error handling tidy

client/http.go

@@ -33,11 +33,11 @@ func (cl *Client) SetSPNEGOHeader(r *http.Request, spn string) error {
 func SetSPNEGOHeader(creds credentials.Credentials, tkt messages.Ticket, sessionKey types.EncryptionKey, r *http.Request) error {
 	SPNEGOToken, err := gssapi.GetSPNEGOKrbNegTokenInit(creds, tkt, sessionKey)
 	if err != nil {
-		return err
+		return krberror.Errorf(err, krberror.EncodingError, "cound not generate SPNEGO negotiation token")
 	}
 	nb, err := SPNEGOToken.Marshal()
 	if err != nil {
-		return krberror.Errorf(err, krberror.EncodingError, "Could marshal SPNEGO")
+		return krberror.Errorf(err, krberror.EncodingError, "could not marshal SPNEGO")
 	}
 	hs := "Negotiate " + base64.StdEncoding.EncodeToString(nb)
 	r.Header.Set("Authorization", hs)

gssapi/krb5Token.go

@@ -113,11 +113,11 @@ func NewKRB5APREQMechToken(creds credentials.Credentials, tkt messages.Ticket, s
 		auth,
 	)
 	if err != nil {
-		return []byte{}, err
+		return []byte{}, fmt.Errorf("could not create new AP_REQ: %v", err)
 	}
 	tb, err = APReq.Marshal()
 	if err != nil {
-		return []byte{}, fmt.Errorf("Could not marshal AP_REQ: %v", err)
+		return []byte{}, fmt.Errorf("could not marshal AP_REQ: %v", err)
 	}
 	b = append(b, tb...)
 	return asn1tools.AddASNAppTag(b, 0), nil

messages/KDCReq.go

@@ -171,21 +171,21 @@ func NewTGSReq(cname types.PrincipalName, kdcRealm string, c *config.Config, tkt
 	}
 	auth, err := types.NewAuthenticator(c.LibDefaults.DefaultRealm, cname)
 	if err != nil {
-		return a, krberror.Errorf(err, krberror.KRBMsgError, "Error generating new authenticator")
+		return a, krberror.Errorf(err, krberror.KRBMsgError, "error generating new authenticator")
 	}
 	// Add the CName to make validation of the reply easier
 	a.ReqBody.CName = auth.CName
 	b, err := a.ReqBody.Marshal()
 	if err != nil {
-		return a, krberror.Errorf(err, krberror.EncodingError, "Error marshaling TGS_REQ body")
+		return a, krberror.Errorf(err, krberror.EncodingError, "error marshaling TGS_REQ body")
 	}
 	etype, err := crypto.GetEtype(sessionKey.KeyType)
 	if err != nil {
-		return a, krberror.Errorf(err, krberror.EncryptingError, "Error getting etype to encrypt authenticator")
+		return a, krberror.Errorf(err, krberror.EncryptingError, "error getting etype to encrypt authenticator")
 	}
 	cb, err := etype.GetChecksumHash(sessionKey.KeyValue, b, keyusage.TGS_REQ_PA_TGS_REQ_AP_REQ_AUTHENTICATOR_CHKSUM)
 	if err != nil {
-		return a, krberror.Errorf(err, krberror.ChksumError, "Error getting etype checksum hash")
+		return a, krberror.Errorf(err, krberror.ChksumError, "error getting etype checksum hash")
 	}
 	auth.Cksum = types.Checksum{
 		CksumType: etype.GetHashID(),
@@ -193,11 +193,11 @@ func NewTGSReq(cname types.PrincipalName, kdcRealm string, c *config.Config, tkt
 	}
 	apReq, err := NewAPReq(tkt, sessionKey, auth)
 	if err != nil {
-		return a, err
+		return a, krberror.Errorf(err, krberror.KRBMsgError, "error generating new AP_REQ")
 	}
 	apb, err := apReq.Marshal()
 	if err != nil {
-		return a, krberror.Errorf(err, krberror.EncodingError, "Error marshaling AP_REQ for pre-authentication data")
+		return a, krberror.Errorf(err, krberror.EncodingError, "error marshaling AP_REQ for pre-authentication data")
 	}
 	a.PAData = types.PADataSequence{
 		types.PAData{
@@ -222,7 +222,7 @@ func (k *ASReq) Unmarshal(b []byte) error {
 	var reqb KDCReqBody
 	err = reqb.Unmarshal(m.ReqBody.Bytes)
 	if err != nil {
-		return krberror.Errorf(err, krberror.EncodingError, "Error processing AS_REQ body")
+		return krberror.Errorf(err, krberror.EncodingError, "error processing AS_REQ body")
 	}
 	k.MsgType = m.MsgType
 	k.PAData = m.PAData

messages/Ticket.go

@@ -55,7 +55,7 @@ type TransitedEncoding struct {
 func NewTicket(cname types.PrincipalName, crealm string, sname types.PrincipalName, srealm string, flags asn1.BitString, sktab keytab.Keytab, eTypeID, kvno int, authTime, startTime, endTime, renewTill time.Time) (Ticket, types.EncryptionKey, error) {
 	etype, err := crypto.GetEtype(eTypeID)
 	if err != nil {
-		return Ticket{}, types.EncryptionKey{}, krberror.Errorf(err, krberror.EncryptingError, "Error getting etype for new ticket")
+		return Ticket{}, types.EncryptionKey{}, krberror.Errorf(err, krberror.EncryptingError, "error getting etype for new ticket")
 	}
 	ks := etype.GetKeyByteSize()
 	kv := make([]byte, ks, ks)
@@ -77,16 +77,16 @@ func NewTicket(cname types.PrincipalName, crealm string, sname types.PrincipalNa
 	}
 	b, err := asn1.Marshal(etp)
 	if err != nil {
-		return Ticket{}, types.EncryptionKey{}, krberror.Errorf(err, krberror.EncodingError, "Error marshalling encpart")
+		return Ticket{}, types.EncryptionKey{}, krberror.Errorf(err, krberror.EncodingError, "error marshalling ticket encpart")
 	}
 	b = asn1tools.AddASNAppTag(b, asnAppTag.EncTicketPart)
 	skey, err := sktab.GetEncryptionKey(sname.NameString, srealm, kvno, eTypeID)
 	if err != nil {
-		return Ticket{}, types.EncryptionKey{}, krberror.Errorf(err, krberror.EncryptingError, "Error getting encryption key for new ticket")
+		return Ticket{}, types.EncryptionKey{}, krberror.Errorf(err, krberror.EncryptingError, "error getting encryption key for new ticket")
 	}
 	ed, err := crypto.GetEncryptedData(b, skey, keyusage.KDC_REP_TICKET, kvno)
 	if err != nil {
-		return Ticket{}, types.EncryptionKey{}, krberror.Errorf(err, krberror.EncryptingError, "Error encrypting ticket encpart")
+		return Ticket{}, types.EncryptionKey{}, krberror.Errorf(err, krberror.EncryptingError, "error encrypting ticket encpart")
 	}
 	tkt := Ticket{
 		TktVNO:  iana.PVNO,