crypto: add IsOnCurve check (#31100)

2026-06-20 13:44:31 +00:00 · 2025-01-30 14:10:36 +01:00 · 2025-01-30 14:10:36 +01:00 · 955616d7c2
commit 955616d7c2
parent 7688f988c2
1 changed files with 3 additions and 0 deletions
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@ -169,6 +169,9 @@ func UnmarshalPubkey(pub []byte) (*ecdsa.PublicKey, error) {
 	if x == nil {
 		return nil, errInvalidPubkey
 	}
+	if !S256().IsOnCurve(x, y) {
+		return nil, errInvalidPubkey
+	}
 	return &ecdsa.PublicKey{Curve: S256(), X: x, Y: y}, nil
 }