Commit bf910aca authored by Dave Grijalva's avatar Dave Grijalva

fixed: SigningMethodRS256.Sign would panic if the provided key was not PEM encoded

parent e5f9e9c6
......@@ -79,6 +79,8 @@ func (m *SigningMethodRS256) parsePrivateKey(key []byte) (pkey *rsa.PrivateKey,
if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok {
err = errors.New("Key is not a valid RSA private key")
}
} else {
err = errors.New("Invalid Key: Key must be PEM encoded PKCS1 or PKCS8 private key")
}
return
}
......@@ -60,3 +60,22 @@ func TestRS256Sign(t *testing.T) {
}
}
}
func TestKeyParsing(t *testing.T) {
key, _ := ioutil.ReadFile("test/sample_key")
pubKey, _ := ioutil.ReadFile("test/sample_key.pub")
badKey := []byte("All your base are belong to key")
method := GetSigningMethod("RS256").(*SigningMethodRS256)
if _, e := method.parsePrivateKey(key); e != nil {
t.Errorf("Failed to parse valid private key: %v", e)
}
if k, e := method.parsePrivateKey(pubKey); e == nil {
t.Errorf("Parsed public key as valid private key: %v", k)
}
if k, e := method.parsePrivateKey(badKey); e == nil {
t.Errorf("Parsed invalid key as valid private key: %v", k)
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment