crypto/x509: improve error when parsing bad ECDSA cert

When parsing an ECDSA certificate, improve the error message upon failing to parse the curve as a named curve, rather than returning the original ASN1 error. Fixes #21502 Change-Id: I7ae7b3ea7a9dcbd78a9607f46f5883d3193b8367 Reviewed-on: https://go-review.googlesource.com/57050 Reviewed-by: Filippo Valsorda <[email protected]>
golang · Mar 28, 2018 · 89f4592 · 89f4592
1 parent 9d84e0e
commit 89f4592
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
@@ -1056,7 +1056,7 @@ func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{
 		namedCurveOID := new(asn1.ObjectIdentifier)
 		rest, err := asn1.Unmarshal(paramsData, namedCurveOID)
 		if err != nil {
-			return nil, err
+			return nil, errors.New("x509: failed to parse ECDSA parameters as named curve")
 		}
 		if len(rest) != 0 {
 			return nil, errors.New("x509: trailing data after ECDSA parameters")