aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/crypto.go
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/crypto.go')
-rw-r--r--crypto/crypto.go12
1 files changed, 11 insertions, 1 deletions
diff --git a/crypto/crypto.go b/crypto/crypto.go
index 3a98bfb50..1c4d5a2e0 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -79,7 +79,7 @@ func ToECDSA(d []byte) (*ecdsa.PrivateKey, error) {
return toECDSA(d, true)
}
-// ToECDSAUnsafe blidly converts a binary blob to a private key. It should almost
+// ToECDSAUnsafe blindly converts a binary blob to a private key. It should almost
// never be used unless you are sure the input is valid and want to avoid hitting
// errors due to bad origin encoding (0 prefixes cut off).
func ToECDSAUnsafe(d []byte) *ecdsa.PrivateKey {
@@ -97,6 +97,16 @@ func toECDSA(d []byte, strict bool) (*ecdsa.PrivateKey, error) {
return nil, fmt.Errorf("invalid length, need %d bits", priv.Params().BitSize)
}
priv.D = new(big.Int).SetBytes(d)
+
+ // The priv.D must < N
+ if priv.D.Cmp(secp256k1_N) >= 0 {
+ return nil, fmt.Errorf("invalid private key, >=N")
+ }
+ // The priv.D must not be zero or negative.
+ if priv.D.Sign() <= 0 {
+ return nil, fmt.Errorf("invalid private key, zero or negative")
+ }
+
priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(d)
if priv.PublicKey.X == nil {
return nil, errors.New("invalid private key")
generated by cgit (git 2.34.1) at 2025-07-23 06:52:12 +0800