aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlex Wu <wuyiding@gmail.com>2018-01-02 17:55:03 +0800
committerFelix Lange <fjl@users.noreply.github.com>2018-01-02 17:55:03 +0800
commit6cd6b921ac57480d95af8b9bec2424e1f89fa196 (patch)
tree04a77c5a319f09968d4710b3bceb7f6ab267a8eb
parent908faf8cd715c873e4b5fdbb7af8d4f496702d84 (diff)
downloaddexon-6cd6b921ac57480d95af8b9bec2424e1f89fa196.tar.gz
dexon-6cd6b921ac57480d95af8b9bec2424e1f89fa196.tar.zst
dexon-6cd6b921ac57480d95af8b9bec2424e1f89fa196.zip
crypto: ensure private keys are < N (#15745)
Fixes #15744
-rw-r--r--crypto/crypto.go10
1 files changed, 10 insertions, 0 deletions
diff --git a/crypto/crypto.go b/crypto/crypto.go
index e51726e62..1c4d5a2e0 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -97,6 +97,16 @@ func toECDSA(d []byte, strict bool) (*ecdsa.PrivateKey, error) {
return nil, fmt.Errorf("invalid length, need %d bits", priv.Params().BitSize)
}
priv.D = new(big.Int).SetBytes(d)
+
+ // The priv.D must < N
+ if priv.D.Cmp(secp256k1_N) >= 0 {
+ return nil, fmt.Errorf("invalid private key, >=N")
+ }
+ // The priv.D must not be zero or negative.
+ if priv.D.Sign() <= 0 {
+ return nil, fmt.Errorf("invalid private key, zero or negative")
+ }
+
priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(d)
if priv.PublicKey.X == nil {
return nil, errors.New("invalid private key")