fix: decode ec point according to the spec

indutny · Mar 17, 2021 · c6d2432 · c6d2432
1 parent 43ac7f2
commit c6d2432
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 0 deletions.
diff --git a/lib/elliptic/curve/edwards.js b/lib/elliptic/curve/edwards.js
@@ -49,6 +49,8 @@ EdwardsCurve.prototype.jpoint = function jpoint(x, y, z, t) {
 
 EdwardsCurve.prototype.pointFromX = function pointFromX(x, odd) {
   x = new BN(x, 16);
+  if (x.cmp(this.p) >= 0)
+    throw new Error('invalid point');
   if (!x.red)
     x = x.toRed(this.red);
 
@@ -70,6 +72,8 @@ EdwardsCurve.prototype.pointFromX = function pointFromX(x, odd) {
 
 EdwardsCurve.prototype.pointFromY = function pointFromY(y, odd) {
   y = new BN(y, 16);
+  if (y.cmp(this.p) >= 0)
+    throw new Error('invalid point');
   if (!y.red)
     y = y.toRed(this.red);
 

diff --git a/test/ed25519-test.js b/test/ed25519-test.js
@@ -111,6 +111,24 @@ describe('EDDSA(\'ed25519\')', function() {
     assert(key.verify(msg, sig));
   });
 
+  it('should throw when trying to decode invalid bytes (1)', function() {
+    assert.throws(function() {
+      ed25519.decodePoint('c2cb3cf3840aa9893e00ec77093d3d44dba7da840b51c48462072d58d8efd183');
+    });
+  });
+
+  it('should throw when trying to decode invalid bytes (2)', function() {
+    assert.throws(function() {
+      ed25519.decodePoint('ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff');
+    });
+  });
+
+  it('should throw when trying to decode invalid bytes (3)', function() {
+    assert.throws(function() {
+      ed25519.decodePoint('edffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f');
+    });
+  });
+
   describe('KeyPair', function() {
     var pair;
     var secret = '00000000000000000000000000000000' +