Merge #52: certdehydrate: Add some additional error checking

5cbd433 certdehydrate: Add some additional error checking. (JeremyRand) Pull request description: Based on recommendations from "gas" static analysis. ~~Depends on #50.~~ Tree-SHA512: 8c7980abaaace3c28be6186ea0c5d7ed52ba6557d8e7df52a93a228408db1b2b1eb61d370e988db723e3f07dd3e6cd70a3d45a5c55959813fef0f8d7e967551a
6 years ago · 3829e2b22b
parent 82330bf5ae 5cbd43393a
commit 3829e2b22b
1 changed files with 16 additions and 4 deletions
--- a/certdehydrate/certdehydrate.go
+++ b/certdehydrate/certdehydrate.go
@ -54,10 +54,22 @@ func (dehydrated DehydratedCertificate) SerialNumber(name string) ([]byte, error
 	notAfterHash := sha256.Sum256(notAfterScaledBuf.Bytes())

 	serialHash := sha256.New()
-	serialHash.Write(nameHash[:])
-	serialHash.Write(pubkeyHash[:])
-	serialHash.Write(notBeforeHash[:])
-	serialHash.Write(notAfterHash[:])
+	_, err = serialHash.Write(nameHash[:])
+	if err != nil {
+		return nil, fmt.Errorf("serialHash.Write of nameHash failed: %s", err)
+	}
+	_, err = serialHash.Write(pubkeyHash[:])
+	if err != nil {
+		return nil, fmt.Errorf("serialHash.Write of pubkeyHash failed: %s", err)
+	}
+	_, err = serialHash.Write(notBeforeHash[:])
+	if err != nil {
+		return nil, fmt.Errorf("serialHash.Write of notBeforeHash failed: %s", err)
+	}
+	_, err = serialHash.Write(notAfterHash[:])
+	if err != nil {
+		return nil, fmt.Errorf("serialHash.Write of notAfterHash failed: %s", err)
+	}

 	// 19 bytes will be less than 2^159, see https://crypto.stackexchange.com/a/260
 	return serialHash.Sum(nil)[0:19], nil