1 files changed, 12 insertions, 5 deletions

diff --git a/lib/paseto/message.go b/lib/paseto/message.go
index e9dca297..ef84a84a 100644
--- a/lib/paseto/message.go
+++ b/lib/paseto/message.go
@@ -6,11 +6,19 @@ package paseto
 import (
 	"crypto/ed25519"
 	"encoding/base64"
+	"errors"
 	"fmt"
 	"strings"
 	"time"
 )
 
+// List of error messages for [Message.Unpack].
+var (
+	ErrTokenHeader = errors.New(`invalid token header`)
+	ErrTokenFooter = errors.New(`invalid token footer`)
+	ErrTokenSize   = errors.New(`invalid token payload size`)
+)
+
 // Message defines the payload be signed and verified by sender/receiver.
 type Message struct {
 	// The following fields are filled after Unpack and MUST not be used
@@ -52,13 +60,13 @@ func (msg *Message) Unpack(header, token string, implicit []byte) (err error) {
 	// Step 3: verify the header and unpack the footer if it exists.
 	token, found := strings.CutPrefix(token, header)
 	if !found {
-		return fmt.Errorf(`%s: invalid header, want %s`, logp, header)
+		return fmt.Errorf(`%s: %w: want %s`, logp, ErrTokenHeader, header)
 	}
 	token, footerb64, found := strings.Cut(token, `.`)
 	if found {
 		msg.RawFooter, err = base64.RawURLEncoding.DecodeString(footerb64)
 		if err != nil {
-			return fmt.Errorf(`%s: invalid footer: %w`, logp, err)
+			return fmt.Errorf(`%s: %w: %w`, logp, ErrTokenFooter, err)
 		}
 	}
 
@@ -69,14 +77,13 @@ func (msg *Message) Unpack(header, token string, implicit []byte) (err error) {
 	}
 	lenpaysig := len(paysig)
 	if lenpaysig <= ed25519.SignatureSize {
-		return fmt.Errorf(`%s: invalid payload size %d`, logp, lenpaysig)
+		return fmt.Errorf(`%s: %w %d`, logp, ErrTokenSize, lenpaysig)
 	}
 	msg.RawPayload = paysig[:lenpaysig-64]
 	msg.Sig = paysig[lenpaysig-64:]
 
 	// Step 5: Generate PAE.
-	msg.PAE, err = PreAuthEncode([]byte(header), msg.RawPayload,
-		msg.RawFooter, implicit)
+	msg.PAE, err = PreAuthEncode([]byte(header), msg.RawPayload, msg.RawFooter, implicit)
 	if err != nil {
 		return fmt.Errorf(`%s: %w`, logp, err)
 	}