forked from mirror/jwt
fixed: SigningMethodRS256.Sign would panic if the provided key was not PEM encoded
This commit is contained in:
parent
e5f9e9c647
commit
bf910acaf8
2
rs256.go
2
rs256.go
|
@ -79,6 +79,8 @@ func (m *SigningMethodRS256) parsePrivateKey(key []byte) (pkey *rsa.PrivateKey,
|
|||
if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok {
|
||||
err = errors.New("Key is not a valid RSA private key")
|
||||
}
|
||||
} else {
|
||||
err = errors.New("Invalid Key: Key must be PEM encoded PKCS1 or PKCS8 private key")
|
||||
}
|
||||
return
|
||||
}
|
||||
|
|
|
@ -60,3 +60,22 @@ func TestRS256Sign(t *testing.T) {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestKeyParsing(t *testing.T) {
|
||||
key, _ := ioutil.ReadFile("test/sample_key")
|
||||
pubKey, _ := ioutil.ReadFile("test/sample_key.pub")
|
||||
badKey := []byte("All your base are belong to key")
|
||||
method := GetSigningMethod("RS256").(*SigningMethodRS256)
|
||||
|
||||
if _, e := method.parsePrivateKey(key); e != nil {
|
||||
t.Errorf("Failed to parse valid private key: %v", e)
|
||||
}
|
||||
|
||||
if k, e := method.parsePrivateKey(pubKey); e == nil {
|
||||
t.Errorf("Parsed public key as valid private key: %v", k)
|
||||
}
|
||||
|
||||
if k, e := method.parsePrivateKey(badKey); e == nil {
|
||||
t.Errorf("Parsed invalid key as valid private key: %v", k)
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue