service pincipal fmt fix and error fmt fixes

client/client.go

@@ -100,7 +100,7 @@ func NewClientFromCCache(c credentials.CCache) (Client, error) {
 		var tkt messages.Ticket
 		err = tkt.Unmarshal(cred.Ticket)
 		if err != nil {
-			return cl, fmt.Errorf("Cache entry ticket bytes are not valid: %v", err)
+			return cl, fmt.Errorf("cache entry ticket bytes are not valid: %v", err)
 		}
 		cl.Cache.addEntry(
 			tkt,
@@ -143,7 +143,7 @@ func (cl *Client) Key(etype etype.EType, krberr messages.KRBError) (types.Encryp
 			var pas types.PADataSequence
 			err := pas.Unmarshal(krberr.EData)
 			if err != nil {
-				return types.EncryptionKey{}, fmt.Errorf("Could not get PAData from KRBError to generate key from password: %v", err)
+				return types.EncryptionKey{}, fmt.Errorf("could not get PAData from KRBError to generate key from password: %v", err)
 			}
 			key, _, err := crypto.GetKeyFromPassword(cl.Credentials.Password, krberr.CName, krberr.CRealm, etype.GetETypeID(), pas)
 			return key, err
@@ -151,7 +151,7 @@ func (cl *Client) Key(etype etype.EType, krberr messages.KRBError) (types.Encryp
 		key, _, err := crypto.GetKeyFromPassword(cl.Credentials.Password, cl.Credentials.CName, cl.Credentials.Realm, etype.GetETypeID(), types.PADataSequence{})
 		return key, err
 	}
-	return types.EncryptionKey{}, errors.New("Credential has neither keytab or password to generate key.")
+	return types.EncryptionKey{}, errors.New("credential has neither keytab or password to generate key.")
 }
 
 // LoadConfig loads the Kerberos configuration for the client from file path specified.

client/client_ad_integration_test.go

@@ -96,11 +96,11 @@ func TestClient_GetServiceTicket_AD_TRUST_USER_DOMAIN(t *testing.T) {
 	skt, _ := keytab.Parse(b)
 	err = tkt.DecryptEncPart(skt, "sysHTTP")
 	if err != nil {
-		t.Errorf("Error decrypting ticket with service keytab: %v", err)
+		t.Errorf("error decrypting ticket with service keytab: %v", err)
 	}
 	isPAC, pac, err := tkt.GetPACType(skt, "sysHTTP")
 	if err != nil {
-		t.Errorf("Error getting PAC: %v", err)
+		t.Errorf("error getting PAC: %v", err)
 	}
 	assert.True(t, isPAC, "Did not find PAC in service ticket")
 	assert.Equal(t, "testuser1", pac.KerbValidationInfo.EffectiveName.Value, "PAC value not parsed")

client/client_dns_test.go

@@ -69,6 +69,6 @@ func TestClient_Login_DNSKDCs(t *testing.T) {
 
 	err = cl.Login()
 	if err != nil {
-		t.Errorf("Error on logging in using DNS lookup of KDCs: %v\n", err)
+		t.Errorf("error on logging in using DNS lookup of KDCs: %v\n", err)
 	}
 }

client/client_integration_test.go

@@ -41,7 +41,7 @@ func TestClient_SuccessfulLogin_Keytab(t *testing.T) {
 
 		err = cl.Login()
 		if err != nil {
-			t.Errorf("Error on logging in with KDC %s: %v\n", test, err)
+			t.Errorf("error on logging in with KDC %s: %v\n", test, err)
 		}
 	}
 }
@@ -64,7 +64,7 @@ func TestClient_SuccessfulLogin_Password(t *testing.T) {
 
 		err := cl.Login()
 		if err != nil {
-			t.Errorf("Error on logging in with KDC %s: %v\n", test, err)
+			t.Errorf("error on logging in with KDC %s: %v\n", test, err)
 		}
 	}
 }
@@ -84,7 +84,7 @@ func TestClient_SuccessfulLogin_TCPOnly(t *testing.T) {
 
 	err = cl.Login()
 	if err != nil {
-		t.Fatalf("Error on login: %v\n", err)
+		t.Fatalf("error on login: %v\n", err)
 	}
 }
 
@@ -115,11 +115,11 @@ func TestClient_ASExchange_TGSExchange_EncTypes_Keytab(t *testing.T) {
 
 		err = cl.Login()
 		if err != nil {
-			t.Errorf("Error on login using enctype %s: %v\n", test, err)
+			t.Errorf("error on login using enctype %s: %v\n", test, err)
 		}
 		tkt, key, err := cl.GetServiceTicket("HTTP/host.test.gokrb5")
 		if err != nil {
-			t.Errorf("Error in TGS exchange using enctype %s: %v", test, err)
+			t.Errorf("error in TGS exchange using enctype %s: %v", test, err)
 		}
 		assert.Equal(t, "TEST.GOKRB5", tkt.Realm, "Realm in ticket not as expected for %s test", test)
 		assert.Equal(t, etypeID.ETypesByName[test], key.KeyType, "Key is not for enctype %s", test)
@@ -151,11 +151,11 @@ func TestClient_ASExchange_TGSExchange_EncTypes_Password(t *testing.T) {
 
 		err := cl.Login()
 		if err != nil {
-			t.Errorf("Error on login using enctype %s: %v\n", test, err)
+			t.Errorf("error on login using enctype %s: %v\n", test, err)
 		}
 		tkt, key, err := cl.GetServiceTicket("HTTP/host.test.gokrb5")
 		if err != nil {
-			t.Errorf("Error in TGS exchange using enctype %s: %v", test, err)
+			t.Errorf("error in TGS exchange using enctype %s: %v", test, err)
 		}
 		assert.Equal(t, "TEST.GOKRB5", tkt.Realm, "Realm in ticket not as expected for %s test", test)
 		assert.Equal(t, etypeID.ETypesByName[test], key.KeyType, "Key is not for enctype %s", test)
@@ -176,7 +176,7 @@ func TestClient_FailedLogin(t *testing.T) {
 
 	err = cl.Login()
 	if err == nil {
-		t.Fatal("Login with incorrect password did not error")
+		t.Fatal("login with incorrect password did not error")
 	}
 }
 
@@ -194,7 +194,7 @@ func TestClient_SuccessfulLogin_UserRequiringPreAuth(t *testing.T) {
 
 	err = cl.Login()
 	if err != nil {
-		t.Fatalf("Error on login: %v\n", err)
+		t.Fatalf("error on login: %v\n", err)
 	}
 }
 
@@ -213,7 +213,7 @@ func TestClient_SuccessfulLogin_UserRequiringPreAuth_TCPOnly(t *testing.T) {
 
 	err = cl.Login()
 	if err != nil {
-		t.Fatalf("Error on login: %v\n", err)
+		t.Fatalf("error on login: %v\n", err)
 	}
 }
 
@@ -227,7 +227,7 @@ func TestClient_NetworkTimeout(t *testing.T) {
 
 	err = cl.Login()
 	if err == nil {
-		t.Fatal("Login with incorrect KDC address did not error")
+		t.Fatal("login with incorrect KDC address did not error")
 	}
 }
 
@@ -245,12 +245,12 @@ func TestClient_GetServiceTicket(t *testing.T) {
 
 	err = cl.Login()
 	if err != nil {
-		t.Fatalf("Error on login: %v\n", err)
+		t.Fatalf("error on login: %v\n", err)
 	}
 	spn := "HTTP/host.test.gokrb5"
 	tkt, key, err := cl.GetServiceTicket(spn)
 	if err != nil {
-		t.Fatalf("Error getting service ticket: %v\n", err)
+		t.Fatalf("error getting service ticket: %v\n", err)
 	}
 	assert.Equal(t, spn, tkt.SName.GetPrincipalNameString())
 	assert.Equal(t, int32(18), key.KeyType)
@@ -258,7 +258,7 @@ func TestClient_GetServiceTicket(t *testing.T) {
 	//Check cache use - should get the same values back again
 	tkt2, key2, err := cl.GetServiceTicket(spn)
 	if err != nil {
-		t.Fatalf("Error getting service ticket: %v\n", err)
+		t.Fatalf("error getting service ticket: %v\n", err)
 	}
 	assert.Equal(t, tkt.EncPart.Cipher, tkt2.EncPart.Cipher)
 	assert.Equal(t, key.KeyValue, key2.KeyValue)
@@ -278,7 +278,7 @@ func TestClient_GetServiceTicket_InvalidSPN(t *testing.T) {
 
 	err = cl.Login()
 	if err != nil {
-		t.Fatalf("Error on login: %v\n", err)
+		t.Fatalf("error on login: %v\n", err)
 	}
 	spn := "host.test.gokrb5"
 	_, _, err = cl.GetServiceTicket(spn)
@@ -300,12 +300,12 @@ func TestClient_GetServiceTicket_OlderKDC(t *testing.T) {
 
 	err = cl.Login()
 	if err != nil {
-		t.Fatalf("Error on login: %v\n", err)
+		t.Fatalf("error on login: %v\n", err)
 	}
 	spn := "HTTP/host.test.gokrb5"
 	tkt, key, err := cl.GetServiceTicket(spn)
 	if err != nil {
-		t.Fatalf("Error getting service ticket: %v\n", err)
+		t.Fatalf("error getting service ticket: %v\n", err)
 	}
 	assert.Equal(t, spn, tkt.SName.GetPrincipalNameString())
 	assert.Equal(t, int32(18), key.KeyType)
@@ -325,7 +325,7 @@ func TestClient_SetSPNEGOHeader(t *testing.T) {
 
 	err := cl.Login()
 	if err != nil {
-		t.Fatalf("Error on AS_REQ: %v\n", err)
+		t.Fatalf("error on AS_REQ: %v\n", err)
 	}
 	url := os.Getenv("TEST_HTTP_URL")
 	if url == "" {
@@ -334,16 +334,16 @@ func TestClient_SetSPNEGOHeader(t *testing.T) {
 	r, _ := http.NewRequest("GET", url, nil)
 	httpResp, err := http.DefaultClient.Do(r)
 	if err != nil {
-		t.Fatalf("Request error: %v\n", err)
+		t.Fatalf("request error: %v\n", err)
 	}
 	assert.Equal(t, http.StatusUnauthorized, httpResp.StatusCode, "Status code in response to client with no SPNEGO not as expected")
 	err = cl.SetSPNEGOHeader(r, "HTTP/host.test.gokrb5")
 	if err != nil {
-		t.Fatalf("Error setting client SPNEGO header: %v", err)
+		t.Fatalf("error setting client SPNEGO header: %v", err)
 	}
 	httpResp, err = http.DefaultClient.Do(r)
 	if err != nil {
-		t.Fatalf("Request error: %v\n", err)
+		t.Fatalf("request error: %v\n", err)
 	}
 	assert.Equal(t, http.StatusOK, httpResp.StatusCode, "Status code in response to client SPNEGO request not as expected")
 }
@@ -395,18 +395,18 @@ func spnegoGet(cl *Client) error {
 	r, _ := http.NewRequest("GET", url, nil)
 	httpResp, err := http.DefaultClient.Do(r)
 	if err != nil {
-		return fmt.Errorf("Request error: %v\n", err)
+		return fmt.Errorf("request error: %v\n", err)
 	}
 	if httpResp.StatusCode != http.StatusUnauthorized {
 		return errors.New("did not get unauthorized code when no SPNEGO header set")
 	}
 	err = cl.SetSPNEGOHeader(r, "HTTP/host.test.gokrb5")
 	if err != nil {
-		return fmt.Errorf("Error setting client SPNEGO header: %v", err)
+		return fmt.Errorf("error setting client SPNEGO header: %v", err)
 	}
 	httpResp, err = http.DefaultClient.Do(r)
 	if err != nil {
-		return fmt.Errorf("Request error: %v\n", err)
+		return fmt.Errorf("request error: %v\n", err)
 	}
 	if httpResp.StatusCode != http.StatusOK {
 		return errors.New("did not get OK code when SPNEGO header set")
@@ -417,15 +417,15 @@ func spnegoGet(cl *Client) error {
 func TestNewClientFromCCache(t *testing.T) {
 	b, err := hex.DecodeString(testdata.CCACHE_TEST)
 	if err != nil {
-		t.Fatalf("Error decoding test data")
+		t.Fatalf("error decoding test data")
 	}
 	cc, err := credentials.ParseCCache(b)
 	if err != nil {
-		t.Fatal("Error getting test CCache")
+		t.Fatal("error getting test CCache")
 	}
 	cl, err := NewClientFromCCache(cc)
 	if err != nil {
-		t.Fatalf("Error creating client from CCache: %v", err)
+		t.Fatalf("error creating client from CCache: %v", err)
 	}
 	c, _ := config.NewConfigFromString(testdata.TEST_KRB5CONF)
 	addr := os.Getenv("TEST_KDC_ADDR")
@@ -435,7 +435,7 @@ func TestNewClientFromCCache(t *testing.T) {
 	c.Realms[0].KDC = []string{addr + ":" + testdata.TEST_KDC}
 	cl.WithConfig(c)
 	if ok, err := cl.IsConfigured(); !ok {
-		t.Fatalf("Client was not configured from CCache: %v", err)
+		t.Fatalf("client was not configured from CCache: %v", err)
 	}
 }
 
@@ -470,12 +470,12 @@ func TestClient_GetServiceTicket_Trusted_Resource_Domain(t *testing.T) {
 	err := cl.Login()
 
 	if err != nil {
-		t.Fatalf("Error on login: %v\n", err)
+		t.Fatalf("error on login: %v\n", err)
 	}
 	spn := "HTTP/host.resdom.gokrb5"
 	tkt, key, err := cl.GetServiceTicket(spn)
 	if err != nil {
-		t.Fatalf("Error getting service ticket: %v\n", err)
+		t.Fatalf("error getting service ticket: %v\n", err)
 	}
 	assert.Equal(t, spn, tkt.SName.GetPrincipalNameString())
 	assert.Equal(t, etypeID.ETypesByName["aes256-cts-hmac-sha1-96"], key.KeyType)
@@ -484,6 +484,6 @@ func TestClient_GetServiceTicket_Trusted_Resource_Domain(t *testing.T) {
 	skt, _ := keytab.Parse(b)
 	err = tkt.DecryptEncPart(skt, "")
 	if err != nil {
-		t.Errorf("Error decrypting ticket with service keytab: %v", err)
+		t.Errorf("error decrypting ticket with service keytab: %v", err)
 	}
 }

client/http.go

@@ -21,7 +21,7 @@ func (cl *Client) SetSPNEGOHeader(r *http.Request, spn string) error {
 	}
 	tkt, skey, err := cl.GetServiceTicket(spn)
 	if err != nil {
-		return fmt.Errorf("Could not get service ticket: %v", err)
+		return fmt.Errorf("could not get service ticket: %v", err)
 	}
 	err = SetSPNEGOHeader(*cl.Credentials, tkt, skey, r)
 	if err != nil {
@@ -34,7 +34,7 @@ func (cl *Client) SetSPNEGOHeader(r *http.Request, spn string) error {
 func SetSPNEGOHeader(creds credentials.Credentials, tkt messages.Ticket, sessionKey types.EncryptionKey, r *http.Request) error {
 	SPNEGOToken, err := gssapi.GetSPNEGOKrbNegTokenInit(creds, tkt, sessionKey)
 	if err != nil {
-		return krberror.Errorf(err, krberror.EncodingError, "cound not generate SPNEGO negotiation token")
+		return krberror.Errorf(err, krberror.EncodingError, "could not generate SPNEGO negotiation token")
 	}
 	nb, err := SPNEGOToken.Marshal()
 	if err != nil {

config/krb5conf.go

@@ -329,7 +329,7 @@ func (r *Realm) parseLines(name string, lines []string) error {
 			continue
 		}
 		if !strings.Contains(line, "=") {
-			return fmt.Errorf("Realm configuration line invalid: %s", line)
+			return fmt.Errorf("realm configuration line invalid: %s", line)
 		}
 
 		p := strings.Split(line, "=")
@@ -384,11 +384,11 @@ func parseRealms(lines []string) ([]Realm, error) {
 		if strings.Contains(l, "{") {
 			if start >= 0 {
 				// already started a block!!!
-				return nil, errors.New("Invalid Realms section in configuration")
+				return nil, errors.New("invalid Realms section in configuration")
 			}
 			start = i
 			if !strings.Contains(l, "=") {
-				return nil, fmt.Errorf("Realm configuration line invalid: %s", l)
+				return nil, fmt.Errorf("realm configuration line invalid: %s", l)
 			}
 			p := strings.Split(l, "=")
 			name = strings.TrimSpace(p[0])
@@ -396,7 +396,7 @@ func parseRealms(lines []string) ([]Realm, error) {
 		if strings.Contains(l, "}") {
 			if start < 0 {
 				// but not started a block!!!
-				return nil, errors.New("Invalid Realms section in configuration")
+				return nil, errors.New("invalid Realms section in configuration")
 			}
 			var r Realm
 			r.parseLines(name, lines[start+1:i])
@@ -417,7 +417,7 @@ func (d *DomainRealm) parseLines(lines []string) error {
 			continue
 		}
 		if !strings.Contains(line, "=") {
-			return fmt.Errorf("Realm configuration line invalid: %s", line)
+			return fmt.Errorf("realm configuration line invalid: %s", line)
 		}
 		p := strings.Split(line, "=")
 		domain := strings.TrimSpace(strings.ToLower(p[0]))
@@ -462,7 +462,7 @@ func (c *Config) ResolveRealm(domainName string) string {
 func Load(cfgPath string) (*Config, error) {
 	fh, err := os.Open(cfgPath)
 	if err != nil {
-		return nil, errors.New("Configuration file could not be openned: " + cfgPath + " " + err.Error())
+		return nil, errors.New("configuration file could not be openned: " + cfgPath + " " + err.Error())
 	}
 	defer fh.Close()
 	scanner := bufio.NewScanner(fh)
@@ -525,18 +525,18 @@ func NewConfigFromScanner(scanner *bufio.Scanner) (*Config, error) {
 		case "libdefaults":
 			err := c.LibDefaults.parseLines(lines[start:end])
 			if err != nil {
-				return nil, fmt.Errorf("Error processing libdefaults section: %v", err)
+				return nil, fmt.Errorf("error processing libdefaults section: %v", err)
 			}
 		case "realms":
 			realms, err := parseRealms(lines[start:end])
 			if err != nil {
-				return nil, fmt.Errorf("Error processing realms section: %v", err)
+				return nil, fmt.Errorf("error processing realms section: %v", err)
 			}
 			c.Realms = realms
 		case "domain_realm":
 			err := c.DomainRealm.parseLines(lines[start:end])
 			if err != nil {
-				return nil, fmt.Errorf("Error processing domaain_realm section: %v", err)
+				return nil, fmt.Errorf("error processing domaain_realm section: %v", err)
 			}
 		default:
 			continue
@@ -578,13 +578,13 @@ func parseDuration(s string) (time.Duration, error) {
 		ds := strings.SplitN(s, "d", 2)
 		dn, err := strconv.ParseUint(ds[0], 10, 32)
 		if err != nil {
-			return time.Duration(0), errors.New("invalid time duration.")
+			return time.Duration(0), errors.New("invalid time duration")
 		}
 		d := time.Duration(dn*24) * time.Hour
 		if ds[1] != "" {
 			dp, err := time.ParseDuration(ds[1])
 			if err != nil {
-				return time.Duration(0), errors.New("invalid time duration.")
+				return time.Duration(0), errors.New("invalid time duration")
 			}
 			d = d + dp
 		}
@@ -607,13 +607,13 @@ func parseDuration(s string) (time.Duration, error) {
 	if strings.Contains(s, ":") {
 		t := strings.Split(s, ":")
 		if 2 > len(t) || len(t) > 3 {
-			return time.Duration(0), errors.New("Invalid time duration value")
+			return time.Duration(0), errors.New("invalid time duration value")
 		}
 		var i []int
 		for _, n := range t {
 			j, err := strconv.ParseInt(n, 10, 16)
 			if err != nil {
-				return time.Duration(0), errors.New("Invalid time duration value")
+				return time.Duration(0), errors.New("invalid time duration value")
 			}
 			i = append(i, int(j))
 		}
@@ -623,7 +623,7 @@ func parseDuration(s string) (time.Duration, error) {
 		}
 		return d, nil
 	}
-	return time.Duration(0), errors.New("Invalid time duration value")
+	return time.Duration(0), errors.New("invalid time duration value")
 }
 
 // Parse possible boolean values to golang bool.
@@ -643,7 +643,7 @@ func parseBoolean(s string) (bool, error) {
 	case "n":
 		return false, nil
 	}
-	return false, errors.New("Invalid boolean value")
+	return false, errors.New("invalid boolean value")
 }
 
 // Parse array of strings but stop if an asterisk is placed at the end of a line.

config/krb5conf_test.go

@@ -377,7 +377,7 @@ func TestParseDuration(t *testing.T) {
 	for _, test := range tests {
 		d, err := parseDuration(test.timeStr)
 		if err != nil {
-			t.Errorf("Error parsing %s: %v", test.timeStr, err)
+			t.Errorf("error parsing %s: %v", test.timeStr, err)
 		}
 		assert.Equal(t, test.duration, d, "Duration not as expected for: "+test.timeStr)
 

crypto/aes128-cts-hmac-sha1-96_test.go

@@ -36,7 +36,7 @@ func TestAes128CtsHmacSha196_StringToKey(t *testing.T) {
 		assert.Equal(t, test.pbkdf2, hex.EncodeToString(rfc3962.StringToPBKDF2(test.phrase, test.salt, test.iterations, e)), "PBKDF2 not as expected")
 		k, err := e.StringToKey(test.phrase, test.salt, common.IterationsToS2Kparams(uint32(test.iterations)))
 		if err != nil {
-			t.Errorf("Error in processing string to key for test %d: %v", i, err)
+			t.Errorf("error in processing string to key for test %d: %v", i, err)
 		}
 		assert.Equal(t, test.key, hex.EncodeToString(k), "String to Key not as expected")
 

crypto/aes128-cts-hmac-sha256-128_test.go

@@ -72,7 +72,7 @@ func TestAes128CtsHmacSha256128_VerifyIntegrity(t *testing.T) {
 		p, _ := hex.DecodeString(test.pt)
 		b, err := e.GetChecksumHash(protocolBaseKey, p, testUsage)
 		if err != nil {
-			t.Errorf("Error generating checksum: %v", err)
+			t.Errorf("error generating checksum: %v", err)
 		}
 		assert.Equal(t, test.chksum, hex.EncodeToString(b), "Checksum not as expected")
 	}
@@ -108,7 +108,7 @@ func TestAes128CtsHmacSha256128_Cypto(t *testing.T) {
 		// Test encryption to raw encrypted bytes
 		_, c, err := e.EncryptData(ke, cfm)
 		if err != nil {
-			t.Errorf("Encryption failed for test %v: %v", i+1, err)
+			t.Errorf("encryption failed for test %v: %v", i+1, err)
 		}
 		assert.Equal(t, test.encrypted, hex.EncodeToString(c), "Encrypted result not as expected - test %v", i)
 
@@ -117,7 +117,7 @@ func TestAes128CtsHmacSha256128_Cypto(t *testing.T) {
 		//Remove the confounder bytes
 		p = p[e.GetConfounderByteSize():]
 		if err != nil {
-			t.Errorf("Decryption failed for test %v: %v", i+1, err)
+			t.Errorf("decryption failed for test %v: %v", i+1, err)
 		}
 		assert.Equal(t, test.plain, hex.EncodeToString(p), "Decrypted result not as expected - test %v", i)
 
@@ -127,11 +127,11 @@ func TestAes128CtsHmacSha256128_Cypto(t *testing.T) {
 		// Test encrypting and decrypting a complete cipertext message (with confounder, integrity hash)
 		_, cm, err := e.EncryptMessage(protocolBaseKey, m, testUsage)
 		if err != nil {
-			t.Errorf("Encryption to message failed for test %v: %v", i+1, err)
+			t.Errorf("encryption to message failed for test %v: %v", i+1, err)
 		}
 		dm, err := e.DecryptMessage(protocolBaseKey, cm, testUsage)
 		if err != nil {
-			t.Errorf("Decrypting complete encrypted message failed for test %v: %v", i+1, err)
+			t.Errorf("decrypting complete encrypted message failed for test %v: %v", i+1, err)
 		}
 		assert.Equal(t, m, dm, "Message not as expected after encrypting and decrypting for test %v: %v", i+1, err)
 

crypto/aes256-cts-hmac-sha1-96_test.go

@@ -36,7 +36,7 @@ func TestAes256CtsHmacSha196_StringToKey(t *testing.T) {
 		assert.Equal(t, test.pbkdf2, hex.EncodeToString(rfc3962.StringToPBKDF2(test.phrase, test.salt, test.iterations, e)), "PBKDF2 not as expected")
 		k, err := e.StringToKey(test.phrase, test.salt, common.IterationsToS2Kparams(uint32(test.iterations)))
 		if err != nil {
-			t.Errorf("Error in processing string to key for test %d: %v", i, err)
+			t.Errorf("error in processing string to key for test %d: %v", i, err)
 		}
 		assert.Equal(t, test.key, hex.EncodeToString(k), "String to Key not as expected")
 

crypto/aes256-cts-hmac-sha384-192_test.go

@@ -85,7 +85,7 @@ func TestAes256CtsHmacSha384192_Cypto(t *testing.T) {
 		// Test encryption to raw encrypted bytes
 		_, c, err := e.EncryptData(ke, cfm)
 		if err != nil {
-			t.Errorf("Encryption failed for test %v: %v", i+1, err)
+			t.Errorf("encryption failed for test %v: %v", i+1, err)
 		}
 		assert.Equal(t, test.encrypted, hex.EncodeToString(c), "Encrypted result not as expected - test %v", i)
 
@@ -94,7 +94,7 @@ func TestAes256CtsHmacSha384192_Cypto(t *testing.T) {
 		//Remove the confounder bytes
 		p = p[e.GetConfounderByteSize():]
 		if err != nil {
-			t.Errorf("Decryption failed for test %v: %v", i+1, err)
+			t.Errorf("decryption failed for test %v: %v", i+1, err)
 		}
 		assert.Equal(t, test.plain, hex.EncodeToString(p), "Decrypted result not as expected - test %v", i)
 
@@ -104,11 +104,11 @@ func TestAes256CtsHmacSha384192_Cypto(t *testing.T) {
 		// Test encrypting and decrypting a complete cipertext message (with confounder, integrity hash)
 		_, cm, err := e.EncryptMessage(protocolBaseKey, m, testUsage)
 		if err != nil {
-			t.Errorf("Encryption to message failed for test %v: %v", i+1, err)
+			t.Errorf("encryption to message failed for test %v: %v", i+1, err)
 		}
 		dm, err := e.DecryptMessage(protocolBaseKey, cm, testUsage)
 		if err != nil {
-			t.Errorf("Decrypting complete encrypted message failed for test %v: %v", i+1, err)
+			t.Errorf("decrypting complete encrypted message failed for test %v: %v", i+1, err)
 		}
 		assert.Equal(t, m, dm, "Message not as expected after encrypting and decrypting for test %v: %v", i+1, err)
 
@@ -136,7 +136,7 @@ func TestAes256CtsHmacSha384192_VerifyIntegrity(t *testing.T) {
 		p, _ := hex.DecodeString(test.pt)
 		b, err := e.GetChecksumHash(protocolBaseKey, p, testUsage)
 		if err != nil {
-			t.Errorf("Error generating checksum: %v", err)
+			t.Errorf("error generating checksum: %v", err)
 		}
 		assert.Equal(t, test.chksum, hex.EncodeToString(b), "Checksum not as expected")
 	}

crypto/common/common.go

@@ -46,22 +46,22 @@ func PKCS7Pad(b []byte, m int) ([]byte, error) {
 // PKCS7Unpad removes RFC 2315 padding from byes where message size is m.
 func PKCS7Unpad(b []byte, m int) ([]byte, error) {
 	if m <= 0 {
-		return nil, errors.New("Invalid message block size when unpadding")
+		return nil, errors.New("invalid message block size when unpadding")
 	}
 	if b == nil || len(b) == 0 {
-		return nil, errors.New("Padded data not valid: Zero size")
+		return nil, errors.New("padded data not valid: Zero size")
 	}
 	if len(b)%m != 0 {
-		return nil, errors.New("Padded data not valid: Not multiple of message block size")
+		return nil, errors.New("padded data not valid: Not multiple of message block size")
 	}
 	c := b[len(b)-1]
 	n := int(c)
 	if n == 0 || n > len(b) {
-		return nil, errors.New("Padded data not valid: Data may not have been padded")
+		return nil, errors.New("padded data not valid: Data may not have been padded")
 	}
 	for i := 0; i < n; i++ {
 		if b[len(b)-n+i] != c {
-			return nil, errors.New("Padded data not valid")
+			return nil, errors.New("padded data not valid")
 		}
 	}
 	return b[:len(b)-n], nil
@@ -71,7 +71,7 @@ func PKCS7Unpad(b []byte, m int) ([]byte, error) {
 func GetHash(pt, key []byte, usage []byte, etype etype.EType) ([]byte, error) {
 	k, err := etype.DeriveKey(key, usage)
 	if err != nil {
-		return nil, fmt.Errorf("Unable to derive key for checksum: %v", err)
+		return nil, fmt.Errorf("unable to derive key for checksum: %v", err)
 	}
 	mac := hmac.New(etype.GetHashFunc(), k)
 	p := make([]byte, len(pt))

crypto/crypto.go

@@ -34,7 +34,7 @@ func GetEtype(id int32) (etype.EType, error) {
 		var et RC4HMAC
 		return et, nil
 	default:
-		return nil, fmt.Errorf("Unknown or unsupported EType: %d", id)
+		return nil, fmt.Errorf("unknown or unsupported EType: %d", id)
 	}
 }
 
@@ -63,7 +63,7 @@ func GetChksumEtype(id int32) (etype.EType, error) {
 	//	var et RC4HMAC
 	//	return et, nil
 	default:
-		return nil, fmt.Errorf("Unknown or unsupported checksum type: %d", id)
+		return nil, fmt.Errorf("unknown or unsupported checksum type: %d", id)
 	}
 }
 
@@ -72,7 +72,7 @@ func GetKeyFromPassword(passwd string, cname types.PrincipalName, realm string,
 	var key types.EncryptionKey
 	et, err := GetEtype(etypeID)
 	if err != nil {
-		return key, et, fmt.Errorf("Error getting encryption type: %v", err)
+		return key, et, fmt.Errorf("error getting encryption type: %v", err)
 	}
 	sk2p := et.GetDefaultStringToKeyParams()
 	var salt string
@@ -91,12 +91,12 @@ func GetKeyFromPassword(passwd string, cname types.PrincipalName, realm string,
 			var eti types.ETypeInfo
 			err := eti.Unmarshal(pa.PADataValue)
 			if err != nil {
-				return key, et, fmt.Errorf("Error unmashaling PA Data to PA-ETYPE-INFO2: %v", err)
+				return key, et, fmt.Errorf("error unmashaling PA Data to PA-ETYPE-INFO2: %v", err)
 			}
 			if etypeID != eti[0].EType {
 				et, err = GetEtype(eti[0].EType)
 				if err != nil {
-					return key, et, fmt.Errorf("Error getting encryption type: %v", err)
+					return key, et, fmt.Errorf("error getting encryption type: %v", err)
 				}
 			}
 			salt = string(eti[0].Salt)
@@ -107,12 +107,12 @@ func GetKeyFromPassword(passwd string, cname types.PrincipalName, realm string,
 			var et2 types.ETypeInfo2
 			err := et2.Unmarshal(pa.PADataValue)
 			if err != nil {
-				return key, et, fmt.Errorf("Error unmashalling PA Data to PA-ETYPE-INFO2: %v", err)
+				return key, et, fmt.Errorf("error unmashalling PA Data to PA-ETYPE-INFO2: %v", err)
 			}
 			if etypeID != et2[0].EType {
 				et, err = GetEtype(et2[0].EType)
 				if err != nil {
-					return key, et, fmt.Errorf("Error getting encryption type: %v", err)
+					return key, et, fmt.Errorf("error getting encryption type: %v", err)
 				}
 			}
 			if len(et2[0].S2KParams) == 4 {
@@ -126,7 +126,7 @@ func GetKeyFromPassword(passwd string, cname types.PrincipalName, realm string,
 	}
 	k, err := et.StringToKey(passwd, salt, sk2p)
 	if err != nil {
-		return key, et, fmt.Errorf("Error deriving key from string: %+v", err)
+		return key, et, fmt.Errorf("error deriving key from string: %+v", err)
 	}
 	key = types.EncryptionKey{
 		KeyType:  etypeID,
@@ -141,7 +141,7 @@ func GetEncryptedData(plainBytes []byte, key types.EncryptionKey, usage uint32,
 	var ed types.EncryptedData
 	et, err := GetEtype(key.KeyType)
 	if err != nil {
-		return ed, fmt.Errorf("Error getting etype: %v", err)
+		return ed, fmt.Errorf("error getting etype: %v", err)
 	}
 	_, b, err := et.EncryptMessage(key.KeyValue, plainBytes, usage)
 	if err != nil {
@@ -165,11 +165,11 @@ func DecryptEncPart(ed types.EncryptedData, key types.EncryptionKey, usage uint3
 func DecryptMessage(ciphertext []byte, key types.EncryptionKey, usage uint32) ([]byte, error) {
 	et, err := GetEtype(key.KeyType)
 	if err != nil {
-		return []byte{}, fmt.Errorf("Error decrypting: %v", err)
+		return []byte{}, fmt.Errorf("error decrypting: %v", err)
 	}
 	b, err := et.DecryptMessage(key.KeyValue, ciphertext, usage)
 	if err != nil {
-		return nil, fmt.Errorf("Error decrypting: %v", err)
+		return nil, fmt.Errorf("error decrypting: %v", err)
 	}
 	return b, nil
 }

crypto/des3-cbc-sha1-kd_test.go

@@ -59,7 +59,7 @@ func TestDes3CbcSha1Kd_StringToKey(t *testing.T) {
 	for _, test := range tests {
 		key, err := e.StringToKey(test.secret, test.salt, "")
 		if err != nil {
-			t.Errorf("Error in StringToKey: %v", err)
+			t.Errorf("error in StringToKey: %v", err)
 		}
 		assert.Equal(t, test.key, hex.EncodeToString(key), "StringToKey not as expected")
 	}

crypto/rfc3961/encryption.go

@@ -16,13 +16,13 @@ import (
 // DES3EncryptData encrypts the data provided using DES3 and methods specific to the etype provided.
 func DES3EncryptData(key, data []byte, e etype.EType) ([]byte, []byte, error) {
 	if len(key) != e.GetKeyByteSize() {
-		return nil, nil, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
+		return nil, nil, fmt.Errorf("incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
 	}
 	data, _ = common.ZeroPad(data, e.GetMessageBlockByteSize())
 
 	block, err := des.NewTripleDESCipher(key)
 	if err != nil {
-		return nil, nil, fmt.Errorf("Error creating cipher: %v", err)
+		return nil, nil, fmt.Errorf("error creating cipher: %v", err)
 	}
 
 	//RFC 3961: initial cipher state      All bits zero
@@ -41,7 +41,7 @@ func DES3EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byt
 	c := make([]byte, e.GetConfounderByteSize())
 	_, err := rand.Read(c)
 	if err != nil {
-		return []byte{}, []byte{}, fmt.Errorf("Could not generate random confounder: %v", err)
+		return []byte{}, []byte{}, fmt.Errorf("could not generate random confounder: %v", err)
 	}
 	plainBytes := append(c, message...)
 	plainBytes, _ = common.ZeroPad(plainBytes, e.GetMessageBlockByteSize())
@@ -51,19 +51,19 @@ func DES3EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byt
 	if usage != 0 {
 		k, err = e.DeriveKey(key, common.GetUsageKe(usage))
 		if err != nil {
-			return []byte{}, []byte{}, fmt.Errorf("Error deriving key for encryption: %v", err)
+			return []byte{}, []byte{}, fmt.Errorf("error deriving key for encryption: %v", err)
 		}
 	}
 
 	iv, b, err := e.EncryptData(k, plainBytes)
 	if err != nil {
-		return iv, b, fmt.Errorf("Error encrypting data: %v", err)
+		return iv, b, fmt.Errorf("error encrypting data: %v", err)
 	}
 
 	// Generate and append integrity hash
 	ih, err := common.GetIntegrityHash(plainBytes, key, usage, e)
 	if err != nil {
-		return iv, b, fmt.Errorf("Error encrypting data: %v", err)
+		return iv, b, fmt.Errorf("error encrypting data: %v", err)
 	}
 	b = append(b, ih...)
 	return iv, b, nil
@@ -72,15 +72,15 @@ func DES3EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byt
 // DES3DecryptData decrypts the data provided using DES3 and methods specific to the etype provided.
 func DES3DecryptData(key, data []byte, e etype.EType) ([]byte, error) {
 	if len(key) != e.GetKeyByteSize() {
-		return []byte{}, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
+		return []byte{}, fmt.Errorf("incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
 	}
 
 	if len(data) < des.BlockSize || len(data)%des.BlockSize != 0 {
-		return []byte{}, errors.New("Ciphertext is not a multiple of the block size")
+		return []byte{}, errors.New("ciphertext is not a multiple of the block size")
 	}
 	block, err := des.NewTripleDESCipher(key)
 	if err != nil {
-		return []byte{}, fmt.Errorf("Error creating cipher: %v", err)
+		return []byte{}, fmt.Errorf("error creating cipher: %v", err)
 	}
 	pt := make([]byte, len(data))
 	ivz := make([]byte, des.BlockSize)
@@ -95,16 +95,16 @@ func DES3DecryptMessage(key, ciphertext []byte, usage uint32, e etype.EType) ([]
 	//Derive the key
 	k, err := e.DeriveKey(key, common.GetUsageKe(usage))
 	if err != nil {
-		return nil, fmt.Errorf("Error deriving key: %v", err)
+		return nil, fmt.Errorf("error deriving key: %v", err)
 	}
 	// Strip off the checksum from the end
 	b, err := e.DecryptData(k, ciphertext[:len(ciphertext)-e.GetHMACBitLength()/8])
 	if err != nil {
-		return nil, fmt.Errorf("Error decrypting: %v", err)
+		return nil, fmt.Errorf("error decrypting: %v", err)
 	}
 	//Verify checksum
 	if !e.VerifyIntegrity(key, ciphertext, b, usage) {
-		return nil, errors.New("Error decrypting: integrity verification failed")
+		return nil, errors.New("error decrypting: integrity verification failed")
 	}
 	//Remove the confounder bytes
 	return b[e.GetConfounderByteSize():], nil

crypto/rfc3962/encryption.go

@@ -14,7 +14,7 @@ import (
 // EncryptData encrypts the data provided using methods specific to the etype provided as defined in RFC 3962.
 func EncryptData(key, data []byte, e etype.EType) ([]byte, []byte, error) {
 	if len(key) != e.GetKeyByteSize() {
-		return []byte{}, []byte{}, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
+		return []byte{}, []byte{}, fmt.Errorf("incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
 	}
 	ivz := make([]byte, e.GetCypherBlockBitLength()/8)
 	return aescts.Encrypt(key, ivz, data)
@@ -24,13 +24,13 @@ func EncryptData(key, data []byte, e etype.EType) ([]byte, []byte, error) {
 // The encrypted data is concatenated with its integrity hash to create an encrypted message.
 func EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byte, []byte, error) {
 	if len(key) != e.GetKeyByteSize() {
-		return []byte{}, []byte{}, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
+		return []byte{}, []byte{}, fmt.Errorf("incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
 	}
 	//confounder
 	c := make([]byte, e.GetConfounderByteSize())
 	_, err := rand.Read(c)
 	if err != nil {
-		return []byte{}, []byte{}, fmt.Errorf("Could not generate random confounder: %v", err)
+		return []byte{}, []byte{}, fmt.Errorf("could not generate random confounder: %v", err)
 	}
 	plainBytes := append(c, message...)
 
@@ -39,20 +39,20 @@ func EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byte, [
 	if usage != 0 {
 		k, err = e.DeriveKey(key, common.GetUsageKe(usage))
 		if err != nil {
-			return []byte{}, []byte{}, fmt.Errorf("Error deriving key for encryption: %v", err)
+			return []byte{}, []byte{}, fmt.Errorf("error deriving key for encryption: %v", err)
 		}
 	}
 
 	// Encrypt the data
 	iv, b, err := e.EncryptData(k, plainBytes)
 	if err != nil {
-		return iv, b, fmt.Errorf("Error encrypting data: %v", err)
+		return iv, b, fmt.Errorf("error encrypting data: %v", err)
 	}
 
 	// Generate and append integrity hash
 	ih, err := common.GetIntegrityHash(plainBytes, key, usage, e)
 	if err != nil {
-		return iv, b, fmt.Errorf("Error encrypting data: %v", err)
+		return iv, b, fmt.Errorf("error encrypting data: %v", err)
 	}
 	b = append(b, ih...)
 	return iv, b, nil
@@ -61,7 +61,7 @@ func EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byte, [
 // DecryptData decrypts the data provided using the methods specific to the etype provided as defined in RFC 3962.
 func DecryptData(key, data []byte, e etype.EType) ([]byte, error) {
 	if len(key) != e.GetKeyByteSize() {
-		return []byte{}, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
+		return []byte{}, fmt.Errorf("incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
 	}
 	ivz := make([]byte, e.GetCypherBlockBitLength()/8)
 	return aescts.Decrypt(key, ivz, data)
@@ -73,7 +73,7 @@ func DecryptMessage(key, ciphertext []byte, usage uint32, e etype.EType) ([]byte
 	//Derive the key
 	k, err := e.DeriveKey(key, common.GetUsageKe(usage))
 	if err != nil {
-		return nil, fmt.Errorf("Error deriving key: %v", err)
+		return nil, fmt.Errorf("error deriving key: %v", err)
 	}
 	// Strip off the checksum from the end
 	b, err := e.DecryptData(k, ciphertext[:len(ciphertext)-e.GetHMACBitLength()/8])
@@ -82,7 +82,7 @@ func DecryptMessage(key, ciphertext []byte, usage uint32, e etype.EType) ([]byte
 	}
 	//Verify checksum
 	if !e.VerifyIntegrity(key, ciphertext, b, usage) {
-		return nil, errors.New("Integrity verification failed")
+		return nil, errors.New("integrity verification failed")
 	}
 	//Remove the confounder bytes
 	return b[e.GetConfounderByteSize():], nil

crypto/rfc4757/encryption.go

@@ -14,11 +14,11 @@ import (
 // EncryptData encrypts the data provided using methods specific to the etype provided as defined in RFC 4757.
 func EncryptData(key, data []byte, e etype.EType) ([]byte, error) {
 	if len(key) != e.GetKeyByteSize() {
-		return []byte{}, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
+		return []byte{}, fmt.Errorf("incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
 	}
 	rc4Cipher, err := rc4.NewCipher(key)
 	if err != nil {
-		return []byte{}, fmt.Errorf("Error creating RC4 cipher: %v", err)
+		return []byte{}, fmt.Errorf("error creating RC4 cipher: %v", err)
 	}
 	ed := make([]byte, len(data))
 	copy(ed, data)
@@ -38,7 +38,7 @@ func EncryptMessage(key, data []byte, usage uint32, export bool, e etype.EType)
 	confounder := make([]byte, e.GetConfounderByteSize()) // size = 8
 	_, err := rand.Read(confounder)
 	if err != nil {
-		return []byte{}, fmt.Errorf("Error generating confounder: %v", err)
+		return []byte{}, fmt.Errorf("error generating confounder: %v", err)
 	}
 	k1 := key
 	k2 := HMAC(k1, UsageToMSMsgType(usage))
@@ -48,7 +48,7 @@ func EncryptMessage(key, data []byte, usage uint32, export bool, e etype.EType)
 
 	ed, err := EncryptData(k3, toenc, e)
 	if err != nil {
-		return []byte{}, fmt.Errorf("Error encrypting data: %v", err)
+		return []byte{}, fmt.Errorf("error encrypting data: %v", err)
 	}
 
 	msg := append(chksum, ed...)
@@ -64,11 +64,11 @@ func DecryptMessage(key, data []byte, usage uint32, export bool, e etype.EType)
 
 	pt, err := DecryptData(k3, ct, e)
 	if err != nil {
-		return []byte{}, fmt.Errorf("Error decrypting data: %v", err)
+		return []byte{}, fmt.Errorf("error decrypting data: %v", err)
 	}
 
 	if !VerifyIntegrity(k2, pt, data, e) {
-		return []byte{}, errors.New("Integrity checksum incorrect")
+		return []byte{}, errors.New("integrity checksum incorrect")
 	}
 	return pt[e.GetConfounderByteSize():], nil
 }

crypto/rfc8009/encryption.go

@@ -21,7 +21,7 @@ func EncryptData(key, data []byte, e etype.EType) ([]byte, []byte, error) {
 		kl = 32
 	}
 	if len(key) != kl {
-		return []byte{}, []byte{}, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
+		return []byte{}, []byte{}, fmt.Errorf("incorrect keysize: expected: %v actual: %v", e.GetKeyByteSize(), len(key))
 	}
 	ivz := make([]byte, aes.BlockSize)
 	return aescts.Encrypt(key, ivz, data)
@@ -35,7 +35,7 @@ func EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byte, [
 		kl = 32
 	}
 	if len(key) != kl {
-		return []byte{}, []byte{}, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", kl, len(key))
+		return []byte{}, []byte{}, fmt.Errorf("incorrect keysize: expected: %v actual: %v", kl, len(key))
 	}
 	if len(key) != e.GetKeyByteSize() {
 	}
@@ -43,7 +43,7 @@ func EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byte, [
 	c := make([]byte, e.GetConfounderByteSize())
 	_, err := rand.Read(c)
 	if err != nil {
-		return []byte{}, []byte{}, fmt.Errorf("Could not generate random confounder: %v", err)
+		return []byte{}, []byte{}, fmt.Errorf("could not generate random confounder: %v", err)
 	}
 	plainBytes := append(c, message...)
 
@@ -52,20 +52,20 @@ func EncryptMessage(key, message []byte, usage uint32, e etype.EType) ([]byte, [
 	if usage != 0 {
 		k, err = e.DeriveKey(key, common.GetUsageKe(usage))
 		if err != nil {
-			return []byte{}, []byte{}, fmt.Errorf("Error deriving key for encryption: %v", err)
+			return []byte{}, []byte{}, fmt.Errorf("error deriving key for encryption: %v", err)
 		}
 	}
 
 	// Encrypt the data
 	iv, b, err := e.EncryptData(k, plainBytes)
 	if err != nil {
-		return iv, b, fmt.Errorf("Error encrypting data: %v", err)
+		return iv, b, fmt.Errorf("error encrypting data: %v", err)
 	}
 
 	ivz := make([]byte, e.GetConfounderByteSize())
 	ih, err := GetIntegityHash(ivz, b, key, usage, e)
 	if err != nil {
-		return iv, b, fmt.Errorf("Error encrypting data: %v", err)
+		return iv, b, fmt.Errorf("error encrypting data: %v", err)
 	}
 	b = append(b, ih...)
 	return iv, b, nil
@@ -78,7 +78,7 @@ func DecryptData(key, data []byte, e etype.EType) ([]byte, error) {
 		kl = 32
 	}
 	if len(key) != kl {
-		return []byte{}, fmt.Errorf("Incorrect keysize: expected: %v actual: %v", kl, len(key))
+		return []byte{}, fmt.Errorf("incorrect keysize: expected: %v actual: %v", kl, len(key))
 	}
 	ivz := make([]byte, aes.BlockSize)
 	return aescts.Decrypt(key, ivz, data)
@@ -90,7 +90,7 @@ func DecryptMessage(key, ciphertext []byte, usage uint32, e etype.EType) ([]byte
 	//Derive the key
 	k, err := e.DeriveKey(key, common.GetUsageKe(usage))
 	if err != nil {
-		return nil, fmt.Errorf("Error deriving key: %v", err)
+		return nil, fmt.Errorf("error deriving key: %v", err)
 	}
 	// Strip off the checksum from the end
 	b, err := e.DecryptData(k, ciphertext[:len(ciphertext)-e.GetHMACBitLength()/8])
@@ -99,7 +99,7 @@ func DecryptMessage(key, ciphertext []byte, usage uint32, e etype.EType) ([]byte
 	}
 	//Verify checksum
 	if !e.VerifyIntegrity(key, ciphertext, b, usage) {
-		return nil, errors.New("Integrity verification failed")
+		return nil, errors.New("integrity verification failed")
 	}
 	//Remove the confounder bytes
 	return b[e.GetConfounderByteSize():], nil

gssapi/NegotiationToken.go

@@ -71,25 +71,25 @@ func UnmarshalNegToken(b []byte) (bool, interface{}, error) {
 	var a asn1.RawValue
 	_, err := asn1.Unmarshal(b, &a)
 	if err != nil {
-		return false, nil, fmt.Errorf("Error unmarshalling NegotiationToken: %v", err)
+		return false, nil, fmt.Errorf("error unmarshalling NegotiationToken: %v", err)
 	}
 	switch a.Tag {
 	case 0:
 		var negToken NegTokenInit
 		_, err = asn1.Unmarshal(a.Bytes, &negToken)
 		if err != nil {
-			return false, nil, fmt.Errorf("Error unmarshalling NegotiationToken type %d (Init): %v", a.Tag, err)
+			return false, nil, fmt.Errorf("error unmarshalling NegotiationToken type %d (Init): %v", a.Tag, err)
 		}
 		return true, negToken, nil
 	case 1:
 		var negToken NegTokenResp
 		_, err = asn1.Unmarshal(a.Bytes, &negToken)
 		if err != nil {
-			return false, nil, fmt.Errorf("Error unmarshalling NegotiationToken type %d (Resp/Targ): %v", a.Tag, err)
+			return false, nil, fmt.Errorf("error unmarshalling NegotiationToken type %d (Resp/Targ): %v", a.Tag, err)
 		}
 		return false, negToken, nil
 	default:
-		return false, nil, errors.New("Unknown choice type for NegotiationToken")
+		return false, nil, errors.New("unknown choice type for NegotiationToken")
 	}
 
 }

gssapi/gssapi.go

@@ -32,7 +32,7 @@ func (s *SPNEGO) Unmarshal(b []byte) error {
 		var oid asn1.ObjectIdentifier
 		r, err = asn1.UnmarshalWithParams(b, &oid, fmt.Sprintf("application,explicit,tag:%v", 0))
 		if err != nil {
-			return fmt.Errorf("Not a valid SPNEGO token: %v", err)
+			return fmt.Errorf("not a valid SPNEGO token: %v", err)
 		}
 		// Check the OID is the SPNEGO OID value
 		if !oid.Equal(asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 2}) {
@@ -46,23 +46,23 @@ func (s *SPNEGO) Unmarshal(b []byte) error {
 	var a asn1.RawValue
 	_, err = asn1.Unmarshal(r, &a)
 	if err != nil {
-		return fmt.Errorf("Error unmarshalling SPNEGO: %v", err)
+		return fmt.Errorf("error unmarshalling SPNEGO: %v", err)
 	}
 	switch a.Tag {
 	case 0:
 		_, err = asn1.Unmarshal(a.Bytes, &s.NegTokenInit)
 		if err != nil {
-			return fmt.Errorf("Error unmarshalling NegotiationToken type %d (Init): %v", a.Tag, err)
+			return fmt.Errorf("error unmarshalling NegotiationToken type %d (Init): %v", a.Tag, err)
 		}
 		s.Init = true
 	case 1:
 		_, err = asn1.Unmarshal(a.Bytes, &s.NegTokenResp)
 		if err != nil {
-			return fmt.Errorf("Error unmarshalling NegotiationToken type %d (Resp/Targ): %v", a.Tag, err)
+			return fmt.Errorf("error unmarshalling NegotiationToken type %d (Resp/Targ): %v", a.Tag, err)
 		}
 		s.Resp = true
 	default:
-		return errors.New("Unknown choice type for NegotiationToken")
+		return errors.New("unknown choice type for NegotiationToken")
 	}
 	return nil
 }
@@ -74,7 +74,7 @@ func (s *SPNEGO) Marshal() ([]byte, error) {
 		hb, _ := asn1.Marshal(SPNEGO_OID)
 		tb, err := s.NegTokenInit.Marshal()
 		if err != nil {
-			return b, fmt.Errorf("Could not marshal NegTokenInit: %v", err)
+			return b, fmt.Errorf("could not marshal NegTokenInit: %v", err)
 		}
 		b = append(hb, tb...)
 		return asn1tools.AddASNAppTag(b, 0), nil
@@ -82,7 +82,7 @@ func (s *SPNEGO) Marshal() ([]byte, error) {
 	if s.Resp {
 		b, err := s.NegTokenResp.Marshal()
 		if err != nil {
-			return b, fmt.Errorf("Could not marshal NegTokenResp: %v", err)
+			return b, fmt.Errorf("could not marshal NegTokenResp: %v", err)
 		}
 		return b, nil
 	}
@@ -93,7 +93,7 @@ func (s *SPNEGO) Marshal() ([]byte, error) {
 func GetSPNEGOKrbNegTokenInit(creds credentials.Credentials, tkt messages.Ticket, sessionKey types.EncryptionKey) (SPNEGO, error) {
 	negTokenInit, err := NewNegTokenInitKrb5(creds, tkt, sessionKey)
 	if err != nil {
-		return SPNEGO{}, fmt.Errorf("Could not create NegTokenInit: %v", err)
+		return SPNEGO{}, fmt.Errorf("could not create NegTokenInit: %v", err)
 	}
 	return SPNEGO{
 		Init:         true,

gssapi/krb5Token.go

@@ -68,7 +68,7 @@ func (m *MechToken) Unmarshal(b []byte) error {
 	var oid asn1.ObjectIdentifier
 	r, err := asn1.UnmarshalWithParams(b, &oid, fmt.Sprintf("application,explicit,tag:%v", 0))
 	if err != nil {
-		return fmt.Errorf("Error unmarshalling MechToken OID: %v", err)
+		return fmt.Errorf("error unmarshalling MechToken OID: %v", err)
 	}
 	m.OID = oid
 	m.TokID = r[0:2]
@@ -77,21 +77,21 @@ func (m *MechToken) Unmarshal(b []byte) error {
 		var a messages.APReq
 		err = a.Unmarshal(r[2:])
 		if err != nil {
-			return fmt.Errorf("Error unmarshalling MechToken AP_REQ: %v", err)
+			return fmt.Errorf("error unmarshalling MechToken AP_REQ: %v", err)
 		}
 		m.APReq = a
 	case TOK_ID_KRB_AP_REP:
 		var a messages.APRep
 		err = a.Unmarshal(r[2:])
 		if err != nil {
-			return fmt.Errorf("Error unmarshalling MechToken AP_REP: %v", err)
+			return fmt.Errorf("error unmarshalling MechToken AP_REP: %v", err)
 		}
 		m.APRep = a
 	case TOK_ID_KRB_ERROR:
 		var a messages.KRBError
 		err = a.Unmarshal(r[2:])
 		if err != nil {
-			return fmt.Errorf("Error unmarshalling MechToken KRBError: %v", err)
+			return fmt.Errorf("error unmarshalling MechToken KRBError: %v", err)
 		}
 		m.KRBError = a
 	}

keytab/keytab.go

@@ -69,7 +69,7 @@ func (kt *Keytab) GetEncryptionKey(nameString []string, realm string, kvno int,
 		}
 	}
 	if len(key.KeyValue) < 1 {
-		return key, fmt.Errorf("Matching key not found in keytab. Looking for %v realm: %v kvno: %v etype: %v", nameString, realm, kvno, etype)
+		return key, fmt.Errorf("matching key not found in keytab. Looking for %v realm: %v kvno: %v etype: %v", nameString, realm, kvno, etype)
 	}
 	return key, nil
 }
@@ -136,14 +136,14 @@ func (kt Keytab) Write(w io.Writer) (int, error) {
 func Parse(b []byte) (kt Keytab, err error) {
 	//The first byte of the file always has the value 5
 	if b[0] != keytabFirstByte {
-		err = errors.New("Invalid keytab data. First byte does not equal 5")
+		err = errors.New("invalid keytab data. First byte does not equal 5")
 		return
 	}
 	//Get keytab version
 	//The 2nd byte contains the version number (1 or 2)
 	kt.Version = uint8(b[1])
 	if kt.Version != 1 && kt.Version != 2 {
-		err = errors.New("Invalid keytab data. Keytab version is neither 1 nor 2")
+		err = errors.New("invalid keytab data. Keytab version is neither 1 nor 2")
 		return
 	}
 	//Version 1 of the file format uses native byte order for integer representations. Version 2 always uses big-endian byte order

messages/Ticket.go

@@ -139,11 +139,11 @@ func UnmarshalTicketsSequence(in asn1.RawValue) ([]Ticket, error) {
 	for p < (len(b)) {
 		_, err := asn1.UnmarshalWithParams(b[p:], &raw, fmt.Sprintf("application,tag:%d", asnAppTag.Ticket))
 		if err != nil {
-			return nil, fmt.Errorf("Unmarshaling sequence of tickets failed geting length of ticket: %v", err)
+			return nil, fmt.Errorf("unmarshaling sequence of tickets failed geting length of ticket: %v", err)
 		}
 		t, err := UnmarshalTicket(b[p:])
 		if err != nil {
-			return nil, fmt.Errorf("Unmarshaling sequence of tickets failed: %v", err)
+			return nil, fmt.Errorf("unmarshaling sequence of tickets failed: %v", err)
 		}
 		p += len(raw.FullBytes)
 		tkts = append(tkts, t)
@@ -166,7 +166,7 @@ func MarshalTicketSequence(tkts []Ticket) (asn1.RawValue, error) {
 	for i, t := range tkts {
 		b, err := t.Marshal()
 		if err != nil {
-			return raw, fmt.Errorf("Error marshaling ticket number %d in seqence of tickets", i+1)
+			return raw, fmt.Errorf("error marshaling ticket number %d in seqence of tickets", i+1)
 		}
 		btkts = append(btkts, b...)
 	}
@@ -199,12 +199,12 @@ func (t *Ticket) DecryptEncPart(keytab keytab.Keytab, sa string) error {
 	}
 	b, err := crypto.DecryptEncPart(t.EncPart, key, keyusage.KDC_REP_TICKET)
 	if err != nil {
-		return fmt.Errorf("Error decrypting Ticket EncPart: %v", err)
+		return fmt.Errorf("error decrypting Ticket EncPart: %v", err)
 	}
 	var denc EncTicketPart
 	err = denc.Unmarshal(b)
 	if err != nil {
-		return fmt.Errorf("Error unmarshaling encrypted part: %v", err)
+		return fmt.Errorf("error unmarshaling encrypted part: %v", err)
 	}
 	t.DecryptedEncPart = denc
 	return nil
@@ -225,11 +225,11 @@ func (t *Ticket) GetPACType(keytab keytab.Keytab, sa string) (bool, pac.PACType,
 				var p pac.PACType
 				err = p.Unmarshal(ad2[0].ADData)
 				if err != nil {
-					return isPAC, p, fmt.Errorf("Error unmarshaling PAC: %v", err)
+					return isPAC, p, fmt.Errorf("error unmarshaling PAC: %v", err)
 				}
 				var upn []string
 				if sa != "" {
-					upn = []string{sa}
+					upn = strings.Split(sa, "/")
 				} else {
 					upn = t.SName.NameString
 				}

pac/client_claims.go

@@ -16,7 +16,7 @@ type ClientClaimsInfo struct {
 func (k *ClientClaimsInfo) Unmarshal(b []byte) error {
 	ch, _, p, err := ndr.ReadHeaders(&b)
 	if err != nil {
-		return fmt.Errorf("Error parsing byte stream headers: %v", err)
+		return fmt.Errorf("error parsing byte stream headers: %v", err)
 	}
 	e := &ch.Endianness
 

pac/credentials_info.go

@@ -25,7 +25,7 @@ type CredentialsInfo struct {
 func (c *CredentialsInfo) Unmarshal(b []byte, k types.EncryptionKey) error {
 	ch, _, p, err := ndr.ReadHeaders(&b)
 	if err != nil {
-		return fmt.Errorf("Error parsing byte stream headers: %v", err)
+		return fmt.Errorf("error parsing byte stream headers: %v", err)
 	}
 	e := &ch.Endianness
 
@@ -38,7 +38,7 @@ func (c *CredentialsInfo) Unmarshal(b []byte, k types.EncryptionKey) error {
 
 	err = c.DecryptEncPart(k, e)
 	if err != nil {
-		return fmt.Errorf("Error decrypting PAC Credentials Data: %v", err)
+		return fmt.Errorf("error decrypting PAC Credentials Data: %v", err)
 	}
 	return nil
 }
@@ -46,7 +46,7 @@ func (c *CredentialsInfo) Unmarshal(b []byte, k types.EncryptionKey) error {
 // DecryptEncPart decrypts the encrypted part of the CredentialsInfo.
 func (c *CredentialsInfo) DecryptEncPart(k types.EncryptionKey, e *binary.ByteOrder) error {
 	if k.KeyType != int32(c.EType) {
-		return fmt.Errorf("Key provided is not the correct type. Type needed: %d, type provided: %d", c.EType, k.KeyType)
+		return fmt.Errorf("key provided is not the correct type. Type needed: %d, type provided: %d", c.EType, k.KeyType)
 	}
 	pt, err := crypto.DecryptMessage(c.PACCredentialDataEncrypted, k, keyusage.KERB_NON_KERB_SALT)
 	if err != nil {

pac/device_claims.go

@@ -16,7 +16,7 @@ type DeviceClaimsInfo struct {
 func (k *DeviceClaimsInfo) Unmarshal(b []byte) error {
 	ch, _, p, err := ndr.ReadHeaders(&b)
 	if err != nil {
-		return fmt.Errorf("Error parsing byte stream headers: %v", err)
+		return fmt.Errorf("error parsing byte stream headers: %v", err)
 	}
 	e := &ch.Endianness
 
@@ -29,7 +29,7 @@ func (k *DeviceClaimsInfo) Unmarshal(b []byte) error {
 	if len(b) >= p {
 		for _, v := range b[p:] {
 			if v != 0 {
-				return ndr.Malformed{EText: "Non-zero padding left over at end of data stream"}
+				return ndr.Malformed{EText: "non-zero padding left over at end of data stream"}
 			}
 		}
 	}

pac/device_info.go

@@ -24,7 +24,7 @@ type DeviceInfo struct {
 func (k *DeviceInfo) Unmarshal(b []byte) error {
 	ch, _, p, err := ndr.ReadHeaders(&b)
 	if err != nil {
-		return fmt.Errorf("Error parsing byte stream headers: %v", err)
+		return fmt.Errorf("error parsing byte stream headers: %v", err)
 	}
 	e := &ch.Endianness
 
@@ -50,7 +50,7 @@ func (k *DeviceInfo) Unmarshal(b []byte) error {
 	if k.SIDCount > 0 {
 		ac := ndr.ReadUniDimensionalConformantArrayHeader(&b, &p, e)
 		if ac != int(k.SIDCount) {
-			return fmt.Errorf("Error with size of ExtraSIDs list. Expected: %d, Actual: %d", k.SIDCount, ac)
+			return fmt.Errorf("error with size of ExtraSIDs list. expected: %d, Actual: %d", k.SIDCount, ac)
 		}
 		es := make([]mstypes.KerbSidAndAttributes, k.SIDCount, k.SIDCount)
 		attr := make([]uint32, k.SIDCount, k.SIDCount)
@@ -64,7 +64,7 @@ func (k *DeviceInfo) Unmarshal(b []byte) error {
 				s, err := mstypes.ReadRPCSID(&b, &p, e)
 				es[i] = mstypes.KerbSidAndAttributes{SID: s, Attributes: attr[i]}
 				if err != nil {
-					return ndr.Malformed{EText: fmt.Sprintf("Could not read ExtraSIDs: %v", err)}
+					return ndr.Malformed{EText: fmt.Sprintf("could not read ExtraSIDs: %v", err)}
 				}
 			}
 		}
@@ -84,7 +84,7 @@ func (k *DeviceInfo) Unmarshal(b []byte) error {
 	if len(b) >= p {
 		for _, v := range b[p:] {
 			if v != 0 {
-				return ndr.Malformed{EText: "Non-zero padding left over at end of data stream"}
+				return ndr.Malformed{EText: "non-zero padding left over at end of data stream"}
 			}
 		}
 	}

pac/kerb_validation_info.go

@@ -78,7 +78,7 @@ type KerbValidationInfo struct {
 func (k *KerbValidationInfo) Unmarshal(b []byte) (err error) {
 	ch, _, p, err := ndr.ReadHeaders(&b)
 	if err != nil {
-		return fmt.Errorf("Error parsing byte stream headers: %v", err)
+		return fmt.Errorf("error parsing byte stream headers: %v", err)
 	}
 	e := &ch.Endianness
 
@@ -172,7 +172,7 @@ func (k *KerbValidationInfo) Unmarshal(b []byte) (err error) {
 	if k.GroupCount > 0 {
 		ac := ndr.ReadUniDimensionalConformantArrayHeader(&b, &p, e)
 		if ac != int(k.GroupCount) {
-			return errors.New("Error with size of group list")
+			return errors.New("error with size of group list")
 		}
 		g := make([]mstypes.GroupMembership, k.GroupCount, k.GroupCount)
 		for i := range g {
@@ -191,14 +191,14 @@ func (k *KerbValidationInfo) Unmarshal(b []byte) (err error) {
 	if k.pLogonDomainID != 0 {
 		k.LogonDomainID, err = mstypes.ReadRPCSID(&b, &p, e)
 		if err != nil {
-			return fmt.Errorf("Error reading LogonDomainID: %v", err)
+			return fmt.Errorf("error reading LogonDomainID: %v", err)
 		}
 	}
 
 	if k.SIDCount > 0 {
 		ac := ndr.ReadUniDimensionalConformantArrayHeader(&b, &p, e)
 		if ac != int(k.SIDCount) {
-			return fmt.Errorf("Error with size of ExtraSIDs list. Expected: %d, Actual: %d", k.SIDCount, ac)
+			return fmt.Errorf("error with size of ExtraSIDs list. Expected: %d, Actual: %d", k.SIDCount, ac)
 		}
 		es := make([]mstypes.KerbSidAndAttributes, k.SIDCount, k.SIDCount)
 		attr := make([]uint32, k.SIDCount, k.SIDCount)
@@ -212,7 +212,7 @@ func (k *KerbValidationInfo) Unmarshal(b []byte) (err error) {
 				s, err := mstypes.ReadRPCSID(&b, &p, e)
 				es[i] = mstypes.KerbSidAndAttributes{SID: s, Attributes: attr[i]}
 				if err != nil {
-					return ndr.Malformed{EText: fmt.Sprintf("Could not read ExtraSIDs: %v", err)}
+					return ndr.Malformed{EText: fmt.Sprintf("could not read ExtraSIDs: %v", err)}
 				}
 			}
 		}
@@ -229,7 +229,7 @@ func (k *KerbValidationInfo) Unmarshal(b []byte) (err error) {
 	if k.ResourceGroupCount > 0 {
 		ac := ndr.ReadUniDimensionalConformantArrayHeader(&b, &p, e)
 		if ac != int(k.ResourceGroupCount) {
-			return fmt.Errorf("Error with size of ResourceGroup list. Expected: %d, Actual: %d", k.ResourceGroupCount, ac)
+			return fmt.Errorf("error with size of ResourceGroup list. Expected: %d, Actual: %d", k.ResourceGroupCount, ac)
 		}
 		g := make([]mstypes.GroupMembership, ac, ac)
 		for i := range g {
@@ -242,7 +242,7 @@ func (k *KerbValidationInfo) Unmarshal(b []byte) (err error) {
 	if len(b) >= p {
 		for _, v := range b[p:] {
 			if v != 0 {
-				return ndr.Malformed{EText: "Non-zero padding left over at end of data stream"}
+				return ndr.Malformed{EText: "non-zero padding left over at end of data stream"}
 			}
 		}
 	}

pac/pac_type.go

@@ -63,7 +63,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			var k KerbValidationInfo
 			err := k.Unmarshal(p)
 			if err != nil {
-				return fmt.Errorf("Error processing KerbValidationInfo: %v", err)
+				return fmt.Errorf("error processing KerbValidationInfo: %v", err)
 			}
 			pac.KerbValidationInfo = &k
 		case ulTypeCredentials:
@@ -74,7 +74,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			var k CredentialsInfo
 			err := k.Unmarshal(p, key)
 			if err != nil {
-				return fmt.Errorf("Error processing CredentialsInfo: %v", err)
+				return fmt.Errorf("error processing CredentialsInfo: %v", err)
 			}
 			pac.CredentialsInfo = &k
 		case ulTypePACServerSignatureData:
@@ -86,7 +86,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			zb, err := k.Unmarshal(p)
 			copy(pac.ZeroSigData[int(buf.Offset):int(buf.Offset)+int(buf.CBBufferSize)], zb)
 			if err != nil {
-				return fmt.Errorf("Error processing ServerChecksum: %v", err)
+				return fmt.Errorf("error processing ServerChecksum: %v", err)
 			}
 			pac.ServerChecksum = &k
 		case ulTypePACKDCSignatureData:
@@ -98,7 +98,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			zb, err := k.Unmarshal(p)
 			copy(pac.ZeroSigData[int(buf.Offset):int(buf.Offset)+int(buf.CBBufferSize)], zb)
 			if err != nil {
-				return fmt.Errorf("Error processing KDCChecksum: %v", err)
+				return fmt.Errorf("error processing KDCChecksum: %v", err)
 			}
 			pac.KDCChecksum = &k
 		case ulTypePACClientInfo:
@@ -109,7 +109,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			var k ClientInfo
 			err := k.Unmarshal(p)
 			if err != nil {
-				return fmt.Errorf("Error processing ClientInfo: %v", err)
+				return fmt.Errorf("error processing ClientInfo: %v", err)
 			}
 			pac.ClientInfo = &k
 		case ulTypeS4UDelegationInfo:
@@ -120,7 +120,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			var k S4UDelegationInfo
 			err := k.Unmarshal(p)
 			if err != nil {
-				return fmt.Errorf("Error processing S4U_DelegationInfo: %v", err)
+				return fmt.Errorf("error processing S4U_DelegationInfo: %v", err)
 			}
 			pac.S4UDelegationInfo = &k
 		case ulTypeUPNDNSInfo:
@@ -131,7 +131,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			var k UPNDNSInfo
 			err := k.Unmarshal(p)
 			if err != nil {
-				return fmt.Errorf("Error processing UPN_DNSInfo: %v", err)
+				return fmt.Errorf("error processing UPN_DNSInfo: %v", err)
 			}
 			pac.UPNDNSInfo = &k
 		case ulTypePACClientClaimsInfo:
@@ -142,7 +142,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			var k ClientClaimsInfo
 			err := k.Unmarshal(p)
 			if err != nil {
-				return fmt.Errorf("Error processing ClientClaimsInfo: %v", err)
+				return fmt.Errorf("error processing ClientClaimsInfo: %v", err)
 			}
 			pac.ClientClaimsInfo = &k
 		case ulTypePACDeviceInfo:
@@ -153,7 +153,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			var k DeviceInfo
 			err := k.Unmarshal(p)
 			if err != nil {
-				return fmt.Errorf("Error processing DeviceInfo: %v", err)
+				return fmt.Errorf("error processing DeviceInfo: %v", err)
 			}
 			pac.DeviceInfo = &k
 		case ulTypePACDeviceClaimsInfo:
@@ -164,7 +164,7 @@ func (pac *PACType) ProcessPACInfoBuffers(key types.EncryptionKey) error {
 			var k DeviceClaimsInfo
 			err := k.Unmarshal(p)
 			if err != nil {
-				return fmt.Errorf("Error processing DeviceClaimsInfo: %v", err)
+				return fmt.Errorf("error processing DeviceClaimsInfo: %v", err)
 			}
 			pac.DeviceClaimsInfo = &k
 		}

pac/s4u_delegation_info.go

@@ -18,7 +18,7 @@ type S4UDelegationInfo struct {
 func (k *S4UDelegationInfo) Unmarshal(b []byte) error {
 	ch, _, p, err := ndr.ReadHeaders(&b)
 	if err != nil {
-		return fmt.Errorf("Error parsing byte stream headers: %v", err)
+		return fmt.Errorf("error parsing byte stream headers: %v", err)
 	}
 	e := &ch.Endianness
 
@@ -47,7 +47,7 @@ func (k *S4UDelegationInfo) Unmarshal(b []byte) error {
 	//Check that there is only zero padding left
 	for _, v := range b[p:] {
 		if v != 0 {
-			return ndr.Malformed{EText: "Non-zero padding left over at end of data stream"}
+			return ndr.Malformed{EText: "non-zero padding left over at end of data stream"}
 		}
 	}
 

service/authenticator.go

@@ -91,24 +91,24 @@ func (a KRB5BasicAuthenticator) Authenticate() (i goidentity.Identity, ok bool,
 	err = cl.Login()
 	if err != nil {
 		// Username and/or password could be wrong
-		err = fmt.Errorf("Error with user credentials during login: %v", err)
+		err = fmt.Errorf("error with user credentials during login: %v", err)
 		return
 	}
 	tkt, _, err := cl.GetServiceTicket(a.SPN)
 	if err != nil {
-		err = fmt.Errorf("Could not get service ticket: %v", err)
+		err = fmt.Errorf("could not get service ticket: %v", err)
 		return
 	}
 	err = tkt.DecryptEncPart(*a.ServiceKeytab, a.ServiceAccount)
 	if err != nil {
-		err = fmt.Errorf("Could not decrypt service ticket: %v", err)
+		err = fmt.Errorf("could not decrypt service ticket: %v", err)
 		return
 	}
 	cl.Credentials.SetAuthTime(time.Now().UTC())
 	cl.Credentials.SetAuthenticated(true)
 	isPAC, pac, err := tkt.GetPACType(*a.ServiceKeytab, a.ServiceAccount)
 	if isPAC && err != nil {
-		err = fmt.Errorf("Error processing PAC: %v", err)
+		err = fmt.Errorf("error processing PAC: %v", err)
 		return
 	}
 	if isPAC {

types/PAData.go

@@ -50,7 +50,7 @@ func GetPAEncTSEncAsnMarshalled() ([]byte, error) {
 	}
 	b, err := asn1.Marshal(p)
 	if err != nil {
-		return b, fmt.Errorf("Error mashaling PAEncTSEnc: %v", err)
+		return b, fmt.Errorf("error mashaling PAEncTSEnc: %v", err)
 	}
 	return b, nil
 }