Commit 89865f8b authored by empijei's avatar empijei Committed by Brad Fitzpatrick

crypto/x509: allow nil Certificates to be compared in Equal

The current implementation panics on nil certificates,
so introduce a nil check and early return true if both
are nil, false if only one is.

Fixes #28743

Change-Id: I71b0dee3e505d3ad562a4470ccc22c3a2579bc52
Reviewed-on: https://go-review.googlesource.com/c/go/+/167118
Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: default avatarEmmanuel Odeke <emm.odeke@gmail.com>
parent 84198445
...@@ -25,8 +25,6 @@ import ( ...@@ -25,8 +25,6 @@ import (
"encoding/pem" "encoding/pem"
"errors" "errors"
"fmt" "fmt"
"golang.org/x/crypto/cryptobyte"
cryptobyte_asn1 "golang.org/x/crypto/cryptobyte/asn1"
"io" "io"
"math/big" "math/big"
"net" "net"
...@@ -35,6 +33,9 @@ import ( ...@@ -35,6 +33,9 @@ import (
"strings" "strings"
"time" "time"
"unicode/utf8" "unicode/utf8"
"golang.org/x/crypto/cryptobyte"
cryptobyte_asn1 "golang.org/x/crypto/cryptobyte/asn1"
) )
// pkixPublicKey reflects a PKIX public key structure. See SubjectPublicKeyInfo // pkixPublicKey reflects a PKIX public key structure. See SubjectPublicKeyInfo
...@@ -780,6 +781,9 @@ func (ConstraintViolationError) Error() string { ...@@ -780,6 +781,9 @@ func (ConstraintViolationError) Error() string {
} }
func (c *Certificate) Equal(other *Certificate) bool { func (c *Certificate) Equal(other *Certificate) bool {
if c == nil || other == nil {
return c == other
}
return bytes.Equal(c.Raw, other.Raw) return bytes.Equal(c.Raw, other.Raw)
} }
......
...@@ -450,6 +450,23 @@ func TestCertificateParse(t *testing.T) { ...@@ -450,6 +450,23 @@ func TestCertificateParse(t *testing.T) {
} }
} }
func TestCertificateEqualOnNil(t *testing.T) {
cNonNil := new(Certificate)
var cNil1, cNil2 *Certificate
if !cNil1.Equal(cNil2) {
t.Error("Nil certificates: cNil1 is not equal to cNil2")
}
if !cNil2.Equal(cNil1) {
t.Error("Nil certificates: cNil2 is not equal to cNil1")
}
if cNil1.Equal(cNonNil) {
t.Error("Unexpectedly cNil1 is equal to cNonNil")
}
if cNonNil.Equal(cNil1) {
t.Error("Unexpectedly cNonNil is equal to cNil1")
}
}
func TestMismatchedSignatureAlgorithm(t *testing.T) { func TestMismatchedSignatureAlgorithm(t *testing.T) {
der, _ := pem.Decode([]byte(rsaPSSSelfSignedPEM)) der, _ := pem.Decode([]byte(rsaPSSSelfSignedPEM))
if der == nil { if der == nil {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment