From 390aecca0b7f705c4b05ef7235cd638a7f37e8cb Mon Sep 17 00:00:00 2001 From: Mariano Cano <mariano@smallstep.com> Date: Thu, 1 Aug 2019 18:15:04 -0700 Subject: [PATCH] Check for error creating signers. --- authority/ssh.go | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/authority/ssh.go b/authority/ssh.go index e3201683..d6f9dc4c 100644 --- a/authority/ssh.go +++ b/authority/ssh.go @@ -87,7 +87,12 @@ func (a *Authority) SignSSH(key ssh.PublicKey, opts provisioner.SSHOptions, sign code: http.StatusNotImplemented, } } - signer, err = ssh.NewSignerFromSigner(a.sshCAUserCertSignKey) + if signer, err = ssh.NewSignerFromSigner(a.sshCAUserCertSignKey); err != nil { + return nil, &apiError{ + err: errors.Wrap(err, "signSSH: error creating signer"), + code: http.StatusInternalServerError, + } + } case ssh.HostCert: if a.sshCAHostCertSignKey == nil { return nil, &apiError{ @@ -95,7 +100,12 @@ func (a *Authority) SignSSH(key ssh.PublicKey, opts provisioner.SSHOptions, sign code: http.StatusNotImplemented, } } - signer, err = ssh.NewSignerFromSigner(a.sshCAHostCertSignKey) + if signer, err = ssh.NewSignerFromSigner(a.sshCAHostCertSignKey); err != nil { + return nil, &apiError{ + err: errors.Wrap(err, "signSSH: error creating signer"), + code: http.StatusInternalServerError, + } + } default: return nil, &apiError{ err: errors.Errorf("unexpected ssh certificate type: %d", cert.CertType),