crypto/openpgp: don't panic on nil private signing key in Encrypt

Change-Id: Ib9ef560da02d5d0273eb85137f41253f7cdbe756 Reviewed-on: https://go-review.googlesource.com/10684 Reviewed-by: Adam Langley <agl@golang.org>
2015-06-04 00:01:19 +02:00 · 2015-06-04 00:01:19 +02:00 · f1b99bc9f1
--- a/openpgp/write.go
+++ b/openpgp/write.go
@ -6,14 +6,15 @@ package openpgp

 import (
 	"crypto"
-	"golang.org/x/crypto/openpgp/armor"
-	"golang.org/x/crypto/openpgp/errors"
-	"golang.org/x/crypto/openpgp/packet"
-	"golang.org/x/crypto/openpgp/s2k"
 	"hash"
 	"io"
 	"strconv"
 	"time"
+
+	"golang.org/x/crypto/openpgp/armor"
+	"golang.org/x/crypto/openpgp/errors"
+	"golang.org/x/crypto/openpgp/packet"
+	"golang.org/x/crypto/openpgp/s2k"
 )

 // DetachSign signs message with the private key from signer (which must
@ -176,6 +177,9 @@ func Encrypt(ciphertext io.Writer, to []*Entity, signed *Entity, hints *FileHint
 			return nil, errors.InvalidArgumentError("no valid signing keys")
 		}
 		signer = signKey.PrivateKey
+		if signer == nil {
+			return nil, errors.InvalidArgumentError("no private key in signing key")
+		}
 		if signer.Encrypted {
 			return nil, errors.InvalidArgumentError("signing key must be decrypted")
 		}