diff --git a/service/token.go b/service/token.go index b6d64355..077e672b 100644 --- a/service/token.go +++ b/service/token.go @@ -203,7 +203,16 @@ func SignToken(token SessionToken, key *ecdsa.PrivateKey) error { } // VerifyTokenSignature checks if token was signed correctly. +// +// If passed token is nil, ErrEmptyToken returns. +// If passed public key is nil, crypto.ErrEmptyPublicKey returns. func VerifyTokenSignature(token SessionToken, key *ecdsa.PublicKey) error { + if token == nil { + return ErrEmptyToken + } else if key == nil { + return crypto.ErrEmptyPublicKey + } + return crypto.Verify( key, verificationTokenData(token), diff --git a/service/token_test.go b/service/token_test.go index bd9c0b0f..0b28084e 100644 --- a/service/token_test.go +++ b/service/token_test.go @@ -96,6 +96,11 @@ func TestSignToken(t *testing.T) { ErrEmptyToken.Error(), ) + require.EqualError(t, + VerifyTokenSignature(nil, nil), + ErrEmptyToken.Error(), + ) + var token SessionToken = new(Token) // nil key @@ -104,6 +109,11 @@ func TestSignToken(t *testing.T) { crypto.ErrEmptyPrivateKey.Error(), ) + require.EqualError(t, + VerifyTokenSignature(token, nil), + crypto.ErrEmptyPublicKey.Error(), + ) + // create private key for signing sk := test.DecodeKey(0) pk := &sk.PublicKey