From 4939fbf73427beedfa39a13f584a835d37afc6de Mon Sep 17 00:00:00 2001
From: Sergey Matveev <stargrave@stargrave.org>
Date: Thu, 26 Dec 2024 12:43:29 +0300
Subject: [PATCH] More verbose SPKI hash

---
 internal/cert.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/internal/cert.go b/internal/cert.go
index 2760cc7..d450250 100644
--- a/internal/cert.go
+++ b/internal/cert.go
@@ -20,7 +20,7 @@ import (
 	"crypto/sha256"
 	"crypto/x509"
 	"encoding/hex"
-	"errors"
+	"fmt"
 )
 
 func NewVerifyPeerCertificate(hashExpected string) func(
@@ -36,7 +36,8 @@ func NewVerifyPeerCertificate(hashExpected string) func(
 		spki := cer.RawSubjectPublicKeyInfo
 		hsh := sha256.Sum256(spki)
 		if hashExpected != hex.EncodeToString(hsh[:]) {
-			return errors.New("server certificate's SPKI hash mismatch")
+			return fmt.Errorf("server certificate's SPKI hash mismatch: %s != %s",
+				hashExpected, hex.EncodeToString(hsh[:]))
 		}
 		return nil
 	}
-- 
2.48.1