From 5f43d42eff6a2b64080e2126dc0734961e1a76bf Mon Sep 17 00:00:00 2001 From: Shibly Meeran Date: Thu, 16 May 2024 01:41:22 +0530 Subject: [PATCH] standardising error messages --- app/internal/commands/input.go | 2 +- go.mod | 2 +- go.sum | 4 ++-- internal/asx/const.go | 8 ++++---- internal/asx/crypto.go | 7 ++++--- internal/asx/keys.go | 3 ++- internal/ecc/crypto.go | 7 ++++--- internal/ecc/keys.go | 12 ++++++------ internal/kyb/cypto.go | 7 ++++--- internal/kyb/keys.go | 8 ++++---- internal/xcp/crypto.go | 27 ++++++++++++++------------- internal/xcp/key.go | 3 ++- xipher_crypto.go | 15 +++++++-------- xipher_keys.go | 8 +++----- 14 files changed, 58 insertions(+), 55 deletions(-) diff --git a/app/internal/commands/input.go b/app/internal/commands/input.go index 2b79756..319edab 100644 --- a/app/internal/commands/input.go +++ b/app/internal/commands/input.go @@ -15,7 +15,7 @@ const ( pwdLength = 10 ) -var errInvalidPassword = fmt.Errorf("xipher: please set a decent password with at least %d characters, including at least one uppercase letter, one lowercase letter, one number, and one of the following special characters: %s", pwdLength, pwdSpecialChars) +var errInvalidPassword = fmt.Errorf("%s: please set a decent password with at least %d characters, including at least one uppercase letter, one lowercase letter, one number, and one of the following special characters: %s", "xipher", pwdLength, pwdSpecialChars) func pwdCheck(password string) error { var ( diff --git a/go.mod b/go.mod index b0e9f1b..98b6d68 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ toolchain go1.22.2 require ( github.com/cloudflare/circl v1.3.8 - github.com/fatih/color v1.16.0 + github.com/fatih/color v1.17.0 github.com/spf13/cobra v1.8.0 golang.org/x/crypto v0.23.0 golang.org/x/term v0.20.0 diff --git a/go.sum b/go.sum index 9ff35a1..c8c92ac 100644 --- a/go.sum +++ b/go.sum @@ -1,8 +1,8 @@ github.com/cloudflare/circl v1.3.8 h1:j+V8jJt09PoeMFIu2uh5JUyEaIHTXVOHslFoLNAKqwI= github.com/cloudflare/circl v1.3.8/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= -github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4= +github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= diff --git a/internal/asx/const.go b/internal/asx/const.go index 60914b7..c9ae0af 100644 --- a/internal/asx/const.go +++ b/internal/asx/const.go @@ -19,8 +19,8 @@ const ( ) var ( - errInvalidPrivateKeyLength = fmt.Errorf("xipher: invalid private key lengths [please use %d bytes]", PrivateKeyLength) - errInvalidPublicKeyLength = fmt.Errorf("xipher: invalid public key lengths [please use a minimum of %d bytes]", MinPublicKeyLength) - errInvalidPublicKey = fmt.Errorf("xipher: invalid public key") - errInvalidAlgorithm = fmt.Errorf("xipher: invalid algorithm") + errInvalidPrivateKeyLength = fmt.Errorf("%s: invalid private key lengths [please use %d bytes]", "xipher", PrivateKeyLength) + errInvalidPublicKeyLength = fmt.Errorf("%s: invalid public key lengths [please use a minimum of %d bytes]", "xipher", MinPublicKeyLength) + errInvalidPublicKey = fmt.Errorf("%s: invalid public key", "xipher") + errInvalidAlgorithm = fmt.Errorf("%s: invalid algorithm", "xipher") ) diff --git a/internal/asx/crypto.go b/internal/asx/crypto.go index 5f1126e..da4da8a 100644 --- a/internal/asx/crypto.go +++ b/internal/asx/crypto.go @@ -1,6 +1,7 @@ package asx import ( + "fmt" "io" ) @@ -8,12 +9,12 @@ import ( func (publicKey *PublicKey) NewEncryptingWriter(dst io.Writer, compression bool) (io.WriteCloser, error) { if publicKey.ePub != nil { if _, err := dst.Write([]byte{AlgoECC}); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write algorithm: %w", "xipher", err) } return publicKey.ePub.NewEncryptingWriter(dst, compression) } else if publicKey.kPub != nil { if _, err := dst.Write([]byte{AlgoKyber}); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write algorithm: %w", "xipher", err) } return publicKey.kPub.NewEncryptingWriter(dst, compression) } else { @@ -25,7 +26,7 @@ func (publicKey *PublicKey) NewEncryptingWriter(dst io.Writer, compression bool) func (privateKey *PrivateKey) NewDecryptingReader(src io.Reader) (io.ReadCloser, error) { algoBytes := make([]byte, 1) if _, err := io.ReadFull(src, algoBytes); err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to read algorithm: %w", "xipher", err) } var algo uint8 = algoBytes[0] if algo == AlgoECC { diff --git a/internal/asx/keys.go b/internal/asx/keys.go index cddd238..c9153c9 100644 --- a/internal/asx/keys.go +++ b/internal/asx/keys.go @@ -3,6 +3,7 @@ package asx import ( "crypto/rand" "crypto/sha256" + "fmt" "dev.shib.me/xipher/internal/ecc" "dev.shib.me/xipher/internal/kyb" @@ -32,7 +33,7 @@ func (privateKey *PrivateKey) Bytes() []byte { func NewPrivateKey() (*PrivateKey, error) { key := make([]byte, PrivateKeyLength) if _, err := rand.Read(key); err != nil { - return nil, err + return nil, fmt.Errorf("%s: failed to generate private key: %w", "xipher", err) } return ParsePrivateKey(key) } diff --git a/internal/ecc/crypto.go b/internal/ecc/crypto.go index 2ac241b..4d773ac 100644 --- a/internal/ecc/crypto.go +++ b/internal/ecc/crypto.go @@ -1,6 +1,7 @@ package ecc import ( + "fmt" "io" "dev.shib.me/xipher/internal/xcp" @@ -14,7 +15,7 @@ func (publicKey *PublicKey) NewEncryptingWriter(dst io.Writer, compression bool) return nil, err } if _, err = dst.Write(encrypter.ephPubKey); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write ephemeral public key: %w", "xipher", err) } return (*encrypter.cipher).NewEncryptingWriter(dst, compression) } @@ -23,11 +24,11 @@ func (publicKey *PublicKey) NewEncryptingWriter(dst io.Writer, compression bool) func (privateKey *PrivateKey) NewDecryptingReader(src io.Reader) (io.ReadCloser, error) { ephPubKey := make([]byte, KeyLength) if _, err := io.ReadFull(src, ephPubKey); err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to read ephemeral public key: %w", "xipher", err) } sharedKey, err := curve25519.X25519(*privateKey.key, ephPubKey) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to generate shared key: %w", "xipher", err) } decrypter, err := xcp.New(sharedKey) if err != nil { diff --git a/internal/ecc/keys.go b/internal/ecc/keys.go index 15e9162..e211b31 100644 --- a/internal/ecc/keys.go +++ b/internal/ecc/keys.go @@ -11,7 +11,7 @@ import ( // KeyLength is the length of the ECC key. const KeyLength = curve25519.ScalarSize -var errInvalidKeyLength = fmt.Errorf("xipher: invalid key lengths [please use %d bytes]", KeyLength) +var errInvalidKeyLength = fmt.Errorf("%s: invalid key lengths [please use %d bytes]", "xipher", KeyLength) // PrivateKey represents a private key. type PrivateKey struct { @@ -39,7 +39,7 @@ func (privateKey *PrivateKey) Bytes() []byte { func NewPrivateKey() (*PrivateKey, error) { key := make([]byte, KeyLength) if _, err := rand.Read(key); err != nil { - return nil, err + return nil, fmt.Errorf("%s: failed to generate private key: %w", "xipher", err) } return ParsePrivateKey(key) } @@ -59,7 +59,7 @@ func (privateKey *PrivateKey) PublicKey() (*PublicKey, error) { if privateKey.publicKey == nil { key, err := curve25519.X25519(*privateKey.key, curve25519.Basepoint) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: failed to generate public key: %w", "xipher", err) } privateKey.publicKey = &PublicKey{ key: &key, @@ -87,15 +87,15 @@ func (publicKey *PublicKey) getEncrypter() (*encrypter, error) { if publicKey.encrypter == nil { ephPrivKey := make([]byte, KeyLength) if _, err := rand.Read(ephPrivKey); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to generate ephemeral private key: %w", "xipher", err) } ephPubKey, err := curve25519.X25519(ephPrivKey, curve25519.Basepoint) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to generate ephemeral public key: %w", "xipher", err) } sharedKey, err := curve25519.X25519(ephPrivKey, *publicKey.key) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to generate shared key: %w", "xipher", err) } cipher, err := xcp.New(sharedKey) if err != nil { diff --git a/internal/kyb/cypto.go b/internal/kyb/cypto.go index 4d77d3a..f44d9c1 100644 --- a/internal/kyb/cypto.go +++ b/internal/kyb/cypto.go @@ -1,6 +1,7 @@ package kyb import ( + "fmt" "io" "dev.shib.me/xipher/internal/xcp" @@ -14,7 +15,7 @@ func (publicKey *PublicKey) NewEncryptingWriter(dst io.Writer, compression bool) return nil, err } if _, err = dst.Write(encrypter.keyEnc); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write encapsulated key: %w", "xipher", err) } return (*encrypter.cipher).NewEncryptingWriter(dst, compression) } @@ -23,11 +24,11 @@ func (publicKey *PublicKey) NewEncryptingWriter(dst io.Writer, compression bool) func (privateKey *PrivateKey) NewDecryptingReader(src io.Reader) (io.ReadCloser, error) { keyEnc := make([]byte, ctLength) if _, err := io.ReadFull(src, keyEnc); err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to read encapsulated key: %w", "xipher", err) } sharedKey, err := kyber1024.Scheme().Decapsulate(privateKey.sk, keyEnc) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to generate shared key: %w", "xipher", err) } decrypter, err := xcp.New(sharedKey) if err != nil { diff --git a/internal/kyb/keys.go b/internal/kyb/keys.go index 8d08cd1..e899d7e 100644 --- a/internal/kyb/keys.go +++ b/internal/kyb/keys.go @@ -17,8 +17,8 @@ const ( ) var ( - errInvalidPrivateKeyLength = fmt.Errorf("xipher: invalid private key lengths [please use %d bytes]", PrivateKeyLength) - errInvalidPublicKeyLength = fmt.Errorf("xipher: invalid public key lengths [please use %d bytes]", PublicKeyLength) + errInvalidPrivateKeyLength = fmt.Errorf("%s: invalid private key lengths [please use %d bytes]", "xipher", PrivateKeyLength) + errInvalidPublicKeyLength = fmt.Errorf("%s: invalid public key lengths [please use %d bytes]", "xipher", PublicKeyLength) ) // PrivateKey represents a private key. @@ -48,7 +48,7 @@ func (privateKey *PrivateKey) Bytes() []byte { func NewPrivateKey() (*PrivateKey, error) { key := make([]byte, PrivateKeyLength) if _, err := rand.Read(key); err != nil { - return nil, err + return nil, fmt.Errorf("%s: failed to generate private key: %w", "xipher", err) } return NewPrivateKeyForSeed(key) } @@ -102,7 +102,7 @@ func (publicKey *PublicKey) getEncrypter() (*encrypter, error) { if publicKey.encrypter == nil { keyEnc, sharedKey, err := kyber1024.Scheme().Encapsulate(publicKey.pk) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: failed to encapsulate shared key: %w", "xipher", err) } cipher, err := xcp.New(sharedKey) if err != nil { diff --git a/internal/xcp/crypto.go b/internal/xcp/crypto.go index 43f891b..1ddf8bd 100644 --- a/internal/xcp/crypto.go +++ b/internal/xcp/crypto.go @@ -5,6 +5,7 @@ import ( "compress/zlib" "crypto/cipher" "crypto/rand" + "fmt" "io" ) @@ -20,10 +21,10 @@ type Writer struct { func (cipher *SymmetricCipher) NewEncryptingWriter(dst io.Writer, compress bool) (io.WriteCloser, error) { nonce := make([]byte, nonceLength) if _, err := rand.Read(nonce); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to generate nonce: %w", "xipher", err) } if _, err := dst.Write(nonce); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write nonce: %w", "xipher", err) } return cipher.newWriter(nonce, dst, compress) } @@ -37,16 +38,16 @@ func (cipher *SymmetricCipher) newWriter(nonce []byte, dst io.Writer, compress b } if compress { if _, err := dst.Write([]byte{1}); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write compress flag: %w", "xipher", err) } zWriter, err := zlib.NewWriterLevel(&ciphWriter.buf, zlib.BestCompression) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to create compressed writer: %w", "xipher", err) } ciphWriter.zWriter = zWriter } else { if _, err := dst.Write([]byte{0}); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write compression flag: %w", "xipher", err) } } return ciphWriter, nil @@ -59,7 +60,7 @@ func (w *Writer) Write(p []byte) (n int, err error) { n, err = w.zWriter.Write(p) } if err != nil { - return n, err + return n, fmt.Errorf("%s: encrypter failed to write: %w", "xipher", err) } return n, w.flush(ptBlockSize) } @@ -69,7 +70,7 @@ func (w *Writer) flush(minBufSize int) error { block := w.buf.Next(ptBlockSize) ct := w.aead.Seal(nil, w.nonce, block, nil) if _, err := w.dst.Write(ct); err != nil { - return err + return fmt.Errorf("%s: encrypter failed to write: %w", "xipher", err) } } return nil @@ -79,7 +80,7 @@ func (w *Writer) flush(minBufSize int) error { func (w *Writer) Close() error { if w.zWriter != nil { if err := w.zWriter.Close(); err != nil { - return err + return fmt.Errorf("%s: encrypter failed to close compressed writer: %w", "xipher", err) } } return w.flush(1) @@ -96,7 +97,7 @@ type Reader struct { func (cipher *SymmetricCipher) NewDecryptingReader(src io.Reader) (io.ReadCloser, error) { nonce := make([]byte, nonceLength) if _, err := io.ReadFull(src, nonce); err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to read nonce: %w", "xipher", err) } return cipher.newReader(nonce, src) } @@ -110,14 +111,14 @@ func (cipher *SymmetricCipher) newReader(nonce []byte, src io.Reader) (io.ReadCl } compressFlag := make([]byte, 1) if _, err := io.ReadFull(src, compressFlag); err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to read compress flag: %w", "xipher", err) } if compressFlag[0] == 0 { return io.NopCloser(ciphReader), nil } zReader, err := zlib.NewReader(ciphReader) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to create compressed reader: %w", "xipher", err) } return zReader, nil } @@ -131,13 +132,13 @@ func (r *Reader) Read(p []byte) (int, error) { if err == nil || err == io.ErrUnexpectedEOF { pt, err := r.aead.Open(nil, r.nonce, block[:n], nil) if err != nil { - return 0, err + return 0, fmt.Errorf("%s: decrypter failed to decrypt: %w", "xipher", err) } r.buf.Write(pt) return r.buf.Read(p) } else if err == io.EOF { return r.buf.Read(p) } else { - return 0, err + return 0, fmt.Errorf("%s: decrypter failed to read: %w", "xipher", err) } } diff --git a/internal/xcp/key.go b/internal/xcp/key.go index 91c9f12..2955287 100644 --- a/internal/xcp/key.go +++ b/internal/xcp/key.go @@ -2,6 +2,7 @@ package xcp import ( "crypto/cipher" + "fmt" "golang.org/x/crypto/chacha20poly1305" ) @@ -23,7 +24,7 @@ type SymmetricCipher struct { func New(key []byte) (*SymmetricCipher, error) { aead, err := chacha20poly1305.NewX(key) if err != nil { - return nil, err + return nil, fmt.Errorf("%s: failed to create new symmetric cipher: %w", "xipher", err) } return &SymmetricCipher{ aead: &aead, diff --git a/xipher_crypto.go b/xipher_crypto.go index 4050bca..386218c 100644 --- a/xipher_crypto.go +++ b/xipher_crypto.go @@ -3,6 +3,7 @@ package xipher import ( "bytes" "crypto/sha256" + "fmt" "io" "dev.shib.me/xipher/internal/asx" @@ -20,14 +21,14 @@ func newVariableKeySymmCipher(key []byte) (*xcp.SymmetricCipher, error) { func (privateKey *PrivateKey) NewEncryptingWriter(dst io.Writer, compression bool) (writer io.WriteCloser, err error) { if isPwdBased(privateKey.keyType) { if _, err := dst.Write([]byte{ctPwdSymmetric}); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write ciphertext type: %w", "xipher", err) } if _, err := dst.Write(privateKey.spec.bytes()); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write kdf spec: %w", "xipher", err) } } else { if _, err := dst.Write([]byte{ctKeySymmetric}); err != nil { - return nil, err + return nil, fmt.Errorf("%s: encrypter failed to write ciphertext type: %w", "xipher", err) } } if privateKey.symmCipher == nil { @@ -99,7 +100,7 @@ func (publicKey *PublicKey) Encrypt(data []byte, compression bool) (ciphertext [ func (privateKey *PrivateKey) NewDecryptingReader(src io.Reader) (io.ReadCloser, error) { ctTypeBytes := make([]byte, 1) if _, err := io.ReadFull(src, ctTypeBytes); err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to read ciphertext type: %w", "xipher", err) } var ctType uint8 = ctTypeBytes[0] key := privateKey.key @@ -114,15 +115,13 @@ func (privateKey *PrivateKey) NewDecryptingReader(src io.Reader) (io.ReadCloser, } specBytes := make([]byte, kdfSpecLength) if _, err := io.ReadFull(src, specBytes); err != nil { - return nil, err + return nil, fmt.Errorf("%s: decrypter failed to read kdf spec: %w", "xipher", err) } spec, err := parseKdfSpec(specBytes) if err != nil { return nil, err } - if key, err = privateKey.getKeyForPwdSpec(*spec); err != nil { - return nil, err - } + key = privateKey.getKeyForPwdSpec(*spec) default: return nil, errInvalidCiphertext } diff --git a/xipher_keys.go b/xipher_keys.go index 0bc787e..ffce23f 100644 --- a/xipher_keys.go +++ b/xipher_keys.go @@ -48,9 +48,7 @@ func newPrivateKeyForPwdAndSpec(password []byte, spec *kdfSpec) (privateKey *Pri spec: spec, specKeyMap: make(map[string][]byte), } - if privateKey.key, err = privateKey.getKeyForPwdSpec(*spec); err != nil { - return nil, err - } + privateKey.key = privateKey.getKeyForPwdSpec(*spec) return privateKey, nil } @@ -83,14 +81,14 @@ func isPwdBased(keyType uint8) bool { return keyType%2 == 1 } -func (privateKey *PrivateKey) getKeyForPwdSpec(spec kdfSpec) (key []byte, err error) { +func (privateKey *PrivateKey) getKeyForPwdSpec(spec kdfSpec) (key []byte) { specBytes := spec.bytes() key = privateKey.specKeyMap[string(specBytes)] if len(key) == 0 { key = spec.getCipherKey(*privateKey.password) privateKey.specKeyMap[string(specBytes)] = key } - return key, nil + return key } // Bytes returns the private key as bytes only if it is not password based.