fixed: SigningMethodRS256.Sign would panic if the provided key was not PEM encoded

This commit is contained in:
Dave Grijalva 2014-06-28 11:29:32 -07:00
parent e5f9e9c647
commit bf910acaf8
2 changed files with 21 additions and 0 deletions

View File

@ -79,6 +79,8 @@ func (m *SigningMethodRS256) parsePrivateKey(key []byte) (pkey *rsa.PrivateKey,
if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok { if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok {
err = errors.New("Key is not a valid RSA private key") err = errors.New("Key is not a valid RSA private key")
} }
} else {
err = errors.New("Invalid Key: Key must be PEM encoded PKCS1 or PKCS8 private key")
} }
return return
} }

View File

@ -60,3 +60,22 @@ func TestRS256Sign(t *testing.T) {
} }
} }
} }
func TestKeyParsing(t *testing.T) {
key, _ := ioutil.ReadFile("test/sample_key")
pubKey, _ := ioutil.ReadFile("test/sample_key.pub")
badKey := []byte("All your base are belong to key")
method := GetSigningMethod("RS256").(*SigningMethodRS256)
if _, e := method.parsePrivateKey(key); e != nil {
t.Errorf("Failed to parse valid private key: %v", e)
}
if k, e := method.parsePrivateKey(pubKey); e == nil {
t.Errorf("Parsed public key as valid private key: %v", k)
}
if k, e := method.parsePrivateKey(badKey); e == nil {
t.Errorf("Parsed invalid key as valid private key: %v", k)
}
}