From aa4ff52d84b525f682dd00d231e57284f4735b5a Mon Sep 17 00:00:00 2001
From: Gustav Simonsson <gustav.simonsson@gmail.com>
Date: Tue, 7 Apr 2015 17:40:51 +0200
Subject: Add IsOnCurve check to EC unmarshalling in ECIES decryption

---
 crypto/ecies/ecies.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'crypto')

diff --git a/crypto/ecies/ecies.go b/crypto/ecies/ecies.go
index 18952fc0b..812545631 100644
--- a/crypto/ecies/ecies.go
+++ b/crypto/ecies/ecies.go
@@ -303,6 +303,10 @@ func (prv *PrivateKey) Decrypt(rand io.Reader, c, s1, s2 []byte) (m []byte, err
 		err = ErrInvalidPublicKey
 		return
 	}
+	if !R.Curve.IsOnCurve(R.X, R.Y) {
+		err = ErrInvalidCurve
+		return
+	}
 
 	z, err := prv.GenerateShared(R, params.KeyLen, params.KeyLen)
 	if err != nil {
-- 
cgit v1.2.3