refactor: wrap all package errors

Author: d-Rickyy-b

.golangci.yml

@@ -20,7 +20,7 @@ linters:
     - dupword
     - durationcheck
     - embeddedstructfieldcheck
-    #- err113
+    - err113
     - errcheck
     - errchkjson
     - errname
@@ -87,7 +87,7 @@ linters:
     - varnamelen
     - wastedassign
     - whitespace
-    #- wrapcheck
+    - wrapcheck
     - wsl_v5
   settings:
     lll:
@@ -135,6 +135,7 @@ linters:
           - wsl_v5
           - varnamelen
           - goconst
+          - err113
         path: _test\.go
       - linters:
           - gochecknoinits

cmd/certpicker/main.go

@@ -120,5 +120,10 @@ func getEntry(jsonClient *client.LogClient, certID int64) (*ct.GetEntriesRespons
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 
-	return jsonClient.GetRawEntries(ctx, certID, certID)
+	entries, err := jsonClient.GetRawEntries(ctx, certID, certID)
+	if err != nil {
+		return nil, fmt.Errorf("error getting raw entries: %w", err)
+	}
+
+	return entries, nil
 }

cmd/certstream-server-go/createIndex.go

@@ -22,30 +22,30 @@ create-index will create and pre fill the ct-index.json file with the current va
 	RunE: func(cmd *cobra.Command, _ []string) error {
 		configPath, err := cmd.Flags().GetString("config")
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to obtain 'config' flag: %w", err)
 		}
 
 		conf, readConfErr := config.ReadConfig(configPath)
 		if readConfErr != nil {
-			return readConfErr
+			return fmt.Errorf("failed to read config file: %w", readConfErr)
 		}
 
 		certstreamServer := certstream.NewRawCertstream(conf)
 
 		force, err := cmd.Flags().GetBool("force")
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to obtain 'force' flag: %w", err)
 		}
 
 		outFilePath, err := cmd.Flags().GetString("out")
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to obtain 'out' flag: %w", err)
 		}
 
 		// Check if outfile already exists
 		outFileAbsPath, err := filepath.Abs(outFilePath)
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to obtain absolute path: %w", err)
 		}
 
 		if _, statErr := os.Stat(outFileAbsPath); statErr == nil {

cmd/certstream-server-go/root.go

@@ -22,7 +22,7 @@ certificate transparency logs via websocket connections to connected clients.`,
 		// Handle --version flag
 		versionBool, err := cmd.Flags().GetBool("version")
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to obtain 'version' flag: %w", err)
 		}
 
 		if versionBool {
@@ -33,13 +33,13 @@ certificate transparency logs via websocket connections to connected clients.`,
 		// Handle --config flag
 		configPath, err := cmd.Flags().GetString("config")
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to obtain 'config' flag: %w", err)
 		}
 
 		// Check if path exists and is a file
 		_, statErr := os.Stat(configPath)
 		if os.IsNotExist(statErr) {
-			return fmt.Errorf("config file '%s' does not exist", configPath)
+			return fmt.Errorf("config file '%s' does not exist: %w", configPath, statErr)
 		}
 
 		certstreamServer, err := certstream.NewCertstreamFromConfigFile(configPath)

cmd/certstream-server-go/validate.go

@@ -21,21 +21,21 @@ This command deserializes the config and checks for errors.`,
 		// Check if config file exists
 		configPath, err := cmd.Flags().GetString("config")
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to obtain 'config' flag: %w", err)
 		}
 
 		// Check if path exists and is a file
 		_, statErr := os.Stat(configPath)
 		if os.IsNotExist(statErr) {
-			return fmt.Errorf("config file '%s' does not exist", configPath)
+			return fmt.Errorf("config file '%s' does not exist: %w", configPath, statErr)
 		}
 
 		return nil
 	},
 	RunE: func(cmd *cobra.Command, _ []string) error {
 		configPath, err := cmd.Flags().GetString("config")
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to obtain 'config' flag: %w", err)
 		}
 
 		readConfErr := config.ValidateConfig(configPath)

internal/certificatetransparency/ct-parser.go

@@ -6,7 +6,6 @@ import (
 	"crypto/sha256"
 	"encoding/base64"
 	"encoding/hex"
-	"errors"
 	"fmt"
 	"hash"
 	"log"
@@ -50,7 +49,7 @@ func parseData(entry *ct.RawLogEntry, operatorName, logName, ctURL, logType stri
 	logEntry, conversionErr := entry.ToLogEntry()
 	if conversionErr != nil {
 		log.Println("Could not convert entry to LogEntry: ", conversionErr)
-		return models.Data{}, conversionErr
+		return models.Data{}, fmt.Errorf("could not convert entry to logentry: %w", conversionErr)
 	}
 
 	var cert *x509.Certificate
@@ -67,7 +66,7 @@ func parseData(entry *ct.RawLogEntry, operatorName, logName, ctURL, logType stri
 		rawData = logEntry.Precert.Submitted.Data
 		isPrecert = true
 	default:
-		return models.Data{}, errors.New("could not parse entry: no certificate found")
+		return models.Data{}, ErrNoCertFound
 	}
 
 	// Calculate certificate hash from the raw DER bytes of the certificate
@@ -109,8 +108,7 @@ func parseCertificateChain(logEntry *ct.LogEntry) ([]models.LeafCert, error) {
 	for i, chainEntry := range logEntry.Chain {
 		myCert, parseErr := x509.ParseCertificate(chainEntry.Data)
 		if parseErr != nil || myCert == nil {
-			log.Println("Error parsing certificate: ", parseErr)
-			return nil, parseErr
+			return nil, fmt.Errorf("could not parse certificate: %w", parseErr)
 		}
 
 		leafCert := leafCertFromX509cert(*myCert)
@@ -426,7 +424,7 @@ func keyUsageToString(k x509.KeyUsage) string {
 // ParseCertstreamEntry creates an Entry from a ct.RawLogEntry.
 func ParseCertstreamEntry(rawEntry *ct.RawLogEntry, operatorName, logname, ctURL, logType string) (models.Entry, error) {
 	if rawEntry == nil {
-		return models.Entry{}, errors.New("certstream entry is nil")
+		return models.Entry{}, ErrEntryNil
 	}
 
 	data, err := parseData(rawEntry, operatorName, logname, ctURL, logType)

internal/certificatetransparency/ct-tiled.go

@@ -3,7 +3,6 @@ package certificatetransparency
 import (
 	"bufio"
 	"context"
-	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -67,21 +66,21 @@ func FetchCheckpoint(ctx context.Context, client *http.Client, baseURL string) (
 	baseURL = strings.TrimRight(baseURL, "/")
 	url := baseURL + "/checkpoint"
 
-	req, parseErr := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
-	if parseErr != nil {
-		return nil, fmt.Errorf("creating request: %w", parseErr)
+	req, newReqErr := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
+	if newReqErr != nil {
+		return nil, fmt.Errorf("failed to create checkpoint request: %w", newReqErr)
 	}
 
-	req.Header.Set("User-Agent", userAgent)
+	req.Header.Set("User-Agent", UserAgent)
 
-	resp, parseErr := client.Do(req)
-	if parseErr != nil {
-		return nil, fmt.Errorf("fetching checkpoint: %w", parseErr)
+	resp, reqErr := client.Do(req)
+	if reqErr != nil {
+		return nil, fmt.Errorf("failed to execute checkpoint request: %w", reqErr)
 	}
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("checkpoint request failed with status: %d", resp.StatusCode)
+		return nil, fmt.Errorf("%w: unexpected status code %d", ErrRequestFailed, resp.StatusCode)
 	}
 
 	lines := make([]string, 0, 3)
@@ -92,16 +91,16 @@ func FetchCheckpoint(ctx context.Context, client *http.Client, baseURL string) (
 	}
 
 	if scanErr := scanner.Err(); scanErr != nil {
-		return nil, fmt.Errorf("reading checkpoint response: %w", scanErr)
+		return nil, fmt.Errorf("failed reading response body: %w", scanErr)
 	}
 
 	if len(lines) < 3 {
-		return nil, fmt.Errorf("invalid checkpoint format: expected at least 3 lines, got %d", len(lines))
+		return nil, fmt.Errorf("%w: invalid checkpoint format: expected at least 3 lines, got %d", ErrCheckpointInvalidFormat, len(lines))
 	}
 
 	size, parseErr := strconv.ParseUint(lines[1], 10, 64)
 	if parseErr != nil {
-		return nil, fmt.Errorf("parsing tree size: %w", parseErr)
+		return nil, fmt.Errorf("failed parsing tree size: %w", parseErr)
 	}
 
 	return &TiledCheckpoint{
@@ -123,21 +122,21 @@ func FetchTile(ctx context.Context, client *http.Client, baseURL string, tileInd
 
 	url := fmt.Sprintf("%s/tile/data/%s", baseURL, tilePath)
 
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
-	if err != nil {
-		return nil, fmt.Errorf("creating request: %w", err)
+	req, newReqErr := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
+	if newReqErr != nil {
+		return nil, fmt.Errorf("failed to create tile request: %w", newReqErr)
 	}
 
-	req.Header.Set("User-Agent", userAgent)
+	req.Header.Set("User-Agent", UserAgent)
 
-	resp, err := client.Do(req)
-	if err != nil {
-		return nil, fmt.Errorf("fetching tile %d: %w", tileIndex, err)
+	resp, reqErr := client.Do(req)
+	if reqErr != nil {
+		return nil, fmt.Errorf("fetching tile %d: %w", tileIndex, reqErr)
 	}
 	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("tile request failed with status: %d", resp.StatusCode)
+		return nil, fmt.Errorf("%w: unexpected status code %d", ErrRequestFailed, resp.StatusCode)
 	}
 
 	data, err := io.ReadAll(resp.Body)
@@ -157,7 +156,7 @@ func ParseTileData(data []byte) ([]TileLeaf, error) {
 		var leaf TileLeaf
 
 		if !parser.ReadUint64(&leaf.Timestamp) || !parser.ReadUint16(&leaf.EntryType) {
-			return nil, errors.New("invalid data tile header")
+			return nil, fmt.Errorf("header: %w", ErrInvalidDataTile)
 		}
 
 		switch leaf.EntryType {
@@ -168,15 +167,15 @@ func ParseTileData(data []byte) ([]TileLeaf, error) {
 			if !parser.ReadUint24LengthPrefixed(&cert) ||
 				!parser.ReadUint16LengthPrefixed(&extensions) ||
 				!parser.ReadUint16LengthPrefixed(&fingerprints) {
-				return nil, errors.New("invalid data tile x509_entry")
+				return nil, fmt.Errorf("x509_entry: %w", ErrInvalidDataTile)
 			}
 
 			leaf.X509Entry = append([]byte(nil), cert...)
 
 			for !fingerprints.Empty() {
 				var fp [32]byte
 				if !fingerprints.CopyBytes(fp[:]) {
-					return nil, errors.New("invalid fingerprints: truncated")
+					return nil, ErrInvalidFingerprint
 				}
 
 				leaf.Chain = append(leaf.Chain, fp[:])
@@ -191,7 +190,7 @@ func ParseTileData(data []byte) ([]TileLeaf, error) {
 				!parser.ReadUint16LengthPrefixed(&extensions) ||
 				!parser.ReadUint24LengthPrefixed(&entry) ||
 				!parser.ReadUint16LengthPrefixed(&fingerprints) {
-				return nil, errors.New("invalid data tile precert_entry")
+				return nil, fmt.Errorf("precert_entry: %w", ErrInvalidDataTile)
 			}
 
 			leaf.PrecertEntry = append([]byte(nil), defangedCrt...)
@@ -200,14 +199,14 @@ func ParseTileData(data []byte) ([]TileLeaf, error) {
 			for !fingerprints.Empty() {
 				var fp [32]byte
 				if !fingerprints.CopyBytes(fp[:]) {
-					return nil, errors.New("invalid fingerprints: truncated")
+					return nil, ErrInvalidFingerprint
 				}
 
 				leaf.Chain = append(leaf.Chain, fp[:])
 			}
 
 		default:
-			return nil, fmt.Errorf("unknown entry type: %d", leaf.EntryType)
+			return nil, fmt.Errorf("%w: %d", ErrUnknownEntryType, leaf.EntryType)
 		}
 
 		leaves = append(leaves, leaf)