diff --git a/lib/common/keys_and_cert.go b/lib/common/keys_and_cert.go
index 060c0d3..9f8c7f8 100644
--- a/lib/common/keys_and_cert.go
+++ b/lib/common/keys_and_cert.go
@@ -66,6 +66,9 @@ type KeysAndCert []byte
 //
 func (keys_and_cert KeysAndCert) PublicKey() (key crypto.PublicKey, err error) {
 	cert, err := keys_and_cert.Certificate()
+	if err != nil {
+		return
+	}
 	cert_len, err := cert.Length()
 	if err != nil {
 		return
@@ -109,6 +112,9 @@ func (keys_and_cert KeysAndCert) PublicKey() (key crypto.PublicKey, err error) {
 //
 func (keys_and_cert KeysAndCert) SigningPublicKey() (signing_public_key crypto.SigningPublicKey, err error) {
 	cert, err := keys_and_cert.Certificate()
+	if err != nil {
+		return
+	}
 	cert_len, err := cert.Length()
 	if err != nil {
 		return
diff --git a/lib/common/keys_and_cert_test.go b/lib/common/keys_and_cert_test.go
index 209ebde..374a047 100644
--- a/lib/common/keys_and_cert_test.go
+++ b/lib/common/keys_and_cert_test.go
@@ -42,6 +42,27 @@ func TestSigningPublicKeyWithOtherCertType(t *testing.T) {
 }
 
 func TestReadKeysAndCertWithMissingData(t *testing.T) {
+	assert := assert.New(t)
+
+	cert_data := make([]byte, 128)
+	keys_and_cert, remainder, err := ReadKeysAndCert(cert_data)
+	assert.Equal(0, len(remainder))
+	if assert.NotNil(err) {
+		assert.Equal("error parsing KeysAndCert: data is smaller than minimum valid size", err.Error())
+	}
+
+	_, err = keys_and_cert.PublicKey()
+	if assert.NotNil(err) {
+		assert.Equal("error parsing KeysAndCert: data is smaller than minimum valid size", err.Error())
+	}
+	_, err = keys_and_cert.SigningPublicKey()
+	if assert.NotNil(err) {
+		assert.Equal("error parsing KeysAndCert: data is smaller than minimum valid size", err.Error())
+	}
+	_, err = keys_and_cert.Certificate()
+	if assert.NotNil(err) {
+		assert.Equal("error parsing KeysAndCert: data is smaller than minimum valid size", err.Error())
+	}
 }
 
 func TestReadKeysAndCertWithMissingCertData(t *testing.T) {