From 89ff5f4844e6c7ba96315677162461e9dc286a2c Mon Sep 17 00:00:00 2001 From: Alexander Scheel Date: Mon, 20 Mar 2023 12:00:49 -0400 Subject: [PATCH] More wrapped errors - PKI, SSH, Transit (#19631) * Add missing wrapped errors in PKI Signed-off-by: Alexander Scheel * Add missing wrapped errors in SSH Signed-off-by: Alexander Scheel * Add missing wrapped errors in Transit Signed-off-by: Alexander Scheel --------- Signed-off-by: Alexander Scheel --- builtin/logical/pki/crl_util.go | 4 ++-- builtin/logical/pki/storage.go | 2 +- builtin/logical/ssh/path_issue_sign.go | 2 +- builtin/logical/transit/path_keys.go | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/builtin/logical/pki/crl_util.go b/builtin/logical/pki/crl_util.go index 09ae85e7ba78..4454dce3e45a 100644 --- a/builtin/logical/pki/crl_util.go +++ b/builtin/logical/pki/crl_util.go @@ -1080,7 +1080,7 @@ func writeSpecificRevocationDeltaWALs(sc *storageContext, hyphenSerial string, c var walInfo deltaWALInfo walEntry, err := logical.StorageEntryJSON(pathPrefix+hyphenSerial, walInfo) if err != nil { - return fmt.Errorf("unable to create delta CRL WAL entry") + return fmt.Errorf("unable to create delta CRL WAL entry: %w", err) } if err = sc.Storage.Put(sc.Context, walEntry); err != nil { @@ -1093,7 +1093,7 @@ func writeSpecificRevocationDeltaWALs(sc *storageContext, hyphenSerial string, c lastRevSerial := lastWALInfo{Serial: colonSerial} lastWALEntry, err := logical.StorageEntryJSON(pathPrefix+deltaWALLastRevokedSerialName, lastRevSerial) if err != nil { - return fmt.Errorf("unable to create last delta CRL WAL entry") + return fmt.Errorf("unable to create last delta CRL WAL entry: %w", err) } if err = sc.Storage.Put(sc.Context, lastWALEntry); err != nil { return fmt.Errorf("error saving last delta CRL WAL entry: %w", err) diff --git a/builtin/logical/pki/storage.go b/builtin/logical/pki/storage.go index b410a00ed853..5b231c1a8584 100644 --- a/builtin/logical/pki/storage.go +++ b/builtin/logical/pki/storage.go @@ -1428,7 +1428,7 @@ func (sc *storageContext) fetchRevocationInfo(serial string) (*revocationInfo, e if revEntry != nil { err = revEntry.DecodeJSON(&revInfo) if err != nil { - return nil, fmt.Errorf("error decoding existing revocation info") + return nil, fmt.Errorf("error decoding existing revocation info: %w", err) } } diff --git a/builtin/logical/ssh/path_issue_sign.go b/builtin/logical/ssh/path_issue_sign.go index dfc97ce4b94c..c4e68e4721f0 100644 --- a/builtin/logical/ssh/path_issue_sign.go +++ b/builtin/logical/ssh/path_issue_sign.go @@ -501,7 +501,7 @@ func (b *creationBundle) sign() (retCert *ssh.Certificate, retErr error) { // prepare certificate for signing nonce := make([]byte, 32) if _, err := io.ReadFull(rand.Reader, nonce); err != nil { - return nil, fmt.Errorf("failed to generate signed SSH key: error generating random nonce") + return nil, fmt.Errorf("failed to generate signed SSH key: error generating random nonce: %w", err) } certificate := &ssh.Certificate{ Serial: serialNumber.Uint64(), diff --git a/builtin/logical/transit/path_keys.go b/builtin/logical/transit/path_keys.go index e4a7171d6db0..295634dc4603 100644 --- a/builtin/logical/transit/path_keys.go +++ b/builtin/logical/transit/path_keys.go @@ -365,7 +365,7 @@ func (b *backend) pathPolicyRead(ctx context.Context, req *logical.Request, d *f } derived, err := p.GetKey(context, ver, 32) if err != nil { - return nil, fmt.Errorf("failed to derive key to return public component") + return nil, fmt.Errorf("failed to derive key to return public component: %w", err) } pubKey := ed25519.PrivateKey(derived).Public().(ed25519.PublicKey) key.PublicKey = base64.StdEncoding.EncodeToString(pubKey)