service: prevent NPE in VerifyTokenSignature function

This commit adds next changes to VerifyTokenSignature: * returns ErrEmptyToken on nil token argument; * returns ErrEmptyPublicKey on nil public key argument.
2020-04-29 10:57:07 +03:00 · 2020-04-29 10:57:07 +03:00 · cce6566f1e
commit cce6566f1e
parent 82ffde253b
2 changed files with 19 additions and 0 deletions
--- a/service/token.go
+++ b/service/token.go
@ -203,7 +203,16 @@ func SignToken(token SessionToken, key *ecdsa.PrivateKey) error {
 }

 // VerifyTokenSignature checks if token was signed correctly.
+//
+// If passed token is nil, ErrEmptyToken returns.
+// If passed public key is nil, crypto.ErrEmptyPublicKey returns.
 func VerifyTokenSignature(token SessionToken, key *ecdsa.PublicKey) error {
+	if token == nil {
+		return ErrEmptyToken
+	} else if key == nil {
+		return crypto.ErrEmptyPublicKey
+	}
+
 	return crypto.Verify(
 		key,
 		verificationTokenData(token),
--- a/service/token_test.go
+++ b/service/token_test.go
@ -96,6 +96,11 @@ func TestSignToken(t *testing.T) {
 		ErrEmptyToken.Error(),
 	)

+	require.EqualError(t,
+		VerifyTokenSignature(nil, nil),
+		ErrEmptyToken.Error(),
+	)
+
 	var token SessionToken = new(Token)

 	// nil key
@ -104,6 +109,11 @@ func TestSignToken(t *testing.T) {
 		crypto.ErrEmptyPrivateKey.Error(),
 	)

+	require.EqualError(t,
+		VerifyTokenSignature(token, nil),
+		crypto.ErrEmptyPublicKey.Error(),
+	)
+
 	// create private key for signing
 	sk := test.DecodeKey(0)
 	pk := &sk.PublicKey