ssh: implement method Is in PassphraseMissingError

The Is method allow the returned error checked using errors.Is againts
PassphraseMissingError.

2 files changed, 35 insertions, 12 deletions

diff --git a/ssh/keys.go b/ssh/keys.go
index 47a0753..18851e7 100644
--- a/ssh/keys.go
+++ b/ssh/keys.go
@@ -1271,6 +1271,12 @@ func (*PassphraseMissingError) Error() string {
 	return "ssh: this private key is passphrase protected"
 }
 
+// Is return true if the target is an instance of PassphraseMissingError.
+func (errPassMissing *PassphraseMissingError) Is(target error) (ok bool) {
+	_, ok = target.(*PassphraseMissingError)
+	return ok
+}
+
 // ParseRawPrivateKey returns a private key from a PEM encoded private key. It supports
 // RSA, DSA, ECDSA, and Ed25519 private keys in PKCS#1, PKCS#8, OpenSSL, and OpenSSH
 // formats. If the private key is encrypted, it will return a PassphraseMissingError.
diff --git a/ssh/keys_test.go b/ssh/keys_test.go
index a1165ec..ed5bb1a 100644
--- a/ssh/keys_test.go
+++ b/ssh/keys_test.go
@@ -272,18 +272,18 @@ func TestParseEncryptedPrivateKeysWithPassphrase(t *testing.T) {
 }
 
 func TestParseEncryptedPrivateKeysWithUnsupportedCiphers(t *testing.T) {
-    for _, tt := range testdata.UnsupportedCipherData {
-        t.Run(tt.Name, func(t *testing.T){
-            _, err := ParsePrivateKeyWithPassphrase(tt.PEMBytes, []byte(tt.EncryptionKey))
-            if err == nil {
-                t.Fatalf("expected 'unknown cipher' error for %q, got nil", tt.Name)
-                // If this cipher is now supported, remove it from testdata.UnsupportedCipherData
-            }
-            if !strings.Contains(err.Error(), "unknown cipher") {
-                t.Errorf("wanted 'unknown cipher' error, got %v", err.Error())
-            }
-        })
-    }
+	for _, tt := range testdata.UnsupportedCipherData {
+		t.Run(tt.Name, func(t *testing.T) {
+			_, err := ParsePrivateKeyWithPassphrase(tt.PEMBytes, []byte(tt.EncryptionKey))
+			if err == nil {
+				t.Fatalf("expected 'unknown cipher' error for %q, got nil", tt.Name)
+				// If this cipher is now supported, remove it from testdata.UnsupportedCipherData
+			}
+			if !strings.Contains(err.Error(), "unknown cipher") {
+				t.Errorf("wanted 'unknown cipher' error, got %v", err.Error())
+			}
+		})
+	}
 }
 
 func TestParseEncryptedPrivateKeysWithIncorrectPassphrase(t *testing.T) {
@@ -863,3 +863,20 @@ cLYUOHfQDw==
 		t.Fatal("parsing an SSH certificate using another certificate as signature key succeeded; expected failure")
 	}
 }
+
+func TestPassphraseMissingErrorIs(t *testing.T) {
+	var (
+		errPassMissing = &PassphraseMissingError{}
+
+		err error
+	)
+
+	_, err = ParseRawPrivateKey(testdata.PEMEncryptedKeys[0].PEMBytes)
+	if err == nil {
+		t.Fatalf(`got error nil, want %T`, errPassMissing)
+	}
+
+	if !errors.Is(err, errPassMissing) {
+		t.Fatalf(`got error %T, want %T `, err, errPassMissing)
+	}
+}