crypto/rsa: rsa.SignPSS with opts=nil shouldn't crash.

SignPSS is documented as allowing opts to be nil, but actually crashes in that case. This change fixes that. Change-Id: Ic48ff5f698c010a336e2bf720e0f44be1aecafa0 Reviewed-on: https://go-review.googlesource.com/2330Reviewed-by: Minux Ma <minux@golang.org>

crypto/rsa: rsa.SignPSS with opts=nil shouldn't crash.
SignPSS is documented as allowing opts to be nil, but actually crashes in that case. This change fixes that. Change-Id: Ic48ff5f698c010a336e2bf720e0f44be1aecafa0 Reviewed-on: https://go-review.googlesource.com/2330Reviewed-by: Minux Ma <minux@golang.org>
b1370742 · Adam Langley · 02f89331 · b1370742 · b1370742
Commit b1370742 authored Jan 05, 2015 by Adam Langley
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 1 deletion

pss.go src/crypto/rsa/pss.go +1 -1

pss_test.go src/crypto/rsa/pss_test.go +9 -0

No files found.
--- a/src/crypto/rsa/pss.go
+++ b/src/crypto/rsa/pss.go
@@ -255,7 +255,7 @@ func SignPSS(rand io.Reader, priv *PrivateKey, hash crypto.Hash, hashed []byte,
 		saltLength = hash.Size()
 	}

-	if opts.Hash != 0 {
+	if opts != nil && opts.Hash != 0 {
 		hash = opts.Hash
 	}


--- a/src/crypto/rsa/pss_test.go
+++ b/src/crypto/rsa/pss_test.go
@@ -189,6 +189,15 @@ func TestPSSOpenSSL(t *testing.T) {
 	}
 }

+func TestPSSNilOpts(t *testing.T) {
+	hash := crypto.SHA256
+	h := hash.New()
+	h.Write([]byte("testing"))
+	hashed := h.Sum(nil)
+
+	SignPSS(rand.Reader, rsaPrivateKey, hash, hashed, nil)
+}
+
 func TestPSSSigning(t *testing.T) {
 	var saltLengthCombinations = []struct {
 		signSaltLength, verifySaltLength int