]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8419844)
crypto/x509: allow nil Certificates to be compared in Equal
authorempijei <RobClap8@gmail.com>
Tue, 12 Mar 2019 19:35:35 +0000 (20:35 +0100)
committerBrad Fitzpatrick <bradfitz@golang.org>
Wed, 28 Aug 2019 17:13:49 +0000 (17:13 +0000)
The current implementation panics on nil certificates,
so introduce a nil check and early return true if both
are nil, false if only one is.

Fixes #28743

Change-Id: I71b0dee3e505d3ad562a4470ccc22c3a2579bc52
Reviewed-on: https://go-review.googlesource.com/c/go/+/167118
Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com>
src/crypto/x509/x509.go patch | blob | history
src/crypto/x509/x509_test.go patch | blob | history

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index 1cd8fdeb331e4d33a187c10404814e4406243650..b9782398a1666f5070a93939b51ffd72f438c305 100644 (file)
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -25,8 +25,6 @@ import (
        "encoding/pem"
        "errors"
        "fmt"
-       "golang.org/x/crypto/cryptobyte"
-       cryptobyte_asn1 "golang.org/x/crypto/cryptobyte/asn1"
        "io"
        "math/big"
        "net"
@@ -35,6 +33,9 @@ import (
        "strings"
        "time"
        "unicode/utf8"
+
+       "golang.org/x/crypto/cryptobyte"
+       cryptobyte_asn1 "golang.org/x/crypto/cryptobyte/asn1"
 )
 
 // pkixPublicKey reflects a PKIX public key structure. See SubjectPublicKeyInfo
@@ -780,6 +781,9 @@ func (ConstraintViolationError) Error() string {
 }
 
 func (c *Certificate) Equal(other *Certificate) bool {
+       if c == nil || other == nil {
+               return c == other
+       }
        return bytes.Equal(c.Raw, other.Raw)
 }
 
diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
index 171509f7c4553d3bd635202d255409b241bf0619..1aaf0939373b3be630cb3de3cd4ec2ced2043cf7 100644 (file)
--- a/src/crypto/x509/x509_test.go
+++ b/src/crypto/x509/x509_test.go
@@ -450,6 +450,23 @@ func TestCertificateParse(t *testing.T) {
        }
 }
 
+func TestCertificateEqualOnNil(t *testing.T) {
+       cNonNil := new(Certificate)
+       var cNil1, cNil2 *Certificate
+       if !cNil1.Equal(cNil2) {
+               t.Error("Nil certificates: cNil1 is not equal to cNil2")
+       }
+       if !cNil2.Equal(cNil1) {
+               t.Error("Nil certificates: cNil2 is not equal to cNil1")
+       }
+       if cNil1.Equal(cNonNil) {
+               t.Error("Unexpectedly cNil1 is equal to cNonNil")
+       }
+       if cNonNil.Equal(cNil1) {
+               t.Error("Unexpectedly cNonNil is equal to cNil1")
+       }
+}
+
 func TestMismatchedSignatureAlgorithm(t *testing.T) {
        der, _ := pem.Decode([]byte(rsaPSSSelfSignedPEM))
        if der == nil {
Go GOST TLS 1.3