Skip to content

Commit

Permalink
Merge pull request #3913 from randombit/jack/limit-ecc-curve-size
Browse files Browse the repository at this point in the history 
When decoding an arbitrary elliptic curve, set an upper bound on length
  • Loading branch information
@randombit
randombit committed Feb 20, 2024
2 parents dc3a94e + fbe9ec5 commit 08c404b
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions src/lib/pubkey/ec_group/ec_group.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -357,8 +357,12 @@ std::pair<std::shared_ptr<EC_Group_Data>, bool> EC_Group::BER_decode_EC_group(co
.end_cons()
.verify_end();

if(p.bits() < 64 || p.is_negative() || !is_bailie_psw_probable_prime(p)) {
throw Decoding_Error("Invalid ECC p parameter");
if(p.bits() < 112 || p.bits() > 1024) {
throw Decoding_Error("ECC p parameter is invalid size");
}

if(p.is_negative() || !is_bailie_psw_probable_prime(p)) {
throw Decoding_Error("ECC p parameter is not a prime");
}

if(a.is_negative() || a >= p) {
Expand Down

0 comments on commit 08c404b

Please sign in to comment.