crypto: fix error check in toECDSA (#15632)

With this change, key, err := crypto.HexToECDSA("000000...") returns nil key and an error instead of a non-nil key with nil X and Y inside. Issue found by @guidovranken.

crypto: fix error check in toECDSA (#15632)
1a32bdf9 · Felix Lange · GitHub · 2499b1b1 · 1a32bdf9 · 1a32bdf9
Unverified Commit 1a32bdf9 authored 7 years ago by Felix Lange Committed by GitHub 7 years ago
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -98,6 +98,9 @@ func toECDSA(d []byte, strict bool) (*ecdsa.PrivateKey, error) {
 	}
 	priv.D = new(big.Int).SetBytes(d)
 	priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(d)
+	if priv.PublicKey.X == nil {
+		return nil, errors.New("invalid private key")
+	}
 	return priv, nil
 }


--- a/crypto/crypto_test.go
+++ b/crypto/crypto_test.go
@@ -40,6 +40,15 @@ func TestKeccak256Hash(t *testing.T) {
 	checkhash(t, "Sha3-256-array", func(in []byte) []byte { h := Keccak256Hash(in); return h[:] }, msg, exp)
 }

+func TestToECDSAErrors(t *testing.T) {
+	if _, err := HexToECDSA("0000000000000000000000000000000000000000000000000000000000000000"); err == nil {
+		t.Fatal("HexToECDSA should've returned error")
+	}
+	if _, err := HexToECDSA("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"); err == nil {
+		t.Fatal("HexToECDSA should've returned error")
+	}
+}
+
 func BenchmarkSha3(b *testing.B) {
 	a := []byte("hello world")
 	for i := 0; i < b.N; i++ {