Skip to content
This repository has been archived by the owner on Jan 5, 2021. It is now read-only.

Commit

Permalink
crypto: ensure private keys are < N (#15745)
Browse files Browse the repository at this point in the history 
Fixes #15744
  • Loading branch information
@dindinw @fjl
dindinw authored and fjl committed Jan 2, 2018
1 parent 908faf8 commit 6cd6b92
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions crypto/crypto.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,16 @@ func toECDSA(d []byte, strict bool) (*ecdsa.PrivateKey, error) {
return nil, fmt.Errorf("invalid length, need %d bits", priv.Params().BitSize)
}
priv.D = new(big.Int).SetBytes(d)

// The priv.D must < N
if priv.D.Cmp(secp256k1_N) >= 0 {
return nil, fmt.Errorf("invalid private key, >=N")
}
// The priv.D must not be zero or negative.
if priv.D.Sign() <= 0 {
return nil, fmt.Errorf("invalid private key, zero or negative")
}

priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(d)
if priv.PublicKey.X == nil {
return nil, errors.New("invalid private key")
Expand Down

0 comments on commit 6cd6b92

Please sign in to comment.