]> granicus.if.org Git - openssl/commitdiff
projects / openssl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e0af040)
In EC_KEY_set_public_key_affine_coordinates include explicit check to see passed...
authorDr. Stephen Henson <steve@openssl.org>
Wed, 16 Nov 2011 13:28:35 +0000 (13:28 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 16 Nov 2011 13:28:35 +0000 (13:28 +0000)
crypto/ec/ec_key.c patch | blob | history

diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index f3331e1ce5e34c63c4078d7e3e18d336ff78a6c2..24ae707560107ef063ea2e5746a3733cd2d893f8 100644 (file)
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -511,10 +511,12 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y)
                                                                tx, ty, ctx))
                        goto err;
                }
-       /* Check if retrieved coordinates match originals: if not values
-        * are out of range.
+       /* Check if retrieved coordinates match originals and are less than
+        * field order: if not values are out of range.
         */
-       if (BN_cmp(x, tx) || BN_cmp(y, ty))
+       if (BN_cmp(x, tx) || BN_cmp(y, ty)
+               || (BN_cmp(x, &key->group->field) >= 0)
+               || (BN_cmp(y, &key->group->field) >= 0))
                {
                ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
                        EC_R_COORDINATES_OUT_OF_RANGE);
Unnamed repository; edit this file 'description' to name the repository.