From 668b0a5f407199406b7aa9d009511168f566a09e Mon Sep 17 00:00:00 2001 From: Stephen J Day Date: Fri, 2 Sep 2016 15:24:35 -0700 Subject: [PATCH] handlers: provide better log message on mismatched secret Signed-off-by: Stephen J Day --- registry/handlers/hmac.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/registry/handlers/hmac.go b/registry/handlers/hmac.go index 1725d240..94ed9fda 100644 --- a/registry/handlers/hmac.go +++ b/registry/handlers/hmac.go @@ -26,6 +26,8 @@ type blobUploadState struct { type hmacKey string +var errInvalidSecret = fmt.Errorf("invalid secret") + // unpackUploadState unpacks and validates the blob upload state from the // token, using the hmacKey secret. func (secret hmacKey) unpackUploadState(token string) (blobUploadState, error) { @@ -38,7 +40,7 @@ func (secret hmacKey) unpackUploadState(token string) (blobUploadState, error) { mac := hmac.New(sha256.New, []byte(secret)) if len(tokenBytes) < mac.Size() { - return state, fmt.Errorf("Invalid token") + return state, errInvalidSecret } macBytes := tokenBytes[:mac.Size()] @@ -46,7 +48,7 @@ func (secret hmacKey) unpackUploadState(token string) (blobUploadState, error) { mac.Write(messageBytes) if !hmac.Equal(mac.Sum(nil), macBytes) { - return state, fmt.Errorf("Invalid token") + return state, errInvalidSecret } if err := json.Unmarshal(messageBytes, &state); err != nil {