Fix nil pointer dereference in crypto.BytesToPrivateKey (#491)

2023-11-28 11:49:42 +02:00 · 2023-11-28 11:49:42 +02:00 · 8fb3a04b88
commit 8fb3a04b88
parent 4d05eade5e
2 changed files with 71 additions and 4 deletions
--- a/pkg/crypto/key.go
+++ b/pkg/crypto/key.go
@ -4,14 +4,19 @@ import (
 	"crypto/rsa"
 	"crypto/x509"
 	"encoding/pem"
+	"errors"
 )

-func BytesToPrivateKey(priv []byte) (*rsa.PrivateKey, error) {
-	block, _ := pem.Decode(priv)
-	b := block.Bytes
-	key, err := x509.ParsePKCS1PrivateKey(b)
+func BytesToPrivateKey(b []byte) (*rsa.PrivateKey, error) {
+	block, _ := pem.Decode(b)
+	if block == nil {
+		return nil, errors.New("PEM decode failed")
+	}
+
+	key, err := x509.ParsePKCS1PrivateKey(block.Bytes)
 	if err != nil {
 		return nil, err
 	}
+
 	return key, nil
 }