Add SecureCookie.Err to expose construction errors

securecookie.go

@@ -234,6 +234,13 @@ func (s *SecureCookie) BlockFunc(f func([]byte) (cipher.Block, error)) *SecureCo
 	return s
 }
 
+// Err returns an error if the SecureCookie was misconfigured, for example when
+// New was called with an invalid hash or block key. It returns nil if the
+// instance is usable. Encode and Decode also report this error.
+func (s *SecureCookie) Err() error {
+	return s.err
+}
+
 // Encoding sets the encoding/serialization method for cookies.
 //
 // Default is encoding/gob.  To encode special structures using encoding/gob,

securecookie_test.go

@@ -88,6 +88,18 @@ func TestSecureCookieNilKey(t *testing.T) {
 	}
 }
 
+func TestErr(t *testing.T) {
+	if err := New([]byte("12345678901234567890123456789012"), nil).Err(); err != nil {
+		t.Fatalf("expected no error, got %v", err)
+	}
+	if err := New(nil, nil).Err(); err != errHashKeyNotSet {
+		t.Fatalf("expected errHashKeyNotSet, got %v", err)
+	}
+	if err := New([]byte("12345678901234567890123456789012"), []byte("bad")).Err(); err == nil {
+		t.Fatal("expected an error for invalid block key, got nil")
+	}
+}
+
 func TestDecodeInvalid(t *testing.T) {
 	// List of invalid cookies, which must not be accepted, base64-decoded
 	// (they will be encoded before passing to Decode).