improve error handling in client

* check for failInfo if needed. * wrap errors. * implement fmt.Stringer for failInfo and messageType.
micromdm · Jul 9, 2017 · 095f763 · 095f763
1 parent 16b5328
commit 095f763
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 9 deletions.
diff --git a/cmd/scepclient/scepclient.go b/cmd/scepclient/scepclient.go
@@ -2,18 +2,19 @@ package main
 
 import (
 	"crypto/x509"
-	"errors"
 	"flag"
 	"fmt"
-	"github.com/micromdm/scep/client"
-	"github.com/micromdm/scep/scep"
-	"golang.org/x/net/context"
 	"io/ioutil"
 	"net/url"
 	"os"
 	"path/filepath"
 	"strings"
 	"unicode"
+
+	"github.com/micromdm/scep/client"
+	"github.com/micromdm/scep/scep"
+	"github.com/pkg/errors"
+	"golang.org/x/net/context"
 )
 
 // version info
@@ -148,22 +149,25 @@ func run(cfg runCfg) error {
 
 	msg, err := scep.NewCSRRequest(csr, tmpl)
 	if err != nil {
-		return err
+		return errors.Wrap(err, "creating csr pkiMessage")
 	}
 
 	respBytes, err := client.PKIOperation(ctx, msg.Raw)
 	if err != nil {
-		return fmt.Errorf("Server reply : " + string(respBytes[0:isAsciiPrintableTo(string(respBytes))]))
+		return errors.Wrapf(err, "PKIOperation for %s", msgType)
 	}
 
 	respMsg, err := scep.ParsePKIMessage(respBytes)
 	if err != nil {
-		return fmt.Errorf("Server reply : " + string(respBytes[0:isAsciiPrintableTo(string(respBytes))]))
+		return errors.Wrapf(err, "parsing pkiMessage response %s", msgType)
+	}
+
+	if respMsg.PKIStatus == scep.FAILURE {
+		return errors.Errorf("%s request failed, failInfo: %s", msgType, respMsg.FailInfo)
 	}
 
 	if err := respMsg.DecryptPKIEnvelope(signerCert, key); err != nil {
-		fmt.Println("Server error : " + string(respBytes[0:isAsciiPrintableTo(string(respBytes))]))
-		os.Exit(1)
+		return errors.Wrapf(err, "decrypt pkiEnvelope, msgType: %s, status %s", msgType, respMsg.PKIStatus)
 	}
 
 	respCert := respMsg.CertRepMessage.Certificate

diff --git a/scep/scep.go b/scep/scep.go
@@ -43,6 +43,27 @@ const (
 	GetCRL                 = "22"
 )
 
+func (msg MessageType) String() string {
+	switch msg {
+	case CertRep:
+		return "CertRep (3)"
+	case RenewalReq:
+		return "RenewalReq (17)"
+	case UpdateReq:
+		return "UpdateReq (18)"
+	case PKCSReq:
+		return "PKCSReq (19)"
+	case CertPoll:
+		return "CertPoll (20) "
+	case GetCert:
+		return "GetCert (21)"
+	case GetCRL:
+		return "GetCRL (22)"
+	default:
+		panic("scep: unknown messageType" + msg)
+	}
+}
+
 // PKIStatus is a SCEP pkiStatus attribute which holds transaction status information.
 // All SCEP responses MUST include a pkiStatus.
 //
@@ -71,6 +92,23 @@ const (
 	BadCertID                = "4"
 )
 
+func (info FailInfo) String() string {
+	switch info {
+	case BadAlg:
+		return "badAlg (0)"
+	case BadMessageCheck:
+		return "badMessageCheck (1)"
+	case BadRequest:
+		return "badRequest (2)"
+	case BadTime:
+		return "badTime (3)"
+	case BadCertID:
+		return "badCertID (4)"
+	default:
+		panic("scep: unknown failInfo type" + info)
+	}
+}
+
 // SenderNonce is a random 16 byte number.
 // A sender must include the senderNonce in each transaction to a recipient.
 type SenderNonce []byte