From 6cd6b921ac57480d95af8b9bec2424e1f89fa196 Mon Sep 17 00:00:00 2001 From: Alex Wu Date: Tue, 2 Jan 2018 17:55:03 +0800 Subject: crypto: ensure private keys are < N (#15745) Fixes #15744 --- crypto/crypto.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/crypto/crypto.go b/crypto/crypto.go index e51726e62..1c4d5a2e0 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -97,6 +97,16 @@ func toECDSA(d []byte, strict bool) (*ecdsa.PrivateKey, error) { return nil, fmt.Errorf("invalid length, need %d bits", priv.Params().BitSize) } priv.D = new(big.Int).SetBytes(d) + + // The priv.D must < N + if priv.D.Cmp(secp256k1_N) >= 0 { + return nil, fmt.Errorf("invalid private key, >=N") + } + // The priv.D must not be zero or negative. + if priv.D.Sign() <= 0 { + return nil, fmt.Errorf("invalid private key, zero or negative") + } + priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(d) if priv.PublicKey.X == nil { return nil, errors.New("invalid private key") -- cgit