File tree 2 files changed +20
-2
lines changed
2 files changed +20
-2
lines changed Original file line number Diff line number Diff line change @@ -110,14 +110,17 @@ func (v *Validator) validateTokenV1(t *Token) (errs []error) {
110110 // TODO retrieve?
111111 errs = append (errs ,
112112 fmt .Errorf ("%w: got '%s'" , ErrUnknownPublicKey , keyID ))
113- } else if key != nil {
113+ } else if key == nil {
114+ errs = append (errs ,
115+ fmt .Errorf ("%w: key '%s' is nil" , ErrUnknownPublicKey , keyID ))
116+ } else {
114117 if ! ecdsa .Verify (
115118 key ,
116119 t .digest ,
117120 big .NewInt (0 ).SetBytes (t .Signature [:32 ]),
118121 big .NewInt (0 ).SetBytes (t .Signature [32 :])) {
119122 errs = append (errs ,
120- fmt .Errorf ("%w: did not verify " , ErrBadSignature ))
123+ fmt .Errorf ("%w: failed verification " , ErrBadSignature ))
121124 }
122125 }
123126
Original file line number Diff line number Diff line change @@ -25,6 +25,21 @@ func TestValidatorRejectsUnknownKey(t *testing.T) {
2525 }
2626}
2727
28+ func TestValidatorRejectsNilKey (t * testing.T ) {
29+ tkn := tokenUntrusted (t )
30+ v := nzcpv .NewValidator ()
31+ v .RegisterIssuer ("did:web:nzcp.covid19.health.nz" )
32+ err := v .RegisterPublicKey ("did:web:nzcp.covid19.health.nz#key-1" , nil )
33+ if err != nil {
34+ t .Skipf ("Could not register nil test key: %v\n " , err )
35+ }
36+
37+ expected := []error {nzcpv .ErrUnknownPublicKey }
38+ if errs := v .ValidateToken (tkn ); ! checkErrors (expected , errs ) {
39+ t .Errorf ("Expected %v but got %v" , expected , errs )
40+ }
41+ }
42+
2843func TestValidatorRejectsUntrustedIssuer (t * testing.T ) {
2944 tkn := tokenUntrusted (t )
3045 v := nzcpv .NewValidator ()
You can’t perform that action at this time.
0 commit comments