fixed: SigningMethodRS256.Sign would panic if the provided key was not PEM encoded

2014-06-28 11:29:32 -07:00 · 2014-06-28 11:29:32 -07:00 · bf910acaf8
parent e5f9e9c647
commit bf910acaf8
2 changed files with 21 additions and 0 deletions
--- a/rs256.go
+++ b/rs256.go
@ -79,6 +79,8 @@ func (m *SigningMethodRS256) parsePrivateKey(key []byte) (pkey *rsa.PrivateKey,
 		if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok {
 			err = errors.New("Key is not a valid RSA private key")
 		}
+	} else {
+		err = errors.New("Invalid Key: Key must be PEM encoded PKCS1 or PKCS8 private key")
 	}
 	return
 }
--- a/rs256_test.go
+++ b/rs256_test.go
@ -60,3 +60,22 @@ func TestRS256Sign(t *testing.T) {
 		}
 	}
 }
+
+func TestKeyParsing(t *testing.T) {
+	key, _ := ioutil.ReadFile("test/sample_key")
+	pubKey, _ := ioutil.ReadFile("test/sample_key.pub")
+	badKey := []byte("All your base are belong to key")
+	method := GetSigningMethod("RS256").(*SigningMethodRS256)
+
+	if _, e := method.parsePrivateKey(key); e != nil {
+		t.Errorf("Failed to parse valid private key: %v", e)
+	}
+
+	if k, e := method.parsePrivateKey(pubKey); e == nil {
+		t.Errorf("Parsed public key as valid private key: %v", k)
+	}
+
+	if k, e := method.parsePrivateKey(badKey); e == nil {
+		t.Errorf("Parsed invalid key as valid private key: %v", k)
+	}
+}