From bcc05715b39179037567a9be6139e2998c370016 Mon Sep 17 00:00:00 2001
From: Filippo Valsorda <filippo@cloudflare.com>
Date: Fri, 5 Dec 2014 18:39:06 +0000
Subject: [PATCH] Make some ECDSA failures more informative/accurate

---
 dnssec_test.go | 22 ++++++++++++++++++----
 kscan.go       |  6 +++---
 parse_test.go  |  3 +++
 3 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/dnssec_test.go b/dnssec_test.go
index 04c64391..f6263d50 100644
--- a/dnssec_test.go
+++ b/dnssec_test.go
@@ -455,12 +455,19 @@ PrivateKey: WURgWHCcYIYUPWgeLmiPY2DJJk02vgrmTfitxgqcL4vwW7BOrbawVmVe0d9V94SR`
 	sig.SignerName = eckey.(*DNSKEY).Hdr.Name
 	sig.Algorithm = eckey.(*DNSKEY).Algorithm
 
-	sig.Sign(privkey, []RR{a})
+	if sig.Sign(privkey, []RR{a}) != nil {
+		t.Fatal("failure to sign the record")
+	}
 
-	t.Logf("%s", sig.String())
 	if e := sig.Verify(eckey.(*DNSKEY), []RR{a}); e != nil {
-		t.Logf("failure to validate: %s", e.Error())
-		t.Fail()
+		t.Logf("\n%s\n%s\n%s\n\n%s\n\n",
+			eckey.(*DNSKEY).String(),
+			a.String(),
+			sig.String(),
+			eckey.(*DNSKEY).PrivateKeyString(privkey),
+		)
+
+		t.Fatalf("failure to validate: %s", e.Error())
 	}
 }
 
@@ -503,6 +510,13 @@ func TestSignVerifyECDSA2(t *testing.T) {
 
 	err = sig.Verify(key, []RR{srv})
 	if err != nil {
+		t.Logf("\n%s\n%s\n%s\n\n%s\n\n",
+			key.String(),
+			srv.String(),
+			sig.String(),
+			key.PrivateKeyString(privkey),
+		)
+
 		t.Fatal("Failure to validate:", err)
 	}
 }
diff --git a/kscan.go b/kscan.go
index 8cc729ab..56567b2b 100644
--- a/kscan.go
+++ b/kscan.go
@@ -39,7 +39,7 @@ func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (PrivateKey, error) {
 			return nil, e
 		}
 		if !k.setPublicKeyInPrivate(p) {
-			return nil, ErrPrivKey
+			return nil, ErrKey
 		}
 		return p, e
 	case "1 (RSAMD5)":
@@ -56,7 +56,7 @@ func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (PrivateKey, error) {
 			return nil, e
 		}
 		if !k.setPublicKeyInPrivate(p) {
-			return nil, ErrPrivKey
+			return nil, ErrKey
 		}
 		return p, e
 	case "12 (ECC-GOST)":
@@ -74,7 +74,7 @@ func (k *DNSKEY) ReadPrivateKey(q io.Reader, file string) (PrivateKey, error) {
 			return nil, e
 		}
 		if !k.setPublicKeyInPrivate(p) {
-			return nil, ErrPrivKey
+			return nil, ErrKey
 		}
 		return p, e
 	}
diff --git a/parse_test.go b/parse_test.go
index 89f21906..a667ce2f 100644
--- a/parse_test.go
+++ b/parse_test.go
@@ -1258,6 +1258,9 @@ func TestNewPrivateKeyECDSA(t *testing.T) {
 
 		newPrivKey, err := key.NewPrivateKey(key.PrivateKeyString(privkey))
 		if err != nil {
+			t.Log(key.String())
+			t.Log(key.PrivateKeyString(privkey))
+
 			t.Fatal(err.Error())
 		}