From: Adam Langley <agl@golang.org>
Date: Mon, 5 Jan 2015 22:29:42 +0000 (-0800)
Subject: crypto/rsa: rsa.SignPSS with opts=nil shouldn't crash.
X-Git-Tag: go1.5beta1~2441
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=b1370742eedf4f1801d86399374802c4d606a6d7;p=gostls13.git

crypto/rsa: rsa.SignPSS with opts=nil shouldn't crash.

SignPSS is documented as allowing opts to be nil, but actually
crashes in that case. This change fixes that.

Change-Id: Ic48ff5f698c010a336e2bf720e0f44be1aecafa0
Reviewed-on: https://go-review.googlesource.com/2330
Reviewed-by: Minux Ma <minux@golang.org>
---

diff --git a/src/crypto/rsa/pss.go b/src/crypto/rsa/pss.go
index e9f2908250..0a41814a4b 100644
--- a/src/crypto/rsa/pss.go
+++ b/src/crypto/rsa/pss.go
@@ -255,7 +255,7 @@ func SignPSS(rand io.Reader, priv *PrivateKey, hash crypto.Hash, hashed []byte,
 		saltLength = hash.Size()
 	}
 
-	if opts.Hash != 0 {
+	if opts != nil && opts.Hash != 0 {
 		hash = opts.Hash
 	}
 
diff --git a/src/crypto/rsa/pss_test.go b/src/crypto/rsa/pss_test.go
index 32e6fc39d2..cae24e58c6 100644
--- a/src/crypto/rsa/pss_test.go
+++ b/src/crypto/rsa/pss_test.go
@@ -189,6 +189,15 @@ func TestPSSOpenSSL(t *testing.T) {
 	}
 }
 
+func TestPSSNilOpts(t *testing.T) {
+	hash := crypto.SHA256
+	h := hash.New()
+	h.Write([]byte("testing"))
+	hashed := h.Sum(nil)
+
+	SignPSS(rand.Reader, rsaPrivateKey, hash, hashed, nil)
+}
+
 func TestPSSSigning(t *testing.T) {
 	var saltLengthCombinations = []struct {
 		signSaltLength, verifySaltLength int