use the string representation of the TLS alert for crypto errors

go.mod

@@ -5,7 +5,7 @@ go 1.12
 require (
 	github.com/cheekybits/genny v1.0.0
 	github.com/golang/mock v1.2.0
-	github.com/marten-seemann/qtls v0.2.0
+	github.com/marten-seemann/qtls v0.2.1
 	github.com/onsi/ginkgo v1.7.0
 	github.com/onsi/gomega v1.4.3
 	golang.org/x/crypto v0.0.0-20190228161510-8dd112bcdc25

go.sum

@@ -8,8 +8,8 @@ github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
-github.com/marten-seemann/qtls v0.2.0 h1:SnGwbmSUjODZ3PPCG6N0GX0w30yvndyFmoNY2pbgW+s=
-github.com/marten-seemann/qtls v0.2.0/go.mod h1:xzjG7avBwGGbdZ8dTGxlBnLArsVKLvwmjgmPuiQEcYk=
+github.com/marten-seemann/qtls v0.2.1 h1:MbFrPuLPxGVUJ3NYg+Ie9JMir4meVlNNzJSqhLFWRcw=
+github.com/marten-seemann/qtls v0.2.1/go.mod h1:xzjG7avBwGGbdZ8dTGxlBnLArsVKLvwmjgmPuiQEcYk=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.7.0 h1:WSHQ+IS43OoUrWtD1/bbclrwK8TTH5hzp+umCiuxHgs=
 github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=

internal/qerr/error_codes.go

@@ -1,6 +1,10 @@
 package qerr
 
-import "fmt"
+import (
+	"fmt"
+
+	"github.com/marten-seemann/qtls"
+)
 
 // ErrorCode can be used as a normal error without reason.
 type ErrorCode uint16
@@ -21,7 +25,14 @@ const (
 	InvalidMigration        ErrorCode = 0xc
 )
 
+func (e ErrorCode) isCryptoError() bool {
+	return e >= 0x100 && e < 0x200
+}
+
 func (e ErrorCode) Error() string {
+	if e.isCryptoError() {
+		return fmt.Sprintf("%s: %s", e.String(), qtls.Alert(e-0x100).Error())
+	}
 	return e.String()
 }
 
@@ -52,8 +63,8 @@ func (e ErrorCode) String() string {
 	case InvalidMigration:
 		return "INVALID_MIGRATION"
 	default:
-		if e >= 0x100 && e < 0x200 {
-			return fmt.Sprintf("CRYPTO_ERROR %d", e-0x100)
+		if e.isCryptoError() {
+			return "CRYPTO_ERROR"
 		}
 		return fmt.Sprintf("unknown error code: %#x", uint16(e))
 	}

internal/qerr/quic_error.go

@@ -39,7 +39,7 @@ func CryptoError(tlsAlert uint8) *QuicError {
 
 func (e *QuicError) Error() string {
 	if len(e.ErrorMessage) == 0 {
-		return e.ErrorCode.String()
+		return e.ErrorCode.Error()
 	}
 	return fmt.Sprintf("%s: %s", e.ErrorCode.String(), e.ErrorMessage)
 }

internal/qerr/quic_error_test.go

@@ -27,7 +27,7 @@ var _ = Describe("QUIC Transport Errors", func() {
 
 	It("has a string representation for crypto errors", func() {
 		err := CryptoError(42)
-		Expect(err.Error()).To(Equal("CRYPTO_ERROR 42"))
+		Expect(err.Error()).To(Equal("CRYPTO_ERROR: tls: bad certificate"))
 	})
 
 	Context("ErrorCode", func() {
@@ -38,7 +38,7 @@ var _ = Describe("QUIC Transport Errors", func() {
 
 		It("recognizes crypto errors", func() {
 			err := ErrorCode(0x100 + 42)
-			Expect(err.Error()).To(Equal("CRYPTO_ERROR 42"))
+			Expect(err.Error()).To(Equal("CRYPTO_ERROR: tls: bad certificate"))
 		})
 	})