fixing

2022-10-22 13:17:29 +02:00 · 2022-10-22 13:17:29 +02:00 · 1612620461
commit 1612620461
parent b181ad3636
7 changed files with 72 additions and 72 deletions
--- a/asn1/asn1.go
+++ b/asn1/asn1.go
@ -5,7 +5,7 @@
 // Package asn1 implements parsing of DER-encoded ASN.1 data structures,
 // as defined in ITU-T Rec X.690.
 //
-// See also ``A Layman's Guide to a Subset of ASN.1, BER, and DER,''
+// See also “A Layman's Guide to a Subset of ASN.1, BER, and DER,”
 // http://luca.ntop.org/Teaching/Appunti/asn1.html.
 package asn1
@ -52,7 +52,7 @@ import (
 func parseBool(bytes []byte) (ret bool, err error) {
 	if len(bytes) != 1 {
-		err = asn1.SyntaxError{"invalid boolean"}
+		err = asn1.SyntaxError{Msg: "invalid boolean"}
 		return
 	}
@ -65,7 +65,7 @@ func parseBool(bytes []byte) (ret bool, err error) {
 	case 0xff:
 		ret = true
 	default:
-		err = asn1.SyntaxError{"invalid boolean"}
+		err = asn1.SyntaxError{Msg: "invalid boolean"}
 	}
 	return
@ -77,13 +77,13 @@ func parseBool(bytes []byte) (ret bool, err error) {
 // INTEGER and an error otherwise.
 func checkInteger(bytes []byte) error {
 	if len(bytes) == 0 {
-		return asn1.StructuralError{"empty integer"}
+		return asn1.StructuralError{Msg: "empty integer"}
 	}
 	if len(bytes) == 1 {
 		return nil
 	}
 	if (bytes[0] == 0 && bytes[1]&0x80 == 0) || (bytes[0] == 0xff && bytes[1]&0x80 == 0x80) {
-		return asn1.StructuralError{"integer not minimally-encoded"}
+		return asn1.StructuralError{Msg: "integer not minimally-encoded"}
 	}
 	return nil
 }
@ -97,7 +97,7 @@ func parseInt64(bytes []byte) (ret int64, err error) {
 	}
 	if len(bytes) > 8 {
 		// We'll overflow an int64 in this case.
-		err = asn1.StructuralError{"integer too large"}
+		err = asn1.StructuralError{Msg: "integer too large"}
 		return
 	}
 	for bytesRead := 0; bytesRead < len(bytes); bytesRead++ {
@ -122,7 +122,7 @@ func parseInt32(bytes []byte) (int32, error) {
 		return 0, err
 	}
 	if ret64 != int64(int32(ret64)) {
-		return 0, asn1.StructuralError{"integer too large"}
+		return 0, asn1.StructuralError{Msg: "integer too large"}
 	}
 	return int32(ret64), nil
 }
@ -193,14 +193,14 @@ func parseBigInt(bytes []byte) (*big.Int, error) {
 // parseBitString parses an ASN.1 bit string from the given byte slice and returns it.
 func parseBitString(bytes []byte) (ret asn1.BitString, err error) {
 	if len(bytes) == 0 {
-		err = asn1.SyntaxError{"zero length BIT STRING"}
+		err = asn1.SyntaxError{Msg: "zero length BIT STRING"}
 		return
 	}
 	paddingBits := int(bytes[0])
 	if paddingBits > 7 ||
 		len(bytes) == 1 && paddingBits > 0 ||
 		bytes[len(bytes)-1]&((1<<bytes[0])-1) != 0 {
-		err = asn1.SyntaxError{"invalid padding bits in BIT STRING"}
+		err = asn1.SyntaxError{Msg: "invalid padding bits in BIT STRING"}
 		return
 	}
 	ret.BitLength = (len(bytes)-1)*8 - paddingBits
@ -253,7 +253,7 @@ func parseBitString(bytes []byte) (ret asn1.BitString, err error) {
 // that are assigned in a hierarchy.
 func parseObjectIdentifier(bytes []byte) (s asn1.ObjectIdentifier, err error) {
 	if len(bytes) == 0 {
-		err = asn1.SyntaxError{"zero length OBJECT IDENTIFIER"}
+		err = asn1.SyntaxError{Msg: "zero length OBJECT IDENTIFIER"}
 		return
 	}
@ -308,7 +308,7 @@ func parseBase128Int(bytes []byte, initOffset int) (ret, offset int, err error)
 		// 5 * 7 bits per byte == 35 bits of data
 		// Thus the representation is either non-minimal or too large for an int32
 		if shifted == 5 {
-			err = asn1.StructuralError{"base 128 integer too large"}
+			err = asn1.StructuralError{Msg: "base 128 integer too large"}
 			return
 		}
 		ret64 <<= 7
@ -319,12 +319,12 @@ func parseBase128Int(bytes []byte, initOffset int) (ret, offset int, err error)
 			ret = int(ret64)
 			// Ensure that the returned value fits in an int on all platforms
 			if ret64 > math.MaxInt32 {
-				err = asn1.StructuralError{"base 128 integer too large"}
+				err = asn1.StructuralError{Msg: "base 128 integer too large"}
 			}
 			return
 		}
 	}
-	err = asn1.SyntaxError{"truncated base 128 integer"}
+	err = asn1.SyntaxError{Msg: "truncated base 128 integer"}
 	return
 }
@ -380,7 +380,7 @@ func parseGeneralizedTime(bytes []byte) (ret time.Time, err error) {
 func parseNumericString(bytes []byte) (ret string, err error) {
 	for _, b := range bytes {
 		if !isNumeric(b) {
-			return "", asn1.SyntaxError{"NumericString contains invalid character"}
+			return "", asn1.SyntaxError{Msg: "NumericString contains invalid character"}
 		}
 	}
 	return string(bytes), nil
@ -399,7 +399,7 @@ func isNumeric(b byte) bool {
 func parsePrintableString(bytes []byte) (ret string, err error) {
 	for _, b := range bytes {
 		if !isPrintable(b, allowAsterisk, allowAmpersand) {
-			err = asn1.SyntaxError{"PrintableString contains invalid character"}
+			err = asn1.SyntaxError{Msg: "PrintableString contains invalid character"}
 			return
 		}
 	}
@ -449,7 +449,7 @@ func isPrintable(b byte, asterisk asteriskFlag, ampersand ampersandFlag) bool {
 func parseIA5String(bytes []byte) (ret string, err error) {
 	for _, b := range bytes {
 		if b >= utf8.RuneSelf {
-			err = asn1.SyntaxError{"IA5String contains invalid character"}
+			err = asn1.SyntaxError{Msg: "IA5String contains invalid character"}
 			return
 		}
 	}
@ -518,12 +518,12 @@ func parseTagAndLength(bytes []byte, initOffset int) (ret tagAndLength, offset i
 		}
 		// Tags should be encoded in minimal form.
 		if ret.tag < 0x1f {
-			err = asn1.SyntaxError{"non-minimal tag"}
+			err = asn1.SyntaxError{Msg: "non-minimal tag"}
 			return
 		}
 	}
 	if offset >= len(bytes) {
-		err = asn1.SyntaxError{"truncated tag or length"}
+		err = asn1.SyntaxError{Msg: "truncated tag or length"}
 		return
 	}
 	b = bytes[offset]
@ -560,7 +560,7 @@ func parseTagAndLength(bytes []byte, initOffset int) (ret tagAndLength, offset i
 						return
 					}
 					if len(bytes) <= reoffset+reTag.length {
-						err = asn1.StructuralError{"indefinete lenght: length too large"}
+						err = asn1.StructuralError{Msg: "indefinete lenght: length too large"}
 						return
 					}
 					reTag, reoffset, _ = parseTagAndLength(bytes, reoffset+reTag.length)
@ -578,20 +578,20 @@ func parseTagAndLength(bytes []byte, initOffset int) (ret tagAndLength, offset i
 						return
 					}
 					if len(bytes) <= reoffset+reTag.length {
-						err = asn1.StructuralError{"indefinete lenght: length too large"}
+						err = asn1.StructuralError{Msg: "indefinete lenght: length too large"}
 						return
 					}
 					reTag, reoffset, _ = parseTagAndLength(bytes, reoffset+reTag.length)
 				}
 				log.Println("indefinite length found (not DER)")
 			}
-			err = asn1.SyntaxError{"indefinite length found (not DER)"}
+			err = asn1.SyntaxError{Msg: "indefinite length found (not DER)"}
 			return
 		}
 		ret.length = 0
 		for i := 0; i < numBytes; i++ {
 			if offset >= len(bytes) {
-				err = asn1.SyntaxError{"truncated tag or length"}
+				err = asn1.SyntaxError{Msg: "truncated tag or length"}
 				return
 			}
 			b = bytes[offset]
@ -599,20 +599,20 @@ func parseTagAndLength(bytes []byte, initOffset int) (ret tagAndLength, offset i
 			if ret.length >= 1<<23 {
 				// We can't shift ret.length up without
 				// overflowing.
-				err = asn1.StructuralError{"length too large"}
+				err = asn1.StructuralError{Msg: "length too large"}
 				return
 			}
 			ret.length <<= 8
 			ret.length |= int(b)
 			if ret.length == 0 {
 				// DER requires that lengths be minimal.
-				err = asn1.StructuralError{"superfluous leading zeros in length"}
+				err = asn1.StructuralError{Msg: "superfluous leading zeros in length"}
 				return
 			}
 		}
 		// Short lengths must be encoded in short form.
 		if ret.length < 0x80 {
-			err = asn1.StructuralError{"non-minimal length"}
+			err = asn1.StructuralError{Msg: "non-minimal length"}
 			return
 		}
 	}
@ -626,7 +626,7 @@ func parseTagAndLength(bytes []byte, initOffset int) (ret tagAndLength, offset i
 func parseSequenceOf(bytes []byte, sliceType reflect.Type, elemType reflect.Type, params fieldParameters) (ret reflect.Value, err error) {
 	matchAny, expectedTag, compoundType, ok := getUniversalType(elemType)
 	if !ok {
-		err = asn1.StructuralError{"unknown Go type for slice"}
+		err = asn1.StructuralError{Msg: "unknown Go type for slice"}
 		return
 	}
@ -651,11 +651,11 @@ func parseSequenceOf(bytes []byte, sliceType reflect.Type, elemType reflect.Type
 		}
 		if !matchAny && (t.class != ClassUniversal || t.isCompound != compoundType || t.tag != expectedTag) && !params.choice {
-			err = asn1.StructuralError{"sequence tag mismatch"}
+			err = asn1.StructuralError{Msg: "sequence tag mismatch"}
 			return
 		}
 		if invalidLength(offset, t.length, len(bytes)) {
-			err = asn1.SyntaxError{"truncated sequence"}
+			err = asn1.SyntaxError{Msg: "truncated sequence"}
 			return
 		}
 		offset += t.length
@ -700,7 +700,7 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 	// If we have run out of data, it may be that there are optional elements at the end.
 	if offset == len(bytes) {
 		if !setDefaultValue(v, params) {
-			err = asn1.SyntaxError{"sequence truncated"}
+			err = asn1.SyntaxError{Msg: "sequence truncated"}
 		}
 		return
 	}
@ -713,7 +713,7 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 			return
 		}
 		if invalidLength(offset, t.length, len(bytes)) {
-			err = asn1.SyntaxError{"data truncated"}
+			err = asn1.SyntaxError{Msg: "data truncated"}
 			return
 		}
 		var result interface{}
@ -766,7 +766,7 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 			expectedClass = ClassApplication
 		}
 		if offset == len(bytes) {
-			err = asn1.StructuralError{"explicit tag has no child"}
+			err = asn1.StructuralError{Msg: "explicit tag has no child"}
 			return
 		}
 		if t.class == expectedClass && t.tag == *params.tag && (t.length == 0 || t.isCompound) {
@ -785,7 +785,7 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 				}
 			} else {
 				if fieldType != flagType {
-					err = asn1.StructuralError{"zero length explicit tag was not an asn1.Flag"}
+					err = asn1.StructuralError{Msg: "zero length explicit tag was not an asn1.Flag"}
 					return
 				}
 				v.SetBool(true)
@ -797,7 +797,7 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 			if ok {
 				offset = initOffset
 			} else {
-				err = asn1.StructuralError{"explicitly tagged member didn't match"}
+				err = asn1.StructuralError{Msg: "explicitly tagged member didn't match"}
 			}
 			return
 		}
@ -805,7 +805,7 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 	matchAny, universalTag, compoundType, ok1 := getUniversalType(fieldType)
 	if !ok1 {
-		err = asn1.StructuralError{fmt.Sprintf("unknown Go type: %v", fieldType)}
+		err = asn1.StructuralError{Msg: fmt.Sprintf("unknown Go type: %v", fieldType)}
 		return
 	}
@ -864,12 +864,12 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 		if ok {
 			offset = initOffset
 		} else {
-			err = asn1.StructuralError{fmt.Sprintf("tags don't match (%d vs %+v) %+v %s @%d", expectedTag, t, params, fieldType.Name(), offset)}
+			err = asn1.StructuralError{Msg: fmt.Sprintf("tags don't match (%d vs %+v) %+v %s @%d", expectedTag, t, params, fieldType.Name(), offset)}
 		}
 		return
 	}
 	if invalidLength(offset, t.length, len(bytes)) {
-		err = asn1.SyntaxError{"data truncated"}
+		err = asn1.SyntaxError{Msg: "data truncated"}
 		return
 	}
 	innerBytes := bytes[offset : offset+t.length]
@ -878,7 +878,7 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 	// We deal with the structures defined in this package first.
 	switch fieldType {
 	case rawValueType:
-		result := asn1.RawValue{t.class, t.tag, t.isCompound, innerBytes, bytes[initOffset:offset]}
+		result := asn1.RawValue{Class: t.class, Tag: t.tag, IsCompound: t.isCompound, Bytes: innerBytes, FullBytes: bytes[initOffset:offset]}
 		v.Set(reflect.ValueOf(result))
 		return
 	case objectIdentifierType:
@ -1020,14 +1020,14 @@ func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParam
 			// such. We give up and pass it as an 8-bit string.
 			v, err = parseT61String(innerBytes)
 		default:
-			err = asn1.SyntaxError{fmt.Sprintf("internal error: unknown string type %d", universalTag)}
+			err = asn1.SyntaxError{Msg: fmt.Sprintf("internal error: unknown string type %d", universalTag)}
 		}
 		if err == nil {
 			val.SetString(v)
 		}
 		return
 	}
-	err = asn1.StructuralError{"unsupported: " + v.Type().String()}
+	err = asn1.StructuralError{Msg: "unsupported: " + v.Type().String()}
 	return
 }
--- a/asn1/asn1_test.go
+++ b/asn1/asn1_test.go
@ -482,17 +482,17 @@ var unmarshalTestData = []struct {
 	out interface{}
 }{
 	{[]byte{0x02, 0x01, 0x42}, newInt(0x42)},
-	{[]byte{0x05, 0x00}, &asn1.RawValue{0, 5, false, []byte{}, []byte{0x05, 0x00}}},
+	{[]byte{0x05, 0x00}, &asn1.RawValue{Class: 0, Tag: 5, IsCompound: false, Bytes: []byte{}, FullBytes: []byte{0x05, 0x00}}},
 	{[]byte{0x30, 0x08, 0x06, 0x06, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d}, &TestObjectIdentifierStruct{[]int{1, 2, 840, 113549}}},
-	{[]byte{0x03, 0x04, 0x06, 0x6e, 0x5d, 0xc0}, &asn1.BitString{[]byte{110, 93, 192}, 18}},
+	{[]byte{0x03, 0x04, 0x06, 0x6e, 0x5d, 0xc0}, &asn1.BitString{Bytes: []byte{110, 93, 192}, BitLength: 18}},
 	{[]byte{0x30, 0x09, 0x02, 0x01, 0x01, 0x02, 0x01, 0x02, 0x02, 0x01, 0x03}, &[]int{1, 2, 3}},
 	{[]byte{0x02, 0x01, 0x10}, newInt(16)},
 	{[]byte{0x13, 0x04, 't', 'e', 's', 't'}, newString("test")},
 	{[]byte{0x16, 0x04, 't', 'e', 's', 't'}, newString("test")},
 	// Ampersand is allowed in PrintableString due to mistakes by major CAs.
 	{[]byte{0x13, 0x05, 't', 'e', 's', 't', '&'}, newString("test&")},
-	{[]byte{0x16, 0x04, 't', 'e', 's', 't'}, &asn1.RawValue{0, 22, false, []byte("test"), []byte("\x16\x04test")}},
+	{[]byte{0x16, 0x04, 't', 'e', 's', 't'}, &asn1.RawValue{Class: 0, Tag: 22, IsCompound: false, Bytes: []byte("test"), FullBytes: []byte("\x16\x04test")}},
-	{[]byte{0x04, 0x04, 1, 2, 3, 4}, &asn1.RawValue{0, 4, false, []byte{1, 2, 3, 4}, []byte{4, 4, 1, 2, 3, 4}}},
+	{[]byte{0x04, 0x04, 1, 2, 3, 4}, &asn1.RawValue{Class: 0, Tag: 4, IsCompound: false, Bytes: []byte{1, 2, 3, 4}, FullBytes: []byte{4, 4, 1, 2, 3, 4}}},
 	{[]byte{0x30, 0x03, 0x81, 0x01, 0x01}, &TestContextSpecificTags{1}},
 	{[]byte{0x30, 0x08, 0xa1, 0x03, 0x02, 0x01, 0x01, 0x02, 0x01, 0x02}, &TestContextSpecificTags2{1, 2}},
 	{[]byte{0x30, 0x03, 0x81, 0x01, '@'}, &TestContextSpecificTags3{"@"}},
--- a/asn1/marshal.go
+++ b/asn1/marshal.go
@ -153,7 +153,7 @@ func appendBase128Int(dst []byte, n int64) []byte {
 func makeBigInt(n *big.Int) (encoder, error) {
 	if n == nil {
-		return nil, asn1.StructuralError{"empty integer"}
+		return nil, asn1.StructuralError{Msg: "empty integer"}
 	}
 	if n.Sign() < 0 {
@ -261,7 +261,7 @@ func (oid oidEncoder) Encode(dst []byte) {
 func makeObjectIdentifier(oid []int) (e encoder, err error) {
 	if len(oid) < 2 || oid[0] > 2 || (oid[0] < 2 && oid[1] >= 40) {
-		return nil, asn1.StructuralError{"invalid object identifier"}
+		return nil, asn1.StructuralError{Msg: "invalid object identifier"}
 	}
 	return oidEncoder(oid), nil
@ -276,7 +276,7 @@ func makePrintableString(s string) (e encoder, err error) {
 		// certificates, however when making new certificates
 		// it is rejected.
 		if !isPrintable(s[i], allowAsterisk, rejectAmpersand) {
-			return nil, asn1.StructuralError{"PrintableString contains invalid character"}
+			return nil, asn1.StructuralError{Msg: "PrintableString contains invalid character"}
 		}
 	}
@ -286,7 +286,7 @@ func makePrintableString(s string) (e encoder, err error) {
 func makeIA5String(s string) (e encoder, err error) {
 	for i := 0; i < len(s); i++ {
 		if s[i] > 127 {
-			return nil, asn1.StructuralError{"IA5String contains invalid character"}
+			return nil, asn1.StructuralError{Msg: "IA5String contains invalid character"}
 		}
 	}
@ -296,7 +296,7 @@ func makeIA5String(s string) (e encoder, err error) {
 func makeNumericString(s string) (e encoder, err error) {
 	for i := 0; i < len(s); i++ {
 		if !isNumeric(s[i]) {
-			return nil, asn1.StructuralError{"NumericString contains invalid character"}
+			return nil, asn1.StructuralError{Msg: "NumericString contains invalid character"}
 		}
 	}
@ -356,7 +356,7 @@ func appendUTCTime(dst []byte, t time.Time) (ret []byte, err error) {
 	case 2000 <= year && year < 2050:
 		dst = appendTwoDigits(dst, year-2000)
 	default:
-		return nil, asn1.StructuralError{"cannot represent time as UTCTime"}
+		return nil, asn1.StructuralError{Msg: "cannot represent time as UTCTime"}
 	}
 	return appendTimeCommon(dst, t), nil
@ -365,7 +365,7 @@ func appendUTCTime(dst []byte, t time.Time) (ret []byte, err error) {
 func appendGeneralizedTime(dst []byte, t time.Time) (ret []byte, err error) {
 	year := t.Year()
 	if year < 0 || year > 9999 {
-		return nil, asn1.StructuralError{"cannot represent time as GeneralizedTime"}
+		return nil, asn1.StructuralError{Msg: "cannot represent time as GeneralizedTime"}
 	}
 	dst = appendFourDigits(dst, year)
@ -529,7 +529,7 @@ func makeBody(value reflect.Value, params fieldParameters) (e encoder, err error
 		}
 	}
-	return nil, asn1.StructuralError{"unknown Go type"}
+	return nil, asn1.StructuralError{Msg: "unknown Go type"}
 }
 func makeField(v reflect.Value, params fieldParameters) (e encoder, err error) {
@ -579,15 +579,15 @@ func makeField(v reflect.Value, params fieldParameters) (e encoder, err error) {
 	matchAny, tag, isCompound, ok := getUniversalType(v.Type())
 	if !ok || matchAny {
-		return nil, asn1.StructuralError{fmt.Sprintf("unknown Go type: %v", v.Type())}
+		return nil, asn1.StructuralError{Msg: fmt.Sprintf("unknown Go type: %v", v.Type())}
 	}
 	if params.timeType != 0 && tag != TagUTCTime {
-		return nil, asn1.StructuralError{"explicit time type given to non-time member"}
+		return nil, asn1.StructuralError{Msg: "explicit time type given to non-time member"}
 	}
 	if params.stringType != 0 && tag != TagPrintableString {
-		return nil, asn1.StructuralError{"explicit string type given to non-string member"}
+		return nil, asn1.StructuralError{Msg: "explicit string type given to non-string member"}
 	}
 	switch tag {
@ -616,7 +616,7 @@ func makeField(v reflect.Value, params fieldParameters) (e encoder, err error) {
 	if params.set {
 		if tag != TagSequence {
-			return nil, asn1.StructuralError{"non sequence tagged as set"}
+			return nil, asn1.StructuralError{Msg: "non sequence tagged as set"}
 		}
 		tag = TagSet
 	}
--- a/asn1/marshal_test.go
+++ b/asn1/marshal_test.go
@ -130,8 +130,8 @@ var marshalTests = []marshalTest{
 	{time.Unix(1258325776, 0).In(PST), "17113039313131353134353631362d30383030"},
 	{farFuture(), "180f32313030303430353132303130315a"},
 	{generalizedTimeTest{time.Unix(1258325776, 0).UTC()}, "3011180f32303039313131353232353631365a"},
-	{asn1.BitString{[]byte{0x80}, 1}, "03020780"},
+	{asn1.BitString{Bytes: []byte{0x80}, BitLength: 1}, "03020780"},
-	{asn1.BitString{[]byte{0x81, 0xf0}, 12}, "03030481f0"},
+	{asn1.BitString{Bytes: []byte{0x81, 0xf0}, BitLength: 12}, "03030481f0"},
 	{asn1.ObjectIdentifier([]int{1, 2, 3, 4}), "06032a0304"},
 	{asn1.ObjectIdentifier([]int{1, 2, 840, 133549, 1, 1, 5}), "06092a864888932d010105"},
 	{asn1.ObjectIdentifier([]int{2, 100, 3}), "0603813403"},
--- a/oid/oid.go
+++ b/oid/oid.go
@ -128,34 +128,34 @@ var SignatureAlgorithmToSignatureAlgorithm = map[x509.SignatureAlgorithm]asn1.Ob
 // SignatureAlgorithms maps digest and signature OIDs to
 // x509.SignatureAlgorithm values.
 var SignatureAlgorithms = map[string]map[string]x509.SignatureAlgorithm{
-	SignatureAlgorithmRSA.String(): map[string]x509.SignatureAlgorithm{
+	SignatureAlgorithmRSA.String(): {
 		DigestAlgorithmSHA1.String():   x509.SHA1WithRSA,
 		DigestAlgorithmMD5.String():    x509.MD5WithRSA,
 		DigestAlgorithmSHA256.String(): x509.SHA256WithRSA,
 		DigestAlgorithmSHA384.String(): x509.SHA384WithRSA,
 		DigestAlgorithmSHA512.String(): x509.SHA512WithRSA,
 	},
-	SignatureAlgorithmRSASSAPSS.String(): map[string]x509.SignatureAlgorithm{
+	SignatureAlgorithmRSASSAPSS.String(): {
 		DigestAlgorithmSHA256.String(): x509.SHA256WithRSAPSS,
 		DigestAlgorithmSHA384.String(): x509.SHA384WithRSAPSS,
 		DigestAlgorithmSHA512.String(): x509.SHA512WithRSAPSS,
 	},
-	SignatureAlgorithmECDSA.String(): map[string]x509.SignatureAlgorithm{
+	SignatureAlgorithmECDSA.String(): {
 		DigestAlgorithmSHA1.String():   x509.ECDSAWithSHA1,
 		DigestAlgorithmSHA256.String(): x509.ECDSAWithSHA256,
 		DigestAlgorithmSHA384.String(): x509.ECDSAWithSHA384,
 		DigestAlgorithmSHA512.String(): x509.ECDSAWithSHA512,
 	},
-	SignatureAlgorithmECDSAwithSHA1.String(): map[string]x509.SignatureAlgorithm{
+	SignatureAlgorithmECDSAwithSHA1.String(): {
 		DigestAlgorithmSHA1.String(): x509.ECDSAWithSHA1,
 	},
-	SignatureAlgorithmECDSAwithSHA256.String(): map[string]x509.SignatureAlgorithm{
+	SignatureAlgorithmECDSAwithSHA256.String(): {
 		DigestAlgorithmSHA256.String(): x509.ECDSAWithSHA256,
 	},
-	SignatureAlgorithmECDSAwithSHA384.String(): map[string]x509.SignatureAlgorithm{
+	SignatureAlgorithmECDSAwithSHA384.String(): {
 		DigestAlgorithmSHA384.String(): x509.ECDSAWithSHA384,
 	},
-	SignatureAlgorithmECDSAwithSHA512.String(): map[string]x509.SignatureAlgorithm{
+	SignatureAlgorithmECDSAwithSHA512.String(): {
 		DigestAlgorithmSHA512.String(): x509.ECDSAWithSHA512,
 	},
 }
@ -163,14 +163,14 @@ var SignatureAlgorithms = map[string]map[string]x509.SignatureAlgorithm{
 // PublicKeyAlgorithmToSignatureAlgorithm maps certificate public key
 // algorithms to CMS signature algorithms.
 var PublicKeyAlgorithmToSignatureAlgorithm = map[x509.PublicKeyAlgorithm]pkix.AlgorithmIdentifier{
-	x509.RSA:   pkix.AlgorithmIdentifier{Algorithm: SignatureAlgorithmRSA},
+	x509.RSA:   {Algorithm: SignatureAlgorithmRSA},
-	x509.ECDSA: pkix.AlgorithmIdentifier{Algorithm: SignatureAlgorithmECDSA},
+	x509.ECDSA: {Algorithm: SignatureAlgorithmECDSA},
 }
 // PublicKeyAlgorithmToEncrytionAlgorithm maps certificate public key
 // algorithms to CMS encryption algorithms.
 var PublicKeyAlgorithmToEncrytionAlgorithm = map[x509.PublicKeyAlgorithm]pkix.AlgorithmIdentifier{
-	x509.RSA: pkix.AlgorithmIdentifier{Algorithm: EncryptionAlgorithmRSA},
+	x509.RSA: {Algorithm: EncryptionAlgorithmRSA},
 }
 // KDFHashAlgorithm key derivation schemes to its hash algorithms
--- a/openssl/openssl.go
+++ b/openssl/openssl.go
@ -1,4 +1,4 @@
-//Package openssl shells out openssl for testing
+// Package openssl shells out openssl for testing
 package openssl
 import (
@ -16,7 +16,7 @@ import (
 // SMIME is the commpand used for openssl smime, can be replaces with cms
 var SMIME = "smime"
-//Encrypt a message with openssl
+// Encrypt a message with openssl
 func Encrypt(in []byte, cert *x509.Certificate, opts ...string) (der []byte, err error) {
 	tmpKey, err := ioutil.TempFile("", "example")
@ -39,7 +39,7 @@ func Encrypt(in []byte, cert *x509.Certificate, opts ...string) (der []byte, err
 	return
 }
-//Decrypt a message with openssl
+// Decrypt a message with openssl
 func Decrypt(in []byte, key crypto.PrivateKey, opts ...string) (plain []byte, err error) {
 	tmpKey, err := ioutil.TempFile("", "example")
@ -122,7 +122,7 @@ func Sign(in []byte, cert *x509.Certificate, key crypto.PrivateKey, interm []*x5
 	return
 }
-//Verify a signature with openssl
+// Verify a signature with openssl
 func Verify(in []byte, ca *x509.Certificate, opts ...string) (plain []byte, err error) {
 	tmpCA, err := ioutil.TempFile("", "example")
--- a/pki/pki.go
+++ b/pki/pki.go
@ -1,4 +1,4 @@
-//Package pki can create ca's intermediates and certificates
+// Package pki can create ca's intermediates and certificates
 package pki
 import (