diff options
| author | empijei <RobClap8@gmail.com> | 2019-03-12 20:35:35 +0100 |
|---|---|---|
| committer | Brad Fitzpatrick <bradfitz@golang.org> | 2019-08-28 17:13:49 +0000 |
| commit | 89865f8ba64ccb27f439cce6daaa37c9aa38f351 (patch) | |
| tree | fa5933028b8af7c40e80186092b3176bfa5705f5 /src | |
| parent | 84198445d4d7d264dc3e1b66194d378b590aaee0 (diff) | |
| download | go-89865f8ba64ccb27f439cce6daaa37c9aa38f351.tar.xz | |
crypto/x509: allow nil Certificates to be compared in Equal
The current implementation panics on nil certificates,
so introduce a nil check and early return true if both
are nil, false if only one is.
Fixes #28743
Change-Id: I71b0dee3e505d3ad562a4470ccc22c3a2579bc52
Reviewed-on: https://go-review.googlesource.com/c/go/+/167118
Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/crypto/x509/x509.go | 8 | ||||
| -rw-r--r-- | src/crypto/x509/x509_test.go | 17 |
2 files changed, 23 insertions, 2 deletions
diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go index 1cd8fdeb33..b9782398a1 100644 --- a/src/crypto/x509/x509.go +++ b/src/crypto/x509/x509.go @@ -25,8 +25,6 @@ import ( "encoding/pem" "errors" "fmt" - "golang.org/x/crypto/cryptobyte" - cryptobyte_asn1 "golang.org/x/crypto/cryptobyte/asn1" "io" "math/big" "net" @@ -35,6 +33,9 @@ import ( "strings" "time" "unicode/utf8" + + "golang.org/x/crypto/cryptobyte" + cryptobyte_asn1 "golang.org/x/crypto/cryptobyte/asn1" ) // pkixPublicKey reflects a PKIX public key structure. See SubjectPublicKeyInfo @@ -780,6 +781,9 @@ func (ConstraintViolationError) Error() string { } func (c *Certificate) Equal(other *Certificate) bool { + if c == nil || other == nil { + return c == other + } return bytes.Equal(c.Raw, other.Raw) } diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go index 171509f7c4..1aaf093937 100644 --- a/src/crypto/x509/x509_test.go +++ b/src/crypto/x509/x509_test.go @@ -450,6 +450,23 @@ func TestCertificateParse(t *testing.T) { } } +func TestCertificateEqualOnNil(t *testing.T) { + cNonNil := new(Certificate) + var cNil1, cNil2 *Certificate + if !cNil1.Equal(cNil2) { + t.Error("Nil certificates: cNil1 is not equal to cNil2") + } + if !cNil2.Equal(cNil1) { + t.Error("Nil certificates: cNil2 is not equal to cNil1") + } + if cNil1.Equal(cNonNil) { + t.Error("Unexpectedly cNil1 is equal to cNonNil") + } + if cNonNil.Equal(cNil1) { + t.Error("Unexpectedly cNonNil is equal to cNil1") + } +} + func TestMismatchedSignatureAlgorithm(t *testing.T) { der, _ := pem.Decode([]byte(rsaPSSSelfSignedPEM)) if der == nil { |