.PrimaryKey.Serialize(w)
if err != nil {
return err
@@ -518,16 +517,16 @@
// associated with e. The provided identity must already be an element of
// e.Identities and the private key of signer must have been decrypted if
// necessary.
-func (e *Entity) SignIdentity(identity string, signer *Entity) os.Error {
+func (e *Entity) SignIdentity(identity string, signer *Entity) error {
if signer.PrivateKey == nil {
- return error.InvalidArgumentError("signing Entity must have a private key")
+ return error_.InvalidArgumentError("signing Entity must have a private key")
}
if signer.PrivateKey.Encrypted {
- return error.InvalidArgumentError("signing Entity's private key must be decrypted")
+ return error_.InvalidArgumentError("signing Entity's private key must be decrypted")
}
ident, ok := e.Identities[identity]
if !ok {
- return error.InvalidArgumentError("given identity string not found in Entity")
+ return error_.InvalidArgumentError("given identity string not found in Entity")
}
sig := &packet.Signature{
diff --git a/src/pkg/crypto/openpgp/packet/compressed.go b/src/pkg/crypto/openpgp/packet/compressed.go
index 1c15c24..f80d798 100644
--- a/src/pkg/crypto/openpgp/packet/compressed.go
+++ b/src/pkg/crypto/openpgp/packet/compressed.go
@@ -7,9 +7,8 @@
import (
"compress/flate"
"compress/zlib"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"io"
- "os"
"strconv"
)
@@ -19,7 +18,7 @@
Body io.Reader
}
-func (c *Compressed) parse(r io.Reader) os.Error {
+func (c *Compressed) parse(r io.Reader) error {
var buf [1]byte
_, err := readFull(r, buf[:])
if err != nil {
@@ -32,7 +31,7 @@
case 2:
c.Body, err = zlib.NewReader(r)
default:
- err = error.UnsupportedError("unknown compression algorithm: " + strconv.Itoa(int(buf[0])))
+ err = error_.UnsupportedError("unknown compression algorithm: " + strconv.Itoa(int(buf[0])))
}
return err
diff --git a/src/pkg/crypto/openpgp/packet/compressed_test.go b/src/pkg/crypto/openpgp/packet/compressed_test.go
index 24fe501..cb2d70b 100644
--- a/src/pkg/crypto/openpgp/packet/compressed_test.go
+++ b/src/pkg/crypto/openpgp/packet/compressed_test.go
@@ -7,7 +7,7 @@
import (
"bytes"
"encoding/hex"
- "os"
+ "io"
"io/ioutil"
"testing"
)
@@ -26,7 +26,7 @@
}
contents, err := ioutil.ReadAll(c.Body)
- if err != nil && err != os.EOF {
+ if err != nil && err != io.EOF {
t.Error(err)
return
}
diff --git a/src/pkg/crypto/openpgp/packet/encrypted_key.go b/src/pkg/crypto/openpgp/packet/encrypted_key.go
index b4730cb..d05103f 100644
--- a/src/pkg/crypto/openpgp/packet/encrypted_key.go
+++ b/src/pkg/crypto/openpgp/packet/encrypted_key.go
@@ -7,12 +7,11 @@
import (
"big"
"crypto/openpgp/elgamal"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/rand"
"crypto/rsa"
"encoding/binary"
"io"
- "os"
"strconv"
)
@@ -29,14 +28,14 @@
encryptedMPI1, encryptedMPI2 []byte
}
-func (e *EncryptedKey) parse(r io.Reader) (err os.Error) {
+func (e *EncryptedKey) parse(r io.Reader) (err error) {
var buf [10]byte
_, err = readFull(r, buf[:])
if err != nil {
return
}
if buf[0] != encryptedKeyVersion {
- return error.UnsupportedError("unknown EncryptedKey version " + strconv.Itoa(int(buf[0])))
+ return error_.UnsupportedError("unknown EncryptedKey version " + strconv.Itoa(int(buf[0])))
}
e.KeyId = binary.BigEndian.Uint64(buf[1:9])
e.Algo = PublicKeyAlgorithm(buf[9])
@@ -64,8 +63,8 @@
// Decrypt decrypts an encrypted session key with the given private key. The
// private key must have been decrypted first.
-func (e *EncryptedKey) Decrypt(priv *PrivateKey) os.Error {
- var err os.Error
+func (e *EncryptedKey) Decrypt(priv *PrivateKey) error {
+ var err error
var b []byte
// TODO(agl): use session key decryption routines here to avoid
@@ -78,7 +77,7 @@
c2 := new(big.Int).SetBytes(e.encryptedMPI2)
b, err = elgamal.Decrypt(priv.PrivateKey.(*elgamal.PrivateKey), c1, c2)
default:
- err = error.InvalidArgumentError("cannot decrypted encrypted session key with private key of type " + strconv.Itoa(int(priv.PubKeyAlgo)))
+ err = error_.InvalidArgumentError("cannot decrypted encrypted session key with private key of type " + strconv.Itoa(int(priv.PubKeyAlgo)))
}
if err != nil {
@@ -90,7 +89,7 @@
expectedChecksum := uint16(b[len(b)-2])<<8 | uint16(b[len(b)-1])
checksum := checksumKeyMaterial(e.Key)
if checksum != expectedChecksum {
- return error.StructuralError("EncryptedKey checksum incorrect")
+ return error_.StructuralError("EncryptedKey checksum incorrect")
}
return nil
@@ -98,7 +97,7 @@
// SerializeEncryptedKey serializes an encrypted key packet to w that contains
// key, encrypted to pub.
-func SerializeEncryptedKey(w io.Writer, rand io.Reader, pub *PublicKey, cipherFunc CipherFunction, key []byte) os.Error {
+func SerializeEncryptedKey(w io.Writer, rand io.Reader, pub *PublicKey, cipherFunc CipherFunction, key []byte) error {
var buf [10]byte
buf[0] = encryptedKeyVersion
binary.BigEndian.PutUint64(buf[1:9], pub.KeyId)
@@ -117,16 +116,16 @@
case PubKeyAlgoElGamal:
return serializeEncryptedKeyElGamal(w, rand, buf, pub.PublicKey.(*elgamal.PublicKey), keyBlock)
case PubKeyAlgoDSA, PubKeyAlgoRSASignOnly:
- return error.InvalidArgumentError("cannot encrypt to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
+ return error_.InvalidArgumentError("cannot encrypt to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
}
- return error.UnsupportedError("encrypting a key to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
+ return error_.UnsupportedError("encrypting a key to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
}
-func serializeEncryptedKeyRSA(w io.Writer, rand io.Reader, header [10]byte, pub *rsa.PublicKey, keyBlock []byte) os.Error {
+func serializeEncryptedKeyRSA(w io.Writer, rand io.Reader, header [10]byte, pub *rsa.PublicKey, keyBlock []byte) error {
cipherText, err := rsa.EncryptPKCS1v15(rand, pub, keyBlock)
if err != nil {
- return error.InvalidArgumentError("RSA encryption failed: " + err.String())
+ return error_.InvalidArgumentError("RSA encryption failed: " + err.Error())
}
packetLen := 10 /* header length */ + 2 /* mpi size */ + len(cipherText)
@@ -142,10 +141,10 @@
return writeMPI(w, 8*uint16(len(cipherText)), cipherText)
}
-func serializeEncryptedKeyElGamal(w io.Writer, rand io.Reader, header [10]byte, pub *elgamal.PublicKey, keyBlock []byte) os.Error {
+func serializeEncryptedKeyElGamal(w io.Writer, rand io.Reader, header [10]byte, pub *elgamal.PublicKey, keyBlock []byte) error {
c1, c2, err := elgamal.Encrypt(rand, pub, keyBlock)
if err != nil {
- return error.InvalidArgumentError("ElGamal encryption failed: " + err.String())
+ return error_.InvalidArgumentError("ElGamal encryption failed: " + err.Error())
}
packetLen := 10 /* header length */
diff --git a/src/pkg/crypto/openpgp/packet/literal.go b/src/pkg/crypto/openpgp/packet/literal.go
index 9411572..1a9ec6e5 100644
--- a/src/pkg/crypto/openpgp/packet/literal.go
+++ b/src/pkg/crypto/openpgp/packet/literal.go
@@ -7,7 +7,6 @@
import (
"encoding/binary"
"io"
- "os"
)
// LiteralData represents an encrypted file. See RFC 4880, section 5.9.
@@ -24,7 +23,7 @@
return l.FileName == "_CONSOLE"
}
-func (l *LiteralData) parse(r io.Reader) (err os.Error) {
+func (l *LiteralData) parse(r io.Reader) (err error) {
var buf [256]byte
_, err = readFull(r, buf[:2])
@@ -55,7 +54,7 @@
// SerializeLiteral serializes a literal data packet to w and returns a
// WriteCloser to which the data itself can be written and which MUST be closed
// on completion. The fileName is truncated to 255 bytes.
-func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err os.Error) {
+func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err error) {
var buf [4]byte
buf[0] = 't'
if isBinary {
diff --git a/src/pkg/crypto/openpgp/packet/one_pass_signature.go b/src/pkg/crypto/openpgp/packet/one_pass_signature.go
index ca826e4..13e6aa5 100644
--- a/src/pkg/crypto/openpgp/packet/one_pass_signature.go
+++ b/src/pkg/crypto/openpgp/packet/one_pass_signature.go
@@ -6,11 +6,10 @@
import (
"crypto"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/openpgp/s2k"
"encoding/binary"
"io"
- "os"
"strconv"
)
@@ -26,7 +25,7 @@
const onePassSignatureVersion = 3
-func (ops *OnePassSignature) parse(r io.Reader) (err os.Error) {
+func (ops *OnePassSignature) parse(r io.Reader) (err error) {
var buf [13]byte
_, err = readFull(r, buf[:])
@@ -34,13 +33,13 @@
return
}
if buf[0] != onePassSignatureVersion {
- err = error.UnsupportedError("one-pass-signature packet version " + strconv.Itoa(int(buf[0])))
+ err = error_.UnsupportedError("one-pass-signature packet version " + strconv.Itoa(int(buf[0])))
}
var ok bool
ops.Hash, ok = s2k.HashIdToHash(buf[2])
if !ok {
- return error.UnsupportedError("hash function: " + strconv.Itoa(int(buf[2])))
+ return error_.UnsupportedError("hash function: " + strconv.Itoa(int(buf[2])))
}
ops.SigType = SignatureType(buf[1])
@@ -51,14 +50,14 @@
}
// Serialize marshals the given OnePassSignature to w.
-func (ops *OnePassSignature) Serialize(w io.Writer) os.Error {
+func (ops *OnePassSignature) Serialize(w io.Writer) error {
var buf [13]byte
buf[0] = onePassSignatureVersion
buf[1] = uint8(ops.SigType)
var ok bool
buf[2], ok = s2k.HashToHashId(ops.Hash)
if !ok {
- return error.UnsupportedError("hash type: " + strconv.Itoa(int(ops.Hash)))
+ return error_.UnsupportedError("hash type: " + strconv.Itoa(int(ops.Hash)))
}
buf[3] = uint8(ops.PubKeyAlgo)
binary.BigEndian.PutUint64(buf[4:12], ops.KeyId)
diff --git a/src/pkg/crypto/openpgp/packet/packet.go b/src/pkg/crypto/openpgp/packet/packet.go
index 1d7297e..f7ed353 100644
--- a/src/pkg/crypto/openpgp/packet/packet.go
+++ b/src/pkg/crypto/openpgp/packet/packet.go
@@ -11,23 +11,22 @@
"crypto/aes"
"crypto/cast5"
"crypto/cipher"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"io"
- "os"
)
// readFull is the same as io.ReadFull except that reading zero bytes returns
// ErrUnexpectedEOF rather than EOF.
-func readFull(r io.Reader, buf []byte) (n int, err os.Error) {
+func readFull(r io.Reader, buf []byte) (n int, err error) {
n, err = io.ReadFull(r, buf)
- if err == os.EOF {
+ if err == io.EOF {
err = io.ErrUnexpectedEOF
}
return
}
// readLength reads an OpenPGP length from r. See RFC 4880, section 4.2.2.
-func readLength(r io.Reader) (length int64, isPartial bool, err os.Error) {
+func readLength(r io.Reader) (length int64, isPartial bool, err error) {
var buf [4]byte
_, err = readFull(r, buf[:1])
if err != nil {
@@ -68,10 +67,10 @@
isPartial bool
}
-func (r *partialLengthReader) Read(p []byte) (n int, err os.Error) {
+func (r *partialLengthReader) Read(p []byte) (n int, err error) {
for r.remaining == 0 {
if !r.isPartial {
- return 0, os.EOF
+ return 0, io.EOF
}
r.remaining, r.isPartial, err = readLength(r.r)
if err != nil {
@@ -86,7 +85,7 @@
n, err = r.r.Read(p[:int(toRead)])
r.remaining -= int64(n)
- if n < int(toRead) && err == os.EOF {
+ if n < int(toRead) && err == io.EOF {
err = io.ErrUnexpectedEOF
}
return
@@ -99,7 +98,7 @@
lengthByte [1]byte
}
-func (w *partialLengthWriter) Write(p []byte) (n int, err os.Error) {
+func (w *partialLengthWriter) Write(p []byte) (n int, err error) {
for len(p) > 0 {
for power := uint(14); power < 32; power-- {
l := 1 << power
@@ -123,7 +122,7 @@
return
}
-func (w *partialLengthWriter) Close() os.Error {
+func (w *partialLengthWriter) Close() error {
w.lengthByte[0] = 0
_, err := w.w.Write(w.lengthByte[:])
if err != nil {
@@ -139,16 +138,16 @@
n int64
}
-func (l *spanReader) Read(p []byte) (n int, err os.Error) {
+func (l *spanReader) Read(p []byte) (n int, err error) {
if l.n <= 0 {
- return 0, os.EOF
+ return 0, io.EOF
}
if int64(len(p)) > l.n {
p = p[0:l.n]
}
n, err = l.r.Read(p)
l.n -= int64(n)
- if l.n > 0 && err == os.EOF {
+ if l.n > 0 && err == io.EOF {
err = io.ErrUnexpectedEOF
}
return
@@ -156,14 +155,14 @@
// readHeader parses a packet header and returns an io.Reader which will return
// the contents of the packet. See RFC 4880, section 4.2.
-func readHeader(r io.Reader) (tag packetType, length int64, contents io.Reader, err os.Error) {
+func readHeader(r io.Reader) (tag packetType, length int64, contents io.Reader, err error) {
var buf [4]byte
_, err = io.ReadFull(r, buf[:1])
if err != nil {
return
}
if buf[0]&0x80 == 0 {
- err = error.StructuralError("tag byte does not have MSB set")
+ err = error_.StructuralError("tag byte does not have MSB set")
return
}
if buf[0]&0x40 == 0 {
@@ -209,7 +208,7 @@
// serializeHeader writes an OpenPGP packet header to w. See RFC 4880, section
// 4.2.
-func serializeHeader(w io.Writer, ptype packetType, length int) (err os.Error) {
+func serializeHeader(w io.Writer, ptype packetType, length int) (err error) {
var buf [6]byte
var n int
@@ -238,7 +237,7 @@
// serializeStreamHeader writes an OpenPGP packet header to w where the
// length of the packet is unknown. It returns a io.WriteCloser which can be
// used to write the contents of the packet. See RFC 4880, section 4.2.
-func serializeStreamHeader(w io.WriteCloser, ptype packetType) (out io.WriteCloser, err os.Error) {
+func serializeStreamHeader(w io.WriteCloser, ptype packetType) (out io.WriteCloser, err error) {
var buf [1]byte
buf[0] = 0x80 | 0x40 | byte(ptype)
_, err = w.Write(buf[:])
@@ -252,19 +251,19 @@
// Packet represents an OpenPGP packet. Users are expected to try casting
// instances of this interface to specific packet types.
type Packet interface {
- parse(io.Reader) os.Error
+ parse(io.Reader) error
}
// consumeAll reads from the given Reader until error, returning the number of
// bytes read.
-func consumeAll(r io.Reader) (n int64, err os.Error) {
+func consumeAll(r io.Reader) (n int64, err error) {
var m int
var buf [1024]byte
for {
m, err = r.Read(buf[:])
n += int64(m)
- if err == os.EOF {
+ if err == io.EOF {
err = nil
return
}
@@ -298,7 +297,7 @@
// Read reads a single OpenPGP packet from the given io.Reader. If there is an
// error parsing a packet, the whole packet is consumed from the input.
-func Read(r io.Reader) (p Packet, err os.Error) {
+func Read(r io.Reader) (p Packet, err error) {
tag, _, contents, err := readHeader(r)
if err != nil {
return
@@ -338,7 +337,7 @@
se.MDC = true
p = se
default:
- err = error.UnknownPacketTypeError(tag)
+ err = error_.UnknownPacketTypeError(tag)
}
if p != nil {
err = p.parse(contents)
@@ -447,7 +446,7 @@
// readMPI reads a big integer from r. The bit length returned is the bit
// length that was specified in r. This is preserved so that the integer can be
// reserialized exactly.
-func readMPI(r io.Reader) (mpi []byte, bitLength uint16, err os.Error) {
+func readMPI(r io.Reader) (mpi []byte, bitLength uint16, err error) {
var buf [2]byte
_, err = readFull(r, buf[0:])
if err != nil {
@@ -469,7 +468,7 @@
}
// writeMPI serializes a big integer to w.
-func writeMPI(w io.Writer, bitLength uint16, mpiBytes []byte) (err os.Error) {
+func writeMPI(w io.Writer, bitLength uint16, mpiBytes []byte) (err error) {
_, err = w.Write([]byte{byte(bitLength >> 8), byte(bitLength)})
if err == nil {
_, err = w.Write(mpiBytes)
@@ -478,6 +477,6 @@
}
// writeBig serializes a *big.Int to w.
-func writeBig(w io.Writer, i *big.Int) os.Error {
+func writeBig(w io.Writer, i *big.Int) error {
return writeMPI(w, uint16(i.BitLen()), i.Bytes())
}
diff --git a/src/pkg/crypto/openpgp/packet/packet_test.go b/src/pkg/crypto/openpgp/packet/packet_test.go
index 23d9978a..5326641 100644
--- a/src/pkg/crypto/openpgp/packet/packet_test.go
+++ b/src/pkg/crypto/openpgp/packet/packet_test.go
@@ -6,12 +6,11 @@
import (
"bytes"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"encoding/hex"
"fmt"
"io"
"io/ioutil"
- "os"
"testing"
)
@@ -49,7 +48,7 @@
hexInput string
length int64
isPartial bool
- err os.Error
+ err error
}{
{"", 0, false, io.ErrUnexpectedEOF},
{"1f", 31, false, nil},
@@ -87,7 +86,7 @@
var partialLengthReaderTests = []struct {
hexInput string
- err os.Error
+ err error
hexOutput string
}{
{"e0", io.ErrUnexpectedEOF, ""},
@@ -153,14 +152,14 @@
for i, test := range readHeaderTests {
tag, length, contents, err := readHeader(readerFromHex(test.hexInput))
if test.structuralError {
- if _, ok := err.(error.StructuralError); ok {
+ if _, ok := err.(error_.StructuralError); ok {
continue
}
t.Errorf("%d: expected StructuralError, got:%s", i, err)
continue
}
if err != nil {
- if len(test.hexInput) == 0 && err == os.EOF {
+ if len(test.hexInput) == 0 && err == io.EOF {
continue
}
if !test.unexpectedEOF || err != io.ErrUnexpectedEOF {
diff --git a/src/pkg/crypto/openpgp/packet/private_key.go b/src/pkg/crypto/openpgp/packet/private_key.go
index 6f8133d..742ac51 100644
--- a/src/pkg/crypto/openpgp/packet/private_key.go
+++ b/src/pkg/crypto/openpgp/packet/private_key.go
@@ -10,13 +10,12 @@
"crypto/cipher"
"crypto/dsa"
"crypto/openpgp/elgamal"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/openpgp/s2k"
"crypto/rsa"
"crypto/sha1"
"io"
"io/ioutil"
- "os"
"strconv"
)
@@ -40,7 +39,7 @@
return pk
}
-func (pk *PrivateKey) parse(r io.Reader) (err os.Error) {
+func (pk *PrivateKey) parse(r io.Reader) (err error) {
err = (&pk.PublicKey).parse(r)
if err != nil {
return
@@ -72,13 +71,13 @@
pk.sha1Checksum = true
}
default:
- return error.UnsupportedError("deprecated s2k function in private key")
+ return error_.UnsupportedError("deprecated s2k function in private key")
}
if pk.Encrypted {
blockSize := pk.cipher.blockSize()
if blockSize == 0 {
- return error.UnsupportedError("unsupported cipher in private key: " + strconv.Itoa(int(pk.cipher)))
+ return error_.UnsupportedError("unsupported cipher in private key: " + strconv.Itoa(int(pk.cipher)))
}
pk.iv = make([]byte, blockSize)
_, err = readFull(r, pk.iv)
@@ -111,7 +110,7 @@
return h
}
-func (pk *PrivateKey) Serialize(w io.Writer) (err os.Error) {
+func (pk *PrivateKey) Serialize(w io.Writer) (err error) {
// TODO(agl): support encrypted private keys
buf := bytes.NewBuffer(nil)
err = pk.PublicKey.serializeWithoutHeaders(buf)
@@ -126,7 +125,7 @@
case *rsa.PrivateKey:
err = serializeRSAPrivateKey(privateKeyBuf, priv)
default:
- err = error.InvalidArgumentError("non-RSA private key")
+ err = error_.InvalidArgumentError("non-RSA private key")
}
if err != nil {
return
@@ -160,7 +159,7 @@
return
}
-func serializeRSAPrivateKey(w io.Writer, priv *rsa.PrivateKey) os.Error {
+func serializeRSAPrivateKey(w io.Writer, priv *rsa.PrivateKey) error {
err := writeBig(w, priv.D)
if err != nil {
return err
@@ -177,7 +176,7 @@
}
// Decrypt decrypts an encrypted private key using a passphrase.
-func (pk *PrivateKey) Decrypt(passphrase []byte) os.Error {
+func (pk *PrivateKey) Decrypt(passphrase []byte) error {
if !pk.Encrypted {
return nil
}
@@ -192,18 +191,18 @@
if pk.sha1Checksum {
if len(data) < sha1.Size {
- return error.StructuralError("truncated private key data")
+ return error_.StructuralError("truncated private key data")
}
h := sha1.New()
h.Write(data[:len(data)-sha1.Size])
sum := h.Sum()
if !bytes.Equal(sum, data[len(data)-sha1.Size:]) {
- return error.StructuralError("private key checksum failure")
+ return error_.StructuralError("private key checksum failure")
}
data = data[:len(data)-sha1.Size]
} else {
if len(data) < 2 {
- return error.StructuralError("truncated private key data")
+ return error_.StructuralError("truncated private key data")
}
var sum uint16
for i := 0; i < len(data)-2; i++ {
@@ -211,7 +210,7 @@
}
if data[len(data)-2] != uint8(sum>>8) ||
data[len(data)-1] != uint8(sum) {
- return error.StructuralError("private key checksum failure")
+ return error_.StructuralError("private key checksum failure")
}
data = data[:len(data)-2]
}
@@ -219,7 +218,7 @@
return pk.parsePrivateKey(data)
}
-func (pk *PrivateKey) parsePrivateKey(data []byte) (err os.Error) {
+func (pk *PrivateKey) parsePrivateKey(data []byte) (err error) {
switch pk.PublicKey.PubKeyAlgo {
case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoRSAEncryptOnly:
return pk.parseRSAPrivateKey(data)
@@ -231,7 +230,7 @@
panic("impossible")
}
-func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err os.Error) {
+func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err error) {
rsaPub := pk.PublicKey.PublicKey.(*rsa.PublicKey)
rsaPriv := new(rsa.PrivateKey)
rsaPriv.PublicKey = *rsaPub
@@ -262,7 +261,7 @@
return nil
}
-func (pk *PrivateKey) parseDSAPrivateKey(data []byte) (err os.Error) {
+func (pk *PrivateKey) parseDSAPrivateKey(data []byte) (err error) {
dsaPub := pk.PublicKey.PublicKey.(*dsa.PublicKey)
dsaPriv := new(dsa.PrivateKey)
dsaPriv.PublicKey = *dsaPub
@@ -281,7 +280,7 @@
return nil
}
-func (pk *PrivateKey) parseElGamalPrivateKey(data []byte) (err os.Error) {
+func (pk *PrivateKey) parseElGamalPrivateKey(data []byte) (err error) {
pub := pk.PublicKey.PublicKey.(*elgamal.PublicKey)
priv := new(elgamal.PrivateKey)
priv.PublicKey = *pub
diff --git a/src/pkg/crypto/openpgp/packet/public_key.go b/src/pkg/crypto/openpgp/packet/public_key.go
index e6b0ae5..af0bc22 100644
--- a/src/pkg/crypto/openpgp/packet/public_key.go
+++ b/src/pkg/crypto/openpgp/packet/public_key.go
@@ -8,14 +8,13 @@
"big"
"crypto/dsa"
"crypto/openpgp/elgamal"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/rsa"
"crypto/sha1"
"encoding/binary"
"fmt"
"hash"
"io"
- "os"
"strconv"
)
@@ -53,7 +52,7 @@
return pk
}
-func (pk *PublicKey) parse(r io.Reader) (err os.Error) {
+func (pk *PublicKey) parse(r io.Reader) (err error) {
// RFC 4880, section 5.5.2
var buf [6]byte
_, err = readFull(r, buf[:])
@@ -61,7 +60,7 @@
return
}
if buf[0] != 4 {
- return error.UnsupportedError("public key version")
+ return error_.UnsupportedError("public key version")
}
pk.CreationTime = uint32(buf[1])<<24 | uint32(buf[2])<<16 | uint32(buf[3])<<8 | uint32(buf[4])
pk.PubKeyAlgo = PublicKeyAlgorithm(buf[5])
@@ -73,7 +72,7 @@
case PubKeyAlgoElGamal:
err = pk.parseElGamal(r)
default:
- err = error.UnsupportedError("public key type: " + strconv.Itoa(int(pk.PubKeyAlgo)))
+ err = error_.UnsupportedError("public key type: " + strconv.Itoa(int(pk.PubKeyAlgo)))
}
if err != nil {
return
@@ -94,7 +93,7 @@
// parseRSA parses RSA public key material from the given Reader. See RFC 4880,
// section 5.5.2.
-func (pk *PublicKey) parseRSA(r io.Reader) (err os.Error) {
+func (pk *PublicKey) parseRSA(r io.Reader) (err error) {
pk.n.bytes, pk.n.bitLength, err = readMPI(r)
if err != nil {
return
@@ -105,7 +104,7 @@
}
if len(pk.e.bytes) > 3 {
- err = error.UnsupportedError("large public exponent")
+ err = error_.UnsupportedError("large public exponent")
return
}
rsa := &rsa.PublicKey{
@@ -122,7 +121,7 @@
// parseDSA parses DSA public key material from the given Reader. See RFC 4880,
// section 5.5.2.
-func (pk *PublicKey) parseDSA(r io.Reader) (err os.Error) {
+func (pk *PublicKey) parseDSA(r io.Reader) (err error) {
pk.p.bytes, pk.p.bitLength, err = readMPI(r)
if err != nil {
return
@@ -151,7 +150,7 @@
// parseElGamal parses ElGamal public key material from the given Reader. See
// RFC 4880, section 5.5.2.
-func (pk *PublicKey) parseElGamal(r io.Reader) (err os.Error) {
+func (pk *PublicKey) parseElGamal(r io.Reader) (err error) {
pk.p.bytes, pk.p.bitLength, err = readMPI(r)
if err != nil {
return
@@ -199,7 +198,7 @@
return
}
-func (pk *PublicKey) Serialize(w io.Writer) (err os.Error) {
+func (pk *PublicKey) Serialize(w io.Writer) (err error) {
length := 6 // 6 byte header
switch pk.PubKeyAlgo {
@@ -232,7 +231,7 @@
// serializeWithoutHeaders marshals the PublicKey to w in the form of an
// OpenPGP public key packet, not including the packet header.
-func (pk *PublicKey) serializeWithoutHeaders(w io.Writer) (err os.Error) {
+func (pk *PublicKey) serializeWithoutHeaders(w io.Writer) (err error) {
var buf [6]byte
buf[0] = 4
buf[1] = byte(pk.CreationTime >> 24)
@@ -254,7 +253,7 @@
case PubKeyAlgoElGamal:
return writeMPIs(w, pk.p, pk.g, pk.y)
}
- return error.InvalidArgumentError("bad public-key algorithm")
+ return error_.InvalidArgumentError("bad public-key algorithm")
}
// CanSign returns true iff this public key can generate signatures
@@ -264,20 +263,20 @@
// VerifySignature returns nil iff sig is a valid signature, made by this
// public key, of the data hashed into signed. signed is mutated by this call.
-func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err os.Error) {
+func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err error) {
if !pk.CanSign() {
- return error.InvalidArgumentError("public key cannot generate signatures")
+ return error_.InvalidArgumentError("public key cannot generate signatures")
}
signed.Write(sig.HashSuffix)
hashBytes := signed.Sum()
if hashBytes[0] != sig.HashTag[0] || hashBytes[1] != sig.HashTag[1] {
- return error.SignatureError("hash tag doesn't match")
+ return error_.SignatureError("hash tag doesn't match")
}
if pk.PubKeyAlgo != sig.PubKeyAlgo {
- return error.InvalidArgumentError("public key and signature use different algorithms")
+ return error_.InvalidArgumentError("public key and signature use different algorithms")
}
switch pk.PubKeyAlgo {
@@ -285,13 +284,13 @@
rsaPublicKey, _ := pk.PublicKey.(*rsa.PublicKey)
err = rsa.VerifyPKCS1v15(rsaPublicKey, sig.Hash, hashBytes, sig.RSASignature.bytes)
if err != nil {
- return error.SignatureError("RSA verification failure")
+ return error_.SignatureError("RSA verification failure")
}
return nil
case PubKeyAlgoDSA:
dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey)
if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.bytes), new(big.Int).SetBytes(sig.DSASigS.bytes)) {
- return error.SignatureError("DSA verification failure")
+ return error_.SignatureError("DSA verification failure")
}
return nil
default:
@@ -302,10 +301,10 @@
// keySignatureHash returns a Hash of the message that needs to be signed for
// pk to assert a subkey relationship to signed.
-func keySignatureHash(pk, signed *PublicKey, sig *Signature) (h hash.Hash, err os.Error) {
+func keySignatureHash(pk, signed *PublicKey, sig *Signature) (h hash.Hash, err error) {
h = sig.Hash.New()
if h == nil {
- return nil, error.UnsupportedError("hash function")
+ return nil, error_.UnsupportedError("hash function")
}
// RFC 4880, section 5.2.4
@@ -318,7 +317,7 @@
// VerifyKeySignature returns nil iff sig is a valid signature, made by this
// public key, of signed.
-func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) (err os.Error) {
+func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) (err error) {
h, err := keySignatureHash(pk, signed, sig)
if err != nil {
return err
@@ -328,10 +327,10 @@
// userIdSignatureHash returns a Hash of the message that needs to be signed
// to assert that pk is a valid key for id.
-func userIdSignatureHash(id string, pk *PublicKey, sig *Signature) (h hash.Hash, err os.Error) {
+func userIdSignatureHash(id string, pk *PublicKey, sig *Signature) (h hash.Hash, err error) {
h = sig.Hash.New()
if h == nil {
- return nil, error.UnsupportedError("hash function")
+ return nil, error_.UnsupportedError("hash function")
}
// RFC 4880, section 5.2.4
@@ -352,7 +351,7 @@
// VerifyUserIdSignature returns nil iff sig is a valid signature, made by this
// public key, of id.
-func (pk *PublicKey) VerifyUserIdSignature(id string, sig *Signature) (err os.Error) {
+func (pk *PublicKey) VerifyUserIdSignature(id string, sig *Signature) (err error) {
h, err := userIdSignatureHash(id, pk, sig)
if err != nil {
return err
@@ -382,7 +381,7 @@
// writeMPIs is a utility function for serializing several big integers to the
// given Writer.
-func writeMPIs(w io.Writer, mpis ...parsedMPI) (err os.Error) {
+func writeMPIs(w io.Writer, mpis ...parsedMPI) (err error) {
for _, mpi := range mpis {
err = writeMPI(w, mpi.bitLength, mpi.bytes)
if err != nil {
diff --git a/src/pkg/crypto/openpgp/packet/reader.go b/src/pkg/crypto/openpgp/packet/reader.go
index 5febc3b..e3d733c 100644
--- a/src/pkg/crypto/openpgp/packet/reader.go
+++ b/src/pkg/crypto/openpgp/packet/reader.go
@@ -5,9 +5,8 @@
package packet
import (
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"io"
- "os"
)
// Reader reads packets from an io.Reader and allows packets to be 'unread' so
@@ -19,7 +18,7 @@
// Next returns the most recently unread Packet, or reads another packet from
// the top-most io.Reader. Unknown packet types are skipped.
-func (r *Reader) Next() (p Packet, err os.Error) {
+func (r *Reader) Next() (p Packet, err error) {
if len(r.q) > 0 {
p = r.q[len(r.q)-1]
r.q = r.q[:len(r.q)-1]
@@ -31,16 +30,16 @@
if err == nil {
return
}
- if err == os.EOF {
+ if err == io.EOF {
r.readers = r.readers[:len(r.readers)-1]
continue
}
- if _, ok := err.(error.UnknownPacketTypeError); !ok {
+ if _, ok := err.(error_.UnknownPacketTypeError); !ok {
return nil, err
}
}
- return nil, os.EOF
+ return nil, io.EOF
}
// Push causes the Reader to start reading from a new io.Reader. When an EOF
diff --git a/src/pkg/crypto/openpgp/packet/signature.go b/src/pkg/crypto/openpgp/packet/signature.go
index 7577e28..4ebb906 100644
--- a/src/pkg/crypto/openpgp/packet/signature.go
+++ b/src/pkg/crypto/openpgp/packet/signature.go
@@ -7,14 +7,13 @@
import (
"crypto"
"crypto/dsa"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/openpgp/s2k"
"crypto/rand"
"crypto/rsa"
"encoding/binary"
"hash"
"io"
- "os"
"strconv"
)
@@ -53,7 +52,7 @@
outSubpackets []outputSubpacket
}
-func (sig *Signature) parse(r io.Reader) (err os.Error) {
+func (sig *Signature) parse(r io.Reader) (err error) {
// RFC 4880, section 5.2.3
var buf [5]byte
_, err = readFull(r, buf[:1])
@@ -61,7 +60,7 @@
return
}
if buf[0] != 4 {
- err = error.UnsupportedError("signature packet version " + strconv.Itoa(int(buf[0])))
+ err = error_.UnsupportedError("signature packet version " + strconv.Itoa(int(buf[0])))
return
}
@@ -74,14 +73,14 @@
switch sig.PubKeyAlgo {
case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoDSA:
default:
- err = error.UnsupportedError("public key algorithm " + strconv.Itoa(int(sig.PubKeyAlgo)))
+ err = error_.UnsupportedError("public key algorithm " + strconv.Itoa(int(sig.PubKeyAlgo)))
return
}
var ok bool
sig.Hash, ok = s2k.HashIdToHash(buf[2])
if !ok {
- return error.UnsupportedError("hash function " + strconv.Itoa(int(buf[2])))
+ return error_.UnsupportedError("hash function " + strconv.Itoa(int(buf[2])))
}
hashedSubpacketsLength := int(buf[3])<<8 | int(buf[4])
@@ -144,7 +143,7 @@
// parseSignatureSubpackets parses subpackets of the main signature packet. See
// RFC 4880, section 5.2.3.1.
-func parseSignatureSubpackets(sig *Signature, subpackets []byte, isHashed bool) (err os.Error) {
+func parseSignatureSubpackets(sig *Signature, subpackets []byte, isHashed bool) (err error) {
for len(subpackets) > 0 {
subpackets, err = parseSignatureSubpacket(sig, subpackets, isHashed)
if err != nil {
@@ -153,7 +152,7 @@
}
if sig.CreationTime == 0 {
- err = error.StructuralError("no creation time in signature")
+ err = error_.StructuralError("no creation time in signature")
}
return
@@ -174,7 +173,7 @@
)
// parseSignatureSubpacket parses a single subpacket. len(subpacket) is >= 1.
-func parseSignatureSubpacket(sig *Signature, subpacket []byte, isHashed bool) (rest []byte, err os.Error) {
+func parseSignatureSubpacket(sig *Signature, subpacket []byte, isHashed bool) (rest []byte, err error) {
// RFC 4880, section 5.2.3.1
var (
length uint32
@@ -207,7 +206,7 @@
rest = subpacket[length:]
subpacket = subpacket[:length]
if len(subpacket) == 0 {
- err = error.StructuralError("zero length signature subpacket")
+ err = error_.StructuralError("zero length signature subpacket")
return
}
packetType = signatureSubpacketType(subpacket[0] & 0x7f)
@@ -217,11 +216,11 @@
switch packetType {
case creationTimeSubpacket:
if !isHashed {
- err = error.StructuralError("signature creation time in non-hashed area")
+ err = error_.StructuralError("signature creation time in non-hashed area")
return
}
if len(subpacket) != 4 {
- err = error.StructuralError("signature creation time not four bytes")
+ err = error_.StructuralError("signature creation time not four bytes")
return
}
sig.CreationTime = binary.BigEndian.Uint32(subpacket)
@@ -231,7 +230,7 @@
return
}
if len(subpacket) != 4 {
- err = error.StructuralError("expiration subpacket with bad length")
+ err = error_.StructuralError("expiration subpacket with bad length")
return
}
sig.SigLifetimeSecs = new(uint32)
@@ -242,7 +241,7 @@
return
}
if len(subpacket) != 4 {
- err = error.StructuralError("key expiration subpacket with bad length")
+ err = error_.StructuralError("key expiration subpacket with bad length")
return
}
sig.KeyLifetimeSecs = new(uint32)
@@ -257,7 +256,7 @@
case issuerSubpacket:
// Issuer, section 5.2.3.5
if len(subpacket) != 8 {
- err = error.StructuralError("issuer subpacket with bad length")
+ err = error_.StructuralError("issuer subpacket with bad length")
return
}
sig.IssuerKeyId = new(uint64)
@@ -282,7 +281,7 @@
return
}
if len(subpacket) != 1 {
- err = error.StructuralError("primary user id subpacket with bad length")
+ err = error_.StructuralError("primary user id subpacket with bad length")
return
}
sig.IsPrimaryId = new(bool)
@@ -295,7 +294,7 @@
return
}
if len(subpacket) == 0 {
- err = error.StructuralError("empty key flags subpacket")
+ err = error_.StructuralError("empty key flags subpacket")
return
}
sig.FlagsValid = true
@@ -314,14 +313,14 @@
default:
if isCritical {
- err = error.UnsupportedError("unknown critical signature subpacket type " + strconv.Itoa(int(packetType)))
+ err = error_.UnsupportedError("unknown critical signature subpacket type " + strconv.Itoa(int(packetType)))
return
}
}
return
Truncated:
- err = error.StructuralError("signature subpacket truncated")
+ err = error_.StructuralError("signature subpacket truncated")
return
}
@@ -384,7 +383,7 @@
}
// buildHashSuffix constructs the HashSuffix member of sig in preparation for signing.
-func (sig *Signature) buildHashSuffix() (err os.Error) {
+func (sig *Signature) buildHashSuffix() (err error) {
hashedSubpacketsLen := subpacketsLength(sig.outSubpackets, true)
var ok bool
@@ -396,7 +395,7 @@
sig.HashSuffix[3], ok = s2k.HashToHashId(sig.Hash)
if !ok {
sig.HashSuffix = nil
- return error.InvalidArgumentError("hash cannot be represented in OpenPGP: " + strconv.Itoa(int(sig.Hash)))
+ return error_.InvalidArgumentError("hash cannot be represented in OpenPGP: " + strconv.Itoa(int(sig.Hash)))
}
sig.HashSuffix[4] = byte(hashedSubpacketsLen >> 8)
sig.HashSuffix[5] = byte(hashedSubpacketsLen)
@@ -411,7 +410,7 @@
return
}
-func (sig *Signature) signPrepareHash(h hash.Hash) (digest []byte, err os.Error) {
+func (sig *Signature) signPrepareHash(h hash.Hash) (digest []byte, err error) {
err = sig.buildHashSuffix()
if err != nil {
return
@@ -426,7 +425,7 @@
// Sign signs a message with a private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
-func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey) (err os.Error) {
+func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey) (err error) {
sig.outSubpackets = sig.buildSubpackets()
digest, err := sig.signPrepareHash(h)
if err != nil {
@@ -446,7 +445,7 @@
sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes))
}
default:
- err = error.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
+ err = error_.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
}
return
@@ -455,7 +454,7 @@
// SignUserId computes a signature from priv, asserting that pub is a valid
// key for the identity id. On success, the signature is stored in sig. Call
// Serialize to write it out.
-func (sig *Signature) SignUserId(id string, pub *PublicKey, priv *PrivateKey) os.Error {
+func (sig *Signature) SignUserId(id string, pub *PublicKey, priv *PrivateKey) error {
h, err := userIdSignatureHash(id, pub, sig)
if err != nil {
return nil
@@ -465,7 +464,7 @@
// SignKey computes a signature from priv, asserting that pub is a subkey. On
// success, the signature is stored in sig. Call Serialize to write it out.
-func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey) os.Error {
+func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey) error {
h, err := keySignatureHash(&priv.PublicKey, pub, sig)
if err != nil {
return err
@@ -474,12 +473,12 @@
}
// Serialize marshals sig to w. SignRSA or SignDSA must have been called first.
-func (sig *Signature) Serialize(w io.Writer) (err os.Error) {
+func (sig *Signature) Serialize(w io.Writer) (err error) {
if len(sig.outSubpackets) == 0 {
sig.outSubpackets = sig.rawSubpackets
}
if sig.RSASignature.bytes == nil && sig.DSASigR.bytes == nil {
- return error.InvalidArgumentError("Signature: need to call SignRSA or SignDSA before Serialize")
+ return error_.InvalidArgumentError("Signature: need to call SignRSA or SignDSA before Serialize")
}
sigLength := 0
diff --git a/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted.go b/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted.go
index ad4f1d6..76d5151 100644
--- a/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted.go
+++ b/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted.go
@@ -7,10 +7,9 @@
import (
"bytes"
"crypto/cipher"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/openpgp/s2k"
"io"
- "os"
"strconv"
)
@@ -30,7 +29,7 @@
const symmetricKeyEncryptedVersion = 4
-func (ske *SymmetricKeyEncrypted) parse(r io.Reader) (err os.Error) {
+func (ske *SymmetricKeyEncrypted) parse(r io.Reader) (err error) {
// RFC 4880, section 5.3.
var buf [2]byte
_, err = readFull(r, buf[:])
@@ -38,12 +37,12 @@
return
}
if buf[0] != symmetricKeyEncryptedVersion {
- return error.UnsupportedError("SymmetricKeyEncrypted version")
+ return error_.UnsupportedError("SymmetricKeyEncrypted version")
}
ske.CipherFunc = CipherFunction(buf[1])
if ske.CipherFunc.KeySize() == 0 {
- return error.UnsupportedError("unknown cipher: " + strconv.Itoa(int(buf[1])))
+ return error_.UnsupportedError("unknown cipher: " + strconv.Itoa(int(buf[1])))
}
ske.s2k, err = s2k.Parse(r)
@@ -61,7 +60,7 @@
err = nil
if n != 0 {
if n == maxSessionKeySizeInBytes {
- return error.UnsupportedError("oversized encrypted session key")
+ return error_.UnsupportedError("oversized encrypted session key")
}
ske.encryptedKey = encryptedKey[:n]
}
@@ -73,7 +72,7 @@
// Decrypt attempts to decrypt an encrypted session key. If it returns nil,
// ske.Key will contain the session key.
-func (ske *SymmetricKeyEncrypted) Decrypt(passphrase []byte) os.Error {
+func (ske *SymmetricKeyEncrypted) Decrypt(passphrase []byte) error {
if !ske.Encrypted {
return nil
}
@@ -90,13 +89,13 @@
c.XORKeyStream(ske.encryptedKey, ske.encryptedKey)
ske.CipherFunc = CipherFunction(ske.encryptedKey[0])
if ske.CipherFunc.blockSize() == 0 {
- return error.UnsupportedError("unknown cipher: " + strconv.Itoa(int(ske.CipherFunc)))
+ return error_.UnsupportedError("unknown cipher: " + strconv.Itoa(int(ske.CipherFunc)))
}
ske.CipherFunc = CipherFunction(ske.encryptedKey[0])
ske.Key = ske.encryptedKey[1:]
if len(ske.Key)%ske.CipherFunc.blockSize() != 0 {
ske.Key = nil
- return error.StructuralError("length of decrypted key not a multiple of block size")
+ return error_.StructuralError("length of decrypted key not a multiple of block size")
}
}
@@ -108,10 +107,10 @@
// packet contains a random session key, encrypted by a key derived from the
// given passphrase. The session key is returned and must be passed to
// SerializeSymmetricallyEncrypted.
-func SerializeSymmetricKeyEncrypted(w io.Writer, rand io.Reader, passphrase []byte, cipherFunc CipherFunction) (key []byte, err os.Error) {
+func SerializeSymmetricKeyEncrypted(w io.Writer, rand io.Reader, passphrase []byte, cipherFunc CipherFunction) (key []byte, err error) {
keySize := cipherFunc.KeySize()
if keySize == 0 {
- return nil, error.UnsupportedError("unknown cipher: " + strconv.Itoa(int(cipherFunc)))
+ return nil, error_.UnsupportedError("unknown cipher: " + strconv.Itoa(int(cipherFunc)))
}
s2kBuf := new(bytes.Buffer)
diff --git a/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted_test.go b/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted_test.go
index 823ec40..87690f0 100644
--- a/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted_test.go
+++ b/src/pkg/crypto/openpgp/packet/symmetric_key_encrypted_test.go
@@ -8,8 +8,8 @@
"bytes"
"crypto/rand"
"encoding/hex"
+ "io"
"io/ioutil"
- "os"
"testing"
)
@@ -48,7 +48,7 @@
}
contents, err := ioutil.ReadAll(r)
- if err != nil && err != os.EOF {
+ if err != nil && err != io.EOF {
t.Error(err)
return
}
diff --git a/src/pkg/crypto/openpgp/packet/symmetrically_encrypted.go b/src/pkg/crypto/openpgp/packet/symmetrically_encrypted.go
index e33c9f3..8225db6 100644
--- a/src/pkg/crypto/openpgp/packet/symmetrically_encrypted.go
+++ b/src/pkg/crypto/openpgp/packet/symmetrically_encrypted.go
@@ -6,13 +6,12 @@
import (
"crypto/cipher"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/rand"
"crypto/sha1"
"crypto/subtle"
"hash"
"io"
- "os"
"strconv"
)
@@ -27,7 +26,7 @@
const symmetricallyEncryptedVersion = 1
-func (se *SymmetricallyEncrypted) parse(r io.Reader) os.Error {
+func (se *SymmetricallyEncrypted) parse(r io.Reader) error {
if se.MDC {
// See RFC 4880, section 5.13.
var buf [1]byte
@@ -36,7 +35,7 @@
return err
}
if buf[0] != symmetricallyEncryptedVersion {
- return error.UnsupportedError("unknown SymmetricallyEncrypted version")
+ return error_.UnsupportedError("unknown SymmetricallyEncrypted version")
}
}
se.contents = r
@@ -46,13 +45,13 @@
// Decrypt returns a ReadCloser, from which the decrypted contents of the
// packet can be read. An incorrect key can, with high probability, be detected
// immediately and this will result in a KeyIncorrect error being returned.
-func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, os.Error) {
+func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, error) {
keySize := c.KeySize()
if keySize == 0 {
- return nil, error.UnsupportedError("unknown cipher: " + strconv.Itoa(int(c)))
+ return nil, error_.UnsupportedError("unknown cipher: " + strconv.Itoa(int(c)))
}
if len(key) != keySize {
- return nil, error.InvalidArgumentError("SymmetricallyEncrypted: incorrect key length")
+ return nil, error_.InvalidArgumentError("SymmetricallyEncrypted: incorrect key length")
}
if se.prefix == nil {
@@ -62,7 +61,7 @@
return nil, err
}
} else if len(se.prefix) != c.blockSize()+2 {
- return nil, error.InvalidArgumentError("can't try ciphers with different block lengths")
+ return nil, error_.InvalidArgumentError("can't try ciphers with different block lengths")
}
ocfbResync := cipher.OCFBResync
@@ -73,7 +72,7 @@
s := cipher.NewOCFBDecrypter(c.new(key), se.prefix, ocfbResync)
if s == nil {
- return nil, error.KeyIncorrectError
+ return nil, error_.KeyIncorrectError
}
plaintext := cipher.StreamReader{S: s, R: se.contents}
@@ -94,11 +93,11 @@
in io.Reader
}
-func (ser seReader) Read(buf []byte) (int, os.Error) {
+func (ser seReader) Read(buf []byte) (int, error) {
return ser.in.Read(buf)
}
-func (ser seReader) Close() os.Error {
+func (ser seReader) Close() error {
return nil
}
@@ -118,13 +117,13 @@
eof bool
}
-func (ser *seMDCReader) Read(buf []byte) (n int, err os.Error) {
+func (ser *seMDCReader) Read(buf []byte) (n int, err error) {
if ser.error {
err = io.ErrUnexpectedEOF
return
}
if ser.eof {
- err = os.EOF
+ err = io.EOF
return
}
@@ -133,7 +132,7 @@
for ser.trailerUsed < mdcTrailerSize {
n, err = ser.in.Read(ser.trailer[ser.trailerUsed:])
ser.trailerUsed += n
- if err == os.EOF {
+ if err == io.EOF {
if ser.trailerUsed != mdcTrailerSize {
n = 0
err = io.ErrUnexpectedEOF
@@ -161,7 +160,7 @@
copy(ser.trailer[mdcTrailerSize-n:], ser.scratch[:])
if n < len(buf) {
ser.eof = true
- err = os.EOF
+ err = io.EOF
}
return
}
@@ -171,7 +170,7 @@
ser.h.Write(buf[:n])
copy(ser.trailer[:], buf[n:])
- if err == os.EOF {
+ if err == io.EOF {
ser.eof = true
}
return
@@ -180,31 +179,31 @@
// This is a new-format packet tag byte for a type 19 (MDC) packet.
const mdcPacketTagByte = byte(0x80) | 0x40 | 19
-func (ser *seMDCReader) Close() os.Error {
+func (ser *seMDCReader) Close() error {
if ser.error {
- return error.SignatureError("error during reading")
+ return error_.SignatureError("error during reading")
}
for !ser.eof {
// We haven't seen EOF so we need to read to the end
var buf [1024]byte
_, err := ser.Read(buf[:])
- if err == os.EOF {
+ if err == io.EOF {
break
}
if err != nil {
- return error.SignatureError("error during reading")
+ return error_.SignatureError("error during reading")
}
}
if ser.trailer[0] != mdcPacketTagByte || ser.trailer[1] != sha1.Size {
- return error.SignatureError("MDC packet not found")
+ return error_.SignatureError("MDC packet not found")
}
ser.h.Write(ser.trailer[:2])
final := ser.h.Sum()
if subtle.ConstantTimeCompare(final, ser.trailer[2:]) != 1 {
- return error.SignatureError("hash mismatch")
+ return error_.SignatureError("hash mismatch")
}
return nil
}
@@ -217,12 +216,12 @@
h hash.Hash
}
-func (w *seMDCWriter) Write(buf []byte) (n int, err os.Error) {
+func (w *seMDCWriter) Write(buf []byte) (n int, err error) {
w.h.Write(buf)
return w.w.Write(buf)
}
-func (w *seMDCWriter) Close() (err os.Error) {
+func (w *seMDCWriter) Close() (err error) {
var buf [mdcTrailerSize]byte
buf[0] = mdcPacketTagByte
@@ -243,20 +242,20 @@
w io.Writer
}
-func (c noOpCloser) Write(data []byte) (n int, err os.Error) {
+func (c noOpCloser) Write(data []byte) (n int, err error) {
return c.w.Write(data)
}
-func (c noOpCloser) Close() os.Error {
+func (c noOpCloser) Close() error {
return nil
}
// SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet
// to w and returns a WriteCloser to which the to-be-encrypted packets can be
// written.
-func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte) (contents io.WriteCloser, err os.Error) {
+func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte) (contents io.WriteCloser, err error) {
if c.KeySize() != len(key) {
- return nil, error.InvalidArgumentError("SymmetricallyEncrypted.Serialize: bad key length")
+ return nil, error_.InvalidArgumentError("SymmetricallyEncrypted.Serialize: bad key length")
}
writeCloser := noOpCloser{w}
ciphertext, err := serializeStreamHeader(writeCloser, packetTypeSymmetricallyEncryptedMDC)
diff --git a/src/pkg/crypto/openpgp/packet/symmetrically_encrypted_test.go b/src/pkg/crypto/openpgp/packet/symmetrically_encrypted_test.go
index 1054fc2..8eee971 100644
--- a/src/pkg/crypto/openpgp/packet/symmetrically_encrypted_test.go
+++ b/src/pkg/crypto/openpgp/packet/symmetrically_encrypted_test.go
@@ -6,12 +6,11 @@
import (
"bytes"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/sha1"
"encoding/hex"
"io"
"io/ioutil"
- "os"
"testing"
)
@@ -21,7 +20,7 @@
stride int
}
-func (t *testReader) Read(buf []byte) (n int, err os.Error) {
+func (t *testReader) Read(buf []byte) (n int, err error) {
n = t.stride
if n > len(t.data) {
n = len(t.data)
@@ -32,7 +31,7 @@
copy(buf, t.data)
t.data = t.data[n:]
if len(t.data) == 0 {
- err = os.EOF
+ err = io.EOF
}
return
}
@@ -71,7 +70,7 @@
err = mdcReader.Close()
if err == nil {
t.Error("corruption: no error")
- } else if _, ok := err.(*error.SignatureError); !ok {
+ } else if _, ok := err.(*error_.SignatureError); !ok {
t.Errorf("corruption: expected SignatureError, got: %s", err)
}
}
diff --git a/src/pkg/crypto/openpgp/packet/userid.go b/src/pkg/crypto/openpgp/packet/userid.go
index 0580ba3..d6bea7d 100644
--- a/src/pkg/crypto/openpgp/packet/userid.go
+++ b/src/pkg/crypto/openpgp/packet/userid.go
@@ -7,7 +7,6 @@
import (
"io"
"io/ioutil"
- "os"
"strings"
)
@@ -65,7 +64,7 @@
return uid
}
-func (uid *UserId) parse(r io.Reader) (err os.Error) {
+func (uid *UserId) parse(r io.Reader) (err error) {
// RFC 4880, section 5.11
b, err := ioutil.ReadAll(r)
if err != nil {
@@ -78,7 +77,7 @@
// Serialize marshals uid to w in the form of an OpenPGP packet, including
// header.
-func (uid *UserId) Serialize(w io.Writer) os.Error {
+func (uid *UserId) Serialize(w io.Writer) error {
err := serializeHeader(w, packetTypeUserId, len(uid.Id))
if err != nil {
return err
diff --git a/src/pkg/crypto/openpgp/read.go b/src/pkg/crypto/openpgp/read.go
index d95f613..76fb1ea 100644
--- a/src/pkg/crypto/openpgp/read.go
+++ b/src/pkg/crypto/openpgp/read.go
@@ -8,12 +8,11 @@
import (
"crypto"
"crypto/openpgp/armor"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/openpgp/packet"
_ "crypto/sha256"
"hash"
"io"
- "os"
"strconv"
)
@@ -21,14 +20,14 @@
var SignatureType = "PGP SIGNATURE"
// readArmored reads an armored block with the given type.
-func readArmored(r io.Reader, expectedType string) (body io.Reader, err os.Error) {
+func readArmored(r io.Reader, expectedType string) (body io.Reader, err error) {
block, err := armor.Decode(r)
if err != nil {
return
}
if block.Type != expectedType {
- return nil, error.InvalidArgumentError("expected '" + expectedType + "', got: " + block.Type)
+ return nil, error_.InvalidArgumentError("expected '" + expectedType + "', got: " + block.Type)
}
return block.Body, nil
@@ -56,7 +55,7 @@
// been consumed. Once EOF has been seen, the following fields are
// valid. (An authentication code failure is reported as a
// SignatureError error when reading from UnverifiedBody.)
- SignatureError os.Error // nil if the signature is good.
+ SignatureError error // nil if the signature is good.
Signature *packet.Signature // the signature packet itself.
decrypted io.ReadCloser
@@ -69,7 +68,7 @@
// passphrase to try. If the decrypted private key or given passphrase isn't
// correct, the function will be called again, forever. Any error returned will
// be passed up.
-type PromptFunction func(keys []Key, symmetric bool) ([]byte, os.Error)
+type PromptFunction func(keys []Key, symmetric bool) ([]byte, error)
// A keyEnvelopePair is used to store a private key with the envelope that
// contains a symmetric key, encrypted with that key.
@@ -81,7 +80,7 @@
// ReadMessage parses an OpenPGP message that may be signed and/or encrypted.
// The given KeyRing should contain both public keys (for signature
// verification) and, possibly encrypted, private keys for decrypting.
-func ReadMessage(r io.Reader, keyring KeyRing, prompt PromptFunction) (md *MessageDetails, err os.Error) {
+func ReadMessage(r io.Reader, keyring KeyRing, prompt PromptFunction) (md *MessageDetails, err error) {
var p packet.Packet
var symKeys []*packet.SymmetricKeyEncrypted
@@ -131,7 +130,7 @@
case *packet.Compressed, *packet.LiteralData, *packet.OnePassSignature:
// This message isn't encrypted.
if len(symKeys) != 0 || len(pubKeys) != 0 {
- return nil, error.StructuralError("key material not followed by encrypted message")
+ return nil, error_.StructuralError("key material not followed by encrypted message")
}
packets.Unread(p)
return readSignedMessage(packets, nil, keyring)
@@ -162,7 +161,7 @@
continue
}
decrypted, err = se.Decrypt(pk.encryptedKey.CipherFunc, pk.encryptedKey.Key)
- if err != nil && err != error.KeyIncorrectError {
+ if err != nil && err != error_.KeyIncorrectError {
return nil, err
}
if decrypted != nil {
@@ -180,11 +179,11 @@
}
if len(candidates) == 0 && len(symKeys) == 0 {
- return nil, error.KeyIncorrectError
+ return nil, error_.KeyIncorrectError
}
if prompt == nil {
- return nil, error.KeyIncorrectError
+ return nil, error_.KeyIncorrectError
}
passphrase, err := prompt(candidates, len(symKeys) != 0)
@@ -198,7 +197,7 @@
err = s.Decrypt(passphrase)
if err == nil && !s.Encrypted {
decrypted, err = se.Decrypt(s.CipherFunc, s.Key)
- if err != nil && err != error.KeyIncorrectError {
+ if err != nil && err != error_.KeyIncorrectError {
return nil, err
}
if decrypted != nil {
@@ -218,7 +217,7 @@
// readSignedMessage reads a possibly signed message if mdin is non-zero then
// that structure is updated and returned. Otherwise a fresh MessageDetails is
// used.
-func readSignedMessage(packets *packet.Reader, mdin *MessageDetails, keyring KeyRing) (md *MessageDetails, err os.Error) {
+func readSignedMessage(packets *packet.Reader, mdin *MessageDetails, keyring KeyRing) (md *MessageDetails, err error) {
if mdin == nil {
mdin = new(MessageDetails)
}
@@ -238,7 +237,7 @@
packets.Push(p.Body)
case *packet.OnePassSignature:
if !p.IsLast {
- return nil, error.UnsupportedError("nested signatures")
+ return nil, error_.UnsupportedError("nested signatures")
}
h, wrappedHash, err = hashForSignature(p.Hash, p.SigType)
@@ -279,10 +278,10 @@
// should be preprocessed (i.e. to normalize line endings). Thus this function
// returns two hashes. The second should be used to hash the message itself and
// performs any needed preprocessing.
-func hashForSignature(hashId crypto.Hash, sigType packet.SignatureType) (hash.Hash, hash.Hash, os.Error) {
+func hashForSignature(hashId crypto.Hash, sigType packet.SignatureType) (hash.Hash, hash.Hash, error) {
h := hashId.New()
if h == nil {
- return nil, nil, error.UnsupportedError("hash not available: " + strconv.Itoa(int(hashId)))
+ return nil, nil, error_.UnsupportedError("hash not available: " + strconv.Itoa(int(hashId)))
}
switch sigType {
@@ -292,7 +291,7 @@
return h, NewCanonicalTextHash(h), nil
}
- return nil, nil, error.UnsupportedError("unsupported signature type: " + strconv.Itoa(int(sigType)))
+ return nil, nil, error_.UnsupportedError("unsupported signature type: " + strconv.Itoa(int(sigType)))
}
// checkReader wraps an io.Reader from a LiteralData packet. When it sees EOF
@@ -302,9 +301,9 @@
md *MessageDetails
}
-func (cr checkReader) Read(buf []byte) (n int, err os.Error) {
+func (cr checkReader) Read(buf []byte) (n int, err error) {
n, err = cr.md.LiteralData.Body.Read(buf)
- if err == os.EOF {
+ if err == io.EOF {
mdcErr := cr.md.decrypted.Close()
if mdcErr != nil {
err = mdcErr
@@ -322,10 +321,10 @@
md *MessageDetails
}
-func (scr *signatureCheckReader) Read(buf []byte) (n int, err os.Error) {
+func (scr *signatureCheckReader) Read(buf []byte) (n int, err error) {
n, err = scr.md.LiteralData.Body.Read(buf)
scr.wrappedHash.Write(buf[:n])
- if err == os.EOF {
+ if err == io.EOF {
var p packet.Packet
p, scr.md.SignatureError = scr.packets.Next()
if scr.md.SignatureError != nil {
@@ -334,7 +333,7 @@
var ok bool
if scr.md.Signature, ok = p.(*packet.Signature); !ok {
- scr.md.SignatureError = error.StructuralError("LiteralData not followed by Signature")
+ scr.md.SignatureError = error_.StructuralError("LiteralData not followed by Signature")
return
}
@@ -356,7 +355,7 @@
// CheckDetachedSignature takes a signed file and a detached signature and
// returns the signer if the signature is valid. If the signer isn't know,
// UnknownIssuerError is returned.
-func CheckDetachedSignature(keyring KeyRing, signed, signature io.Reader) (signer *Entity, err os.Error) {
+func CheckDetachedSignature(keyring KeyRing, signed, signature io.Reader) (signer *Entity, err error) {
p, err := packet.Read(signature)
if err != nil {
return
@@ -364,16 +363,16 @@
sig, ok := p.(*packet.Signature)
if !ok {
- return nil, error.StructuralError("non signature packet found")
+ return nil, error_.StructuralError("non signature packet found")
}
if sig.IssuerKeyId == nil {
- return nil, error.StructuralError("signature doesn't have an issuer")
+ return nil, error_.StructuralError("signature doesn't have an issuer")
}
keys := keyring.KeysById(*sig.IssuerKeyId)
if len(keys) == 0 {
- return nil, error.UnknownIssuerError
+ return nil, error_.UnknownIssuerError
}
h, wrappedHash, err := hashForSignature(sig.Hash, sig.SigType)
@@ -382,7 +381,7 @@
}
_, err = io.Copy(wrappedHash, signed)
- if err != nil && err != os.EOF {
+ if err != nil && err != io.EOF {
return
}
@@ -400,12 +399,12 @@
return
}
- return nil, error.UnknownIssuerError
+ return nil, error_.UnknownIssuerError
}
// CheckArmoredDetachedSignature performs the same actions as
// CheckDetachedSignature but expects the signature to be armored.
-func CheckArmoredDetachedSignature(keyring KeyRing, signed, signature io.Reader) (signer *Entity, err os.Error) {
+func CheckArmoredDetachedSignature(keyring KeyRing, signed, signature io.Reader) (signer *Entity, err error) {
body, err := readArmored(signature, SignatureType)
if err != nil {
return
diff --git a/src/pkg/crypto/openpgp/read_test.go b/src/pkg/crypto/openpgp/read_test.go
index 4dc290e..e8a6bf5 100644
--- a/src/pkg/crypto/openpgp/read_test.go
+++ b/src/pkg/crypto/openpgp/read_test.go
@@ -6,11 +6,10 @@
import (
"bytes"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"encoding/hex"
"io"
"io/ioutil"
- "os"
"testing"
)
@@ -149,21 +148,21 @@
for i, test := range signedEncryptedMessageTests {
expected := "Signed and encrypted message\n"
kring, _ := ReadKeyRing(readerFromHex(test.keyRingHex))
- prompt := func(keys []Key, symmetric bool) ([]byte, os.Error) {
+ prompt := func(keys []Key, symmetric bool) ([]byte, error) {
if symmetric {
t.Errorf("prompt: message was marked as symmetrically encrypted")
- return nil, error.KeyIncorrectError
+ return nil, error_.KeyIncorrectError
}
if len(keys) == 0 {
t.Error("prompt: no keys requested")
- return nil, error.KeyIncorrectError
+ return nil, error_.KeyIncorrectError
}
err := keys[0].PrivateKey.Decrypt([]byte("passphrase"))
if err != nil {
t.Errorf("prompt: error decrypting key: %s", err)
- return nil, error.KeyIncorrectError
+ return nil, error_.KeyIncorrectError
}
return nil, nil
@@ -215,7 +214,7 @@
func TestSymmetricallyEncrypted(t *testing.T) {
expected := "Symmetrically encrypted.\n"
- prompt := func(keys []Key, symmetric bool) ([]byte, os.Error) {
+ prompt := func(keys []Key, symmetric bool) ([]byte, error) {
if len(keys) != 0 {
t.Errorf("prompt: len(keys) = %d (want 0)", len(keys))
}
@@ -287,7 +286,7 @@
func TestNoArmoredData(t *testing.T) {
_, err := ReadArmoredKeyRing(bytes.NewBufferString("foo"))
- if _, ok := err.(error.InvalidArgumentError); !ok {
+ if _, ok := err.(error_.InvalidArgumentError); !ok {
t.Errorf("error was not an InvalidArgumentError: %s", err)
}
}
diff --git a/src/pkg/crypto/openpgp/s2k/s2k.go b/src/pkg/crypto/openpgp/s2k/s2k.go
index 013b15c..2a753db 100644
--- a/src/pkg/crypto/openpgp/s2k/s2k.go
+++ b/src/pkg/crypto/openpgp/s2k/s2k.go
@@ -8,10 +8,9 @@
import (
"crypto"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"hash"
"io"
- "os"
"strconv"
)
@@ -76,7 +75,7 @@
// Parse reads a binary specification for a string-to-key transformation from r
// and returns a function which performs that transform.
-func Parse(r io.Reader) (f func(out, in []byte), err os.Error) {
+func Parse(r io.Reader) (f func(out, in []byte), err error) {
var buf [9]byte
_, err = io.ReadFull(r, buf[:2])
@@ -86,11 +85,11 @@
hash, ok := HashIdToHash(buf[1])
if !ok {
- return nil, error.UnsupportedError("hash for S2K function: " + strconv.Itoa(int(buf[1])))
+ return nil, error_.UnsupportedError("hash for S2K function: " + strconv.Itoa(int(buf[1])))
}
h := hash.New()
if h == nil {
- return nil, error.UnsupportedError("hash not available: " + strconv.Itoa(int(hash)))
+ return nil, error_.UnsupportedError("hash not available: " + strconv.Itoa(int(hash)))
}
switch buf[0] {
@@ -120,12 +119,12 @@
return f, nil
}
- return nil, error.UnsupportedError("S2K function")
+ return nil, error_.UnsupportedError("S2K function")
}
// Serialize salts and stretches the given passphrase and writes the resulting
// key into key. It also serializes an S2K descriptor to w.
-func Serialize(w io.Writer, key []byte, rand io.Reader, passphrase []byte) os.Error {
+func Serialize(w io.Writer, key []byte, rand io.Reader, passphrase []byte) error {
var buf [11]byte
buf[0] = 3 /* iterated and salted */
buf[1], _ = HashToHashId(crypto.SHA1)
diff --git a/src/pkg/crypto/openpgp/write.go b/src/pkg/crypto/openpgp/write.go
index 9884472..6f3450c 100644
--- a/src/pkg/crypto/openpgp/write.go
+++ b/src/pkg/crypto/openpgp/write.go
@@ -7,45 +7,44 @@
import (
"crypto"
"crypto/openpgp/armor"
- "crypto/openpgp/error"
+ error_ "crypto/openpgp/error"
"crypto/openpgp/packet"
"crypto/openpgp/s2k"
"crypto/rand"
_ "crypto/sha256"
"hash"
"io"
- "os"
"strconv"
"time"
)
// DetachSign signs message with the private key from signer (which must
// already have been decrypted) and writes the signature to w.
-func DetachSign(w io.Writer, signer *Entity, message io.Reader) os.Error {
+func DetachSign(w io.Writer, signer *Entity, message io.Reader) error {
return detachSign(w, signer, message, packet.SigTypeBinary)
}
// ArmoredDetachSign signs message with the private key from signer (which
// must already have been decrypted) and writes an armored signature to w.
-func ArmoredDetachSign(w io.Writer, signer *Entity, message io.Reader) (err os.Error) {
+func ArmoredDetachSign(w io.Writer, signer *Entity, message io.Reader) (err error) {
return armoredDetachSign(w, signer, message, packet.SigTypeBinary)
}
// DetachSignText signs message (after canonicalising the line endings) with
// the private key from signer (which must already have been decrypted) and
// writes the signature to w.
-func DetachSignText(w io.Writer, signer *Entity, message io.Reader) os.Error {
+func DetachSignText(w io.Writer, signer *Entity, message io.Reader) error {
return detachSign(w, signer, message, packet.SigTypeText)
}
// ArmoredDetachSignText signs message (after canonicalising the line endings)
// with the private key from signer (which must already have been decrypted)
// and writes an armored signature to w.
-func ArmoredDetachSignText(w io.Writer, signer *Entity, message io.Reader) os.Error {
+func ArmoredDetachSignText(w io.Writer, signer *Entity, message io.Reader) error {
return armoredDetachSign(w, signer, message, packet.SigTypeText)
}
-func armoredDetachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType) (err os.Error) {
+func armoredDetachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType) (err error) {
out, err := armor.Encode(w, SignatureType, nil)
if err != nil {
return
@@ -57,12 +56,12 @@
return out.Close()
}
-func detachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType) (err os.Error) {
+func detachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType) (err error) {
if signer.PrivateKey == nil {
- return error.InvalidArgumentError("signing key doesn't have a private key")
+ return error_.InvalidArgumentError("signing key doesn't have a private key")
}
if signer.PrivateKey.Encrypted {
- return error.InvalidArgumentError("signing key is encrypted")
+ return error_.InvalidArgumentError("signing key is encrypted")
}
sig := new(packet.Signature)
@@ -103,7 +102,7 @@
// SymmetricallyEncrypt acts like gpg -c: it encrypts a file with a passphrase.
// The resulting WriteCloser must be closed after the contents of the file have
// been written.
-func SymmetricallyEncrypt(ciphertext io.Writer, passphrase []byte, hints *FileHints) (plaintext io.WriteCloser, err os.Error) {
+func SymmetricallyEncrypt(ciphertext io.Writer, passphrase []byte, hints *FileHints) (plaintext io.WriteCloser, err error) {
if hints == nil {
hints = &FileHints{}
}
@@ -148,12 +147,12 @@
// it. hints contains optional information, that is also encrypted, that aids
// the recipients in processing the message. The resulting WriteCloser must
// be closed after the contents of the file have been written.
-func Encrypt(ciphertext io.Writer, to []*Entity, signed *Entity, hints *FileHints) (plaintext io.WriteCloser, err os.Error) {
+func Encrypt(ciphertext io.Writer, to []*Entity, signed *Entity, hints *FileHints) (plaintext io.WriteCloser, err error) {
var signer *packet.PrivateKey
if signed != nil {
signer = signed.signingKey().PrivateKey
if signer == nil || signer.Encrypted {
- return nil, error.InvalidArgumentError("signing key must be decrypted")
+ return nil, error_.InvalidArgumentError("signing key must be decrypted")
}
}
@@ -180,7 +179,7 @@
for i := range to {
encryptKeys[i] = to[i].encryptionKey()
if encryptKeys[i].PublicKey == nil {
- return nil, error.InvalidArgumentError("cannot encrypt a message to key id " + strconv.Uitob64(to[i].PrimaryKey.KeyId, 16) + " because it has no encryption keys")
+ return nil, error_.InvalidArgumentError("cannot encrypt a message to key id " + strconv.Uitob64(to[i].PrimaryKey.KeyId, 16) + " because it has no encryption keys")
}
sig := to[i].primaryIdentity().SelfSignature
@@ -198,7 +197,7 @@
}
if len(candidateCiphers) == 0 || len(candidateHashes) == 0 {
- return nil, error.InvalidArgumentError("cannot encrypt because recipient set shares no common algorithms")
+ return nil, error_.InvalidArgumentError("cannot encrypt because recipient set shares no common algorithms")
}
cipher := packet.CipherFunction(candidateCiphers[0])
@@ -266,12 +265,12 @@
signer *packet.PrivateKey
}
-func (s signatureWriter) Write(data []byte) (int, os.Error) {
+func (s signatureWriter) Write(data []byte) (int, error) {
s.h.Write(data)
return s.literalData.Write(data)
}
-func (s signatureWriter) Close() os.Error {
+func (s signatureWriter) Close() error {
sig := &packet.Signature{
SigType: packet.SigTypeBinary,
PubKeyAlgo: s.signer.PubKeyAlgo,
@@ -299,10 +298,10 @@
w io.Writer
}
-func (c noOpCloser) Write(data []byte) (n int, err os.Error) {
+func (c noOpCloser) Write(data []byte) (n int, err error) {
return c.w.Write(data)
}
-func (c noOpCloser) Close() os.Error {
+func (c noOpCloser) Close() error {
return nil
}
diff --git a/src/pkg/crypto/openpgp/write_test.go b/src/pkg/crypto/openpgp/write_test.go
index c542dfa..3cadf4c 100644
--- a/src/pkg/crypto/openpgp/write_test.go
+++ b/src/pkg/crypto/openpgp/write_test.go
@@ -7,7 +7,6 @@
import (
"bytes"
"crypto/rand"
- "os"
"io"
"io/ioutil"
"testing"
@@ -106,7 +105,7 @@
t.Errorf("error closing plaintext writer: %s", err)
}
- md, err := ReadMessage(buf, nil, func(keys []Key, symmetric bool) ([]byte, os.Error) {
+ md, err := ReadMessage(buf, nil, func(keys []Key, symmetric bool) ([]byte, error) {
return []byte("testing"), nil
})
if err != nil {
diff --git a/src/pkg/crypto/rand/rand.go b/src/pkg/crypto/rand/rand.go
index 42d9da0..5975903 100644
--- a/src/pkg/crypto/rand/rand.go
+++ b/src/pkg/crypto/rand/rand.go
@@ -6,10 +6,7 @@
// pseudorandom number generator.
package rand
-import (
- "io"
- "os"
-)
+import "io"
// Reader is a global, shared instance of a cryptographically
// strong pseudo-random generator.
@@ -18,4 +15,4 @@
var Reader io.Reader
// Read is a helper function that calls Reader.Read.
-func Read(b []byte) (n int, err os.Error) { return Reader.Read(b) }
+func Read(b []byte) (n int, err error) { return Reader.Read(b) }
diff --git a/src/pkg/crypto/rand/rand_unix.go b/src/pkg/crypto/rand/rand_unix.go
index 76a7365..09442ad 100644
--- a/src/pkg/crypto/rand/rand_unix.go
+++ b/src/pkg/crypto/rand/rand_unix.go
@@ -30,7 +30,7 @@
mu sync.Mutex
}
-func (r *devReader) Read(b []byte) (n int, err os.Error) {
+func (r *devReader) Read(b []byte) (n int, err error) {
r.mu.Lock()
defer r.mu.Unlock()
if r.f == nil {
@@ -71,7 +71,7 @@
time, seed, dst, key [aes.BlockSize]byte
}
-func (r *reader) Read(b []byte) (n int, err os.Error) {
+func (r *reader) Read(b []byte) (n int, err error) {
r.mu.Lock()
defer r.mu.Unlock()
n = len(b)
diff --git a/src/pkg/crypto/rand/rand_windows.go b/src/pkg/crypto/rand/rand_windows.go
index 0eab6b2..590571d 100644
--- a/src/pkg/crypto/rand/rand_windows.go
+++ b/src/pkg/crypto/rand/rand_windows.go
@@ -23,7 +23,7 @@
mu sync.Mutex
}
-func (r *rngReader) Read(b []byte) (n int, err os.Error) {
+func (r *rngReader) Read(b []byte) (n int, err error) {
r.mu.Lock()
if r.prov == 0 {
const provType = syscall.PROV_RSA_FULL
diff --git a/src/pkg/crypto/rand/util.go b/src/pkg/crypto/rand/util.go
index 7702847..322da4a 100644
--- a/src/pkg/crypto/rand/util.go
+++ b/src/pkg/crypto/rand/util.go
@@ -12,7 +12,7 @@
// Prime returns a number, p, of the given size, such that p is prime
// with high probability.
-func Prime(rand io.Reader, bits int) (p *big.Int, err os.Error) {
+func Prime(rand io.Reader, bits int) (p *big.Int, err error) {
if bits < 1 {
err = os.EINVAL
}
@@ -48,7 +48,7 @@
}
// Int returns a uniform random value in [0, max).
-func Int(rand io.Reader, max *big.Int) (n *big.Int, err os.Error) {
+func Int(rand io.Reader, max *big.Int) (n *big.Int, err error) {
k := (max.BitLen() + 7) / 8
// b is the number of bits in the most significant byte of max.
diff --git a/src/pkg/crypto/rc4/rc4.go b/src/pkg/crypto/rc4/rc4.go
index 7ee47109..1bb278f 100644
--- a/src/pkg/crypto/rc4/rc4.go
+++ b/src/pkg/crypto/rc4/rc4.go
@@ -9,10 +9,7 @@
// BUG(agl): RC4 is in common use but has design weaknesses that make
// it a poor choice for new protocols.
-import (
- "os"
- "strconv"
-)
+import "strconv"
// A Cipher is an instance of RC4 using a particular key.
type Cipher struct {
@@ -22,13 +19,13 @@
type KeySizeError int
-func (k KeySizeError) String() string {
+func (k KeySizeError) Error() string {
return "crypto/rc4: invalid key size " + strconv.Itoa(int(k))
}
// NewCipher creates and returns a new Cipher. The key argument should be the
// RC4 key, at least 1 byte and at most 256 bytes.
-func NewCipher(key []byte) (*Cipher, os.Error) {
+func NewCipher(key []byte) (*Cipher, error) {
k := len(key)
if k < 1 || k > 256 {
return nil, KeySizeError(k)
diff --git a/src/pkg/crypto/ripemd160/ripemd160.go b/src/pkg/crypto/ripemd160/ripemd160.go
index 5aaca59..6ccfe87 100644
--- a/src/pkg/crypto/ripemd160/ripemd160.go
+++ b/src/pkg/crypto/ripemd160/ripemd160.go
@@ -12,7 +12,6 @@
import (
"crypto"
"hash"
- "os"
)
func init() {
@@ -56,7 +55,7 @@
func (d *digest) Size() int { return Size }
-func (d *digest) Write(p []byte) (nn int, err os.Error) {
+func (d *digest) Write(p []byte) (nn int, err error) {
nn = len(p)
d.tc += uint64(nn)
if d.nx > 0 {
diff --git a/src/pkg/crypto/rsa/pkcs1v15.go b/src/pkg/crypto/rsa/pkcs1v15.go
index 6006231..901539d 100644
--- a/src/pkg/crypto/rsa/pkcs1v15.go
+++ b/src/pkg/crypto/rsa/pkcs1v15.go
@@ -8,8 +8,8 @@
"big"
"crypto"
"crypto/subtle"
+ "errors"
"io"
- "os"
)
// This file implements encryption and decryption using PKCS#1 v1.5 padding.
@@ -18,7 +18,7 @@
// The message must be no longer than the length of the public modulus minus 11 bytes.
// WARNING: use of this function to encrypt plaintexts other than session keys
// is dangerous. Use RSA OAEP in new protocols.
-func EncryptPKCS1v15(rand io.Reader, pub *PublicKey, msg []byte) (out []byte, err os.Error) {
+func EncryptPKCS1v15(rand io.Reader, pub *PublicKey, msg []byte) (out []byte, err error) {
k := (pub.N.BitLen() + 7) / 8
if len(msg) > k-11 {
err = MessageTooLongError{}
@@ -44,7 +44,7 @@
// DecryptPKCS1v15 decrypts a plaintext using RSA and the padding scheme from PKCS#1 v1.5.
// If rand != nil, it uses RSA blinding to avoid timing side-channel attacks.
-func DecryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (out []byte, err os.Error) {
+func DecryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (out []byte, err error) {
valid, out, err := decryptPKCS1v15(rand, priv, ciphertext)
if err == nil && valid == 0 {
err = DecryptionError{}
@@ -66,7 +66,7 @@
// See ``Chosen Ciphertext Attacks Against Protocols Based on the RSA
// Encryption Standard PKCS #1'', Daniel Bleichenbacher, Advances in Cryptology
// (Crypto '98),
-func DecryptPKCS1v15SessionKey(rand io.Reader, priv *PrivateKey, ciphertext []byte, key []byte) (err os.Error) {
+func DecryptPKCS1v15SessionKey(rand io.Reader, priv *PrivateKey, ciphertext []byte, key []byte) (err error) {
k := (priv.N.BitLen() + 7) / 8
if k-(len(key)+3+8) < 0 {
err = DecryptionError{}
@@ -83,7 +83,7 @@
return
}
-func decryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (valid int, msg []byte, err os.Error) {
+func decryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (valid int, msg []byte, err error) {
k := (priv.N.BitLen() + 7) / 8
if k < 11 {
err = DecryptionError{}
@@ -119,7 +119,7 @@
}
// nonZeroRandomBytes fills the given slice with non-zero random octets.
-func nonZeroRandomBytes(s []byte, rand io.Reader) (err os.Error) {
+func nonZeroRandomBytes(s []byte, rand io.Reader) (err error) {
_, err = io.ReadFull(rand, s)
if err != nil {
return
@@ -161,7 +161,7 @@
// SignPKCS1v15 calculates the signature of hashed using RSASSA-PKCS1-V1_5-SIGN from RSA PKCS#1 v1.5.
// Note that hashed must be the result of hashing the input message using the
// given hash function.
-func SignPKCS1v15(rand io.Reader, priv *PrivateKey, hash crypto.Hash, hashed []byte) (s []byte, err os.Error) {
+func SignPKCS1v15(rand io.Reader, priv *PrivateKey, hash crypto.Hash, hashed []byte) (s []byte, err error) {
hashLen, prefix, err := pkcs1v15HashInfo(hash, len(hashed))
if err != nil {
return
@@ -194,7 +194,7 @@
// hashed is the result of hashing the input message using the given hash
// function and sig is the signature. A valid signature is indicated by
// returning a nil error.
-func VerifyPKCS1v15(pub *PublicKey, hash crypto.Hash, hashed []byte, sig []byte) (err os.Error) {
+func VerifyPKCS1v15(pub *PublicKey, hash crypto.Hash, hashed []byte, sig []byte) (err error) {
hashLen, prefix, err := pkcs1v15HashInfo(hash, len(hashed))
if err != nil {
return
@@ -229,14 +229,14 @@
return nil
}
-func pkcs1v15HashInfo(hash crypto.Hash, inLen int) (hashLen int, prefix []byte, err os.Error) {
+func pkcs1v15HashInfo(hash crypto.Hash, inLen int) (hashLen int, prefix []byte, err error) {
hashLen = hash.Size()
if inLen != hashLen {
- return 0, nil, os.NewError("input must be hashed message")
+ return 0, nil, errors.New("input must be hashed message")
}
prefix, ok := hashPrefixes[hash]
if !ok {
- return 0, nil, os.NewError("unsupported hash function")
+ return 0, nil, errors.New("unsupported hash function")
}
return
}
diff --git a/src/pkg/crypto/rsa/rsa.go b/src/pkg/crypto/rsa/rsa.go
index 3df88e0..d1b9577 100644
--- a/src/pkg/crypto/rsa/rsa.go
+++ b/src/pkg/crypto/rsa/rsa.go
@@ -11,9 +11,9 @@
"big"
"crypto/rand"
"crypto/subtle"
+ "errors"
"hash"
"io"
- "os"
)
var bigZero = big.NewInt(0)
@@ -57,14 +57,14 @@
// Validate performs basic sanity checks on the key.
// It returns nil if the key is valid, or else an os.Error describing a problem.
-func (priv *PrivateKey) Validate() os.Error {
+func (priv *PrivateKey) Validate() error {
// Check that the prime factors are actually prime. Note that this is
// just a sanity check. Since the random witnesses chosen by
// ProbablyPrime are deterministic, given the candidate number, it's
// easy for an attack to generate composites that pass this test.
for _, prime := range priv.Primes {
if !big.ProbablyPrime(prime, 20) {
- return os.NewError("prime factor is composite")
+ return errors.New("prime factor is composite")
}
}
@@ -74,7 +74,7 @@
modulus.Mul(modulus, prime)
}
if modulus.Cmp(priv.N) != 0 {
- return os.NewError("invalid modulus")
+ return errors.New("invalid modulus")
}
// Check that e and totient(Î primes) are coprime.
totient := new(big.Int).Set(bigOne)
@@ -88,19 +88,19 @@
y := new(big.Int)
big.GcdInt(gcd, x, y, totient, e)
if gcd.Cmp(bigOne) != 0 {
- return os.NewError("invalid public exponent E")
+ return errors.New("invalid public exponent E")
}
// Check that de ≡ 1 (mod totient(Πprimes))
de := new(big.Int).Mul(priv.D, e)
de.Mod(de, totient)
if de.Cmp(bigOne) != 0 {
- return os.NewError("invalid private exponent D")
+ return errors.New("invalid private exponent D")
}
return nil
}
// GenerateKey generates an RSA keypair of the given bit size.
-func GenerateKey(random io.Reader, bits int) (priv *PrivateKey, err os.Error) {
+func GenerateKey(random io.Reader, bits int) (priv *PrivateKey, err error) {
return GenerateMultiPrimeKey(random, 2, bits)
}
@@ -114,12 +114,12 @@
//
// [1] US patent 4405829 (1972, expired)
// [2] http://www.cacr.math.uwaterloo.ca/techreports/2006/cacr2006-16.pdf
-func GenerateMultiPrimeKey(random io.Reader, nprimes int, bits int) (priv *PrivateKey, err os.Error) {
+func GenerateMultiPrimeKey(random io.Reader, nprimes int, bits int) (priv *PrivateKey, err error) {
priv = new(PrivateKey)
priv.E = 65537
if nprimes < 2 {
- return nil, os.NewError("rsa.GenerateMultiPrimeKey: nprimes must be >= 2")
+ return nil, errors.New("rsa.GenerateMultiPrimeKey: nprimes must be >= 2")
}
primes := make([]*big.Int, nprimes)
@@ -210,7 +210,7 @@
// is too large for the size of the public key.
type MessageTooLongError struct{}
-func (MessageTooLongError) String() string {
+func (MessageTooLongError) Error() string {
return "message too long for RSA public key size"
}
@@ -223,7 +223,7 @@
// EncryptOAEP encrypts the given message with RSA-OAEP.
// The message must be no longer than the length of the public modulus less
// twice the hash length plus 2.
-func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, label []byte) (out []byte, err os.Error) {
+func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, label []byte) (out []byte, err error) {
hash.Reset()
k := (pub.N.BitLen() + 7) / 8
if len(msg) > k-2*hash.Size()-2 {
@@ -270,13 +270,13 @@
// It is deliberately vague to avoid adaptive attacks.
type DecryptionError struct{}
-func (DecryptionError) String() string { return "RSA decryption error" }
+func (DecryptionError) Error() string { return "RSA decryption error" }
// A VerificationError represents a failure to verify a signature.
// It is deliberately vague to avoid adaptive attacks.
type VerificationError struct{}
-func (VerificationError) String() string { return "RSA verification error" }
+func (VerificationError) Error() string { return "RSA verification error" }
// modInverse returns ia, the inverse of a in the multiplicative group of prime
// order n. It requires that a be a member of the group (i.e. less than n).
@@ -335,7 +335,7 @@
// decrypt performs an RSA decryption, resulting in a plaintext integer. If a
// random source is given, RSA blinding is used.
-func decrypt(random io.Reader, priv *PrivateKey, c *big.Int) (m *big.Int, err os.Error) {
+func decrypt(random io.Reader, priv *PrivateKey, c *big.Int) (m *big.Int, err error) {
// TODO(agl): can we get away with reusing blinds?
if c.Cmp(priv.N) > 0 {
err = DecryptionError{}
@@ -413,7 +413,7 @@
// DecryptOAEP decrypts ciphertext using RSA-OAEP.
// If rand != nil, DecryptOAEP uses RSA blinding to avoid timing side-channel attacks.
-func DecryptOAEP(hash hash.Hash, random io.Reader, priv *PrivateKey, ciphertext []byte, label []byte) (msg []byte, err os.Error) {
+func DecryptOAEP(hash hash.Hash, random io.Reader, priv *PrivateKey, ciphertext []byte, label []byte) (msg []byte, err error) {
k := (priv.N.BitLen() + 7) / 8
if len(ciphertext) > k ||
k < hash.Size()*2+2 {
diff --git a/src/pkg/crypto/sha1/sha1.go b/src/pkg/crypto/sha1/sha1.go
index 788d1ff..4cdf5b2 100644
--- a/src/pkg/crypto/sha1/sha1.go
+++ b/src/pkg/crypto/sha1/sha1.go
@@ -8,7 +8,6 @@
import (
"crypto"
"hash"
- "os"
)
func init() {
@@ -54,7 +53,7 @@
func (d *digest) Size() int { return Size }
-func (d *digest) Write(p []byte) (nn int, err os.Error) {
+func (d *digest) Write(p []byte) (nn int, err error) {
nn = len(p)
d.len += uint64(nn)
if d.nx > 0 {
diff --git a/src/pkg/crypto/sha256/sha256.go b/src/pkg/crypto/sha256/sha256.go
index a2c058d..14b8cfc 100644
--- a/src/pkg/crypto/sha256/sha256.go
+++ b/src/pkg/crypto/sha256/sha256.go
@@ -9,7 +9,6 @@
import (
"crypto"
"hash"
- "os"
)
func init() {
@@ -98,7 +97,7 @@
return Size224
}
-func (d *digest) Write(p []byte) (nn int, err os.Error) {
+func (d *digest) Write(p []byte) (nn int, err error) {
nn = len(p)
d.len += uint64(nn)
if d.nx > 0 {
diff --git a/src/pkg/crypto/sha512/sha512.go b/src/pkg/crypto/sha512/sha512.go
index 78f5fe2..1bd2798 100644
--- a/src/pkg/crypto/sha512/sha512.go
+++ b/src/pkg/crypto/sha512/sha512.go
@@ -9,7 +9,6 @@
import (
"crypto"
"hash"
- "os"
)
func init() {
@@ -98,7 +97,7 @@
return Size384
}
-func (d *digest) Write(p []byte) (nn int, err os.Error) {
+func (d *digest) Write(p []byte) (nn int, err error) {
nn = len(p)
d.len += uint64(nn)
if d.nx > 0 {
diff --git a/src/pkg/crypto/tls/cipher_suites.go b/src/pkg/crypto/tls/cipher_suites.go
index 0c62251..1134f36 100644
--- a/src/pkg/crypto/tls/cipher_suites.go
+++ b/src/pkg/crypto/tls/cipher_suites.go
@@ -13,7 +13,6 @@
"crypto/sha1"
"crypto/x509"
"hash"
- "os"
)
// a keyAgreement implements the client and server side of a TLS key agreement
@@ -24,15 +23,15 @@
// In the case that the key agreement protocol doesn't use a
// ServerKeyExchange message, generateServerKeyExchange can return nil,
// nil.
- generateServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, os.Error)
- processClientKeyExchange(*Config, *clientKeyExchangeMsg, uint16) ([]byte, os.Error)
+ generateServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error)
+ processClientKeyExchange(*Config, *clientKeyExchangeMsg, uint16) ([]byte, error)
// On the client side, the next two methods are called in order.
// This method may not be called if the server doesn't send a
// ServerKeyExchange message.
- processServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg, *x509.Certificate, *serverKeyExchangeMsg) os.Error
- generateClientKeyExchange(*Config, *clientHelloMsg, *x509.Certificate) ([]byte, *clientKeyExchangeMsg, os.Error)
+ processServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg, *x509.Certificate, *serverKeyExchangeMsg) error
+ generateClientKeyExchange(*Config, *clientHelloMsg, *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error)
}
// A cipherSuite is a specific combination of key agreement, cipher and MAC
diff --git a/src/pkg/crypto/tls/conn.go b/src/pkg/crypto/tls/conn.go
index 9bca7d9..c052337 100644
--- a/src/pkg/crypto/tls/conn.go
+++ b/src/pkg/crypto/tls/conn.go
@@ -11,9 +11,9 @@
"crypto/cipher"
"crypto/subtle"
"crypto/x509"
+ "errors"
"io"
"net"
- "os"
"sync"
)
@@ -44,7 +44,7 @@
// first permanent error
errMutex sync.Mutex
- err os.Error
+ err error
// input/output
in, out halfConn // in.Mutex < out.Mutex
@@ -55,7 +55,7 @@
tmp [16]byte
}
-func (c *Conn) setError(err os.Error) os.Error {
+func (c *Conn) setError(err error) error {
c.errMutex.Lock()
defer c.errMutex.Unlock()
@@ -65,7 +65,7 @@
return err
}
-func (c *Conn) error() os.Error {
+func (c *Conn) error() error {
c.errMutex.Lock()
defer c.errMutex.Unlock()
@@ -88,21 +88,21 @@
// SetTimeout sets the read deadline associated with the connection.
// There is no write deadline.
-func (c *Conn) SetTimeout(nsec int64) os.Error {
+func (c *Conn) SetTimeout(nsec int64) error {
return c.conn.SetTimeout(nsec)
}
// SetReadTimeout sets the time (in nanoseconds) that
// Read will wait for data before returning os.EAGAIN.
// Setting nsec == 0 (the default) disables the deadline.
-func (c *Conn) SetReadTimeout(nsec int64) os.Error {
+func (c *Conn) SetReadTimeout(nsec int64) error {
return c.conn.SetReadTimeout(nsec)
}
// SetWriteTimeout exists to satisfy the net.Conn interface
// but is not implemented by TLS. It always returns an error.
-func (c *Conn) SetWriteTimeout(nsec int64) os.Error {
- return os.NewError("TLS does not support SetWriteTimeout")
+func (c *Conn) SetWriteTimeout(nsec int64) error {
+ return errors.New("TLS does not support SetWriteTimeout")
}
// A halfConn represents one direction of the record layer
@@ -129,7 +129,7 @@
// changeCipherSpec changes the encryption and MAC states
// to the ones previously passed to prepareCipherSpec.
-func (hc *halfConn) changeCipherSpec() os.Error {
+func (hc *halfConn) changeCipherSpec() error {
if hc.nextCipher == nil {
return alertInternalError
}
@@ -378,7 +378,7 @@
// readFromUntil reads from r into b until b contains at least n bytes
// or else returns an error.
-func (b *block) readFromUntil(r io.Reader, n int) os.Error {
+func (b *block) readFromUntil(r io.Reader, n int) error {
// quick case
if len(b.data) >= n {
return nil
@@ -399,7 +399,7 @@
return nil
}
-func (b *block) Read(p []byte) (n int, err os.Error) {
+func (b *block) Read(p []byte) (n int, err error) {
n = copy(p, b.data[b.off:])
b.off += n
return
@@ -443,7 +443,7 @@
// readRecord reads the next TLS record from the connection
// and updates the record layer state.
// c.in.Mutex <= L; c.input == nil.
-func (c *Conn) readRecord(want recordType) os.Error {
+func (c *Conn) readRecord(want recordType) error {
// Caller must be in sync with connection:
// handshake data if handshake not yet completed,
// else application data. (We don't support renegotiation.)
@@ -502,7 +502,7 @@
}
}
if err := b.readFromUntil(c.conn, recordHeaderLen+n); err != nil {
- if err == os.EOF {
+ if err == io.EOF {
err = io.ErrUnexpectedEOF
}
if e, ok := err.(net.Error); !ok || !e.Temporary() {
@@ -534,7 +534,7 @@
break
}
if alert(data[1]) == alertCloseNotify {
- c.setError(os.EOF)
+ c.setError(io.EOF)
break
}
switch data[0] {
@@ -543,7 +543,7 @@
c.in.freeBlock(b)
goto Again
case alertLevelError:
- c.setError(&net.OpError{Op: "remote error", Error: alert(data[1])})
+ c.setError(&net.OpError{Op: "remote error", Err: alert(data[1])})
default:
c.sendAlert(alertUnexpectedMessage)
}
@@ -582,7 +582,7 @@
// sendAlert sends a TLS alert message.
// c.out.Mutex <= L.
-func (c *Conn) sendAlertLocked(err alert) os.Error {
+func (c *Conn) sendAlertLocked(err alert) error {
c.tmp[0] = alertLevelError
if err == alertNoRenegotiation {
c.tmp[0] = alertLevelWarning
@@ -591,14 +591,14 @@
c.writeRecord(recordTypeAlert, c.tmp[0:2])
// closeNotify is a special case in that it isn't an error:
if err != alertCloseNotify {
- return c.setError(&net.OpError{Op: "local error", Error: err})
+ return c.setError(&net.OpError{Op: "local error", Err: err})
}
return nil
}
// sendAlert sends a TLS alert message.
// L < c.out.Mutex.
-func (c *Conn) sendAlert(err alert) os.Error {
+func (c *Conn) sendAlert(err alert) error {
c.out.Lock()
defer c.out.Unlock()
return c.sendAlertLocked(err)
@@ -607,7 +607,7 @@
// writeRecord writes a TLS record with the given type and payload
// to the connection and updates the record layer state.
// c.out.Mutex <= L.
-func (c *Conn) writeRecord(typ recordType, data []byte) (n int, err os.Error) {
+func (c *Conn) writeRecord(typ recordType, data []byte) (n int, err error) {
b := c.out.newBlock()
for len(data) > 0 {
m := len(data)
@@ -643,7 +643,7 @@
c.tmp[0] = alertLevelError
c.tmp[1] = byte(err.(alert))
c.writeRecord(recordTypeAlert, c.tmp[0:2])
- c.err = &net.OpError{Op: "local error", Error: err}
+ c.err = &net.OpError{Op: "local error", Err: err}
return n, c.err
}
}
@@ -653,7 +653,7 @@
// readHandshake reads the next handshake message from
// the record layer.
// c.in.Mutex < L; c.out.Mutex < L.
-func (c *Conn) readHandshake() (interface{}, os.Error) {
+func (c *Conn) readHandshake() (interface{}, error) {
for c.hand.Len() < 4 {
if c.err != nil {
return nil, c.err
@@ -720,7 +720,7 @@
}
// Write writes data to the connection.
-func (c *Conn) Write(b []byte) (n int, err os.Error) {
+func (c *Conn) Write(b []byte) (n int, err error) {
if err = c.Handshake(); err != nil {
return
}
@@ -739,7 +739,7 @@
// Read can be made to time out and return err == os.EAGAIN
// after a fixed time limit; see SetTimeout and SetReadTimeout.
-func (c *Conn) Read(b []byte) (n int, err os.Error) {
+func (c *Conn) Read(b []byte) (n int, err error) {
if err = c.Handshake(); err != nil {
return
}
@@ -765,8 +765,8 @@
}
// Close closes the connection.
-func (c *Conn) Close() os.Error {
- var alertErr os.Error
+func (c *Conn) Close() error {
+ var alertErr error
c.handshakeMutex.Lock()
defer c.handshakeMutex.Unlock()
@@ -784,7 +784,7 @@
// protocol if it has not yet been run.
// Most uses of this package need not call Handshake
// explicitly: the first Read or Write will call it automatically.
-func (c *Conn) Handshake() os.Error {
+func (c *Conn) Handshake() error {
c.handshakeMutex.Lock()
defer c.handshakeMutex.Unlock()
if err := c.error(); err != nil {
@@ -830,14 +830,14 @@
// VerifyHostname checks that the peer certificate chain is valid for
// connecting to host. If so, it returns nil; if not, it returns an os.Error
// describing the problem.
-func (c *Conn) VerifyHostname(host string) os.Error {
+func (c *Conn) VerifyHostname(host string) error {
c.handshakeMutex.Lock()
defer c.handshakeMutex.Unlock()
if !c.isClient {
- return os.NewError("VerifyHostname called on TLS server connection")
+ return errors.New("VerifyHostname called on TLS server connection")
}
if !c.handshakeComplete {
- return os.NewError("TLS handshake has not yet been performed")
+ return errors.New("TLS handshake has not yet been performed")
}
return c.peerCertificates[0].VerifyHostname(host)
}
diff --git a/src/pkg/crypto/tls/handshake_client.go b/src/pkg/crypto/tls/handshake_client.go
index 575a121..aed991c 100644
--- a/src/pkg/crypto/tls/handshake_client.go
+++ b/src/pkg/crypto/tls/handshake_client.go
@@ -9,11 +9,11 @@
"crypto/rsa"
"crypto/subtle"
"crypto/x509"
+ "errors"
"io"
- "os"
)
-func (c *Conn) clientHandshake() os.Error {
+func (c *Conn) clientHandshake() error {
finishedHash := newFinishedHash(versionTLS10)
if c.config == nil {
@@ -40,7 +40,7 @@
_, err := io.ReadFull(c.config.rand(), hello.random[4:])
if err != nil {
c.sendAlert(alertInternalError)
- return os.NewError("short read from Rand")
+ return errors.New("short read from Rand")
}
finishedHash.Write(hello.marshal())
@@ -69,7 +69,7 @@
if !hello.nextProtoNeg && serverHello.nextProtoNeg {
c.sendAlert(alertHandshakeFailure)
- return os.NewError("server advertised unrequested NPN")
+ return errors.New("server advertised unrequested NPN")
}
suite, suiteId := mutualCipherSuite(c.config.cipherSuites(), serverHello.cipherSuite)
@@ -92,7 +92,7 @@
cert, err := x509.ParseCertificate(asn1Data)
if err != nil {
c.sendAlert(alertBadCertificate)
- return os.NewError("failed to parse certificate from server: " + err.String())
+ return errors.New("failed to parse certificate from server: " + err.Error())
}
certs[i] = cert
}
diff --git a/src/pkg/crypto/tls/handshake_server.go b/src/pkg/crypto/tls/handshake_server.go
index ed9a2e6..d5af084 100644
--- a/src/pkg/crypto/tls/handshake_server.go
+++ b/src/pkg/crypto/tls/handshake_server.go
@@ -9,11 +9,11 @@
"crypto/rsa"
"crypto/subtle"
"crypto/x509"
+ "errors"
"io"
- "os"
)
-func (c *Conn) serverHandshake() os.Error {
+func (c *Conn) serverHandshake() error {
config := c.config
msg, err := c.readHandshake()
if err != nil {
@@ -177,7 +177,7 @@
cert, err := x509.ParseCertificate(asn1Data)
if err != nil {
c.sendAlert(alertBadCertificate)
- return os.NewError("could not parse client's certificate: " + err.String())
+ return errors.New("could not parse client's certificate: " + err.Error())
}
certs[i] = cert
}
@@ -186,7 +186,7 @@
for i := 1; i < len(certs); i++ {
if err := certs[i-1].CheckSignatureFrom(certs[i]); err != nil {
c.sendAlert(alertBadCertificate)
- return os.NewError("could not validate certificate signature: " + err.String())
+ return errors.New("could not validate certificate signature: " + err.Error())
}
}
@@ -233,7 +233,7 @@
err = rsa.VerifyPKCS1v15(pub, crypto.MD5SHA1, digest, certVerify.signature)
if err != nil {
c.sendAlert(alertBadCertificate)
- return os.NewError("could not validate signature of connection nonces: " + err.String())
+ return errors.New("could not validate signature of connection nonces: " + err.Error())
}
finishedHash.Write(certVerify.marshal())
diff --git a/src/pkg/crypto/tls/handshake_server_test.go b/src/pkg/crypto/tls/handshake_server_test.go
index 1939f3d..f2b0a14 100644
--- a/src/pkg/crypto/tls/handshake_server_test.go
+++ b/src/pkg/crypto/tls/handshake_server_test.go
@@ -12,7 +12,6 @@
"flag"
"io"
"net"
- "os"
"strconv"
"strings"
"testing"
@@ -20,7 +19,7 @@
type zeroSource struct{}
-func (zeroSource) Read(b []byte) (n int, err os.Error) {
+func (zeroSource) Read(b []byte) (n int, err error) {
for i := range b {
b[i] = 0
}
@@ -41,7 +40,7 @@
testConfig.InsecureSkipVerify = true
}
-func testClientHelloFailure(t *testing.T, m handshakeMessage, expected os.Error) {
+func testClientHelloFailure(t *testing.T, m handshakeMessage, expected error) {
// Create in-memory network connection,
// send message to server. Should return
// expected error.
@@ -56,7 +55,7 @@
}()
err := Server(s, testConfig).Handshake()
s.Close()
- if e, ok := err.(*net.OpError); !ok || e.Error != expected {
+ if e, ok := err.(*net.OpError); !ok || e.Err != expected {
t.Errorf("Got error: %s; expected: %s", err, expected)
}
}
@@ -93,7 +92,7 @@
err := Server(s, testConfig).Handshake()
s.Close()
- if e, ok := err.(*net.OpError); !ok || e.Error != os.Error(alertUnknownCA) {
+ if e, ok := err.(*net.OpError); !ok || e.Err != error(alertUnknownCA) {
t.Errorf("Got error: %s; expected: %s", err, alertUnknownCA)
}
}
@@ -104,8 +103,8 @@
err := Server(s, testConfig).Handshake()
s.Close()
- if err != os.EOF {
- t.Errorf("Got error: %s; expected: %s", err, os.EOF)
+ if err != io.EOF {
+ t.Errorf("Got error: %s; expected: %s", err, io.EOF)
}
}
diff --git a/src/pkg/crypto/tls/key_agreement.go b/src/pkg/crypto/tls/key_agreement.go
index e347528..ba34606 100644
--- a/src/pkg/crypto/tls/key_agreement.go
+++ b/src/pkg/crypto/tls/key_agreement.go
@@ -12,19 +12,19 @@
"crypto/rsa"
"crypto/sha1"
"crypto/x509"
+ "errors"
"io"
- "os"
)
// rsaKeyAgreement implements the standard TLS key agreement where the client
// encrypts the pre-master secret to the server's public key.
type rsaKeyAgreement struct{}
-func (ka rsaKeyAgreement) generateServerKeyExchange(config *Config, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, os.Error) {
+func (ka rsaKeyAgreement) generateServerKeyExchange(config *Config, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
return nil, nil
}
-func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKeyExchangeMsg, version uint16) ([]byte, os.Error) {
+func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
preMasterSecret := make([]byte, 48)
_, err := io.ReadFull(config.rand(), preMasterSecret[2:])
if err != nil {
@@ -32,14 +32,14 @@
}
if len(ckx.ciphertext) < 2 {
- return nil, os.NewError("bad ClientKeyExchange")
+ return nil, errors.New("bad ClientKeyExchange")
}
ciphertext := ckx.ciphertext
if version != versionSSL30 {
ciphertextLen := int(ckx.ciphertext[0])<<8 | int(ckx.ciphertext[1])
if ciphertextLen != len(ckx.ciphertext)-2 {
- return nil, os.NewError("bad ClientKeyExchange")
+ return nil, errors.New("bad ClientKeyExchange")
}
ciphertext = ckx.ciphertext[2:]
}
@@ -57,11 +57,11 @@
return preMasterSecret, nil
}
-func (ka rsaKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) os.Error {
- return os.NewError("unexpected ServerKeyExchange")
+func (ka rsaKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
+ return errors.New("unexpected ServerKeyExchange")
}
-func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, os.Error) {
+func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
preMasterSecret := make([]byte, 48)
preMasterSecret[0] = byte(clientHello.vers >> 8)
preMasterSecret[1] = byte(clientHello.vers)
@@ -109,7 +109,7 @@
x, y *big.Int
}
-func (ka *ecdheRSAKeyAgreement) generateServerKeyExchange(config *Config, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, os.Error) {
+func (ka *ecdheRSAKeyAgreement) generateServerKeyExchange(config *Config, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
var curveid uint16
Curve:
@@ -131,7 +131,7 @@
}
var x, y *big.Int
- var err os.Error
+ var err error
ka.privateKey, x, y, err = ka.curve.GenerateKey(config.rand())
if err != nil {
return nil, err
@@ -149,7 +149,7 @@
md5sha1 := md5SHA1Hash(clientHello.random, hello.random, serverECDHParams)
sig, err := rsa.SignPKCS1v15(config.rand(), config.Certificates[0].PrivateKey, crypto.MD5SHA1, md5sha1)
if err != nil {
- return nil, os.NewError("failed to sign ECDHE parameters: " + err.String())
+ return nil, errors.New("failed to sign ECDHE parameters: " + err.Error())
}
skx := new(serverKeyExchangeMsg)
@@ -163,13 +163,13 @@
return skx, nil
}
-func (ka *ecdheRSAKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKeyExchangeMsg, version uint16) ([]byte, os.Error) {
+func (ka *ecdheRSAKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 {
- return nil, os.NewError("bad ClientKeyExchange")
+ return nil, errors.New("bad ClientKeyExchange")
}
x, y := ka.curve.Unmarshal(ckx.ciphertext[1:])
if x == nil {
- return nil, os.NewError("bad ClientKeyExchange")
+ return nil, errors.New("bad ClientKeyExchange")
}
x, _ = ka.curve.ScalarMult(x, y, ka.privateKey)
preMasterSecret := make([]byte, (ka.curve.BitSize+7)>>3)
@@ -179,14 +179,14 @@
return preMasterSecret, nil
}
-var errServerKeyExchange = os.NewError("invalid ServerKeyExchange")
+var errServerKeyExchange = errors.New("invalid ServerKeyExchange")
-func (ka *ecdheRSAKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) os.Error {
+func (ka *ecdheRSAKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
if len(skx.key) < 4 {
return errServerKeyExchange
}
if skx.key[0] != 3 { // named curve
- return os.NewError("server selected unsupported curve")
+ return errors.New("server selected unsupported curve")
}
curveid := uint16(skx.key[1])<<8 | uint16(skx.key[2])
@@ -198,7 +198,7 @@
case curveP521:
ka.curve = elliptic.P521()
default:
- return os.NewError("server selected unsupported curve")
+ return errors.New("server selected unsupported curve")
}
publicLen := int(skx.key[3])
@@ -225,9 +225,9 @@
return rsa.VerifyPKCS1v15(cert.PublicKey.(*rsa.PublicKey), crypto.MD5SHA1, md5sha1, sig)
}
-func (ka *ecdheRSAKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, os.Error) {
+func (ka *ecdheRSAKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
if ka.curve == nil {
- return nil, nil, os.NewError("missing ServerKeyExchange message")
+ return nil, nil, errors.New("missing ServerKeyExchange message")
}
priv, mx, my, err := ka.curve.GenerateKey(config.rand())
if err != nil {
diff --git a/src/pkg/crypto/tls/prf.go b/src/pkg/crypto/tls/prf.go
index 2d58dc5..d758f21 100644
--- a/src/pkg/crypto/tls/prf.go
+++ b/src/pkg/crypto/tls/prf.go
@@ -9,7 +9,6 @@
"crypto/md5"
"crypto/sha1"
"hash"
- "os"
)
// Split a premaster secret in two as specified in RFC 4346, section 5.
@@ -156,7 +155,7 @@
version uint16
}
-func (h finishedHash) Write(msg []byte) (n int, err os.Error) {
+func (h finishedHash) Write(msg []byte) (n int, err error) {
h.clientMD5.Write(msg)
h.clientSHA1.Write(msg)
h.serverMD5.Write(msg)
diff --git a/src/pkg/crypto/tls/tls.go b/src/pkg/crypto/tls/tls.go
index 4f0859f..3ca6240 100644
--- a/src/pkg/crypto/tls/tls.go
+++ b/src/pkg/crypto/tls/tls.go
@@ -10,9 +10,9 @@
"crypto/rsa"
"crypto/x509"
"encoding/pem"
+ "errors"
"io/ioutil"
"net"
- "os"
"strings"
)
@@ -41,7 +41,7 @@
// Accept waits for and returns the next incoming TLS connection.
// The returned connection c is a *tls.Conn.
-func (l *Listener) Accept() (c net.Conn, err os.Error) {
+func (l *Listener) Accept() (c net.Conn, err error) {
c, err = l.listener.Accept()
if err != nil {
return
@@ -51,7 +51,7 @@
}
// Close closes the listener.
-func (l *Listener) Close() os.Error { return l.listener.Close() }
+func (l *Listener) Close() error { return l.listener.Close() }
// Addr returns the listener's network address.
func (l *Listener) Addr() net.Addr { return l.listener.Addr() }
@@ -71,9 +71,9 @@
// given network address using net.Listen.
// The configuration config must be non-nil and must have
// at least one certificate.
-func Listen(network, laddr string, config *Config) (*Listener, os.Error) {
+func Listen(network, laddr string, config *Config) (*Listener, error) {
if config == nil || len(config.Certificates) == 0 {
- return nil, os.NewError("tls.Listen: no certificates in configuration")
+ return nil, errors.New("tls.Listen: no certificates in configuration")
}
l, err := net.Listen(network, laddr)
if err != nil {
@@ -88,7 +88,7 @@
// Dial interprets a nil configuration as equivalent to
// the zero configuration; see the documentation of Config
// for the defaults.
-func Dial(network, addr string, config *Config) (*Conn, os.Error) {
+func Dial(network, addr string, config *Config) (*Conn, error) {
raddr := addr
c, err := net.Dial(network, raddr)
if err != nil {
@@ -120,7 +120,7 @@
// LoadX509KeyPair reads and parses a public/private key pair from a pair of
// files. The files must contain PEM encoded data.
-func LoadX509KeyPair(certFile string, keyFile string) (cert Certificate, err os.Error) {
+func LoadX509KeyPair(certFile string, keyFile string) (cert Certificate, err error) {
certPEMBlock, err := ioutil.ReadFile(certFile)
if err != nil {
return
@@ -134,7 +134,7 @@
// X509KeyPair parses a public/private key pair from a pair of
// PEM encoded data.
-func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (cert Certificate, err os.Error) {
+func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (cert Certificate, err error) {
var certDERBlock *pem.Block
for {
certDERBlock, certPEMBlock = pem.Decode(certPEMBlock)
@@ -147,19 +147,19 @@
}
if len(cert.Certificate) == 0 {
- err = os.NewError("crypto/tls: failed to parse certificate PEM data")
+ err = errors.New("crypto/tls: failed to parse certificate PEM data")
return
}
keyDERBlock, _ := pem.Decode(keyPEMBlock)
if keyDERBlock == nil {
- err = os.NewError("crypto/tls: failed to parse key PEM data")
+ err = errors.New("crypto/tls: failed to parse key PEM data")
return
}
key, err := x509.ParsePKCS1PrivateKey(keyDERBlock.Bytes)
if err != nil {
- err = os.NewError("crypto/tls: failed to parse key: " + err.String())
+ err = errors.New("crypto/tls: failed to parse key: " + err.Error())
return
}
@@ -173,7 +173,7 @@
}
if x509Cert.PublicKeyAlgorithm != x509.RSA || x509Cert.PublicKey.(*rsa.PublicKey).N.Cmp(key.PublicKey.N) != 0 {
- err = os.NewError("crypto/tls: private key does not match public key")
+ err = errors.New("crypto/tls: private key does not match public key")
return
}
diff --git a/src/pkg/crypto/twofish/twofish.go b/src/pkg/crypto/twofish/twofish.go
index 2e537c6..0616e7b 100644
--- a/src/pkg/crypto/twofish/twofish.go
+++ b/src/pkg/crypto/twofish/twofish.go
@@ -12,10 +12,7 @@
// LibTomCrypt is free for all purposes under the public domain.
// It was heavily inspired by the go blowfish package.
-import (
- "os"
- "strconv"
-)
+import "strconv"
// BlockSize is the constant block size of Twofish.
const BlockSize = 16
@@ -31,13 +28,13 @@
type KeySizeError int
-func (k KeySizeError) String() string {
+func (k KeySizeError) Error() string {
return "crypto/twofish: invalid key size " + strconv.Itoa(int(k))
}
// NewCipher creates and returns a Cipher.
// The key argument should be the Twofish key, 16, 24 or 32 bytes.
-func NewCipher(key []byte) (*Cipher, os.Error) {
+func NewCipher(key []byte) (*Cipher, error) {
keylen := len(key)
if keylen != 16 && keylen != 24 && keylen != 32 {
diff --git a/src/pkg/crypto/x509/pkcs1.go b/src/pkg/crypto/x509/pkcs1.go
index 42afcb4..0d3ade3 100644
--- a/src/pkg/crypto/x509/pkcs1.go
+++ b/src/pkg/crypto/x509/pkcs1.go
@@ -7,7 +7,7 @@
import (
"asn1"
"big"
- "os"
+ "errors"
"crypto/rsa"
)
@@ -36,7 +36,7 @@
}
// ParsePKCS1PrivateKey returns an RSA private key from its ASN.1 PKCS#1 DER encoded form.
-func ParsePKCS1PrivateKey(der []byte) (key *rsa.PrivateKey, err os.Error) {
+func ParsePKCS1PrivateKey(der []byte) (key *rsa.PrivateKey, err error) {
var priv pkcs1PrivateKey
rest, err := asn1.Unmarshal(der, &priv)
if len(rest) > 0 {
@@ -48,11 +48,11 @@
}
if priv.Version > 1 {
- return nil, os.NewError("x509: unsupported private key version")
+ return nil, errors.New("x509: unsupported private key version")
}
if priv.N.Sign() <= 0 || priv.D.Sign() <= 0 || priv.P.Sign() <= 0 || priv.Q.Sign() <= 0 {
- return nil, os.NewError("private key contains zero or negative value")
+ return nil, errors.New("private key contains zero or negative value")
}
key = new(rsa.PrivateKey)
@@ -67,7 +67,7 @@
key.Primes[1] = priv.Q
for i, a := range priv.AdditionalPrimes {
if a.Prime.Sign() <= 0 {
- return nil, os.NewError("private key contains zero or negative prime")
+ return nil, errors.New("private key contains zero or negative prime")
}
key.Primes[i+2] = a.Prime
// We ignore the other two values because rsa will calculate
diff --git a/src/pkg/crypto/x509/verify.go b/src/pkg/crypto/x509/verify.go
index 4c0fecc..49056cf 100644
--- a/src/pkg/crypto/x509/verify.go
+++ b/src/pkg/crypto/x509/verify.go
@@ -5,7 +5,6 @@
package x509
import (
- "os"
"strings"
"time"
)
@@ -32,7 +31,7 @@
Reason InvalidReason
}
-func (e CertificateInvalidError) String() string {
+func (e CertificateInvalidError) Error() string {
switch e.Reason {
case NotAuthorizedToSign:
return "x509: certificate is not authorized to sign other other certificates"
@@ -51,7 +50,7 @@
Host string
}
-func (h HostnameError) String() string {
+func (h HostnameError) Error() string {
var valid string
c := h.Certificate
if len(c.DNSNames) > 0 {
@@ -67,7 +66,7 @@
cert *Certificate
}
-func (e UnknownAuthorityError) String() string {
+func (e UnknownAuthorityError) Error() string {
return "x509: certificate signed by unknown authority"
}
@@ -87,7 +86,7 @@
)
// isValid performs validity checks on the c.
-func (c *Certificate) isValid(certType int, opts *VerifyOptions) os.Error {
+func (c *Certificate) isValid(certType int, opts *VerifyOptions) error {
if opts.CurrentTime < c.NotBefore.Seconds() ||
opts.CurrentTime > c.NotAfter.Seconds() {
return CertificateInvalidError{c, Expired}
@@ -136,7 +135,7 @@
// the chain is c and the last element is from opts.Roots.
//
// WARNING: this doesn't do any revocation checking.
-func (c *Certificate) Verify(opts VerifyOptions) (chains [][]*Certificate, err os.Error) {
+func (c *Certificate) Verify(opts VerifyOptions) (chains [][]*Certificate, err error) {
if opts.CurrentTime == 0 {
opts.CurrentTime = time.Seconds()
}
@@ -160,7 +159,7 @@
return n
}
-func (c *Certificate) buildChains(cache map[int][][]*Certificate, currentChain []*Certificate, opts *VerifyOptions) (chains [][]*Certificate, err os.Error) {
+func (c *Certificate) buildChains(cache map[int][][]*Certificate, currentChain []*Certificate, opts *VerifyOptions) (chains [][]*Certificate, err error) {
for _, rootNum := range opts.Roots.findVerifiedParents(c) {
root := opts.Roots.certs[rootNum]
err = root.isValid(rootCertificate, opts)
@@ -228,7 +227,7 @@
// VerifyHostname returns nil if c is a valid certificate for the named host.
// Otherwise it returns an os.Error describing the mismatch.
-func (c *Certificate) VerifyHostname(h string) os.Error {
+func (c *Certificate) VerifyHostname(h string) error {
if len(c.DNSNames) > 0 {
for _, match := range c.DNSNames {
if matchHostnames(match, h) {
diff --git a/src/pkg/crypto/x509/verify_test.go b/src/pkg/crypto/x509/verify_test.go
index eaa8169..2194d15 100644
--- a/src/pkg/crypto/x509/verify_test.go
+++ b/src/pkg/crypto/x509/verify_test.go
@@ -7,7 +7,7 @@
import (
"crypto/x509/pkix"
"encoding/pem"
- "os"
+ "errors"
"strings"
"testing"
)
@@ -19,7 +19,7 @@
currentTime int64
dnsName string
- errorCallback func(*testing.T, int, os.Error) bool
+ errorCallback func(*testing.T, int, error) bool
expectedChains [][]string
}
@@ -95,7 +95,7 @@
},
}
-func expectHostnameError(t *testing.T, i int, err os.Error) (ok bool) {
+func expectHostnameError(t *testing.T, i int, err error) (ok bool) {
if _, ok := err.(HostnameError); !ok {
t.Errorf("#%d: error was not a HostnameError: %s", i, err)
return false
@@ -103,7 +103,7 @@
return true
}
-func expectExpired(t *testing.T, i int, err os.Error) (ok bool) {
+func expectExpired(t *testing.T, i int, err error) (ok bool) {
if inval, ok := err.(CertificateInvalidError); !ok || inval.Reason != Expired {
t.Errorf("#%d: error was not Expired: %s", i, err)
return false
@@ -111,7 +111,7 @@
return true
}
-func expectAuthorityUnknown(t *testing.T, i int, err os.Error) (ok bool) {
+func expectAuthorityUnknown(t *testing.T, i int, err error) (ok bool) {
if _, ok := err.(UnknownAuthorityError); !ok {
t.Errorf("#%d: error was not UnknownAuthorityError: %s", i, err)
return false
@@ -119,10 +119,10 @@
return true
}
-func certificateFromPEM(pemBytes string) (*Certificate, os.Error) {
+func certificateFromPEM(pemBytes string) (*Certificate, error) {
block, _ := pem.Decode([]byte(pemBytes))
if block == nil {
- return nil, os.NewError("failed to decode PEM")
+ return nil, errors.New("failed to decode PEM")
}
return ParseCertificate(block.Bytes)
}
diff --git a/src/pkg/crypto/x509/x509.go b/src/pkg/crypto/x509/x509.go
index 73b32e7..da8b283 100644
--- a/src/pkg/crypto/x509/x509.go
+++ b/src/pkg/crypto/x509/x509.go
@@ -15,8 +15,8 @@
"crypto/sha1"
"crypto/x509/pkix"
"encoding/pem"
+ "errors"
"io"
- "os"
"time"
)
@@ -29,20 +29,20 @@
// ParsePKIXPublicKey parses a DER encoded public key. These values are
// typically found in PEM blocks with "BEGIN PUBLIC KEY".
-func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err os.Error) {
+func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err error) {
var pki publicKeyInfo
if _, err = asn1.Unmarshal(derBytes, &pki); err != nil {
return
}
algo := getPublicKeyAlgorithmFromOID(pki.Algorithm.Algorithm)
if algo == UnknownPublicKeyAlgorithm {
- return nil, os.NewError("ParsePKIXPublicKey: unknown public key algorithm")
+ return nil, errors.New("ParsePKIXPublicKey: unknown public key algorithm")
}
return parsePublicKey(algo, &pki)
}
// MarshalPKIXPublicKey serialises a public key to DER-encoded PKIX format.
-func MarshalPKIXPublicKey(pub interface{}) ([]byte, os.Error) {
+func MarshalPKIXPublicKey(pub interface{}) ([]byte, error) {
var pubBytes []byte
switch pub := pub.(type) {
@@ -52,7 +52,7 @@
E: pub.E,
})
default:
- return nil, os.NewError("MarshalPKIXPublicKey: unknown public key type")
+ return nil, errors.New("MarshalPKIXPublicKey: unknown public key type")
}
pkix := pkixPublicKey{
@@ -331,7 +331,7 @@
// that involves algorithms that are not currently implemented.
type UnsupportedAlgorithmError struct{}
-func (UnsupportedAlgorithmError) String() string {
+func (UnsupportedAlgorithmError) Error() string {
return "cannot verify signature: algorithm unimplemented"
}
@@ -340,7 +340,7 @@
// certificate signing key.
type ConstraintViolationError struct{}
-func (ConstraintViolationError) String() string {
+func (ConstraintViolationError) Error() string {
return "invalid signature: parent certificate cannot sign this kind of certificate"
}
@@ -350,7 +350,7 @@
// CheckSignatureFrom verifies that the signature on c is a valid signature
// from parent.
-func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err os.Error) {
+func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err error) {
// RFC 5280, 4.2.1.9:
// "If the basic constraints extension is not present in a version 3
// certificate, or the extension is present but the cA boolean is not
@@ -376,7 +376,7 @@
// CheckSignature verifies that signature is a valid signature over signed from
// c's public key.
-func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) (err os.Error) {
+func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) (err error) {
var hashType crypto.Hash
switch algo {
@@ -409,10 +409,10 @@
return err
}
if dsaSig.R.Sign() <= 0 || dsaSig.S.Sign() <= 0 {
- return os.NewError("DSA signature contained zero or negative values")
+ return errors.New("DSA signature contained zero or negative values")
}
if !dsa.Verify(pub, digest, dsaSig.R, dsaSig.S) {
- return os.NewError("DSA verification failure")
+ return errors.New("DSA verification failure")
}
return
}
@@ -420,14 +420,14 @@
}
// CheckCRLSignature checks that the signature in crl is from c.
-func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) (err os.Error) {
+func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) (err error) {
algo := getSignatureAlgorithmFromOID(crl.SignatureAlgorithm.Algorithm)
return c.CheckSignature(algo, crl.TBSCertList.Raw, crl.SignatureValue.RightAlign())
}
type UnhandledCriticalExtension struct{}
-func (h UnhandledCriticalExtension) String() string {
+func (h UnhandledCriticalExtension) Error() string {
return "unhandled critical extension"
}
@@ -454,7 +454,7 @@
Max int `asn1:"optional,tag:1"`
}
-func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{}, os.Error) {
+func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{}, error) {
asn1Data := keyData.PublicKey.RightAlign()
switch algo {
case RSA:
@@ -482,7 +482,7 @@
return nil, err
}
if p.Sign() <= 0 || params.P.Sign() <= 0 || params.Q.Sign() <= 0 || params.G.Sign() <= 0 {
- return nil, os.NewError("zero or negative DSA parameter")
+ return nil, errors.New("zero or negative DSA parameter")
}
pub := &dsa.PublicKey{
Parameters: dsa.Parameters{
@@ -499,7 +499,7 @@
panic("unreachable")
}
-func parseCertificate(in *certificate) (*Certificate, os.Error) {
+func parseCertificate(in *certificate) (*Certificate, error) {
out := new(Certificate)
out.Raw = in.Raw
out.RawTBSCertificate = in.TBSCertificate.Raw
@@ -513,14 +513,14 @@
out.PublicKeyAlgorithm =
getPublicKeyAlgorithmFromOID(in.TBSCertificate.PublicKey.Algorithm.Algorithm)
- var err os.Error
+ var err error
out.PublicKey, err = parsePublicKey(out.PublicKeyAlgorithm, &in.TBSCertificate.PublicKey)
if err != nil {
return nil, err
}
if in.TBSCertificate.SerialNumber.Sign() < 0 {
- return nil, os.NewError("negative serial number")
+ return nil, errors.New("negative serial number")
}
out.Version = in.TBSCertificate.Version + 1
@@ -737,7 +737,7 @@
}
// ParseCertificate parses a single certificate from the given ASN.1 DER data.
-func ParseCertificate(asn1Data []byte) (*Certificate, os.Error) {
+func ParseCertificate(asn1Data []byte) (*Certificate, error) {
var cert certificate
rest, err := asn1.Unmarshal(asn1Data, &cert)
if err != nil {
@@ -752,12 +752,12 @@
// ParseCertificates parses one or more certificates from the given ASN.1 DER
// data. The certificates must be concatenated with no intermediate padding.
-func ParseCertificates(asn1Data []byte) ([]*Certificate, os.Error) {
+func ParseCertificates(asn1Data []byte) ([]*Certificate, error) {
var v []*certificate
for len(asn1Data) > 0 {
cert := new(certificate)
- var err os.Error
+ var err error
asn1Data, err = asn1.Unmarshal(asn1Data, cert)
if err != nil {
return nil, err
@@ -794,7 +794,7 @@
oidExtensionNameConstraints = []int{2, 5, 29, 30}
)
-func buildExtensions(template *Certificate) (ret []pkix.Extension, err os.Error) {
+func buildExtensions(template *Certificate) (ret []pkix.Extension, err error) {
ret = make([]pkix.Extension, 7 /* maximum number of elements. */ )
n := 0
@@ -910,7 +910,7 @@
// signee and priv is the private key of the signer.
//
// The returned slice is the certificate in DER encoding.
-func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.PublicKey, priv *rsa.PrivateKey) (cert []byte, err os.Error) {
+func CreateCertificate(rand io.Reader, template, parent *Certificate, pub *rsa.PublicKey, priv *rsa.PrivateKey) (cert []byte, err error) {
asn1PublicKey, err := asn1.Marshal(rsaPublicKey{
N: pub.N,
E: pub.E,
@@ -984,7 +984,7 @@
// encoded CRLs will appear where they should be DER encoded, so this function
// will transparently handle PEM encoding as long as there isn't any leading
// garbage.
-func ParseCRL(crlBytes []byte) (certList *pkix.CertificateList, err os.Error) {
+func ParseCRL(crlBytes []byte) (certList *pkix.CertificateList, err error) {
if bytes.HasPrefix(crlBytes, pemCRLPrefix) {
block, _ := pem.Decode(crlBytes)
if block != nil && block.Type == pemType {
@@ -995,7 +995,7 @@
}
// ParseDERCRL parses a DER encoded CRL from the given bytes.
-func ParseDERCRL(derBytes []byte) (certList *pkix.CertificateList, err os.Error) {
+func ParseDERCRL(derBytes []byte) (certList *pkix.CertificateList, err error) {
certList = new(pkix.CertificateList)
_, err = asn1.Unmarshal(derBytes, certList)
if err != nil {
@@ -1006,7 +1006,7 @@
// CreateCRL returns a DER encoded CRL, signed by this Certificate, that
// contains the given list of revoked certificates.
-func (c *Certificate) CreateCRL(rand io.Reader, priv *rsa.PrivateKey, revokedCerts []pkix.RevokedCertificate, now, expiry *time.Time) (crlBytes []byte, err os.Error) {
+func (c *Certificate) CreateCRL(rand io.Reader, priv *rsa.PrivateKey, revokedCerts []pkix.RevokedCertificate, now, expiry *time.Time) (crlBytes []byte, err error) {
tbsCertList := pkix.TBSCertificateList{
Version: 2,
Signature: pkix.AlgorithmIdentifier{
diff --git a/src/pkg/crypto/xtea/cipher.go b/src/pkg/crypto/xtea/cipher.go
index b3fba3c..64d933c 100644
--- a/src/pkg/crypto/xtea/cipher.go
+++ b/src/pkg/crypto/xtea/cipher.go
@@ -8,10 +8,7 @@
// For details, see http://www.cix.co.uk/~klockstone/xtea.pdf
-import (
- "os"
- "strconv"
-)
+import "strconv"
// The XTEA block size in bytes.
const BlockSize = 8
@@ -24,14 +21,14 @@
type KeySizeError int
-func (k KeySizeError) String() string {
+func (k KeySizeError) Error() string {
return "crypto/xtea: invalid key size " + strconv.Itoa(int(k))
}
// NewCipher creates and returns a new Cipher.
// The key argument should be the XTEA key.
// XTEA only supports 128 bit (16 byte) keys.
-func NewCipher(key []byte) (*Cipher, os.Error) {
+func NewCipher(key []byte) (*Cipher, error) {
k := len(key)
switch k {
default:
