Add checks for private parameter in ecdsa_sign()

commit: fdac76f330b7328f7d4ace55a0d265ed6416dc4e [log] [tgz]
author: Darryl Green <darryl.green@arm.com> Mon Nov 20 15:53:43 2017 +0000
committer: Darryl Green <darryl.green@arm.com> Mon Nov 20 15:53:43 2017 +0000
tree: affb2c2439475e4db14bb756390058d12f998246
parent: 75ea35eac8a76252a9453f118d61112648b2bd1d [diff]
diff --git a/ChangeLog b/ChangeLog
index 6a1be98..a90ee11 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -14,6 +14,8 @@
    * Fix leap year calculation in x509_date_is_valid() to ensure that invalid
      dates on leap years with 100 and 400 intervals are handled correctly. Found
      by Nicholas Wilson. #694
+   * Add a check for invalid private parameters in ecdsa_sign.
+     Reported by Yolan Romailler.
 
 = mbed TLS 1.3.21 branch released 2017-08-10
 

diff --git a/library/ecdsa.c b/library/ecdsa.c
index 3f72d85..e95b802 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c

@@ -110,6 +110,10 @@
     if( grp->N.p == NULL )
         return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
 
+    /* Make sure d is in range 1..n-1 */
+    if( mpi_cmp_int( d, 1 ) < 0 || mpi_cmp_mpi( d, &grp->N ) >= 0 )
+        return( POLARSSL_ERR_ECP_INVALID_KEY );
+
     ecp_point_init( &R );
     mpi_init( &k ); mpi_init( &e ); mpi_init( &t );
commit	fdac76f330b7328f7d4ace55a0d265ed6416dc4e	[log] [tgz]
author	Darryl Green <darryl.green@arm.com>	Mon Nov 20 15:53:43 2017 +0000
committer	Darryl Green <darryl.green@arm.com>	Mon Nov 20 15:53:43 2017 +0000
tree	affb2c2439475e4db14bb756390058d12f998246
parent	75ea35eac8a76252a9453f118d61112648b2bd1d [diff]