Merge pull request #4 from hloeffler/master
avoid panic at KeysEqual() if one of the keys is nil
This commit is contained in:
commit
06c08068be
6
ssh.go
6
ssh.go
@ -90,6 +90,12 @@ func Handle(handler Handler) {
|
|||||||
|
|
||||||
// KeysEqual is constant time compare of the keys to avoid timing attacks.
|
// KeysEqual is constant time compare of the keys to avoid timing attacks.
|
||||||
func KeysEqual(ak, bk PublicKey) bool {
|
func KeysEqual(ak, bk PublicKey) bool {
|
||||||
|
|
||||||
|
//avoid panic if one of the keys is nil, return false instead
|
||||||
|
if ak == nil || bk == nil {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
a := ak.Marshal()
|
a := ak.Marshal()
|
||||||
b := bk.Marshal()
|
b := bk.Marshal()
|
||||||
return (len(a) == len(b) && subtle.ConstantTimeCompare(a, b) == 1)
|
return (len(a) == len(b) && subtle.ConstantTimeCompare(a, b) == 1)
|
||||||
|
17
ssh_test.go
Normal file
17
ssh_test.go
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
package ssh
|
||||||
|
|
||||||
|
import (
|
||||||
|
"testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestKeysEqual(t *testing.T) {
|
||||||
|
defer func() {
|
||||||
|
if r := recover(); r != nil {
|
||||||
|
t.Errorf("The code did panic")
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
|
if KeysEqual(nil, nil) {
|
||||||
|
t.Error("two nil keys should not return true")
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user