realloc/frostfs-api-go
1
0
Fork 0
forked from TrueCloudLab/frostfs-api-go
Code Issues Pull requests Projects Releases Packages Wiki Activity

service: prevent NPE in VerifyTokenSignature function

Browse source 
This commit adds next changes to VerifyTokenSignature:

  * returns ErrEmptyToken on nil token argument;

  * returns ErrEmptyPublicKey on nil public key argument.
This commit is contained in:
Leonard Lyubich 2020-04-29 10:57:07 +03:00
parent 82ffde253b
commit cce6566f1e
2 changed files with 19 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
service/token.go
View file

@ -203,7 +203,16 @@ func SignToken(token SessionToken, key *ecdsa.PrivateKey) error {
}
// VerifyTokenSignature checks if token was signed correctly.
//
// If passed token is nil, ErrEmptyToken returns.
// If passed public key is nil, crypto.ErrEmptyPublicKey returns.
func VerifyTokenSignature(token SessionToken, key *ecdsa.PublicKey) error {
if token == nil {
return ErrEmptyToken
} else if key == nil {
return crypto.ErrEmptyPublicKey
}
return crypto.Verify(
key,
verificationTokenData(token),