Add checks for private parameter in mbedtls_ecdsa_sign()

2024-11-26 14:15:51 +01:00 · 2017-11-20 17:11:17 +00:00 · 2017-11-20 17:11:17 +00:00 · 1b052e80aa
commit 1b052e80aa
parent ea0aa655f6
2 changed files with 6 additions and 0 deletions
--- a/2
+++ b/2
@ -15,6 +15,8 @@ Bugfix
   * Fix leap year calculation in x509_date_is_valid() to ensure that invalid
     dates on leap years with 100 and 400 intervals are handled correctly. Found
     by Nicholas Wilson. #694
+   * Add a check for invalid private parameters in ecdsa_sign.
+     Reported by Yolan Romailler.

 = mbed TLS 2.1.9 branch released 2017-08-10

--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@ -81,6 +81,10 @@ int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
    if( grp->N.p == NULL )
        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );

+    /* Make sure d is in range 1..n-1 */
+    if( mbedtls_mpi_cmp_int( d, 1 ) < 0 || mbedtls_mpi_cmp_mpi( d, &grp->N ) >= 0 )
+        return( MBEDTLS_ERR_ECP_INVALID_KEY );
+
    mbedtls_ecp_point_init( &R );
    mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t );