Add IsOnCurve check to EC unmarshalling in ECIES decryption

author: Gustav Simonsson <gustav.simonsson@gmail.com> 2015-04-07 23:40:51 +0800
committer: Gustav Simonsson <gustav.simonsson@gmail.com> 2015-04-08 05:50:04 +0800
commit: aa4ff52d84b525f682dd00d231e57284f4735b5a (patch)
tree: 2cdd30c902903c178163e12bcebd662477f3187d /crypto/ecies
parent: 09147a50ede8c85022d115e23bb2ce067a50c8de (diff)
download: dexon-aa4ff52d84b525f682dd00d231e57284f4735b5a.tar.gz
dexon-aa4ff52d84b525f682dd00d231e57284f4735b5a.tar.zst
dexon-aa4ff52d84b525f682dd00d231e57284f4735b5a.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/ecies/ecies.go b/crypto/ecies/ecies.go
index 18952fc0b..812545631 100644
--- a/crypto/ecies/ecies.go
+++ b/crypto/ecies/ecies.go
@@ -303,6 +303,10 @@ func (prv *PrivateKey) Decrypt(rand io.Reader, c, s1, s2 []byte) (m []byte, err
 		err = ErrInvalidPublicKey
 		return
 	}
+	if !R.Curve.IsOnCurve(R.X, R.Y) {
+		err = ErrInvalidCurve
+		return
+	}
 
 	z, err := prv.GenerateShared(R, params.KeyLen, params.KeyLen)
 	if err != nil {
author	Gustav Simonsson <gustav.simonsson@gmail.com>	2015-04-07 23:40:51 +0800
committer	Gustav Simonsson <gustav.simonsson@gmail.com>	2015-04-08 05:50:04 +0800
commit	aa4ff52d84b525f682dd00d231e57284f4735b5a (patch)
tree	2cdd30c902903c178163e12bcebd662477f3187d /crypto/ecies
parent	09147a50ede8c85022d115e23bb2ce067a50c8de (diff)
download	dexon-aa4ff52d84b525f682dd00d231e57284f4735b5a.tar.gz dexon-aa4ff52d84b525f682dd00d231e57284f4735b5a.tar.zst dexon-aa4ff52d84b525f682dd00d231e57284f4735b5a.zip