Merge pull request #6190 from daverodgman/invalid-ecdsa-pubkey

Improve ECDSA verify validation
2025-07-28 00:21:48 +03:00 · 2022-10-31 09:37:26 +00:00
parent 04e2133f45 f00466e2e0
commit 1a22bef116
5 changed files with 106 additions and 3 deletions
--- a/library/ecp.c
+++ b/library/ecp.c
@ -2662,14 +2662,17 @@ static int mbedtls_ecp_mul_shortcuts( mbedtls_ecp_group *grp,

    if( mbedtls_mpi_cmp_int( m, 0 ) == 0 )
    {
+        MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) );
        MBEDTLS_MPI_CHK( mbedtls_ecp_set_zero( R ) );
    }
    else if( mbedtls_mpi_cmp_int( m, 1 ) == 0 )
    {
+        MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) );
        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) );
    }
    else if( mbedtls_mpi_cmp_int( m, -1 ) == 0 )
    {
+        MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, P ) );
        MBEDTLS_MPI_CHK( mbedtls_ecp_copy( R, P ) );
        MPI_ECP_NEG( &R->Y );
    }